Freezing the install of system updates on Android Enterprise corporate-owned devices

This week is all about a very recent new introduced feature for Android Enterprise corporate-owned devices. That feature is the ability to freeze the install of system updates for a period of time. Freezing system updates on Android Enterprise corporate-owned devices enables organizations to stick to a specific version of Android for the specified period of time. That can be usefull to get the right support of the vendor of an app, or to make sure that a specific app works with the latest verison of Android. That level of control makes Android more and more enterprise ready, without the need of additional management tooling (OEMConfig). This post will start with a quick introduction to the freeze period for system updates, followed with the steps …

Read more

Customizing the default app associations on Windows 11 devices

This week is another follow-up on the posts of the last weeks about customizing Windows 11 devices. This week, however, is focused on customizing the default app accosiations on Windows 11 devices. Customizing the default app associations enables organizations to associate specific apps with file and link types, for their users. Besides that, this post is also an updated version of this post of over four years ago. Even though not a lot has changed, the configuration did become easier. This post goes through the creation of the required app assocations file, folowed with applying that file on Windows 11 devices. This post ends with showing the user experience with the customized app assoications. Important: My personal opinion is that – as with every other …

Read more

Customizing the Taskbar on Windows 11 devices

This week is a follow-up on last weeks post about customizing the Start menu layout on Windows 11 devices. This week, however, is focused on customizing the Taskbar layout on Windows 11 devices. Customizing the Taskbar layout enables organizations to create a standardized layout for their users. With the arrival of Windows 11, the configuration options for customizing the Taskbar layout have changed. Especially from a setting-by-setting perspective the options are now rather limited. This post does a quick breakdown of the Taskbar layout in Windows 11 and the different configurations that are available, per section. That breakdown is followed with a zoom-in on the actual configuration for creating the standardized layout. This post ends with showing the user experience with a customized Taskbar layout. …

Read more

Customizing the Start menu layout on Windows 11 devices

This week is all about customizing the Start menu layout on Windows 11. Customizing the Start menu layout enables organizations to create a standardized layout for theirs users by pinning apps, removing default apps, ordering apps and more. The configuration of such a standardized layout has changed from Windows 10 to Windows 11. To create a standardized layout for Windows 11, the IT administrator must use a JSON-file. In previous versions of Windows, that required a XML-file. That configuration change, justifies an explanation about the Start menu layout in Windows 11 and the different configuration options. This post breaks down the new Start menu layout in Windows 11 and the different configuration options that are available, per section. That breakdown is followed with a zoom-in …

Read more

Quick tip: Easy method for constructing settings of ingested ADMX-files

This week a quick extra blog post, just before the start of my vacation, about an easy method for construction settings of ingested ADMX-files. A few years ago I did a post about a deep dive for ingesting third-party ADMX-files and until today I still receive questions on that post that are related to constructing settings of ingested ADMX-files. Even though the described method is still available, there is an easier method for constructing the settings of ingested ADMX-files. A method that is less sensitive to errors. The following four steps walk through that easy method by again using chrome.admx as an example. The first step is ingesting the ADMX-file. That can be achieved by following the same steps as provided in my earlier post. …

Read more

Device compliance based on custom configuration baselines

This week is all about the new feature to include a custom configuration baselines as part of a compliance policy assessment. That’s a new feature that is introduced in Configuration Manager, version 1910. That will also make this a followup on the post I did earlier this year about using the power of ConfigMgr together with Microsoft Intune to determine device compliance. This will be added functionality, as it’s now possible to make custom configuration baselines part of the device compliancy check. For both, Configuration Manager managed devices and co-managed devices. Even when the workload is switched to Microsoft Intune. Introduction This option that makes it possible to use a custom device configuration baseline part of a compliancy policy, opens up a whole new world …

Read more

The different ways of (re)naming Windows 10 devices

This week is all about Windows 10 devices. More specifically about (re)naming Windows 10 devices. And all that by using standard available functionality without custom scripting. This post will bring different posts together that I did over the last couple of years and will introduce one new configuration option that was recently introduced within Windows Autopilot. In this post I’ll go through the different (configuration) options for (re)naming Windows 10 devices. Configuration options Now let’s dive into the different configuration options. All of these configuration options are from a MDM-Intune-Autopilot perspective. Scripting a device rename action could also be scripted by using PowerShell, but for this post I want to rely on built-in functionality. Custom device configuration profile The first configuration option that I want …

Read more

Applicability rules for device configuration profiles

This week a new blog post about a little nice, but quite unknown, feature. Applicability rules for device configuration profiles. The nice thing about applicability rules is that those rules can be used to target devices in a group that meet specific criteria. That enables an administrator to assign a device configuration profile to all users, or all Windows 10 devices, but only actually apply to Windows 10 devices of a specific version or edition. In this post I’ll go through the configuration of applicability rules (including a few important details) and the administrator experience. Configure applicability rule Let’s start by looking at applicability rules. Applicability rules can be configured for every device configuration profile type with Windows 10 and later as Platform, with the …

Read more

Android Enterprise fully managed devices and the Google Play store

This week another post about an Android Enterprise configuration. Last week was related to company owned single-use (COSU) devices (also known as dedicated devices), while this week is related to company owned business only (COBO) devices (also known as fully managed devices). More specifically, about adding a personal touch to fully managed devices. Microsoft Intune doesn’t know the company owned personally enabled (COPE) devices, yet, but there is a feature within the fully managed devices configuration that can at least enable some more personal options to the user. That can be achieved with a simple configuration to allow access to all apps in the Google Play store. I’ll start this post with the configuration steps (and a little introduction) and I’ll end this post by …

Read more

Create a custom multi-app kiosk mode

This week is all about creating a custom multi-app kiosk mode for Android Enterprise dedicated devices. The Android Enterprise dedicated device settings also contains multi-app kiosk settings, but in some scenarios those settings can still be a little bit limiting. To create a multi-app kiosk mode, Microsoft Intune relies on the Managed Home Screen app. The fun part is that the Managed Home Screen app already contains a few more settings that are currently only available via app configuration policies. In this post I’ll start with a quick overview of the app configuration options that exist nowadays, followed by showing an app configuration example for the Managed Home Screen app to add a non-Managed Google Play Store app. Technically speaking I’ll add a single app, …

Read more