Allowing users to opt-in for Windows Insider Preview Builds

This week is all about providing users with a method to deliberately opt-in for running Windows Insider Preview Builds. That option to opt-in is created by using an access package. That makes this post basically a combination between an earlier post about allowing users to opt-in for Windows 11 and an earlier post about managing Windows Insider Preview Builds. By default, many organizations prevent users from simply enabling and using Windows Insider Preview Builds. Often the main reason is to prevent unpredicted and unwanted issues from happening on the devices of users. Using an access package makes sure that the user consciously chooses to use Windows Insider Preview Builds, possibly in combination with the approval of a manager and in combination with sharing information in …

Read more

Using update status as part of the compliance of Windows devices

This week is focused on the update status of Windows devices. More specifically, this week is focused on making sure that Windows devices can only be compliant when running the latest cumulative update. Within a device compliance policy, it was already possible to specify a specific Windows version. That, however, is a manual action. Over and over again. That can be achieved easier nowadays. A few months ago I wrote about working with custom compliance settings. That enables the ability to add custom scripting to device compliance policies. Custom scripting basically means that anything is possible. Including the check on the update status. This post will show how to leverage that functionality with a small custom script to check for the update status of the …

Read more

Simplifying repetitive administrative tasks by using low-code solutions: An overview

This week my post is a few days later, as my post is an extension of the session of me and Pim Jacobs at the Nordic Virtual Summit Third Edition. At the virtual summit we did a session about Simplifying repetitive administrative tasks by using low-code solutions​. During that session we shared information around the basics of low-code solutions and we provided some nice examples around Microsoft Intune and Azure AD. This post will provide a quick summary of that session. The slides (PDF) of that session are available for download here. Closing notes and summary It might sound a bit weird to start with the closing notes and summary. That, however, is the best summary of our session, as the biggest part of the session was demo. Besides the difference in what classifies …

Read more

Translating Windows Defender Application Control Policy Wizard sliders to Windows Defender Application Control policy options

This week is a short post focussed on Windows Defender Application Control (WDAC). More specifically, this short post is focussed on the different policy rules that can be configured by using the Windows Defender Application Control Policy Wizard. That policy wizard is an an open-source Windows desktop application written in C# and bundled as an MSIX package. It provides IT administrators with a user-friendly method for creating, edditing and merging WDAC policies. The WDAC policy wizard relies on the ConfigCI PowerShell cmdlets and that makes sure that the output of the policy wizard is identical to using the cmdlets manually. WDAC is genarally used to control what runs on Windows 10 and Windows 11 devices. That is achieved by setting policies that specify whether a …

Read more