All posts in EMS

capolaad00Due to an incident (IT85607) while moving the Conditional Access policies from “Preview phase” to “general availability” in Azure Active Directory, the Conditional Access policies in Microsoft Intune might be disabled.

Since the two are basically the same you need to check your Conditional Access policies are still configured correctly. Read more

mtp-blog-3-00The fourth blog about the integration of Microsoft Intune and Lookout MTP we will have a look at the administrative side of things. We will have a look at what we are able to configure in relation to threats, we will have a look the devices that can be managed both in Lookout and how we need to setup compliance within Microsoft Intune.

Read more

In the next couple of days the Microsoft Intune service will be updated. During this update, new Conditional Access features (restrict access to Exchange Online to the Outlook app, Conditional Access for Windows PCs), Android for Work support and the Lookout integration for iOS will be released. Also via the new Azure Portal we are able to manage printing of corporate docs via MAM policies.

Stay tuned, the current version of Intune is: 5.0.7525.0

Source: Microsoft Intune October maintenance windows pre-release notification and https://aka.ms/intunewhatsnew

mtp-blog-3-00In the last two blogs we looked at the global overview and the architecture of the solution. In this blog I want to go a bit deeper and have a look how to integrate the two services with each other.

Like said, the Lookout service is currently hosted on Amazon Web Services and Microsoft Intune is hosted on Microsoft Intune.

Read more

blog2My last blog I dedicated to the availability of the integration of the Microsoft Intune and Lookout Mobile Threat Protection cloud services.

So have this time have a look at the architecture of the integration, before writing about how to set everything up, the administrative and the end-user experience.

Read more

In June Microsoft and Lookout announced their partnership and bath also announced the integration of Microsoft Intune and Lookout Mobile Threat Protection. In the last couple of months I was able to test and implement this first release of the integration between those two products at my customer in close corporation with the engineers of Lookout and Microsoft.

logos-1

So in the next couple of blogs I will be describing what the current version of the integration is capable of, how we need to configure it, what the administrator experience is and what the user experience is. Looking at the current integration of both services is a nice addition to the complete Enterprise Mobility +Security proposition of Microsoft and allows you to secure your apps and data to the next level! But first look at why we actually want to integrate Microsoft Intune and Lookout Mobile Threat Protection.

Read more

android7Bad news for the users that are using Android devices and sometimes forget their passcode. Google is removing the ability for administrators and users to remotely reset the passcode of devices that are based on Android 7.0.

When using earlier versions of Android users could reset their passcode via the Company Portal website and admins could reset the passcodes via the Intune admin console. Is there a workaround for your users besides writing the passcode on the back of the mobile phone?

I think so! 😉 Let’s see…

 

Read more

1606installedToday Microsoft released the 1606 update for System Center Configuration Manager. If you have ConfigMgr 1511 or 1602 installed in your environment you should be able to see the 1606 update soon in the Updates and Servicing node of your ConfigMgr console.

After 1511 and 1602 Microsoft is again releasing a major update for ConfigMgr, very impressive and a real great accomplishment if you ask me! Already looking forward to the new major update 😉

 

 

Read more

intunemaxDuring the July update of the Intune service some really nice new features will be released. Announced in the what’s new docs for July is the ability to enroll up to 15 devices per user, earlier this was 5 devices. Great for testing and great for people who are living the mobility world to the max 😉 Looking at one of my tenants this is already available.

Intune also adds support for mobile provisioning profile policies for iOS apps, normally a provisioning profile expires after 1 year, this can now be renewed via a policy.

But there is more to come;

Read more

android-compl-00In one of my tenants the new compliance rules for Android arrived last night. So as from now we are able to block users to access corporate data that have Android devices that have enabled USB Debugging, enabled the installation of apps from Unknown Sources and when users have disabled the option “Scan device for security threats”.

If you ask me three of the most wanted compliance enhancements to be able to support Android devices. Let’s have a look at how it works.

Read more

ca-logoAfter the last blog about conditional access of Outlook Web App and SharePoint Online is forcing that the Managed Browser is used when accessing the service. This last part can be done via Active Directory Federation Service (AD FS). With AD FS you are able to allow or block access based on attributes of the client that is trying to authenticate.

As part of the March update of the Managed Browser the Managed Browser is identifiable as ManagedBrowser via the UserAgent, before March the Managed Browser had a generic UserAgent.

Read more