Windows 10 – Page 2 – All about Microsoft Intune

Using Conditional Access for Remote Help

May 22, 2023May 22, 2023 by Peter van der Woude

This week is a short post about a small nice addition to Remote Help. That small nice addition, however, can be an important piece towards the solid zero trust implementation within the organization. That addition is the ability to use Conditional Access specifically for Remote Help. That doesn’t mean, however, that Conditional Access was not applicable towards Remote Help before. When assigning a Conditional Access to all cloud apps that would (and will always) also include Remote Help. The main change is that it’s now possible to create a service principal for the Remote Assistance Service that can be used as a cloud app in the assignment of a Conditional Access policy. That enables organizations to create a custom Conditional Access policy specifically for Remote …

Understanding Windows Autopatch groups

May 15, 2023 by Peter van der Woude

This week something completely different, but maybe even more intriguing at some level. That something is Windows Autopach groups. Windows Autopatch groups are logical containers, or units, that can group several Azure AD groups and different software update policies, within Windows Autopatch. That’s a really nice addition to Windows Autopatch that is available starting with the latest service update of May 2023. Windows Autopatch groups enable organizations to create different selections of devices with as many as 15 unique deployment rings, custom cadences and content. And a tenant can contain up to 50 Windows Autopatch groups. That enables IT administrator to create nearly any structure for patching their devices within Windows Autopatch. This post will start with some more details for understanding Windows Autopatch groups, …

Resetting the managed local administrator password when using Windows LAPS

May 22, 2023May 8, 2023 by Peter van der Woude

This week is a quick follow-up on the post of last week. Last week was all about getting started with Windows Local Administrator Password Solution (Windows LAPS), while this week is more specifically focussed on rotating the managed local administrator password. There are multiple methods for rotating – and with that, resetting – that managed local administrator password. In the end, that all comes down to the same, or similar, technology that’s used to achieve that goal. Besides that, it’s also good to know what doesn’t work when the password of the local administrator account is managed. This post will show just that, followed with the different methods for rotating the managed local administrator account. Manually resetting the password via Computer Management Before using Windows …

Getting started with Windows Local Administrator Password Solution

May 1, 2023 by Peter van der Woude

This week is all about another nice feature that was recently introduced in Windows, Microsoft Intune, and Azure AD. That feature is Windows Local Administrator Password Solution (Windows LAPS). Windows LAPS is basically the evolution of the already existing LAPS solution for domain joined Windows devices. Big difference, however, is that Windows LAPS is now a built-in solution in Windows that can be configured via Microsoft Intune and that can use Azure AD as a storage location for the local administrator password. Windows LAPS can be used to manage the password of a single local administrator account on the device. The most obvious account for that would be the built-in local administrator account, as that account can’t be deleted and has full permissions on the …

Getting started with Advanced Endpoint Analytics

April 24, 2023 by Peter van der Woude

This week is another post about one of the new Intune Suite add-on capabilities. This time it’s all about Advanced Endpoint Analytics. Advanced Endpoint Analytics adds-on to Endpoint Analytics by providing organizations access to more intelligence to gain even deeper insights into the user experience. It provides IT administrators with the tools to proactively detect and remediate issues that impact user productivity. All of that can be achieved with the new capabilities that are part of Advanced Endpoint Analytics. Those capabilities are anomaly detection, enhanced device timeline, and device scopes. Three powerful capabilities that enable IT administrators to use machine learning to identity anomalies, to have a detailed device timeline, and to have the ability to look at a specific set of devices. When an organization has …

Getting started with Endpoint Privilege Management

April 11, 2023 by Peter van der Woude

This week is another post about one of the new Intune Suite add-on capabilities. This time it’s all about Endpoint Privilege Management (EPM). At this moment EPM is still in preview, but once it becomes general available it will be licensed as part of the Microsoft Intune Suite. EPM enables organizations to provide standard user permissions to their users and still enable those users to complete tasks that require elevated permissions. Those tasks can include the installation of applications, updating device drivers, running diagnostics, and more. With that, EPM fits perfectly in the Zero Trust architecture of any organization. It enables the principle of using the least privilege, while still allowing users to run specifically approved tasks with elevated permissions. So, users remain productive and elevations are …

Analyzing Windows Defender Application Control events in audit mode

March 27, 2023 by Peter van der Woude

This week is all about Windows Defender Application Control (WDAC). That’s not a new subject for this blog. The main difference, however, with previous posts is that this time the focus will be on monitoring the different events when the WDAC policy is running in audit mode. Audit mode enables IT administrators to discover applications, binaries, and scripts that are missing from the configured WDAC policy, but actually should be included. Instead of the action actually being blocked, audit mode will only write an event in the Event Log. Those events can be used to further tune the WDAC policy, and to make sure that it’s production ready. For centrally logging that event information, this blog will be relying on using the the Azure Monitor …

Easily managing Microsoft Defender Antivirus updates channels

March 6, 2023March 6, 2023 by Peter van der Woude

This week is all about managing the updates channels for the different Microsoft Defender Antivirus update types. On one hand to create some awareness for the different update types, and on the other hand to show the latest configurations options for managing the updates channels for those different update types. Microsoft Defender Antivirus contains three different update types and up to six updates channel configuration options. That provides IT administrators with quite some configuration options for the devices within the environment. And starting with the latest service release of Microsoft Intune (2302), the update channel configurations becomes easily configurable via a specific configuration profile. That enables IT administrators to also use different update channels throughout the environment to gradually rollout the different updates of Microsoft …

Deploying Microsoft Defender Application Guard for Office

February 27, 2023February 27, 2023 by Peter van der Woude

This week is all about Microsoft Defender Application Guard (Application Guard) for Office. It’s a follow up on this post of almost 2 years ago. That time the focus was simply on getting started with Application Guard and it slightly missed out on Application Guard for Office. This time Application Guard for Office will be the main focus. Application Guard for Office uses hardware isolation to isolate untrusted Office files, by running the Office application in an isolated Hyper-V container. That isolation makes sure that anything potentially harmful in those untrusted Office files, happens within that isolated Hyper-V container and is isolated from the host operating system. That isolation provides a nice, but resource intensive, additional security layer. This post will start with a quick …

Using Smart App Control as starting point for Windows Defender Application Control

February 13, 2023February 13, 2023 by Peter van der Woude

This week is all about Smart App Control and Windows Defender Application Control (WDAC). Starting with Windows 11, version 22H2, Microsoft introduced Smart App Control for additional protection for consumers against threats by blocking apps that are malicious, untrusted, or potentially unwanted. Smart App Control is based on WDAC and works in a similar way. It provides basic protection rules that can also be reused within an enterprise environment. Smart App Control on itself is only available on a fresh installation of Windows 11, version 22H2, and not after an upgrade. On enterprise managed devices, Smart App Control is automatically turned off. That doesn’t mean, however, that Smart App Control doesn’t provide any useful standard configurations. Smart App Control can be an excellent starting point, …

S	M	T	W	T	F	S
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31