Microsoft Intune Security Posts

Discover the latest insights, best practices, and security research related to Microsoft Intune endpoint management.

Search Intune Posts

Filter Posts

Tag:

Author:

Sort By: Newest First Oldest First Title (A-Z) Title (Z-A)

Posts

Why an “Hourly” Intune Remediation Doesn’t Run Within the First Hour

April 01, 2026 by rudyooms

blog

An hourly remediation sounds straightforward: assign it, and it should run sometime within the next hour. But when looking closer at how the Intune...

Read Article →

Unattended Remote Help for Windows

March 31, 2026 by rudyooms

blog

While digging through the Intune Management Extension, I noticed a new Sidecar notification action called Unattended Remote Help for Windows, and t...

Read Article →

InforcerCommunity: A PowerShell Module for the Inforcer REST API

March 30, 2026 by Roy Klooster

conditional-access exchange-online entra-id intune reports

InforcerCommunity v0.2.0 adds Export-InforcerTenantDocumentation: generate a complete, readable snapshot of your M365 tenant's policy configuration...

Read Article →

IC3: From WNS to Real Time Device and IME Actions

March 20, 2026 by rudyooms

blog

In a previous blog, we showed that something new is quietly showing up inside the Intune Management Extension…something called IC3. At first...

Read Article →

Maintenance Window Settings for OS, Drivers, and Updates

March 18, 2026 by rudyooms

blog

The Maintenance Window policy for OS, Drivers, and Updates is now showing up in Intune, giving control over when update actions like install and re...

Read Article →

Intune Timing Demystified: What Actually Happens Behind the Scenes

March 15, 2026 by rudyooms

blog

In this blog, we will show why Intune timing often feels inconsistent when we are not aware of the different workload paths inside Windows and Intu...

Read Article →

Intel TDT Deprecated: Defender CSP Error 0x86000002

March 07, 2026 by rudyooms

blog

After installing the February 2026 Windows update, the Defender setting IntelTDTEnabled suddenly stops working. Intune reports the familiar 65000 e...

Read Article →

Intune Device Actions: Microsoft brings back instant Remote Actions

March 06, 2026 by rudyooms

blog

This deep dive builds on earlier research in which we observed that Intune remote actions feel instant on day one but begin to show a delay the nex...

Read Article →

Intune Win32App PowerShell Script Installer 64 Bit Switch Not Working

March 01, 2026 by rudyooms

blog

Microsoft recently added support for PowerShell Script Installer inside Win32 apps in Intune, including a 32-bit and 64-bit execution switch. On pa...

Read Article →

Disable MDM Enrollment When Adding a Work or School Account on Windows

February 28, 2026 by rudyooms

blog

You have probably seen the new option in the Intune portal that lets you disable MDM enrollment when a user adds a work or school account. It looks...

Read Article →

Intune PowerShell Script Delay? Here Is What Really Causes It

February 27, 2026 by rudyooms

blog

You create a new PowerShell platform script in Intune to fix something and expect it to run immediately. That sounds pretty reasonable. Well…...

Read Article →

RKSolutions PowerShell Module

February 23, 2026 by Roy Klooster

entra-id graph-api intune reports tools

If you manage Microsoft 365 tenants, you already know the value of a single view for enrollment flows, anomalies, admin roles, and license assignme...

Read Article →

Microsoft Introduces Entra Hybrid Join using Entra Kerberos

February 18, 2026 by Daniel Bradley

microsoft-intune news

Microsoft has introduce a new hybrid join for Windows devices using Entra Kerberos for instant device registration in Microsoft Entra. The post Mic...

Read Article →

ADMX Ingestion and Access is Denied 0x80070005

February 13, 2026 by rudyooms

blog

When an Intune policy fails with 0x80070005 Access Denied, the explanation usually sounds obvious. Something tried to write to the registry, but Wi...

Read Article →

Intune MDM Certificate Renewal Failure: The Hidden UPN Issue

February 10, 2026 by rudyooms

blog

In this blog, we take a closer look at what really happens when the Intune MDM device certificate fails to renew. While investigating a strange cer...

Read Article →

Forgotten Features Series, Part 5: The Defender Tag Bridge You’re Not Using – Custom MDE Tags via Intune

February 09, 2026 by Roy Klooster

intune

This is the fifth post in a series spotlighting forgotten features (policy) in Microsoft Intune and the broader Microsoft 365 ecosystem. Today, we’...

Read Article →

Forgotten Features Series, Part 5: The Defender Tag Bridge You’re Not Using – Custom MDE Tags via Intune

February 09, 2026 by Roy Klooster

microsoft-intune

This is the fifth post in a series spotlighting forgotten features (policy) in Microsoft Intune and the broader Microsoft 365 ecosystem. Today, we’...

Read Article →

Forgotten Features Series, Part 4: Beyond Built-In Checks – Intune Custom Compliance Policies

February 03, 2026 by Roy Klooster

conditional-access intune

As a Managed Service Provider (MSP), you enforce device compliance with Intune's built-in policies: antivirus running, encryption enabled, OS versi...

Read Article →

Forgotten Features Series, Part 4: Beyond Built-In Checks – Intune Custom Compliance Policies

February 03, 2026 by Roy Klooster

conditional-access microsoft-intune

As a Managed Service Provider (MSP), you enforce device compliance with Intune’s built-in policies: antivirus running, encryption enabled, OS...

Read Article →

Intune Device Certificate Renewal Flow Has Shifted from Pull to Push

February 03, 2026 by rudyooms

blog

This blog will show you how the Intune Device Certificate Renewal Flow Has Shifted from Pull (Scheduled Task) to Push (ErollmentService) Please not...

Read Article →

The Secure Boot Status Report: Who Actually Sends the Secure Boot Info

January 29, 2026 by rudyooms

blog

The new Secure Boot Status report in Intune finally provides visibility into Secure Boot state across all of your devices. This new Secure Boot Sta...

Read Article →

The Secure Boot Status Report: Coming soon to Intune

January 24, 2026 by rudyooms

blog

Most admins already found the Secure Boot policy in Intune. That’s not the problem. The problem is what happens after you assign it… ...

Read Article →

Agent Identity demystified

January 15, 2026 by Derk van der Woude

azure entra-id security defender intune

This blog series aims to demystify Microsoft Entra Agent Identity Security.An agent is an application that attempts to achieve a goal by understand...

Read Article →

Policy is rejected by licensing: Error Code 0x82B00006

January 14, 2026 by rudyooms

blog

This blog dives into what “Policy is rejected by licensing” actually means inside Windows, why that decision is not based on what Int...

Read Article →

KQL Sources: 2026 Update

January 04, 2026 by Bert-Jan Pals

azure entra-id security intune

What started as a single blog in 2023 is now becoming a yearly tradition. Each year, the KQL community expands with new repositories and queries. T...

Read Article →

What Really Happens When You Press Remote Sync in Intune

December 29, 2025 by rudyooms

blog

Pressing the Sync button in Intune looks simple, but it is not a command sent straight to the device. It sends a signal, and then Windows decides i...

Read Article →

The Edge LocalNetworkAccessAllowedForUrls policy you never deployed

December 17, 2025 by rudyooms

blog

This blog examines why LocalNetworkAccessAllowedForUrls appeared on managed devices without being deployed from Intune. It also explains why Edge a...

Read Article →

How Intune Syncs Work: PowerShell and Win32 App Delivery vs Policy Delivery

December 16, 2025 by rudyooms

blog

This blog is about why Intune behaviour often feels inconsistent, even when everything is configured correctly. The answer isn’t timing. It’s the a...

Read Article →

Discover and Restrict access to GenAI Apps in the Microsoft Security ecosystem

December 15, 2025 by Derk van der Woude

entra-id security defender intune conditional-access

The GenAI (Generative Artificial Intelligence) Security Policy outlines the security controls needed to protect sensitive corporate assets.GenAI Ap...

Read Article →

New Intune/Autopatch Feature: CVE and KB reporting – Better visibility, smarter patching – General Availability

December 15, 2025 by Michael Morten Sonne

attackscompromise compliance intune microsoft reports

Last Updated on December 15, 2025 by Michael Morten Sonne Introduction Microsoft has now begun the rollout of… The post New Intune/Autopatch ...

Read Article →

PowerShell Script Installer Support for Win32 apps in Intune

December 13, 2025 by rudyooms

blog

This blog is about a new Intune feature that briefly appeared in Microsoft documentation: PowerShell script installer support for Win32 apps. The f...

Read Article →

Major updates in Microsoft 365 and Microsoft Intune (December 2025)

December 04, 2025 by Michael Morten Sonne

applications attackscompromise identity intune microsoft

Last Updated on December 4, 2025 by Michael Morten Sonne Introduction On December 4, 2025, Microsoft released major… The post Major updates i...

Read Article →

Microsoft 365: The Essential 10 Security Considerations

November 28, 2025 by Ru Campbell

entra-id-azure-active-directory microsoft-365 microsoft-defender microsoft-intune microsoft-purview

When we talk about Microsoft 365 security, we are talking about two things: The latter can be used to achieve the former, as well as other (non-Mic...

Read Article →

Intune Policy Tattooing Issue: Removed Settings Stay Enforced

November 27, 2025 by rudyooms

blog

In this blog, we’ll walk through a strange case of the Intune Policy Tattooing Issue (Yes, a new tattooing issue), where every deleted setting refu...

Read Article →

Autopilot Device Association

November 23, 2025 by rudyooms

autopilot intune

Autopilot Device Association finally gives Windows the tenant context it was missing during OOBE. With that link in place, Windows can apply OOBE s...

Read Article →

Microsoft Intune Multi Admin Approval: Securing Device Actions such as Wipe, Retire and Delete

November 22, 2025 by Oliver Müller

microsoft-365 microsoft-intune microsoft-tenant-hardening tutorials

Multi Admin Approval (MAA) in Microsoft Intune is a security feature that requires a second user’s approval before critical changes can be executed...

Read Article →

PowerShell Script Support Added for Win32 Intune App Deployment

November 17, 2025 by Daniel Bradley

microsoft-intune

PowerShell script support has been added directly to the Intune app deployment Wizard. Learn why this is a great improvement. The post PowerShell S...

Read Article →

Why “User” Install Behavior Doesn’t Mean a User Install

November 13, 2025 by rudyooms

blog

This blog dives into how Intune handles MSI app deployments when you choose App Install Context: User, and why that setting doesn’t always do what ...

Read Article →

Bringing Order to Microsoft’s Fast‑Moving Copilot Rollout in Microsoft 365

October 29, 2025 by Kenneth Van Surksum

intune modern-workplace office-365 security

The rapid and widespread rollout of Microsoft 365 Copilot has created a governance challenge for organizations. Features are often enabled before c...

Read Article →

Configure Browser Policy to Preserve OneDrive and SharePoint Web Performance and Offline Capability needed for upcoming Chromium versions

October 23, 2025 by Kenneth Van Surksum

intune

Introduction Modern collaboration tools such as OneDrive and SharePoint depend on efficient browser communication to deliver both online and offlin...

Read Article →

MMP-C: The Future of Windows Device Management with Intune

October 22, 2025 by rudyooms

blog

For years, Intune has managed Windows devices through OMA-DM (Open Mobile Alliance Device Management). It worked, but as explained in our previous ...

Read Article →

Remotely Intune wipe devices in Defender for Endpoint isolation mode!

October 22, 2025 by Thomas Verheyden

defender-for-endpoint defender-xdr defender-for-servers micorosft-security

Intro Microsoft recently announced that device isolation exclusions in Defender for Endpoint are now generally available. This made me think about ...

Read Article →

Balancing Control and Convenience: Preventing Edge Password Sync on Unmanaged Devices

October 20, 2025 by Kenneth Van Surksum

conditional-access intune mobile-application-management

Introduction Password managers have become a default convenience in modern browsers, including Microsoft Edge. Microsoft now recommends enabling th...

Read Article →

The History of Intune: From OMA DM to Modern Windows Management

October 19, 2025 by rudyooms

blog

In this blog, we go back in time and look at how Windows device management really started.How Microsoft built the first framework for managing devi...

