Month: December 2021

Getting started with Remote help for Windows devices

by

This week is all about getting started with Remote help for Windows devices. Remote help is recently introduced as a new feature in Microsoft Intune that can be used for providing remote assistance to users on Windows devices. It looks a lot like the existing Quick Assist app on Windows, but it has a few big advantages. It integrates with Microsoft Endpoint Manager for providing remote assistance to managed devices, it integrates with Azure Active Directory for providing authentication and compliance information, and it provides a better administrator experience. There are communication options with the user and there is the ability to work with elevated permissions. This post will go through the steps for configuring Remote help in the tenant and through the steps for …

Read more

Working with custom compliance settings

by

This week is all about the latest capabilities that are available within compliance policies. Those capabilities are custom compliance settings. Custom compliance settings enable the IT administrator to basically check for anything and to use that for the compliance state of the device. The IT administrator can use PowerShell script in the custom compliance setting, to verify the status of anything that is available on the device. The results can be compared to rules and values that are configured in a JSON file. The result of that comparision can be used as part of the compliance policy. This post will proivde a quick introduction to custom compliance settings, followed with the steps to create the require PowerShell script and JSON file. This post will end …

Read more

Getting started with Security Management for Microsoft Defender for Endpoint

by

This week is all about Security Management for Microsoft Defender for Endpoint. Security Management for Microsoft Defender for Endpoint is the new configuration channel that can be used for managing the security configuration for Microsoft Defender for Endpoint (MDE) on devices that are not enrolled into Microsoft Endpoint Manager (MEM). Not in Microsoft Intune, nor in Configuration Manager. With that new configuration channel, MDE retrieves, enforces, and reports on the policies that are assigned via MEM. After onboarding to MDE, the devices are automatically joined to Azure AD and become visible in the MEM (and Azure AD and Microsoft 365 Defender). Within MEM those devices are marked as managed by MDE. This post will go through the steps to configure the required tenant configurations, the …

Read more