Android – All about Microsoft Intune

Getting started with Microsoft Tunnel for Mobile Application Management for Android

April 11, 2023March 20, 2023 by Peter van der Woude

This week is a follow-up on the post of last week. While last week the focus was on iOS/iPadOS devices, this week the focus is on Android devices. Some parts might overlap with that post of last week, but those parts are definitely needed for the completeness of the story and the configuration. So, in general, the focus is still on Microsoft Tunnel for Mobile Application Management (Tunnel for MAM). As mentioned last week, Tunnel for MAM is one of the features that was released at the beginning of March as part of the Intune Suite add-ons. Tunnel for MAM itself, is available as part of the new Microsoft Intune Plan 2 license. The great thing about Tunnel for MAM is that it makes it …

Informing users of newly enrolled devices

February 6, 2023February 6, 2023 by Peter van der Woude

This week is all about a nice small new feature that became general available with the latest service release of Microsoft Intune (2301). That feature is enrollment notification. Enrollment notifications provide organizations with an easy method to notify users when a new device is enrolled. That provides organizations with more grip on the devices that are enrolled within the environment, as users will be informed when a new device was enrolled using their credentials. Besides that, it also provides organizations with an alternative method to welcome employees. In other words, a great way to trigger users. Enrollment notifications can be used for Windows, Android, iOS/iPadOS, and MacOS devices that are enrolled by using the user-driven enrollment methods. The notifications can be email notifications and push …

Managing privacy controls for Office products

January 30, 2023January 30, 2023 by Peter van der Woude

This week is all about managing privacy controls for Office products. That includes Office on Android devices, Office on iOS devices, Office for Mac devices, Office for the web, and Microsoft 365 apps for enterprise on Windows devices. Most organizations often already have a good look at the required configurations options for the privacy controls on Windows devices. Office for other platforms, however, are often forgotten. Just like Office for the web. Good thing, though, is that there are nowadays multiple privacy controls available that can be configured for Office on all platforms. For some platforms there are even multiple configurations options. Best part of those configuration options is that there is also an option to configure the privacy controls cross platforms. This post will …

Organizing Managed Google Play apps with collections

December 5, 2022December 5, 2022 by Peter van der Woude

This week is all about a smaller newly introduced feature regarding Android Enterprise. A feature that helps with organizing the Managed Google Play apps within the Managed Google Play store. When structure and details are important, this is that sweet little detail that makes it perfect. Starting with the latest service release of Microsoft Intune (service release 2211), there is now support for organizing apps within the Managed Google Play store by using collections. Collections are shown on the front page of the Managed Google Play store and provide users with easy access to the required apps. Collections can be used to organize apps in different categories. Custom categories. It’s completely up to the IT administrator to create collections, to name collections, to add apps …

Using Microsoft Defender for Endpoint on Android for protecting the personal profile

October 10, 2022October 10, 2022 by Peter van der Woude

This week another post about Microsoft Defender functionality, but on a completely different platform. This week is all about using Microsoft Defender for Endpoint, on Android devices, for protecting the personal profile. And for now, specifically focused on personally owned devices. That protection functionality is focused on providing users with the same level of protection in their personal profile, as provided in their work profile. It provides users – within their personal profile – with malware scanning on user-installed apps, protection from malicious URLs, network protection, and privacy controls. That provides users with better protection and organizations with more control on which devices are allowed to have access to company data. This post will mainly focus on the configuration of that additional protection of the …

Common Criteria Mode for corporate-owned Android Enterprise devices

September 19, 2022 by Peter van der Woude

This week something completely different compared to the last few weeks. While the last last few weeks were all about the great simplicity of Windows 365 Enterprise, this week is all about Android Enterprise. Different platform, theoretically possibly the same device. With the introduction of Android 11 (API level 30), some nice new features were introduced for enterprises. That includes the addition of the Common Criteria (CC) Mode. CC Mode already exists for a few years for Samsung Knox devices and – in combination with Microsoft Intune – already could be configured by using OEMConfig (with the KSP app), but is now available by default within Android Enterprise. Even better, with one of the latest service releases (2207) of Microsoft Intune that can now be …

Welcome to the still growing Android device management jungle: A summary

September 14, 2022 by Peter van der Woude

The second short post of this week is another extension of one of my sessions at the Workplace Ninja Summit 2022. At the summit I did my second session about Welcome to the still growing Android device management jungle. During that session I shared information around the still growing device management options for Android devices, pointers that can help with making the right decisions and information around the different configuration options. This post will provide a quick summary of that session by going through the different management options, providing important differences and summarizing the main configuration capabilities. The slides (PDF) of that session are available for download here. Android (device) management options When looking at the Android (device) management options, there are many options. And the number …

Creating the path for mobile devices to on-premises resources: A summary

September 15, 2022September 12, 2022 by Peter van der Woude

This week a few shorter posts, as my posts this week are extensions of my sessions at the Workplace Ninja Summit 2022. At the summit I did my first session about Creating the path for mobile devices to on-premises resources. During that session I shared information around the architecture and flow of Microsoft Tunnel, I zoomed in on getting up-and-running with Microsoft Tunnel and showed getting insight of Microsoft Tunnel. This post will provide a quick summary of that session by quickly showing the architecture and flow of Microsoft Tunnel and by showing the summary and reminders. The slides (PDF) of that session are available for download here. Architecting Microsoft Tunnel An important part of creating the Microsoft Tunnel infrastructure is a solid architecture. In most cases that …

Addressing the need for multiple Microsoft Tunnel Gateway servers

June 13, 2022 by Peter van der Woude

This week will focus on addressing the need for multiple Microsoft Tunnel Gateway servers. A single server is easy to setup, and easy to discuss and to describe, but that just a starting point. Often there is a need for multiple Microsoft Tunnel Gateway servers. That could be for providing high availabilty, for supporting the right amount of users and even for providing access to resources on different remote locations. So, it can be multiple servers on the same location and multiple servers on different locations. This post will go through the main scenarios for multiple servers and will focus on the main configurations that should be in place to support and configure those scenarios. No detailed configurations this time. Only descriptions of the main …

Using Microsoft Tunnel for per-app VPN

May 30, 2022 by Peter van der Woude

This week is another mobile focused blog post. This week is al around Microsoft Tunnel. More specifically, this week is all about using Microsoft Tunnel for providing per-app VPN on iOS/iPadOS devices and Android devices. Per-app VPN enables organizations to only allow specifically configured apps to use the configured VPN tunnel. So, not simply pushing all traffice through the VPN tunnel, but only the traffic of specific apps. That provides a solid method for providing access to on-premises resources for only the apps that really need it. This post will start with a quick summary of what should be in place, followed by going through the important per-app VPN specific configurations. Those configurations slightly differ per platform. This post will end by showing the user …

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: