Month: April 2018

Create a local user account via Windows 10 MDM

by

This blog post uses the Accounts configuration service provider (CSP), to create a local user account on Windows 10 devices. This area was added in Windows 10, version 1803, which is currently available as Insider Preview build. This week is all about creating local user accounts via Windows 10 MDM. That can for example make life a bit easier with troubleshooting an offline device. A fallback account. In this post I’ll show how this can be achieved by using the Accounts CSP. I’ll show the available nodes and I’ll show how to configure them. I’ll end this post by showing the end-user experience. Also, spoiler alert, it’s good to note that this is not a pretty administrator experience at this moment, but I’m pretty sure …

Read more

Great overview about the current state of the environment with Management Insights

by

This week I’m back in Configuration Manager again. More specifically, I’m going to look at Management Insights that is introduced with the release of Configuration Manager, version 1802.  Management Insights provides information about the current state of the environment. The information is based on analysis of data from the site database and will better understanding the state of the environment and. It also provides additional information to take action based on the insight. In this post I’ll show the different insights and were to find the information that is used for the insight. Management Insights Let’s go through the different insights. I’ll do that by first providing the step to get to the available insights, followed by more information per Management Insight Group Name. As …

Read more

Default device compliance status

by

This week I’m going to look at the recent introduction of the feature to configure the default compliance state for devices when no compliance policies are targeted. This enables additional security for all devices, as it enables administrators to mark devices as non compliant when no compliance policies are targeted to the device. In this post I’ll start with a short introduction about this security feature, followed by a walk through the configuration. I’ll end this post by looking at the end-user experience. Introduction As should be known by now, compliance policies are basically rules, such as requiring a device PIN, or requiring encryption. These device compliance policies define rules and settings that a device must follow to be considered compliant. The recently introduced security …

Read more

Get Windows AutoPilot device information of Microsoft Intune managed devices

by

This week I’m going to show an example of how to collect the Windows AutoPilot device information of existing Microsoft Intune managed (Windows 10) devices. That could be useful, for example, when an organization wants one similar deployment experience for all devices. For now and in the future. In that case it can be very useful to gather the device information and upload that information. That will provide future deployments of those existing devices with the same company branded deployment experience as new devices. Also, another reason for this post is the simple fact that I’ve received this request multiple times now. This example will use an Azure storage account that will be used to store the Windows AutoPilot device information and it will use …

Read more

Import Windows AutoPilot devices in Microsoft Intune

by

This week I’m going to show the import experience of Windows AutoPilot devices in Microsoft Intune. About three months ago, this wasn’t possible yet and it was still required to use the Windows Store for Business (see this blog post). Even up until a few weeks ago it was still required to perform additional steps with the formatting. Now the experience is really straight forward. I was planning on showing that experience during my session last week, at the Microsoft Tech Summit, but after speaking to many people onsite I noticed that it would be better to spent more time on explaining what Windows AutoPilot is and what Windows AutoPilot is not. Setting the expectations. An easy comparison with car and aircraft functionality helped a …

Read more