Read Article →

The Truth About the 8-Hour Intune Sync (and Why It’s a Myth)

October 07, 2025 by rudyooms

blog

This blog will address one of the biggest misunderstandings I hear regarding Intune: the misconception that Windows devices ONLY receive new polici...

Read Article →

Microsoft Defender for Endpoint: Getting Started with Deployment Using Intune

October 04, 2025 by Oliver Müller

microsoft-365 defender-xdr intune microsoft-tenant-hardening troubleshooting

Devices today are diverse, mobile and therefore exposed to a wide range of threats. Traditional antivirus solutions detect known patterns but leave...

Read Article →

Autopilot Device Preparation and the Return of OOBE Controls

October 02, 2025 by rudyooms

intune

Hidden Device Preparation template enables OOBE controls in AP DP. Naming at OOBE, skip EULA, skip keyboard, hide privacy. Works through device ass...

Read Article →

Understanding the Default Compliance Policy: What’s Changed and Why Devices Stay Compliant

September 16, 2025 by rudyooms

blog

This blog explores the behavior change in Intune’s built-in compliance policy, specifically why devices are still marked as compliant even when the...

Read Article →

Windows Autopilot: Installing Windows Updates during setup (OOBE)

September 04, 2025 by rudyooms

intune

Installing Windows Quality Updates during the out-of-the-box (OOBE) experience is now generally available is been pulled back! (Check out this para...

Read Article →

Windows Autopilot Stuck on Identifying: The KB5065848 Story

September 04, 2025 by rudyooms

blog

It was a rough week for Intune. First, BitLocker policies suddenly stopped applying without any good reason. The event logs indicated that the BitL...

Read Article →

BitLocker Policies Not Getting Applied in Intune (65000)

September 02, 2025 by rudyooms

blog

This blog will discuss a case where BitLocker policies pushed during Windows Autopilot appeared to be applied in the event logs, but they never act...

Read Article →

Windows Autopatch Client Broker: What It Is, When to Use It, and Why It Matters

August 26, 2025 by Tom Rolvers

windows-autopatch intune patch-management

In this post, we’ll break down what it does, when you need it, and how to align it with your organization’s update strategy.

Read Article →

Endpoint Privilege Management: Virtual Elevation Acccount Support

August 21, 2025 by rudyooms

epm intune

EPM has always relied on virtual accounts for elevation, often breaking scenarios where apps need the real user profile. A new ElevationAccount.Use...

Read Article →

Multi-Admin Approval Extends to Device Reset Options in Intune

August 21, 2025 by Daniel Bradley

intune news

Discover Intune's new Multi-Admin Approval feature for device actions. This guide explains how to set up dual control for Wipe, Retire, and Delete ...

Read Article →

Recommended Settings for Windows LAPS with Intune

August 17, 2025 by Daniel Bradley

intune

Deploy the recommended settings for Windows LAPS to your end-user Windows 10 and 11 devices using Microsoft Intune. The post Recommended Settings f...

Read Article →

Download IntuneWin Win32 App Files Directly from Intune

July 29, 2025 by rudyooms

blog

This blog explains how to download the original IntuneWin Win32 app package from Intune when you no longer have the original source files. If you f...

Read Article →

How to Block Upload to WeTransfer, DropBox & Google Drive (but Allowing Download) – using Microsoft Purview Data Loss Prevention (DLP)

July 28, 2025 by Morten Knudsen

ai defender-for-endpoint dlp intune m365-security

This blog was created in response to recent policy changes related to the WeTransfer cloud storage service. These changes raised ... Read more

Read Article →

Intune Remote Wipe ending up in “Something went wrong” (0x800f0991)?

July 27, 2025 by rudyooms

blog

In this blog, we’ll walk through a remote wipe issue that leaves devices in a lingering, unmanaged state, where the Intune object is removed, the d...

Read Article →

Intune, vTPM, and MDM Enrollment Version 6.0: What You Need to Know!

July 15, 2025 by rudyooms

blog

This blog will cover the latest features in MDM Enrollment Version 6.0 and explain their significance for device attestation, virtual TPMs, and Int...

Read Article →

How the IME Cleans up the IMECache folder

July 01, 2025 by rudyooms

blog

This blog explains how the Intune Management Extension (IME) handles the cleanup of the IMECache folder after it has finished installing a Win32App...

Read Article →

Intune Policies showing error code -2016281112

June 23, 2025 by rudyooms

blog

This blog covers a weird issue where Windows Update client policies deployed through Intune began to fail after devices were upgraded to Windows 11...

Read Article →

Intune Anomalies Report

June 13, 2025 by Roy Klooster

uncategorized

Table of Contents Introduction Requirements Features How does it work? Interactive Authentication Client Secret Authentication Certificate Authenti...

Read Article →

Data Strategy Breakdown Series - Defender XDR and Intune (4)

June 09, 2025 by Ewelina Paczkowska

security defender intune compliance

In Part 4 of the Data Strategy Breakdown Series, we explore how Defender XDR and Intune in your data strategy can transform security operations. Fr...

Read Article →

Troubleshooting Windows Feature Updates not being deploying using Intune/AutoPatch/WUfB

May 24, 2025 by Morten Knudsen

intune microsoft-graph microsoft-security microsoftsecurityupdates scripting

I have been banging my head why some machines wouldn’t deploy Windows 11 Windows Feature Updates (24H2) as part of ... Read more

Read Article →

Whats New in Windows Autopatch

May 19, 2025 by Tom Rolvers

windows-autopatch intune patch-management

Learn how Windows Autopatch lets you orchestrate updates for Windows, Microsoft 365 Apps, Microsoft Edge, and Teams. All from a single automated so...

Read Article →

Continue to Sign in Prompt Part 2: Disable the DMA SSO Compliance

April 19, 2025 by rudyooms

intune

In this blog, we will examine how a recent big Windows change was introduced to meet Digital Markets Act (DMA SSO Compliance) requirements. This ch...

Read Article →

Implementing Attack Surface Reduction Policies

April 13, 2025 by Tom Rolvers

intune asr

Start implement Microsoft's Attack Surface Reduction (ASR) policies today!

Read Article →

The “Continue to Sign in Prompt” That breaks the SSO

April 09, 2025 by rudyooms

intune

In this blog, we will examine why Windows shows the “Continue to sign in?” prompt when launching apps like Edge or Company Portal for the first time

Read Article →

🚀Introducing ASR Rule Inspector V2

April 08, 2025 by Roy Klooster

uncategorized

Table of Contents Introduction What’s New in the V2? Intune vs Local Comparison – No More Policy Guesswork Detecting Duplicate and Conflictin...

Read Article →

How to authenticate with Windows Hello for Business or FIDO security key in RDP session ?

March 18, 2025 by Morten Knudsen

entra-id identity intune microsoft-security mvpbuzz

This little guide will show how you can authenticate with Windows Hello for Business and FIDO2 security key in a ... Read more

Read Article →

Declarative Device Management with Intune

March 10, 2025 by rudyooms

intune mmpc windc mmpc intune

How Microsoft / Intune is shifting to Declarative Device Management (DDM) by using the declared configuration service

Read Article →

Language Packs? I Just Told My Computer to ‘Figure It Out.’ Apparently, It Did.

February 27, 2025 by Roy Klooster

uncategorized

Do you know that moment? You’ve got your Intune environment perfectly set up, Autopilot profiles configured, and you think, ‘Yes, world...

Read Article →

Why Using a DEM Account for Windows Autopilot is a Bad Idea

February 25, 2025 by rudyooms

autopilot intune

In this blog (not technical this time…sorry), we’ll explore why Microsoft does NOT support Device Enrollment Manager (DEM) for Autopilot, the...

Read Article →

Device Query for Multiple Devices, Device Inventory, and Single Device Query: Connecting the Dots

February 19, 2025 by rudyooms

device-inventory intune

If you’ve ever tried troubleshooting a single device, you know how useful tools like Single Device Query can be pretty helpful. It’s fast, accurate...

Read Article →

MAM vs. MDM: Choosing the Right Mobile Management Approach

February 11, 2025 by Kenneth Van Surksum

intune mobile-application-management overview security app-protection-policies

With the increasing reliance on mobile devices in the workplace, organizations must choose the right strategy to manage and secure corporate data. ...

Read Article →

Operational Collections 2.0

February 02, 2025 by Nathan McNulty

intune

I absolutely love the SCCM Operational collections from System Center Dudes, and while Intune has a different design that negates the need for scop...

Read Article →

The ShadowAdminPairs: A Deep Dive into Administrator Protection

January 30, 2025 by rudyooms

administrator-protection intune

Learn how the Administrator Protection feature in Windows 11 uses the ShadowAdminPairs key to map ENTRA user SIDs to local admins

Read Article →

Comparing Web Filtering and Security: Microsoft Entra Internet Access (Global Secure Access) vs. Microsoft Defender for Endpoint (MDE)

January 28, 2025 by Kenneth Van Surksum

cloud-app-security conditional-access entra-id intune defender-xdr

Organizations face increasing challenges in securing internet traffic and enforcing web access policies in today’s hybrid work environment. Two key...

Read Article →

Securing Microsoft Business Premium Part 01: The First Step to an Unbreakable Defense

January 27, 2025 by Sebastian F. Markdanner

microsoft-entra microsoft-defender microsoft-azure microsoft-intune microsoft-purview

Today kicks off a comprehensive blog series where I’ll delve into the security features of the Business Premium license SKU, offering...

Read Article →

Dual Enrollment / MMP-C Light for Workplace Joined Devices?

January 20, 2025 by rudyooms

mmpc intune intune

Explore WorkplaceJoin_DualEnrollment, dual enrollment for Workplace Join devices, and the role of MMP-C Light in shifting Intune policies

Read Article →

Kung Fu MMP-C Onboarding

January 20, 2025 by rudyooms

intune mmpc

This blog will show how I onboarded multiple Microsoft 365 Tenants to the new MMP-C infrastructure (Microsoft Management Platform – Cloud) and expl...

Read Article →

Seamlessly Migrating from Symantec Endpoint Protection to Microsoft Defender for Business

January 11, 2025 by Nathan Hutchinson

defender-for-endpoint intune

Discover how to migrate from Symantec Endpoint Protection to Microsoft Defender for Business seamlessly with tips and tools!

Read Article →

Governing OS Versions in Microsoft Intune: Best Practices and Configuration

January 07, 2025 by Kenneth Van Surksum

conditional-access intune modern-workplace security compliance-policy

In a modern managed workplace environment, ensuring that devices meet minimum operating system (OS) requirements is a critical aspect of security a...

Read Article →

Renewing Apple Enrollment Program, VPP Token, and MDM Push Certificate in Microsoft Intune and SCIM token in Entra.

January 06, 2025 by Kenneth Van Surksum

abm intune dep dep-token mdm

Introduction Managing Apple devices in Microsoft Intune requires maintaining active integrations with Apple services. To ensure continued functiona...

Read Article →

How to check and block “malicious” browser extensions with Microsoft Defender and Intune?

January 05, 2025 by Jeffrey Appel

security defender-for-endpoint defender-xdr

In the past years, malicious browser extensions have been on the rise and are more popular to be used as part of cyberattacks. With the use of mali...

Read Article →

KQL Sources - 2025 Update

January 01, 2025 by Bert-Jan Pals

azure entra-id security intune sentinel

What started as a single blog is now becoming a yearly trend. More and more KQL related repositories are created, not only with a focus on security...

Read Article →

MDM / Intune policies moving over to MMP-C

December 30, 2024 by rudyooms

intune mmpc

This blog will focus on how Wi-Fi and VPN resource access policies are being transferred (Authority change) from the old-school MDM stack to the MM...

Read Article →

Troubleshooting the Properties Catalog Error 2147749902:

December 17, 2024 by rudyooms

device-inventory intune

Troubleshooting error 2147749902 (WBEM_E_INVALID_NAMESPACE) isn’t always straightforward. What started as a simple Intune error turned into a Devic...

Read Article →

Life is like a box of Enhanced Device Inventory Properties.

December 09, 2024 by rudyooms

device-inventory intune

This blog will focus on a new Intune Core Feature called Windows Device Inventory (Resource Explorer). I will show you how this new Intune Feature ...

Read Article →

Microsoft Entra Identity Governance Fundamentals: Access Packages

December 09, 2024 by Sebastian F. Markdanner

microsoft-entra microsoft-intune microsoft-defender

In this blog post, we’ll be covering the fundamentals of Access Packages in Microsoft Entra—it’s all about getting a solid understanding...

Read Article →

Under the hoods of the Windows Device Inventory Agent

December 08, 2024 by rudyooms

device-inventory intune

This blog will show you the inner workings of the Device Inventory Agent

Read Article →

The 0x80072F9A We Start From

December 04, 2024 by rudyooms

intune

This blog is a follow-up to the Windows Enrollment Attestation series. I’ll dive into why the AllowRecovery CSP is a game-changer and how it helped...

Read Article →

Passkeys 101: How Microsoft Entra Simplifies Passwordless Authentication

December 02, 2024 by Sebastian F. Markdanner

microsoft-entra microsoft-intune microsoft-defender

Today, we’re exploring passkeys—what they are, how they work, and how Microsoft’s latest GA features make passwordless authentication...

Read Article →

Windows – Hotpatching is now possible on clients – rebootless updates is here!

December 02, 2024 by Michael Morten Sonne

intune microsoft security windows windows-11

Last Updated on June 2, 2025 by Michael Morten Sonne Introduction In a major step forward for reliability… The post Windows – Hotpatching is ...

Read Article →

MSEM | OT Security Initiative

November 21, 2024 by Derk van der Woude

azure security defender intune

From global tensions on nation-state level to cybercriminals and script-kiddies, cybersecurity for OT (Operational Technology) becomes more and mor...

Read Article →

Fixing Time Zone Issues in Windows Autopilot

November 18, 2024 by rudyooms

autopilot intune

Deploying Windows devices using Autopilot can be challenging, especially when devices are shipped from a supplier in China to various global locati...

Read Article →

Device Compliance: The Tpm-PreAttestationHealthCheck in Windows 24H2

November 12, 2024 by rudyooms

attestation-and-compliance-series compliance intune

Troubleshooting health attestation just got easier. With the introduction of the Tpm PreAttestationHealthCheck task, Windows now generates a detail...

Read Article →

Fix Subscription Activation by automatically Removing Secondary Work or School Accounts.

November 04, 2024 by rudyooms

intune

When subscription activation gets stuck, it could be due to conflicting tenant accounts. This blog dives into how to fix subscription activation by...

Read Article →

Autopilot Device Preparation (AVP2/AP-DPP): Hiding the Privacy Settings

October 30, 2024 by rudyooms

intune device-enrollment

In this post, I’ll show you how to streamline the Out-of-Box Experience (OOBE) setup process even if you’re using Autopilot Device Preparation ( AV...

Read Article →

Patch My PC Home Updater 5.0: Effortless Updates for Over 500 Apps

October 28, 2024 by rudyooms

intune

On October 23rd, 2024, Patch My PC dropped their brand new Home Updater version 5.0, and it’s a serious game-changer for home users. If you’ve been...

Read Article →

The Incredible story of using the Windows Performance Recorder to troubleshoot your Enrollments.

October 28, 2024 by rudyooms

intune

In this blog, I will show you how to set up the Windows Performance Recorder and the Windows Performance Analyzer to troubleshoot Autopilot and Int...

Read Article →

Autopilot Error 0x80280009: TPM Attestation. What is going on?

October 23, 2024 by rudyooms

autopilot intune

In this blog, we’ll explore why 0x80280009 (aka TPM_E_FAIL) is becoming a more common headache, particularly in virtual machines. We’ll look at wha...

Read Article →

Local Administrator Protection vs. EPM: The Differences Explained!

October 14, 2024 by rudyooms

administrator-protection epm intune

After posting the blog about Administrator Protection, one question kept coming up: What are the key differences between Administrator Protection v...

Read Article →

Administrator Protection in Windows 11 Explained: How Microsoft Rebuilt Local Admin Security

October 07, 2024 by rudyooms

administrator-protection intune

This blog will focus on a new Windows 11 insider build feature, Administrator Protection, announced in the latest Windows Insider Canary build (277...

Read Article →

How to deploy Enterprise App Catalog updates with PowerShell

October 03, 2024 by Daniel Bradley

microsoft-graph intune

Learn how to manage and deploy apps updates in the Intune Enterprise App Catalog using Microsoft Graph PowerShell. The post How to deploy Enterpris...

Read Article →

Report Enterprise App Catalog Updates in Intune with PowerShell

September 30, 2024 by Daniel Bradley

microsoft-graph intune

Learn how to use PowerShell to report available Enterprise App Catalog updates in Microsoft Intune with Microsoft Graph PowerShell. The post Report...

Read Article →

Troubleshooting Intune Enrollment: Solving the 0x80180031 MDM Not Configured Error

September 26, 2024 by rudyooms

device-enrollment intune

In this blog, we’ll dive into the common headache of enrolling existing devices to Intune and hitting the 0x80180031 error, often caused by the fac...

Read Article →

SecureChannelFailure Errors, and the Curious Case of the Failing IME

September 24, 2024 by rudyooms

device-enrollment intune

Have you ever struggled with Lenovo T480 or HP Elitedesk 800 G4 devices that refused to cooperate with Intune? In this blog, we unravel the saga of...

Read Article →

Speaking at the Workplace Ninja Summit 2024

September 13, 2024 by Kenneth Van Surksum

entra-id conditional-access entra-id identity-protection intune

Next week it’s time again for the annual Workplace Ninja Summit in Lucerne, Switzerland. The summit will start on Monday September 16th till ...

Read Article →

The Subscription Activation Journey: Stuck on Pro

September 13, 2024 by rudyooms

intune subscription-activation

The May update broke Windows Subscription Activation, causing devices to drop from Enterprise to Pro. The primary culprit was a breakdown in Multi-...

Read Article →

Cloud PCs? Where we’re going we don’t need Device Query and Support Approved?

September 04, 2024 by rudyooms

device-query epm intune

Are you using a nice Windows 365 Cloud PC and want to use kickass Intune Suite features like Device Query or EPM Support Approved? If you’re ...

Read Article →

Detect Impact MFA Enforcement

August 31, 2024 by Morten Knudsen

azure entra-id identity microsoft-graph microsoft-security

You may have noticed that Microsoft will enforce MFA requirement per October 15, 2024 for Azure/Entra/Intune. If this is new ... Read more

Read Article →

Mrs. Resource Performance, you’re trying to seduce me with your CPU Spike. Aren’t you?

August 30, 2024 by rudyooms

intune

Two powerful features have been introduced in the latest update to Microsoft Intune Advanced Analytics: CPU Spike and Memory Spike monitoring. We c...

Read Article →

The Lakehouse of EPM: Easily Create EPM Elevation Rules based on the Elevation Requests

August 29, 2024 by rudyooms

epm intune

Create EPM Elevation Rules in just a few seconds. It sounds like a dream, right? As IT professionals, we’re always on the lookout for ways to...

Read Article →

FooUser@ meets the Cosmic Autopilot@ user

August 27, 2024 by rudyooms

autopilot device-enrollment intune

This blog will be about me wrecking a Windows device during Autopilot Pre-Provisioning to see what is happening underneath. While doing so, I stumb...

Read Article →

Evolving Subscription Activation: From Workarounds to a Robust Solution

August 22, 2024 by rudyooms

intune subscription-activation

Microsoft has continuously refined how Windows handles Subscription Activation, particularly in environments with strict Conditional Access policie...

Read Article →

Keep your Interactive Logons close, but your EPM Virtual Account closer.

August 06, 2024 by rudyooms

epm intune

In this blog, I will show you why existing GPO policies could potentially break new products like Intune Endpoint Privilege Management (EPM). I wil...

Read Article →

MDM vs. MAM | Personal vs. Corporate

August 05, 2024 by rudyooms

device-enrollment intune

In our previous blog, we explored how to register devices with Entra and manage them, despite certain prerequisites for using Intune. In this blog,...

Read Article →

IsTPMAttested: The Ultimate Attestation Security Gate

July 31, 2024 by rudyooms

device-enrollment intune windows-enrollment-attestation autopilot mdmhardening

This is the fourth and, for now, last blog post in the Windows Enrollment Attestation series. In it, I will explain how the three previous blogs le...

Read Article →

How to find settings in the Setting Catalog by custom OMA-URI

July 26, 2024 by Daniel Bradley

microsoft-graph intune

Learn how to use PowerShell to find if the Settings Catalog in Intune contains settings by the custom OMA-URI path. The post How to find settings i...

Read Article →

Saving Upgrade Ryan: How KB5040527 fixed the Subscription Activation issue!

July 26, 2024 by rudyooms

intune subscription-activation

Great news! The July Preview KB5040527 update has finally fixed the Windows subscription activation issue that plagued the upgrade from Windows 11 ...

Read Article →

InitiateRecovery: The Power of Hardening the Intune Enrollment

July 24, 2024 by rudyooms

intune windows-enrollment-attestation mdmhardening intune

This is the third blog in the Windows Enrollment Attestation / MDM Hardening series. In it, I will examine what happens when we combine the amazing...

Read Article →

How to rotate BitLocker keys with Microsoft Graph PowerShell

July 21, 2024 by Daniel Bradley

microsoft-graph intune

Learn how to rotate BitLocker keys for devices managed with Microsoft Intune using Microsoft Graph PowerShell. The post How to rotate BitLocker key...

Read Article →

Microsoft to start blocking custom OMA-URI settings in Intune

July 20, 2024 by Daniel Bradley

intune

Microsoft will soon start blocking the use of custom OMA-URI settings in Microsoft Intune for settings that existing in the settings catalogue. The...

Read Article →

All the Intune MDM Certificate Recovery We Cannot See

July 18, 2024 by rudyooms

intune windows-enrollment-attestation intune

This blog will be the second one in the Windows Enrollment Attestation Series!! And let me promise you one thing!!! The words rabbit hole will get ...

Read Article →

How to delete Cloud PKI CAs in Microsoft Intune

July 17, 2024 by Daniel Bradley

microsoft-graph intune

Learn how to delete Microsoft Cloud PKIs in Microsoft Intune using the portal and Microsoft Graph PowerShell. The post How to delete Cloud PKI CAs ...

Read Article →

MDM x TPM: The MDM Hardening

July 17, 2024 by rudyooms

intune windows-enrollment-attestation hardening mdm intune

This blog will be the first one in the Windows Enrollment Attestation / MDM Hardening series. In it, I will take a closer look at a beautiful funct...

Read Article →

Windows Enrollment Attestation 76: MDM Hardening

July 16, 2024 by rudyooms

intune windows-enrollment-attestation

Welcome to our Windows Enrollment Attestation series overview. This feature is also known as MDM Hardening and MDM Device Attestation. In this blog...

Read Article →

Die Hard with a UTC: Fixing Autopilot Device Preparation

July 09, 2024 by rudyooms

autopilot intune

Enrolling devices into Windows Autopilot Device Preparation should be straightforward, but sometimes, unexpected issues require a deeper dive into ...

Read Article →

EPM Error 0x8007010B: The Debugging Game

July 03, 2024 by rudyooms

epm intune

In this blog, I will examine a funny 0x8007010B error that Endpoint Privilege Management (EPM) could give you when you try to elevate the CMD using...

Read Article →

I was MSI and PS1. Nothing but Endpoint Privilege Management and a couple of file extensions

June 26, 2024 by rudyooms

epm intune

With all the new features added to Microsoft Endpoint Privilege Management (EPM), we must not forget another new and long-awaited feature. This blo...

Read Article →

Autopilot Device Preparation and the Enrollment Time Grouping

June 20, 2024 by rudyooms

autopilot intune

This blog will focus on the importance of the Enrollment Time Group (JustIntTimeConfiguration), which is currently only used with Autopilot Device ...

Read Article →

Microsoft Intune to require iOS 16 and macOS 13

June 19, 2024 by Daniel Bradley

intune

Microsoft Intune will soon require a higher version of MacOS and iOS later this year. Learn how to identify the impact in your tenant. The post Mic...

Read Article →

Platform-level device cleanup rules added to Microsoft Intune

June 11, 2024 by Daniel Bradley

intune

Learn how to configure device clean-up rules at a platform level in Microsoft Intune to target Windows, IOS, Android, Mac or Linux devices. The pos...

Read Article →

The Battle Of The Local Administrator And Autopilot Device Preparation

June 11, 2024 by rudyooms

administrator-protection intune

In this blog, I will discuss how I found out a specific entra setting was interfering, AKA breaking my Windows Autopilot device preparation deploym...

Read Article →

Autopilot and the Sundance Device Preparation

June 05, 2024 by rudyooms

autopilot intune

In this blog, I will explore the wonders of Autopilot Device Preparation (AP-DP), from the first step of signing in to the last step in the Autopil...

Read Article →

How to deploy Autopilot Device Preparation Policies with PowerShell

June 05, 2024 by Daniel Bradley

microsoft-graph intune

Learn how to deploy Device Preparation Policies in Microsoft Intune programmatically using Microsoft Graph PowerShell. The post How to deploy Autop...

Read Article →

Entra Private Access/GSA – Automatic Network Detection

June 01, 2024 by Morten Knudsen

entra-id entra-private-access identity microsoft-security mvpbuzz

This blog covers a custom script solution for Intune, that can be used to automatically detect, if the Entra Private ... Read more

Read Article →

Guided application upgrades announced for Microsoft Intune

May 26, 2024 by Daniel Bradley

intune

Enterprise Application Management has announced Guided application upgrades later this year in Microsoft Intune. The post Guided application upgrad...

Read Article →

Autopilot Device Preparation: First Contact

May 22, 2024 by rudyooms

autopilot intune

Are you anxiously waiting for the Autopilot V2 Announcement? APv2 has just been officially announced and has a nice new shiny name: Autopilot Devic...

Read Article →

New granular security policy permissions in Microsoft Intune

May 22, 2024 by Daniel Bradley

intune

Microsoft are to release new granular security permissions relating to security baselines in Microsoft Intune. The post New granular security polic...

Read Article →

Nobody makes me Config Refresh my own Provider. Nobody!

May 22, 2024 by rudyooms

intune

Welcome to the Config Refresh Blog! Today, I’ll be diving into the fascinating world of Config Refresh. Specifically, we’ll explore how...

Read Article →

Thoughts on Copilot for Security’s Early Days

May 13, 2024 by Ru Campbell

copilot-for-security ai copilot

April 1, 2024, seen the release of Microsoft Copilot for Security to general availability (GA). It is a generative AI solution integrating with Def...

Read Article →

Remember, remember, the Hybrid Device, the MDM only enrollment Treason and The EPM Agent

May 08, 2024 by rudyooms

device-enrollment epm intune

Are you dealing with Hybrid joined, Intune enrolled devices and wondering why the EPM agent isn’t showing up on your device after activating ...

Read Article →

KB5036980 breaks the Windows 11 Enterprise Subscription Activation.

May 03, 2024 by rudyooms

intune subscription-activation

Are you experiencing problems with the automatic upgrade from Windows 11 Pro to Windows 11 Enterprise during Autopilot on the latest Windows build?...

Read Article →

Report assigned Autopilot profiles with Microsoft Graph PowerShell

May 01, 2024 by Daniel Bradley

microsoft-graph intune powershell autopilot microsoft-graph-powershell

Use Microsoft Graph PowerShell to report which Autopilot profile is assigned to each device in Microsoft Intune. The post Report assigned Autopilot...

Read Article →

Microsoft Defender for Endpoint -Security Settings Management Internals 0x1

April 28, 2024 by Alex Verboon

configuration-management defender-for-endpoint security entra-id microsoft-intune

In this blog post we take a closer look at how Microsoft Defender for Endpoint Security Settings Management operates under the hood when managing W...

Read Article →

How to auto-update apps assigned as Available in Microsoft Intune

April 23, 2024 by Daniel Bradley

intune

Learn how to auto-update applications using supersedence in Microsoft Intune for apps assigned as available. The post How to auto-update apps assig...

Read Article →

May the Intune Suite be with You!

April 23, 2024 by rudyooms

epm intune

This blog will show you something you need to be aware of when you purchase the Intune Suite and use the Cisco DUO desktop app. When activating the...

Read Article →

Microsoft Fix Intune Personal Device Enrollment Restriction Bypass

April 22, 2024 by Daniel Bradley

intune

Microsoft fix a bypass technique where you can register personal Windows devices in Intune even while they are blocked. The post Microsoft Fix Intu...

Read Article →

I can only show you the Programs Entity, you’re the one that has to Device Query it!

April 10, 2024 by rudyooms

device-query intune device-query intune pivot

This small blog will examine how the Program entity in the Intune suite feature Device Query is a work in progress. I will update this blog every t...

Read Article →

I have the 2024-03 update! Microsoft, Could you Config Refresh me?

April 08, 2024 by rudyooms

intune

Did Microsoft fix the Config Refresh bug with the March update? However, that doesn’t mean it also works. In this blog, I will examine how Config R...

Read Article →

Use Certificate-Based Authentication in Entra with Cloud PKI

April 08, 2024 by Daniel Bradley

entra-id intune

Learn how to configure Certificate-based authentication in Microsoft Entra using certificates issues from your Intune Cloud PKI. The post Use Certi...

Read Article →

Keeping up with the EmmDeviceID And Config Refresh Bug

April 02, 2024 by rudyooms

intune mmpc

This blog will supplement my previous one, in which I explored the new DMClient LinkedEnrollment DiscoveryEndpoint Node. I will guide you through t...

Read Article →

LAPS Unleashed: Navigating the Future of Windows Admin Security

April 01, 2024 by Nathan Hutchinson

intune

Dive into LAPS for Windows: a game-changer in admin account security. Discovery of the new CSP settings and configurations.

Read Article →

When and how does a device sync with MMP-C (Next Gen Intune)”

April 01, 2024 by rudyooms

epm intune mmpc windc cooked

In this blog, I will examine the same things as Niehaus but this time the next-generation Intune, MMP-C. I will also examine the sync scheme and sh...

Read Article →

Limit local administrators on Microsoft Entra joined devices

March 29, 2024 by Daniel Bradley

intune

Prevent the global administrators in Microsoft Entra from being added to the local administrators group on Microsoft Entra joined devices. The post...

Read Article →

Local Administrator, and Autopilot Settings, and Entra Settings! Oh, my!

March 29, 2024 by rudyooms

autopilot intune intune windowsautopilot

In this blog, I will examine the new Entra local administrator settings, which prevent users from becoming local administrators on their devices du...

Read Article →

Restrict Windows Registry Access with Intune Policy

March 21, 2024 by Ankit Gupta

security intune

The Windows Registry serves as a repository for critical system configurations and preferences, essential for the smooth operation of the Windows O...

Read Article →

Houston, we have a TPM Attestation problem

March 08, 2024 by rudyooms

attestation-and-compliance-series autopilot hp intune intune

This blog will be an additional blog to the TPM attestation series I wrote some time ago. In this one, I am going to take a closer look at why [...

Read Article →

Setup cloud-based RADIUS for Entra Joined Devices using Cloud PKI

March 08, 2024 by Daniel Bradley

entra-id intune

Learn how to setup RADIUS wireless network authentication in a completely cloud environment using Microsoft Entra, Cloud PKI and RADIUSaaS. The pos...

Read Article →

Autopilot: Escape the Administrator

March 05, 2024 by rudyooms

autopilot azure intune intune

Did you ever run into an issue in which the user was still in the local administrator group after the device was enrolled with Windows Autopilot (a...

Read Article →

Entra Private Access & Windows Hello for Business Kerberos Trust – Network Drive Fails for 10 min. after restart and user login

March 05, 2024 by Morten Knudsen

entra-private-access intune windows-hello-for-business

If you are using Entra Private Access (or other SSE solutions) – together with Windows Hello for Business Kerberos Trust, ... Read more

Read Article →

Under the hood: Preparing your device for mobile device management

March 05, 2024 by rudyooms

autopilot intune

This blog will investigate what happens under the hood when our device is enrolled with Windows Autopilot during the “preparing your device f...

Read Article →

Autopilot: Only fail selected blocking apps in technician phase.

February 27, 2024 by rudyooms

autopilot intune intune win32app windowsautopilot

This blog will explain everything you want to know about this new ESP function called “Only fail selected blocking apps in technician phase (preview).

Read Article →

How to Setup Cloud PKI in Microsoft Intune Step by Step

February 27, 2024 by Daniel Bradley

intune

Learn how to configure you own Certificate Authority in Microsoft Intune Step by Step using Cloud PKI feature of Intune Suite. The post How to Setu...

Read Article →

Speaking at the February 2024 Azure APE Meetup

February 27, 2024 by Kenneth Van Surksum

entra-id cloud-app-security entra-id events intune

Today (Tuesday February 27th) I have the pleasure to speak at the February 2024 Azure APE Meetup organized by the Azure Platform Engineering (APE) ...

Read Article →

The Lord of Compliance: The War of the Check Access Button

February 23, 2024 by rudyooms

intune compliance intune

In this updated blog, I will take a closer look at what exactly happens when you press the “Check Access” button in the Company Portal and why it t...

Read Article →

Windows LAPS Under the Hood Part 2: Defuncted!

February 21, 2024 by rudyooms

intune windows-laps

This blog will show you how the new Automatic Account Management feature in Windows LAPS, in combination with another new “hidden defunctR...

Read Article →

I’m Gonna Config Refresh You So Hard!

February 08, 2024 by rudyooms

intune configrefresh mde intune

This blog introduces a new Intune feature: ConfigRefresh, also known as Config Refresh, designed to enhance device security without the need for re...

Read Article →

List All Available Apps in the Intune Enterprise App Catalog

February 07, 2024 by Daniel Bradley

microsoft-graph intune

How to quickly list all applications in the Microsoft Intune Enterprise App Catalog using Microsoft Graph PowerShell. The post List All Available A...

Read Article →

Device Query: Dead of 64-bit

February 03, 2024 by rudyooms

device-query intune

This blog will show you why the new Device Query Intune Suite feature could give you the wrong information when you are using the WindowsRegistry e...

Read Article →

Five Push Notifications at Device Query

February 02, 2024 by rudyooms

device-query intune device-query pivot

In this blog, I am going to take a closer look at how we can troubleshoot a new feature in Intune called Device Query, also known as Intune Pivot. ...

Read Article →

Device Query: A Mad Max Intune Suite Feature

February 01, 2024 by rudyooms

device-query intune

This blog will show you how Microsoft is stepping up the real-time reporting game by introducing a new wonderful feature called: Intune Pivot Devic...

Read Article →

How to Deploy Apps from the Enterprise App Catalog In Intune

February 01, 2024 by Daniel Bradley

microsoft-graph intune

Learn how to deploy applications from the Enterprise App Catalog in Microsoft Intune using the web portal and PowerShell. The post How to Deploy Ap...

Read Article →

Windows LAPS Under the Hood: Automatic Account Management

January 31, 2024 by rudyooms

intune laps windows-laps

This blog is going to show you some magical things that are happening in the background when you have enabled and configured Windows LAPS Automatic...

Read Article →

How to Enable Automatic Account Creation for LAPS in Intune

January 27, 2024 by Daniel Bradley

intune

Learn how to Automatically create new accounts using Windows LAPS configuration settings in Microsoft Intune The post How to Enable Automatic Accou...

Read Article →

Windows LAPS: The Desolation of PAA Reboots

January 25, 2024 by rudyooms

intune windows-laps laps windows

While playing around with Windows LAPS with an insider Windows canary build, I noticed that some improvements were made to Post Authentication Acti...

Read Article →

Configure LAPS in Intune using Microsoft Graph PowerShell

January 21, 2024 by Daniel Bradley

microsoft-graph intune

Quickly configure baseline settings for Windows LAPS in Microsoft Intune using Microsoft Graph PowerShell. The post Configure LAPS in Intune using ...

Read Article →

Microsoft Encourages More Performant Membership Rules for Dynamic Groups

January 19, 2024 by Tony Redmond

entra-id dynamic-group-rule-builder entra-id group-membership-rule intune

MC705357 (9 Jan 2024) says that the dynamic group rule builder in the Entra ID and Intune admin centers no longer supports the contains and notCont...

Read Article →

A winget match made in heaven

January 18, 2024 by Nathan Hutchinson

intune

Learn how to package and auto-update apps in Intune using community-driven tools, WinTuner and Winget-AutoUpdate-Intune, for an efficient, l

Read Article →

How to Deploy Microsoft 365 Apps With Intune

January 12, 2024 by Daniel Bradley

intune

Learn how to deploy the Microsoft 365 applications to Windows 10 and 11 devices using Microsoft Intune. The post How to Deploy Microsoft 365 Apps W...

Read Article →

Race for Experiments: EPM vs. Ecs

January 12, 2024 by rudyooms

epm intune intune intune

In this blog, I am going to take a closer look at another EPM “flight” (AKA new feature) that Microsoft seems to be working on in Endpoint Privileg...

Read Article →

Speaking at the MCT Summit Europe 2024

January 10, 2024 by Kenneth Van Surksum

conditional-access exchange-online intune modern-workplace security

This year, the annual Microsoft Certified Trainer (MCT) summit will be held in the Netherlands. The event which takes place between 14-17 January w...

Read Article →

How to Install and Use WinGet During AutoPilot

January 08, 2024 by Daniel Bradley

intune

Learn how to install WinGet on Windows 10 and 11 devices using Microsoft Intune to help with installing and updating applications during the AutoPi...

Read Article →

EPM: And the “Flights” of Support Approved

January 02, 2024 by rudyooms

epm intune intune intune windows

This is the first unofficial blog about a nice new Endpoint Privilege Management feature called Support Approved. I will show you what it looks lik...

Read Article →

How to Enable Defender for Endpoint in Microsoft Intune

December 20, 2023 by Daniel Bradley

intune

Learn how to enable and deploy Microsoft Defender for Endpoint to Windows 10 and 11 devices using Microsoft Intune. The post How to Enable Defender...

Read Article →

Perform Bulk On-demand Remediation with Microsoft Intune

December 15, 2023 by Daniel Bradley

intune

Learn how to initiate bulk on-demand remediation packages on multiple machines at once using Microsoft Intune. The post Perform Bulk On-demand Reme...

Read Article →

How to Create a Local Admin Account on Windows Devices with Intune

December 13, 2023 by Daniel Bradley

intune featured

Lean how to create a local administrator account on your Windows devices really simple with Microsoft Intune. The post How to Create a Local Admin ...

Read Article →

The 0xd000000d Job 2: Nutty by Intune

December 12, 2023 by rudyooms

intune airwatch intune workspace

In this blog post, a fellow Dutchman (Jos Lieben) asked me if I could assist him with a weird error that occurred during the Intune/MDM enrollment....

Read Article →

The Day that the Microsoft Teams Group Chats stood still.

December 07, 2023 by rudyooms

intune teams

This time not a deep dive blog but a simple little blog about fixing the missing Microsoft Teams group chats and the “Unknown User” in the mobile T...

Read Article →

Configuring even better Windows Update for Business settings for your Microsoft Intune managed Modern Workplace

December 05, 2023 by Kenneth Van Surksum

intune modern-workplace windows-10 windows-11 windows-update-for-business

In March 2021, I published the blogpost “Configuring Windows Update for Business settings for your Microsoft Endpoint Manager managed Modern ...

Read Article →

How to Deploy the Global Secure Access Client with Intune

December 02, 2023 by Daniel Bradley

intune

Learn how to mass-install the Global Secure Access Client using Microsoft Intune. The post How to Deploy the Global Secure Access Client with Intun...

Read Article →

The Wonderful Story of APV2 Device Preparation

November 24, 2023 by rudyooms

autopilot device-enrollment apv2 intune intune

In one of my last blog posts, I described how I noticed that Autopilot Version 2, AKA APV2, was coming. This blog is the second in the Autopilot v2...

Read Article →

Microsoft Error Codes

November 18, 2023 by rudyooms

intune

Here’s a comprehensive overview of all Microsoft error codes. For deeper insights, I’ve linked to the detailed write-ups I’ve created for specific ...

Read Article →

Microsoft Intune Application Deployment Best Practices

November 16, 2023 by Kenneth Van Surksum

intune modern-workplace

In December 2012, I blogged about best practices for deploying applications using System Center Configuration Manager, and while many of those reco...

Read Article →

SslClientCertReference Without a Cause

November 13, 2023 by rudyooms

intune intune

This blog will focus on the 0x80190190 Bad Request (400) we could get because the SslClientCertReference is not configured and maybe a couple of ot...

Read Article →

You can now finally upgrade to Windows 11 23H2!

November 02, 2023 by Michael Morten Sonne

intune iso windows windows-11

Last Updated on November 2, 2023 by Michael Morten Sonne Intoduction The next Windows 11 version is here!… The post You can now finally upgra...

Read Article →

In the Shadow of the DiscoveryEndpoint

November 01, 2023 by rudyooms

epm intune mmpc dmclient mmpc

This blog will discuss my attempt to enroll my device with the latest 25977.1000 insider preview using Autopilot. I will show you how I stumbled up...

Read Article →

There will be…..Autopilot Version 2 (APv2)

October 24, 2023 by rudyooms

autopilot device-enrollment intune

This blog will be about my first encounter with APv2. Yeah!! APv2 As in Autopilot version 2. Did I get your attention??? I am going to assume I do....

Read Article →

The Positively True Adventures of the Alleged MigrateRefreshTask

October 16, 2023 by rudyooms

declared-configuration-enrollment intune mmpc windc

This blog will be the 7th one in the Windows Declared Configuration series (WinDc). In this WinDc series I am focusing on what the “Refresh Schedul...

Read Article →

Lenovo Bios: Dead of Autopilot Marker

October 05, 2023 by rudyooms

autopilot intune

After “finishing” (or maybe not yet) my WinDc blog series I am going to start looking at other stuff. One of the things that I am always interested...

Read Article →

Declared Configurations and the MI Provider

October 02, 2023 by rudyooms

intune mmpc windc declaredconfiguration

This blog will zoom in on, the MOF file and how the MI provider is being used when the declared configuration policies are being set

Read Article →

Along With the Gods: The Two PushLaunch Tasks

September 26, 2023 by rudyooms

intune mmpc pushlaunch

This blog will be about a big underestimated schedule!! I am going to dive into the PushLaunch scheduled task once again. This Task is responsible ...

Read Article →

ReconstructQueueAndExecute: The Last Crusade for Declared Configuration Recovery

September 20, 2023 by rudyooms

epm intune mmpc windc

This blog post will be the fifth in the WinDC Refresh Schedule series. In it, I will zoom into what happens when we run into corrupted Declarative ...

Read Article →

Deploying MDE to macOS

September 19, 2023 by Nathan Hutchinson

intune defender-for-endpoint deployment-guides

This guide will get you up and running with MDE for macOS in no time.

Read Article →

Easily import, export and document Intune configurations!

September 18, 2023 by Nathan Hutchinson

intune

Need to bulk import, export or document your Intune configurations, this guide has you covered.

Read Article →

Speaking at the Workplace Ninja Summit, September 27-29 2023

September 14, 2023 by Kenneth Van Surksum

entra-id entra-id events intune modern-workplace

Starting on Wednesday September 27, till Friday September 29 the Workplace Ninja Summit which is an in-person event will take place in Baden, Swits...

Read Article →

Close Encounters of the Microsoft Azure Attestation

August 30, 2023 by rudyooms

attestation-and-compliance-series intune attestation compliance dha

This blog will be about my first and second encounters with Microsoft Azure Attestation(MAA) and how this new kind of attestation will be dropped d...

Read Article →

Entra Registered Devices in Intune: What You Need to Know

August 11, 2023 by rudyooms

device-enrollment intune

This blog is an addition to my previous blog, which showed you the difference between Entra Registered devices and Entra Joined devices. In this bl...

Read Article →

Refreshing the Declared Configuration Policies

August 01, 2023 by rudyooms

epm intune mmpc windc

This blog post will be the second one in my journey to discover what the “refresh schedule created by Declared Configuration to refresh any setting...

Read Article →

0x80072f8f : A BitLocker Odyssey

July 25, 2023 by rudyooms

intune 2147954575 azure bitlocker intune

This time, a simple blog about a BitLocker escrow error (0x80072f8f )that started happening (all of a sudden) on multiple devices when you were try...

Read Article →

The Treasure of the MMP-C Madre

July 23, 2023 by rudyooms

intune mmpc cloud microsoft mmpc

This time, a simple blog without technical details. It will be just me showing you why I am so enthusiastic about a specific service called MMP-C a...

Read Article →

Under the Hood of: MDE Attach V2 / Security settings management

July 18, 2023 by rudyooms

intune defender-xdr mmpc epm intune

I will guide you through my MDE Attach V2 (Security Management) journey and explain which "service" delivers the Intune policies to your NOT AADJ (...

Read Article →

The WinDC Refresh Schedule and the Dudes

July 11, 2023 by rudyooms

epm intune mmpc windc declaredconfiguration

In this series, I will try to explain more about a wonderful "refresh schedule" I noticed in the task scheduler after EPM was deployed. This first ...

Read Article →

The 0x800705B4 error in our stars

June 28, 2023 by rudyooms

autopilot intune

In this blog, I am going to scuba dive a bit into the wonders of SyncML and how all devices ended up with sync errors and all new Autopilot enrollm...

Read Article →

A Guide to Recognizing Your Post Authentication Actions

June 20, 2023 by rudyooms

windows-laps intune laps intune paa

LAPS everywhere!!!! This time I am deep-diving into the wonders of the Post Authentication Actions (PAA) and what is actually happening (or maybe n...

Read Article →

The Infernal MMP-C Discovery

June 16, 2023 by rudyooms

epm intune mmpc checkin discovery

This blog will be an additional blog post to the MMP-C one. In this blog, I am deep-diving into the first MDE / MMP-C / Declared Configuration enro...

Read Article →

The Password Rotation: The Ballad of Windows LAPS and Threadpools

June 06, 2023 by rudyooms

intune windows-laps

In this blog post, I will explore the wonders of Windows LAPS and what happens when you remotely perform a password rotation from Intune—nothing mo...

Read Article →

The Virtual Account that rocks the EPM!

May 31, 2023 by rudyooms

epm intune logon32_provider_virtual logonuserexexw mem

Are you using Intune Endpoint Privilege Management (EPM) and wondering what is “needed” when you launch a process with elevated access?...

Read Article →

Easy Riders, Intune Bulls: How the Defender for Endpoint, Live Response, and Rock ‘N’ Roll PowerShell Script Recovered the Intune Certificate

May 18, 2023 by rudyooms

intune

We talked about this in our MMSMOA session, but I still needed to write something about it…..so here we go! This blog will be “again...

Read Article →

Block gTLD (.zip)/ FQDN domains with Windows Firewall and Defender for Endpoint

May 15, 2023 by Jeffrey Appel

security defender-for-endpoint intune

Recently there was some news with new gTLD domains. Google Registry launched eight new top-level domains: .dad, .phd, .prof, .esq,&#...

Read Article →

Set up a free Microsoft Intune lab tenant with Microsoft 365 developer subscription

May 04, 2023 by Michael Morten Sonne

entra-id cool-tools intune lab microsoft-365

Last Updated on March 14, 2024 by Michael Morten Sonne Intro Do you want to get started learning… The post Set up a free Microsoft Intune lab...

Read Article →

Endpoint Privilege Management and the Device Health Monitoring Reports: Quantumania

May 02, 2023 by rudyooms

epm intune

This blog will be small and simple, but it will be about me looking at how the Endpoint Privilege Management reports will be delivered to Intune. O...

Read Article →

Intune - Microsoft Tunnel VPN Gateway

May 01, 2023 by Nathan McNulty

intune

Note This article was last updated on 01/30/2025 for readability and updated URLs. I am working on updating this for the UI changes that have been ...

Read Article →

How to use Windows LAPS – PowerShell

April 29, 2023 by Michael Morten Sonne

intune powershell security windows

Last Updated on June 19, 2023 by Michael Morten Sonne Intoduction This is in relation to my last… The post How to use Windows LAPS – PowerShe...

Read Article →

I Killed My Endpoint Privilege Management Enrollment, Hung Her on a Meathook, and Now I Have a Three Picture Deal at MMP-C

April 29, 2023 by rudyooms

epm intune mmpc windc declaredconfiguration

This blog will be just me looking at the delivery of the EPMagent in my own troubleshooting style. While doing so, I got focused on something even ...

Read Article →

Windows LAPS and management through Microsoft Intune

April 23, 2023 by Michael Morten Sonne

active-directory entra-id identity intune security

Last Updated on June 19, 2023 by Michael Morten Sonne What is Windows LAPS Exciting News! New Built-in LAPS… The post Windows LAPS and m...

Read Article →

Are You There Intune? It’s Me, Health Attestation Certificate

April 19, 2023 by rudyooms

attestation-and-compliance-series attestation compliance

A Compliant device, I want myself to have a working Intune enrolled compliant device!!!! Nothing more! Just a compliant device! In this blog, I wil...

Read Article →

Deploy Microsoft Teams on Azure Virtual Desktop using Intune

April 05, 2023 by Nathan Hutchinson

azure-virtual-desktop microsoft-teams

Deploy Microsoft Teams to Azure Virtual Desktop using Intune.

Read Article →

Intune - Discover Defender AV exclusions using Proactive Remediation

April 05, 2023 by Nathan McNulty

defender intune

Note This article was last updated on 01/30/2025 for readability and updated URLs. I am working on updating this for the UI changes that have been ...

Read Article →

Intune - Block mounting of ISO files

April 03, 2023 by Nathan McNulty

intune

Note This article was last updated on 01/30/2025 for readability and updated URLs

Read Article →

Triangle of TPM Attestation Sadness

March 29, 2023 by rudyooms

autopilot intune

This small blog will be about the errors 0x81039001 and 0x80190190 you could get when enrolling your device with Autopilot (Self Deploying or Pre-P...

Read Article →

The Yin-Yang Store Apps: VPN of Eternity

March 08, 2023 by rudyooms

intune

This blog will show you how I started troubleshooting an issue in which Microsoft Store Apps failed to install. I will guide you through the PowerS...

Read Article →

Deploy Microsoft Defender for Endpoint on iOS using Intune/MEM

February 22, 2023 by Jeffrey Appel

security defender-for-endpoint defender-for-endpoint-ios

Microsoft Defender for Endpoint is available for multiple platforms including Windows, macOS, and Linux. For mobile platforms Defender for Endpoint...

Read Article →

Something Went Wrong – Fury of the Gods

January 17, 2023 by rudyooms

autopilot intune

This blog will be about me troubleshooting the “Something Went Wrong” error you could get during the Account Enrollment Status Page when enrolling ...

Read Article →

December 2022 update of the conditional access demystified whitepaper and workflow cheat sheet.

December 15, 2022 by Kenneth Van Surksum

entra-id conditional-access intune microsoft-endpoint-manager modern-workplace

I’m proud to announce the December 2022 update of my Conditional Access demystified whitepaper. With this release, we have reached the fifth ...

Read Article →

Step by Step: How Windows Retrieves the Autopilot Profile

December 13, 2022 by rudyooms

autopilot intune intune token

This blog shows how a Windows device retrieves its Autopilot profile from the ztd.dds.microsoft.com service during OOBE. More importantly, we’ll se...

Read Article →

Secret Society of Second-Born DesktopAppInstaller CSP’s

December 06, 2022 by rudyooms

intune

This blog will be an additional part of the blog I wrote about my experiences when deploying UWP /Store Apps with the New store App functionality i...

Read Article →

Hotel Microsoft Store Apps: Transformania

December 05, 2022 by rudyooms

autopilot intune

This blog will show my experiences with Intune’s new Microsoft Store App functionality. I wanted to publish the next part of my Autopilot ser...

Read Article →

How to manage your Microsoft Edge Enterprise Cloud Site List like a boss

December 01, 2022 by Nathan Hutchinson

intune

In this article I describe how to enable IE mode on your Intune enabled devices and how you can easily manage a corporate site list!

Read Article →

All quiet on the Intune Detection Rules

November 23, 2022 by rudyooms

intune

This blog will not be a deep dive into a weird issue but will be more like an explanation of when you want to silently install and uninstall a Win3...

Read Article →

Microsoft Store the Movie: Hoopa and the Clash of Winget

November 16, 2022 by rudyooms

intune

This blog will show you my first experiences dealing with Winget and installing Store Apps from the Microsoft Store as a regular user. I will try t...

Read Article →

Intune - Using Access Packages to Enable User Device Enrollment

November 14, 2022 by Nathan McNulty

intune

Note This article was last updated on 01/27/2025 for readability and updated URLs, but content review and image updates are in process :)

Read Article →

The Device With A Clock In Its Service

November 03, 2022 by rudyooms

intune intune

This blog will be about (yes… again) an Intune sync issue. After we took over management of a Microsoft Tenant from a new customer, we notice...

Read Article →

The school for ADMX upload and Evil

October 26, 2022 by rudyooms

intune

In this blog, I will summarize some of the ADMX/ADML upload errors I got while playing around with them. Of course, I will also try to show you wha...

Read Article →

ADMX: When Nature Calls

October 19, 2022 by rudyooms

intune intune namespace

Today, I wrote a simple blog that will be about troubleshooting one of the ADMX upload (file referenced not found) error you could endure when uplo...

Read Article →

Intune Sync Debug Tool: The Last Royal Treasure

October 18, 2022 by rudyooms

device-enrollment intune powershell

This blog will be about me showing and explaining the Intune Sync Debug PowerShell tool I wrote to fix those damn Intune MDM device CA certificate ...

Read Article →

Fullmetal Certificate: The Intune Revenge of Renewal

October 11, 2022 by rudyooms

intune

This blog will be about me looking at the Intune Device Certificate renewal process and what happens behind the curtains 1. Introduction I guess we...

Read Article →

Convert Registry Settings to ADMX

October 04, 2022 by rudyooms

intune

This blog is going to show you how to create custom ADMX templates within a couple of minutes to deploy some HKEY_CURRENT_USER settings to your Int...

Read Article →

Speaking about Mobile Application Management at the AppManagEvent 2022 on October 7 in Utrecht

October 03, 2022 by Kenneth Van Surksum

events intune microsoft-endpoint-manager speaking

On October 7, 2022 the AppManagEvent will be organized in the Media Plaza, Jaarbeurs Utrecht. The AppManagEvent is an initiative from PDS b.v. in t...

Read Article →

The Man Who Knew Autopilot

September 27, 2022 by rudyooms

autopilot intune

In this new blog, I will discuss a big Windows Autopilot misunderstanding. I will try to explain and convince you why blaming Autopilot is not alwa...

Read Article →

Deploying winget apps with Microsoft Endpoint Manager and auto-update!

September 25, 2022 by Nathan Hutchinson

intune

A brief overview on how you can deploy applications using winget in Microsoft Intune and even keep them updated!

Read Article →

Blocking web push notifications with Endpoint Manager and why you should!

September 16, 2022 by Nathan Hutchinson

intune

Admit it, we've all fallen foul of that annoying (and scary for some) popup that seems to rear it's ugly head after you've spent the last...

Read Article →

Microsoft Defender for Endpoint series – Onboard using Defender for Cloud – Part3B

September 12, 2022 by Jeffrey Appel

security defender-for-cloud defender-for-endpoint mde-series

It is time for part 3B of the ultimate Microsoft Defender for Endpoint (MDE) series. After Part 3A (Onboard Defender for Endpoint using Microsoft I...

Read Article →

Microsoft Defender for Endpoint series – Onboard using Microsoft Intune – Part3A

September 08, 2022 by Jeffrey Appel

security defender-for-endpoint intune mde-series

It is time for part 3A of the ultimate Microsoft Defender for Endpoint (MDE) series. After Part 3 (Onboard Defender for Endpoint) it is now time fo...

Read Article →

Intune: The Legend of the Certificate

September 07, 2022 by rudyooms

device-enrollment intune

Do you have devices that are missing the Intune Device Certificate or have sync issues? This blog will show you a possible root cause and how to so...

Read Article →

Block users from viewing their BitLocker keys

August 16, 2022 by Jan Bakker

entra-id intune

Check out this article via web browser: Block users from viewing their BitLocker keys This post is mainly focused on a new tenant setting, where yo...

Read Article →

The Last thing Edge Wanted

August 15, 2022 by rudyooms

autopilot intune

After being on a nice vacation for 2 weeks now, I felt the urge to write this simple blog to show you how to deal with a not responding Microsoft [...

Read Article →

Autopilot: Delay Win32 App Installation

August 09, 2022 by rudyooms

uncategorized

This blog shows how to hold off required Intune app installs until after Autopilot enrollment, using a practical PowerShell script as a requirement...

Read Article →

The Ballad of Buster Exit Code’s

August 01, 2022 by rudyooms

intune windows-10

In one of my earlier blogs, I discussed the IME installation flow and the global retry schedule. I showed you how the retry schedule looks at the E...

Read Article →

A Babysitter’s Troubleshooting Guide to breaking Autopilot

July 28, 2022 by rudyooms

autopilot intune windows-10

This blog will be about the 0x800705b4 (Time-Out) error I got during the Autopilot “Preparing your device for mobile management” step. Please note ...

Read Article →

Retry Win32 App Lola Retry

July 25, 2022 by rudyooms

intune troubleshooting-win32app-installations

When a Win32app fails to install, figuring out the root cause can be frustrating. We often need to trigger the installation repeatedly to get to th...

Read Article →

The TenantID from Toronto

July 21, 2022 by rudyooms

entra-id intune uncategorized

After reading a question on Reddit about how Intune knows which device belongs to which organization, I decided to write a dedicated blog post abou...

Read Article →

OOBEAADV10: Return of the 502 Autopilot Error

July 20, 2022 by rudyooms

autopilot entra-id intune

After all of the Autopilot issues and AAD sign-in errors in March 2022, I need to explain this OOBEAADV10 error a little bit better. 1. Introductio...

Read Article →

The Incredibly Strange Device Who Stopped Syncing and Became Certificate Zombies!!?

July 13, 2022 by rudyooms

company-portal intune

This blog will NOT be about the new Autopatch function! Of course not! This blog will be about multiple weird Intune Device sync errors I was asked...

Read Article →

Night of the Autopilot of the Dawn of the Temporary Access Pass of the MFA of the Return of the RebootRequired of the WUFB of the Attack of the Evil, Mutant, Hellbound, Flesh-Eating SSO Zombified Living Conditional Access, Part 2: In Azure 2-D

July 06, 2022 by rudyooms

autopilot entra-id intune privileged-access-workstation uncategorized

After a nice talk with Yannick Van Landeghem, who made me aware of a “possible” security gap when using a Temporary Access Pass (TAP), I decided to...

Read Article →

Office CSP: DNS and the Journey to Autopilot

July 01, 2022 by rudyooms

autopilot intune uncategorized

In this blog, I’ll discuss the unexpected challenges I encountered during an Autopilot deployment, specifically the 0x000008CA error. This er...

Read Article →

Troubleshooting Intune MDM Device enrollment errors.

June 29, 2022 by rudyooms

entra-id intune

Troubleshooting Windows Device Enrollment errors can be a pain! In this post, we will guide you through resolving issues that may arise when enroll...

Read Article →

LOB Apps & Win32 Apps: The Intune Lightning Thief

June 09, 2022 by rudyooms

intune

This blog will show you how to get back your LOB (MSI) apps from Intune. Last week I noticed a question popping up on Reddit asking for the same th...

Read Article →

Protocol Nightmare on Elmstreet: The Dream CVE-2022-30190

June 03, 2022 by rudyooms

intune microsoft-365-business powershell proactive-remediations

This blog will be about how I am protecting my Windows 10 Pro devices to ensure they aren’t vulnerable to the nasty CVE-2022-30190 bug, also known ...

Read Article →

Intune - Edge in iOS Kiosk Mode

May 24, 2022 by Nathan McNulty

intune

Note This article was last updated on 01/26/2025 for readability and changes to URLs.

Read Article →

Managing Microsoft Defender for Endpoint with the new Security Management feature in MEM/Intune

May 24, 2022 by Jeffrey Appel

modern-workplace security defender-for-endpoint intune

Currently in general availability is the new Security Settings Management in Microsoft Defender for Endpoint. Security Management for Microsoft Def...

Read Article →

Speaking about Mobile Application Management at the Techorama Belgium 2022 event

May 18, 2022 by Kenneth Van Surksum

intune microsoft-endpoint-manager presentations speaking

On Wednesday, May 25, 2022, I will be speaking together with Peter Daalmans at the Techorama Belgium event. Techorama 2022 will be an in-person con...

Read Article →

The 41-Year-Old Hardware Hash Who Knocked Up Autopilot and Felt Superbad About It

May 11, 2022 by rudyooms

autopilot entra-id hardwarehash intune marker

In this blog, I will be talking about a sudden “HardwareMismatchDetected” I got when I was trying to enroll my Windows 10/11 device with Autopilot ...

Read Article →

Defender for Endpoint - Removable Storage Access Control

May 04, 2022 by Nathan McNulty

defender intune

Note This article was last updated on 01/26/2025 for readability and new images due to UI changes made in Intune. I tried to keep the original styl...

Read Article →

Download Intune PowerShell scripts with Graph Explorer

April 05, 2022 by Jan Bakker

entra-id intune

Check out this article via web browser: Download Intune PowerShell scripts with Graph Explorer This quick post will show an easy method to fetch yo...

Read Article →

Forgive Us Our BitLocker suspension

April 04, 2022 by rudyooms

intune powershell

When deleting the Intune object, I noticed that Bitlocker had somehow been suspended. With Bitlocker suspended, the Protection was off. If the Bitl...

Read Article →

Mamma Mia! Here we Wipe Again!

April 04, 2022 by rudyooms

intune magical-miehh-wipe-series

This blog will show you the “other paths” available to ensure that your device is wiped before it is trashed or sent back to the supplier. 1. Intro...

Read Article →

Wrath of the 0x81036501 MDM Error

April 02, 2022 by rudyooms

autopilot intune

This blog will be about the error 0x81036501 we got during the MDM enrollment while enrolling a device with Autopilot white-glove AKA Pre-Provision...

Read Article →

Honest Win32App Thief

March 23, 2022 by rudyooms

company-portal troubleshooting-win32app-installations

This blog will show you an alternative method to download your Win32Apps sources from Intune WITHOUT having the Encryption key information. Besides...

Read Article →

The Intune Remote”Wipe” fix!

March 09, 2022 by rudyooms

magical-miehh-wipe-series windows-10 windows-update-for-business

I guess you have all been reading my blog series. Magical Mi…Ehh Wipe Series – Call4Cloud. It will show you some weird issues with the ...

Read Article →

I’ll Always Know What You Did Last Wipe

March 03, 2022 by rudyooms

autopilot intune magical-miehh-wipe-series windows-10

In this blog, I will try to explain the Technical flow behind the Push Button Reset. I was intrigued to do so after writing my blog about the linge...

Read Article →

Apple Business Manager device import options for later use within Microsoft Endpoint Manager

February 22, 2022 by Kenneth Van Surksum

abm intune microsoft-endpoint-manager modern-workplace

This blogpost is a continuation of two earlier blogposts about integrating Apple Business Manager with Azure Active Directory and Apple Business Ma...

Read Article →

ADMX ingestion for Centero Agent and Carillon Client using Intune

February 20, 2022 by Jan Bakker

knowledgebase

Check out this article via web browser: ADMX ingestion for Centero Agent and Carillon Client using Intune This article is about the ADMX templates ...

Read Article →

The Dark and the Windows “Remote/Local” Wipe

February 17, 2022 by rudyooms

intune magical-miehh-wipe-series windows-10

This blog will be about my experience performing a remote wipe of Windows 10 and 11 devices in Intune. I noticed some weird and awful behavior when...

Read Article →

Connecting Microsoft Endpoint Manager to Apple Business Manager

February 15, 2022 by Kenneth Van Surksum

abm microsoft-endpoint-manager modern-workplace intune mem

This article will continue where we finished in the article I wrote about setting up Apple Business Manager for use with Azure Active Directory. In...

Read Article →

Autopilot: Across the TimeOut-Verse

February 11, 2022 by rudyooms

autopilot intune

This blog will discuss the 0x800705b4 error that “could” occur during the “Preparing your device for mobile management” ESP Autopilot phase. ...

Read Article →

Setting up Apple Business Manager for use with Azure Active Directory

February 08, 2022 by Kenneth Van Surksum

abm entra-id intune microsoft-endpoint-manager modern-workplace

Apple Business Manager is a service provided by Apple which helps to deploy Apple devices and apps in your organization. By leveraging Apple Busine...

Read Article →

Escape from Windows Pro/Business

February 01, 2022 by rudyooms

intune windows-10 windows-licensing-series

This blog will explain why an existing Windows Business device isn’t automatically upgraded to Windows Enterprise after assigning the MS365 E5 lice...

Read Article →

Proactive Remediatons: The Hidden World

January 28, 2022 by rudyooms

intune proactive-remediations

Introduction: Understanding and Utilizing Proactive Remediations in Intune Proactive remediations are a powerful feature in Microsoft Intune that e...

Read Article →

Updating Apps: A New Era

January 27, 2022 by rudyooms

intune powershell troubleshooting-win32app-installations updating-apps-as-a-non-admin-user

Updating Applications can be a real headache, especially when certain apps require administrative permissions that standard users don’t have. This ...

Read Article →

How I Fell in Love with App Updates

January 22, 2022 by rudyooms

adminless intune powershell troubleshooting-win32app-installations updating-apps-as-a-non-admin-user

Today, I was called in to devise a solution to allow some DDS-CAD users (NO LOCAL ADMINS!) to install the necessary DDS-CAD updates themselves. Of ...

Read Article →

Microsoft 365 self-service using Power Apps

January 12, 2022 by Jan Bakker

entra-id intune power-platform

Check out this article via web browser: Microsoft 365 self-service using Power Apps This article was originally posted on the Microsoft 365 PnP Blo...

Read Article →

Deploying Defender for Endpoint on iOS with zero-touch onboarding

January 04, 2022 by Jeffrey Appel

modern-workplace security defender-for-endpoint intune

Defender for Endpoint is available for multiple platforms. For mobile platforms Defender for Endpoint is supported for iOS en Android. In this blog...

Read Article →

Manage Device control with Microsoft Defender for Endpoint and Endpoint Manager

November 10, 2021 by Jeffrey Appel

modern-workplace security defender-for-endpoint intune

Microsoft Defender for Endpoint contains multiple protections layers like EDR, ASR, Network Protection, and many more. Protecting against unwanted ...

Read Article →

Speaking at the Workplace Ninja Virtual Edition 2021 about Designing and building Microsoft Endpoint Manager for Operations

July 26, 2021 by Kenneth Van Surksum

announcement intune microsoft-endpoint-manager speaking wpninjasnl

From Tuesday August 31 till Thursday September 2, the 2nd edition of the Workplace Ninja Virtual Edition will take place. The event will be hosted ...

Read Article →

Deploying Office 365 with Intune as a Win32 App (and Why You’d Want To)

June 15, 2021 by Ru Campbell

autopilot intune microsoft-365 intune office-365

Office 365, or Microsoft 365 Apps for Enterprise, or whatever it’s called this month, can be deployed by Intune to Windows 10 devices using a...

Read Article →

Enroll Android smartphones into Microsoft Defender for Endpoint for blocking FluBot

June 02, 2021 by Jeffrey Appel

modern-workplace security defender-for-endpoint intune

The Flubot-malware is currently active in the news. The malware with the name FluBot will be sent to mobile endpoints with a text message or WhatsA...

Read Article →

Endpoint Manager filters: Use filtering for assigning policies, profiles and apps to specific devices

May 31, 2021 by Jeffrey Appel

modern-workplace intune

Microsoft recently announced a new existing feature in Microsoft Endpoint Manager with the name: “filters”. With the new feature, it is...

Read Article →

MDM policy processing on Windows 10 with Microsoft Endpoint Manager, a closer look

May 25, 2021 by Kenneth Van Surksum

intune microsoft-endpoint-manager

The goal of this blogpost is to explain more about what happens between the moment that a configurations setting in Microsoft Endpoint Manager (MEM...

Read Article →

Troubleshooting Hybrid Azure AD Intune Automatic Enrollment

April 19, 2021 by Ru Campbell

entra-id intune microsoft-365 intune windows

As I have blogged about a lot, there are a bunch of hoops to be jumped through and prerequisites to be met for a successful hybrid Azure AD join an...

Read Article →

Designing and configuring compliance policies for your Windows Modern Workplace using Microsoft Endpoint Manager

April 07, 2021 by Kenneth Van Surksum

conditional-access intune microsoft-endpoint-manager modern-workplace security

Measuring your managed systems against a baseline has been around for a while, in Microsoft Endpoint Configuration Manager(MECM)/ConfigMgr we can a...

Read Article →

Announcing #WPNinjasNL Tuesdays Webinar #23, Tuesday April 13, featuring Greg Ramsey

April 06, 2021 by Kenneth Van Surksum

announcement microsoft-endpoint-manager wpninjasnl

For next week, Tuesday, April 13 we are proud to announce that Greg Ramsey, Enterprise Mobility MVP and Enterprise Tools Strategist at Dell, Inc. w...

Read Article →

Update BitLocker Unique Identifiers with Intune

March 22, 2021 by Ru Campbell

bitlocker intune microsoft-365 intune windows

BitLocker unique identifiers are values used to identify the ownership of an encrypted volume. The device that performs the encryption holds the un...

Read Article →

Microsoft Defender Network Protection – Not Enabling via Intune – Troubleshooting & Fix

March 07, 2021 by Ru Campbell

intune microsoft-365 defender-for-endpoint intune smartscreennetwork-protection

When configuring Defender for Endpoint (MDE) customer recently, I ran into a problem when trying to enable network protection. Network protection i...

Read Article →

Get insights into device restart frequency with Endpoint Analytics

March 01, 2021 by Jeffrey Appel

modern-workplace intune

A well-running workplace environment is critical to have a great endpoint user-experience. With a not stable configuration/ device the productivity...

Read Article →

A first look at the settings catalog in Microsoft Endpoint Manager

February 18, 2021 by Kenneth Van Surksum

microsoft-endpoint-manager modern-workplace

With the 2101 Service Release of Microsoft Intune, released this week (February 1, 2021) Microsoft released a lot of new features. One of those fea...

Read Article →

Use Intune to Manage Microsoft Defender for Endpoint Tags and Device Groups

February 11, 2021 by Ru Campbell

intune microsoft-365 defender-for-endpoint defender mem

In Microsoft Defender for Endpoint (MDE), tags can be attached to a device for reporting, filtering, and as a dynamic attribute for membership of a...

Read Article →

Turn Existing Azure AD Devices into Windows Autopilot Devices

February 06, 2021 by Ru Campbell

autopilot entra-id intune microsoft-365 intune

To provision Windows 10 PCs using Autopilot and Intune, they must first be registered as Windows Autopilot devices in the Device Directory Service,...

