Windows 10 – Page 15 – All about Microsoft Intune

Simply enabling Windows Sandbox

January 14, 2019 by Peter van der Woude

This blog post uses Containers-DisposableClientVM, to enable the Windows Sandbox feature on Windows 10 devices. This is available in Windows 10 Insider build 18305 or later. This week is all about enabling a recently introduced Windows Feature. That Windows Feature is Windows Sandbox. Windows Sandbox is a lightweight desktop environment that is specifically created for safely running applications in isolation. It provides an isolated, temporary, desktop environment where users can run untrusted software without the fear of lasting impact to their device. Any software installed in Windows Sandbox stays in the sandbox and cannot affect the host. The installed software is permanently deleted, once Windows Sandbox is closed. Windows Sandbox is part of Windows 10 (Pro and Enterprise) Insider build 18305 or later. In this …

Easily controlling the Office update channel by using administrative templates

January 7, 2019 by Peter van der Woude

Let’s start this new year about a specific use case for the recently introduced feature to configure administrative template settings via Microsoft Intune. That specific use case is to easily control and configure the Office update channel by using the Administrative Templates profile type within Microsoft Intune. Before, this configuration would require ingesting a custom ADMX and creating custom OMA-URI settings, for configuring the Office channel, based on the information in the ingested custom ADMX. That’s not necessary anymore, as Microsoft Intune now provides a built-in list of available administrative template policy settings. In this post I’ll show the configuration steps, followed by the configuration results on a Windows 10 device. Configuration Before looking at the actual configuration steps, it might be good to first …

Offline Windows Autopilot deployment profile

December 17, 2018 by Peter van der Woude

This week is all about Windows Autopilot. More specifically, about offline Windows Autopilot deployment profiles. The use case for an offline Windows Autopilot deployment profile is simple, a migration from Windows 7 to Windows 10 for existing devices. It enables organizations to reimage devices for one last time and provide those devices with an offline Windows Autopilot deployment profile. That will make sure that those devices will contact the Windows Autopilot deployment service, without first being registered. In this post I’ll look at getting the offline Windows Autopilot deployment profile, followed by a look at the explanation of the attributes in the offline Windows Autopilot deployment profile. I’ll end this post by looking at the usage of the offline Windows Autopilot deployment profile and a …

Block access to a device until specific apps are installed

December 10, 2018 by Peter van der Woude

This week a short blog post about a recently introduced feature in the Enrollment Status Page (ESP). The ability block access to a device until specific apps are installed. I also tweeted about that feature recently and I thought it would be good to document the use case, the configurations and the end-user experience. Introduction Let’s start with a short introduction. The ESP is strongly recommended with Windows Autopilot. The idea of the ESP, is to block the device until the device is ready for usage by the user. This new feature enables an administrator to only block the device until the most important apps are installed for the user. That enables the user to be earlier productive. The administrator simply chooses which apps are …

Hybrid Azure AD join with Windows Autopilot

November 19, 2018November 19, 2018 by Peter van der Woude

This week is all about a very often requested feature, which is the ability to hybrid Azure AD join a device when using Windows Autopilot. The combination of the latest updates to Microsoft Intune with Windows 10, version 1809, provides just that! The ability to hybrid Azure AD join a device when using Windows Autopilot! In other words, the device will join the on-premises Active Directory and register in Azure Active Directory. In this blog post I’ll start with a short introduction about the hybrid Azure AD join with Windows Autopilot, followed by the most important configurations. I’ll end this post by looking at the experience. Introduction Let’s start with a little introduction about the hybrid Azure AD join through Windows Autopilot. A short summary …

Windows Autopilot self-deploying mode

November 5, 2018 by Peter van der Woude

This week a new blog post about Windows Autopilot. More specifically, Windows Autopilot self-deploying mode. Autopilot self-deploying mode is really useful for devices that are function specific, like for example kiosk devices. The biggest benefit is that a device with a wired network connection (with Internet) can be completely configured without any user interaction. Simply connect the device to the wired network and power it on! Real zero touch provisioning! In this post I’ll provide the configuration steps to create that experience, followed by some known errors and the end-user experience. Configuration Let’s start with a few important requirements and limitations: The device must run Windows 10, version 1809 or later; The device can only be Azure AD joined (Active Directory join is not supported); …

Automagically convert Intune managed devices to AutoPilot

October 15, 2018 by Peter van der Woude

This week a short blog post about my tweet of a bit more than a week ago. In that tweet I mentioned a new easy method to automagically convert Intune managed devices to AutoPilot. That method makes some scenarios a whole lot easier. Like for example what I did in this post to get the AutoPilot device information of Intune managed devices. That type of custom scripting is not needed anymore! As I got many reactions to that tweet, mainly related to the location of that configuration, I thought it would be good to make a short post describing the configuration option and the expected behavior. In this post I’ll provide the steps to make this configuration and I’ll describe the expected behavior. There is …

Join us at Experts Live Europe in Prague

October 22, 2018October 11, 2018 by Peter van der Woude

A bit less than two weeks from now, October 25-26, Experts Live Europe will be in Prague. Together with my finest colleague, Arjan Vroege, I will deliver two sessions! And we hope to see you there! Experts Live Europe is a Microsoft community conference with a focus on Microsoft cloud, datacenter and workplace management. During this conference, top experts from around the world present discussion panels, ask-the-experts sessions and breakout sessions and cover the latest products, technologies and solutions. About our sessions The maybe-not-that-sexy version of modern management – A true story – In this session, we will take you into the real world of modern management. Modern management is a great buzzword and by now we all know the lovely story of modern management. …

Deploy customized Win32 apps via Microsoft Intune

October 1, 2018 by Peter van der Woude

Last week Microsoft announced the ability to deploy Win32 apps via Microsoft Intune during Microsoft Ignite. That takes away one of the biggest challenges when looking at modern management and Microsoft Intune. I know that I’m not the first to blog about this subject, but I do think that this subject demands a spot on my blog. Besides that, I’ll show in this post that the configuration looks a lot like deploying apps via ConfigMgr. Not just from the perspective of the configuration options, but also from the perspective of the configuration challenges when the installation contains multiple files. In this post I’ll show the configuration steps, followed by the end-user experience, when deploying a customized Adobe Reader DC app (including the latest patch). Pre-process …

Assign a user to a Windows AutoPilot device

September 23, 2018 by Peter van der Woude

This blog post uses capabilities that are added in Windows 10, version 1809, which is currently still in preview. This week a short blog about another relatively new Windows AutoPilot feature. This week is all about assigning a specific user to a specific Windows AutoPilot device. That enables an administrator to directly assign a user to a Windows AutoPilot device. Assigning a user to a Windows AutoPilot device will make sure that the username will be pre-filled during Windows setup. It also lets the administrator set a custom greeting name, which will also be added during the Windows setup. In this post I’ll show the actual configuration steps, followed by the end-user experience. Configuration Before starting with the actual configuration steps, it’s important to name …

Simply enabling Windows Sandbox

Like this:

Easily controlling the Office update channel by using administrative templates

Like this:

Offline Windows Autopilot deployment profile

Like this:

Block access to a device until specific apps are installed

Like this:

Hybrid Azure AD join with Windows Autopilot

Like this:

Windows Autopilot self-deploying mode

Like this:

Automagically convert Intune managed devices to AutoPilot

Like this:

Join us at Experts Live Europe in Prague

Like this:

Deploy customized Win32 apps via Microsoft Intune

Like this:

Assign a user to a Windows AutoPilot device

Like this: