Getting started with Enterprise App Management

This week is sort of a follow-up on the earlier post about new Microsoft Intune Suite add-on capabilities. That time it was around the early capabilities, like Endpoint Privilege Management, the first glimpses of Advanced Analytics, and Microsoft Tunnel for MAM. This time it’s about Enterprise App Management. Enterprise App Management provides organizations with an applications catalog that contains apps that are prepared by Microsoft. Those apps are all Win32 apps that are wrapped and hosted by Microsoft. That can further simplify management and makes sure that the lifecycle of apps is getting better under control. That means more structural updates of apps, which makes sure that the environment gets more secure. This post will start with a further introduction about Enterprise App Management, followed …

Read more

Working with the restart grace period of Win32 apps

This week is sort of a follow-up on a post of years ago about working with the restart behavior of Win32 apps. That post was focussed on the behavior of Win32 apps, based on the return codes and the configured restart behavior. This post will add the restart grace period in that mix. The restart grace period can be used to determine after which time the device will actually require a restart, when required by the successful installation of a Win32 app. The configuration for the restart grace period has already been available for some time, but since recently it’s now also possible for non-administrator users to snooze that restart. This post will have a closer look at the configuration options for the restart grace …

Read more

Getting started with Azure Monitor agent on Windows client devices

This week is about something totally different compared to the last weeks and maybe even months. There have been examples before about gathering additional data of Windows devices and using that information for dashboards and more. Those examples were mainly focused on existing data and custom scripting. This time the focus is on the Azure Monitor agent for Windows client devices. A few months ago Microsoft introduced the Windows client installer that can be used to collect data from desktops, workstations and laptops, in addition to the already existing options for servers and virtual machines. It enables the collection of Event Logs, Performance Counters and more. That could be useful with for example the introduction of AppLocker, to gather events about the behavior of apps. …

Read more

Getting started with Remote help for Windows devices

This week is all about getting started with Remote help for Windows devices. Remote help is recently introduced as a new feature in Microsoft Intune that can be used for providing remote assistance to users on Windows devices. It looks a lot like the existing Quick Assist app on Windows, but it has a few big advantages. It integrates with Microsoft Endpoint Manager for providing remote assistance to managed devices, it integrates with Azure Active Directory for providing authentication and compliance information, and it provides a better administrator experience. There are communication options with the user and there is the ability to work with elevated permissions. This post will go through the steps for configuring Remote help in the tenant and through the steps for …

Read more

Working with supersedence relationships for Win32 apps

This week is all about Win32 apps in Microsoft Intune. Last year I’ve written a lot about the different features of Win32 apps and now, starting with the 2102 service release of Microsoft Intune, there is a new feature for Win32 apps. That feature is the ability to create supersendence relationships between different Win32 apps. That relationship can be used to update a Win32 app to a newer version of the Win32 app, or to replace a Win32 app with a different version of the Win32 app. Actually, it can even be used to replace a Win32 app with a completely different Win32 app. This post will start with the theory of supersedence relationships for Win32 apps, followed with the steps to configure a supersedence …

Read more

Installing applications by using Windows Package Manager

This week is all about installing applications via Microsoft Intune by using Windows Package Manager. A few years ago I wrote a post about something similar by using Chocolatey. That time the idea was to simply leverage the PowerShell script functionality that was just introduced. This time the idea is to leverage the Win32 app functionality together with the Windows Package Manager that is just introduced. Leveraging the Win32 app functionality provides me with a few advantages above simply leveraging the PowerShell script functionality. In my opinion the main advantages are the flexibility of the Win32 app model (think about requirements, detection rules, dependencies and notifications) and the ability to use Win32 apps during the Enrollment Status Page (ESP). Creating the Win32 app would cost …

Read more

Exclude specific groups of users or devices from an app assignment

This week another post about apps. This week it’s all about the ability to exclude a specific group of users or devices from an app assignment. That ability is not completely new, but it’s new enough to be still a little bit unfamiliar for many. It can be useful for assigning an app to a big group and still being able to exclude a small group. That can be users that should be treated a little different than the standard, like for example a test group, a demo group, or an executive group. In this post I want to have a look at those configuration options. Often I’ll also have a look at the end-user or administrative experience, but in this case there is nothing …

Read more

Working with (custom) detection rules for Win32 apps

After my post of last week about Working with (custom) requirements for Win32 apps only one configuration subject of Win32 apps is left that I’ve discussed in detail, the detection rules for Win32. The format of this week is similar to that post and to previous posts about the different configuration subjects of Win32 apps. Detection rules must be used to determine the presence of a Win32 app. A Win32 app can have multiple detection rules. In that case every detection rule must be met to detect the app. That will help with making sure that the app installation will only be started when the app is not yet installed. In this post I’ll start with going through the different detection rule formats and I’ll …

Read more

Working with (custom) requirements for Win32 apps

A few months ago I did a post about Working with the restart behavior of Win32 apps and a few months before that I did a post about Working with Win32 app dependencies. This week is similar to those post. This week is also about Win32 apps, but this week it’s about working with requirements for Win32 apps. Requirements can be used to make sure that the Win32 app will only install on a device that meets specific requirements. That means that requirements for Win32 apps, bring a lot of options and capabilities, which enable a lot of scenarios. Think about deploying a Win32 app to a user group and only installing on a specific device brand, type, or model. That can be achieved by …

Read more

Microsoft Connected Cache in ConfigMgr with Win32 apps of Intune

This week is all about an awesome new feature that was introduced with the latest version of Configuration Manager, version 1910. That feature is that Microsoft Connected Cache now supports Win32 apps that are deployed via Microsoft Intune. Microsoft Connected Cache can be enabled on a Configuration Manager distribution point and serve content to Configuration Manager managed devices. That includes co-managed devices and now also Win32 apps, which enables a Configuration Manager distribution points to serve as a content location for Win32 apps deployed via Microsoft Intune. In this post I’ll start with a short introduction about Microsoft Connected Cache, followed with the required configuration of a Configuration Manager distribution point and the required configuration of the Configuration Manager clients. I’ll end this post by …

Read more