Read Article →

Updating your Security baselines in Microsoft Endpoint Manager to a newer version

February 04, 2021 by Kenneth Van Surksum

intune microsoft-endpoint-manager modern-workplace security windows-10

With the 2101 Service Release of Microsoft Intune, released this week (February 1, 2021) Microsoft released a lot of new features (more on that in ...

Read Article →

Understanding Application Guard for Office, Now Generally Available

January 30, 2021 by Ru Campbell

application-guard intune microsoft-365 defender-xdr news

Application Guard first appeared in Windows 10 1709 (“Fall Creators Update”) to isolate Edge browser activity within a Hyper V containe...

Read Article →

Store BitLocker Recovery Keys in Azure AD for Devices Already Encrypted

January 15, 2021 by Ru Campbell

bitlocker entra-id intune microsoft-365 intune

As you move from on-premises or third-party infrastructure to Microsoft 365 and Azure AD, you will want to keep those BitLocker recovery keys safe....

Read Article →

Deploy and configure Microsoft Defender for Endpoint on iOS devices

December 08, 2020 by Jeffrey Appel

security defender-for-endpoint intune

Het bericht Deploy and configure Microsoft Defender for Endpoint on iOS devices verscheen eerst op Jeffrey Appel - Microsoft Security blog.

Read Article →

Designing and building your Microsoft Endpoint Manager/Intune environment for Operations

November 29, 2020 by Kenneth Van Surksum

entra-id conditional-access microsoft-endpoint-manager modern-workplace windows-10

In my work as a modern workplace consultant, I see a lot of Microsoft Endpoint Manager/Intune environments. Many of these environments have been bu...

Read Article →

Mobile Application Management for Mobile Devices with Microsoft Endpoint Manager/Intune deep dive

October 13, 2020 by Kenneth Van Surksum

conditional-access intune microsoft-endpoint-manager mobile-application-management modern-workplace

With Microsoft Intune, there is a lot of focus on the Mobile Device Management (MDM) aspects of the product. This is logical because from a managem...

Read Article →

Food for thought – Bring Your Own Disaster.

September 28, 2020 by Jan Bakker

intune security app-protection byod mam

Check out this article via web browser: Food for thought – Bring Your Own Disaster. Today a slightly different blog post. It’s a common...

Read Article →

Edge Chromium; zo configureer je de tracking prevention functionaliteit vanuit Microsoft Endpoint Manager

July 05, 2020 by Jeffrey Appel

modern-workplace intune

De nieuwe Microsoft Edge webbrowser is gebaseerd op Chromium en geeft verschillende voordelen welke voor de beheerders interessant zijn. Door de on...

Read Article →

Microsoft Defender for Endpoint Web Content Filtering – Administration, Limitations, and User Experience

June 28, 2020 by Ru Campbell

configuration-manager microsoft-365 defender-xdr defender-for-endpoint intune

Historically, one of the big features missing “out of the box” with MDATP was web content filtering. Customers typically look at MDATP ...

Read Article →

Automatisch contacten synchroniseren vanaf Microsoft Outlook naar native contact app via Microsoft Endpoint Manager

June 19, 2020 by Jeffrey Appel

modern-workplace intune

Met de komst van multifactor en moderne authenticatie stappen steeds meer bedrijven over op de Outlook app voor de mobiele devices. Dit heeft voora...

Read Article →

Android Enterprise via Microsoft Endpoint Manager als vervanger van Android device administrator

June 08, 2020 by Jeffrey Appel

modern-workplace intune

Met de aflopende support van Android device administrator is het van groot belang om te zoeken naar een passend alternatief. Vanuit Microsoft Endpo...

Read Article →

Edge Chromium; zo configureer je beheerde favorieten via Microsoft Endpoint Manager

June 06, 2020 by Jeffrey Appel

modern-workplace intune

Edge Chromium is de nieuwe versie van Edge welke is gebaseerd op de opensource Chromium. Vanuit Microsoft Endpoint Manager is het mogelijk om deze ...

Read Article →

Set additional clocks to Windows 10 using Intune

June 01, 2020 by Jan Bakker

intune uncategorized windows-10 app clocks

Check out this article via web browser: Set additional clocks to Windows 10 using Intune When you work for an international company, or you have to...

Read Article →

Hybrid Azure AD Join + Intune Enrollment – Prerequisites Checklist and Process Flow

May 25, 2020 by Ru Campbell

entra-id intune microsoft-365 co-management entra-id-connect-aad-connect

I’m a simple person, and sometimes it just helps to have a checklist to refer to when you’re troubleshooting rather than navigating the...

Read Article →

Install Windows Package Manager (winget) using Intune

May 23, 2020 by Jan Bakker

intune windows-10 appx lob windows-10

Check out this article via web browser: Install Windows Package Manager (winget) using Intune Microsoft released a preview of the Windows Package M...

Read Article →

Android Enterprise fully managed beschikbaar in Microsoft Intune voor zakelijke omgevingen

May 20, 2020 by Jeffrey Appel

modern-workplace intune

Microsoft heeft vandaag laten weten dat de Intune support voor “Android Enterprise fully managed devices” nu volledig beschikbaar is. Hiermee is he...

Read Article →

Intune 2005: Aanpassen van Self service acties in Company Portal

May 20, 2020 by Jeffrey Appel

modern-workplace intune

Een verzoek hoog op de wensenlijst van vele beheerders. De mogelijkheid om de self-service acties te wijzigen in de Company Portal. In de praktijk ...

Read Article →

Windows 10 co-management: Flexibel naar de cloud

May 20, 2020 by Jeffrey Appel

modern-workplace intune

Steeds meer bedrijven maken de overstap richting de cloud. Uiteraard zijn de cloud functionaliteiten enorm, toch zijn bedrijven terughoudend vanweg...

Read Article →

Connect a Work or School Account – MDM vs. MAM in Self Enrolment

May 16, 2020 by Ru Campbell

intune microsoft-365 intune mam mem

A Windows 10 user can self-enrol in MDM or MAM from Settings > Accounts > Access work or school > Connect. What happens next depends on...

Read Article →

Windows Information Protection (WIP) App Protection Policies: Protected and Exempt; Denied and Allowed – What Do They Mean?

May 14, 2020 by Ru Campbell

intune microsoft-365 intune windows-information-protection

One of things that strikes me as vague in Windows Information Protection (WIP) policies in Intune is configuring targeted apps: what’s the ex...

Read Article →

Speaking at Workplace Ninja Virtual Edition 2020

May 05, 2020 by Kenneth Van Surksum

configuration-manager events intune modern-workplace speaking

I’m very proud to announce that I will be speaking at the Workplace Ninja Virtual Edition 2020 event. The Workplace Ninja Virtual Edition 202...

Read Article →

Manage Teams custom backgrounds using Intune

April 16, 2020 by Jan Bakker

intune windows-10 custom-background teams win32

Check out this article via web browser: Manage Teams custom backgrounds using Intune Update! I got some feedback on this blog. Seems that if your u...

Read Article →

License requirements for administering Microsoft 365 services

March 02, 2020 by Kenneth Van Surksum

entra-id cloud-app-security intune licensing modern-workplace

Microsoft licensing is tough and vague but something we must deal with while implementing our solutions. I’m also aware that some of the feat...

Read Article →

A guide to implementing Applocker on your Modern Workplace

February 24, 2020 by Kenneth Van Surksum

intune modern-workplace security windows-10 applocker

At our last Windows Management User Group Netherlands meeting, we had the honor to have Sami Laiho, one of the world’s leading professionals in the...

Read Article →

Get started with web content filtering in MDATP

February 23, 2020 by Jan Bakker

security defender intune mdatp network-protection

Check out this article via web browser: Get started with web content filtering in MDATP Update 7-7-2020: Microsoft anounced that you no longer need...

Read Article →

Windows Update for Business. “Just” a free cloud service.

February 21, 2020 by Jan Bakker

windows-10 cloud config-manager intune modern-workspace

Check out this article via web browser: Windows Update for Business. “Just” a free cloud service. Since the introduction of the “...

Read Article →

Challenges while managing administrative privileges on your Azure AD joined Windows 10 devices

February 11, 2020 by Kenneth Van Surksum

entra-id security windows-10 intune laps

By default, on Windows 10 devices which are Azure AD joined, the user performing the join is added to the Local Administrator group. Besides the us...

Read Article →

Using Intune to Deploy the Azure Information Protection (AIP) Unified Labeling Client (Win32 MSI)

January 18, 2020 by Ru Campbell

intune microsoft-365 intune sensitivity-labels-azure-information-protection aip

Unified labels refer to a movement whereby Azure Information Protection (AIP) labels are now being replaced by sensitivity labels. Sensitivity labe...

Read Article →

Deploy Microsoft Store Apps using Intune with Configuration Manager (SCCM) Co-Management (Fix ‘Not Applicable’ Status)

January 10, 2020 by Ru Campbell

configuration-manager intune microsoft-365 intune microsoft-store

Intune provides an interface to easily deploy apps from the Microsoft Store to your registered users and devices, but even if you have SCCM (Config...

Read Article →

Implementing RBAC and Scoping in Microsoft Intune

December 04, 2019 by Kenneth Van Surksum

intune role-based-access-control rbac roles scope-groups

When you create an Intune tenant within your environment, you execute the creation with an account which is Global Administrator within Azure Activ...

Read Article →

Intune: Choosing whether to assign to User or Device Groups

November 22, 2019 by Kenneth Van Surksum

intune entra-id configuration-profiles

One of the disadvantages of being an experienced consultant in IT is the fact that once in a while you need to re-learn. With re-learn I mean that ...

Read Article →

What are Guided Scenarios in Microsoft 365 Device Management/Intune?

October 29, 2019 by Kenneth Van Surksum

intune device-management policy-sets

While browsing the new Microsoft 365 Device Management portal I noticed the following option: “Guided scenarios (preview)”. From the Wh...

Read Article →

iOS restore behaviour when re-enrolling devices with backup data into Intune

October 28, 2019 by Kenneth Van Surksum

intune backup enrollment ios

While implementing Intune at my customers I rarely encounter green field implementations where computers and mobile devices are newly delivered and...

Read Article →

What are Intune Policy Sets?

October 25, 2019 by Kenneth Van Surksum

uncategorized intune policy-sets

Starting with the Intune release from October 14th 2019, Microsoft made available a new functionality called “Policy Sets”.  ...

Read Article →

Conditional Access demystified, part 8: Resources and further references

August 01, 2019 by Kenneth Van Surksum

entra-id conditional-access overview identity intune

Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...

Read Article →

Conditional Access demystified, part 6: Troubleshooting Conditional Access

July 31, 2019 by Kenneth Van Surksum

entra-id conditional-access overview identity intune

Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...

Read Article →

Conditional Access demystified, part 7: Modifying Conditional Access to suit your special needs

July 31, 2019 by Kenneth Van Surksum

entra-id conditional-access overview identity intune

Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...

Read Article →

Conditional Access demystified, part 4: Designing a Conditional Access strategy

July 30, 2019 by Kenneth Van Surksum

entra-id conditional-access overview identity intune

Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...

Read Article →

Conditional Access demystified, part 5: Implementing Conditional Access

July 30, 2019 by Kenneth Van Surksum

entra-id conditional-access overview identity intune

Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...

Read Article →

Conditional Access demystified, part 2: What is Conditional Access?

July 29, 2019 by Kenneth Van Surksum

entra-id conditional-access overview identity intune

Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...

Read Article →

Conditional Access demystified, part 3: How does Conditional Access work?

July 29, 2019 by Kenneth Van Surksum

entra-id conditional-access overview identity intune

Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...

Read Article →

Conditional Access demystified, part 1: Introduction

July 26, 2019 by Kenneth Van Surksum

entra-id conditional-access identity intune security

Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...

Read Article →

No posts found matching your criteria. Try adjusting your filters or search terms.

You've reached the end of all posts!