September 2023 – All about Microsoft Intune

Fixing self-service when restricting the local log on

September 25, 2023 by Peter van der Woude

This week is a quick follow-up on the post of last week. That post was focussed on restricting the local log on to Windows devices. Part of that post was also the broken self-service password reset and self-service PIN reset functionalities. When using the most restrictive option of a whitelist, for configuring the users that are allowed to log on locally, that will break those functionalities. This week will be all about a follow-up on that behavior. When it’s required to restrict the local log on Windows devices, and users should still be able to use the different self-service functionalities, this post will provide a solid starting point. Of course, that’s not applicable to every scenario. Only scenarios in which there are actual users logging …

Restricting the local log on to specific users

September 18, 2023 by Peter van der Woude

This week is about restricting the local logon on Windows devices to specific users. Not because it is something particularly new, but simply because it is been an ask every now and then. Think about further locking down a kiosk device, for example. Restricting the local logon can be achieved by either only allowing specific users to log on, or by denying specific users to log on. In other words, whitelisting versus blacklisting. The allow-option is basically a whitelist and the deny-option is basically a blacklist. When looking at restricting the local logon, a whitelist is the easiest method to get quickly really restrictive, as only the users on the list are allowed to log on locally. Luckily, nowadays there is easy method for configuring …

Easily removing access to the Microsoft Store

September 18, 2023September 11, 2023 by Peter van der Woude

This week is all about access to the Microsoft Store. And more specifically, about a single policy setting to potentially turn of access to the Microsoft Store. Many organizations struggle with the Microsoft Store on Windows devices, because the Microsoft Store enables users to install apps in their profile that aren’t necessarily work related. That brings organization on a crossroad. When an organization decides to block access to the Microsoft Store, there were already different options available. So far, the most effective methods were to either configure Windows to show the private store only, or to use AppLocker. None of those methods, however, would be complete and simple. Often it was still possible to use winget to still install apps, or the configuration would get …

Getting started with Remote Help for Android

September 4, 2023 by Peter van der Woude

This week is back to the Android platform. More specifically, Remote Help for Android. Remote Help on itself is nothing new, as it was already introduced a while ago for Windows devices, but it is new for Android devices. Starting with the latest service release of Microsoft Intune (service release 2308), Microsoft introduced support for Remote Help on Android devices. More specifically, support for Remote Help on Android Enterprise dedicated devices. And even more specifically, only Samsung and Zebra devices. That enables IT administrators to provide remote support to users on Android Enterprise dedicated devices, by simply starting a screen sharing session or asking for full control. This post will start with a short introduction, followed with the steps to get Remote Help working for …

S	M	T	W	T	F	S
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30