I have had and still have customers that want to restrict access via Outlook Web App (OWA) to Exchange Online. For instance, they want to block download of attachments when users access their mailbox via OWA. Until recently this could be done via the OWA Mailbox Policy in Exchange (Online), by setting the DirectFileAccessOnPublicComputersEnabled and […]READ MORE
RBAC in Azure AD, Intune and scope tags explained
Microsoft Intune has a pretty good RBAC model to allow you to give permissions to users who need to be able to perform an administrative task or role within Intune. A role can be for instance a predefined role in Intune or a custom role. Before digging into the Intune roles, there are also Intune […]READ MORE
Global- , Exchange-, SharePoint-, Conditional Access Admins -> action required!
Yesterday I was triggered by a colleague of mine that administrators of services in Azure or Office 365 are automatically required to login via Multi-Factor Authentication (MFA) when accessing the service in the future. When logging in to one of my tenants indeed a new conditional access policy listed in the conditional access blade of […]READ MORE
Jamf Pro and Microsoft EMS better together – macOS devices – part 3
Now that we have configured the connection between EMS and Jamf Pro we need to make sure that the macOS devices can also be registered to Azure AD. To be able to complete the scenario we need to do the following; configure compliance policies deploy the company portal app with Jamf Pro create a Jamf […]READ MORE
Jamf Pro and Microsoft EMS better together – configuration – part 2
In my last blog I introduced the new Jamf Pro integration with Microsoft EMS. In this blog I would like to dive into the configuration of the integration and show you the experience. Setting it up is pretty straightforward and easy. To be able to integrate the two services, we need to: configure an Azure […]READ MORE
Jamf Pro and Microsoft EMS better together – part 1
When it comes to managing Macs, Jamf Pro is currently the number one product to be used in this space when you want to fully control and manage those fruity macOS devices via the MDM channel. Just before Jamf Nation User Conference (JNUC) back in September Microsoft and Jamf announced the upcoming partnership, at JNUC […]READ MORE
Switching MDM authority to ConfigMgr Hybrid without user impact
In my last blog I wrote about switching the MDM Authority from Configuration Manager Hybrid to Intune Standalone, as promised today a description of the reverse path. With Configuration Manager 1610 and the latest version of Intune we are also able to switch the MDM Authority from Intune standalone to Configuration Manager Hybrid. There are […]READ MORE
Switching MDM authority to Intune standalone without user impact
Since Configuration Manager 1610 and the latest Intune release a new feature became available which allows you to switch MDM authority without needing to contact Microsoft Support and without needing to reenroll the enrolled mobile devices. In this blogpost I want to cover the experience of switching from Configuration Manager Hybrid (connected with Intune) to […]READ MORE
App Protection Policies enhanced big time!
During the last update of Intune on Azure service last weekend, some really nice Application Protection Policies were added for Android and iOS. One new feature is that you can control if a PIN needs to be set for a Managed App or not when a device PIN is already being managed by Microsoft Intune. This […]READ MORE
How to add an app from the local Apple App store? -workaround-
Last week I was at a customer in Denmark and helped them in configuring Intune. If you want to search for and add an iOS app that is only available in a local ITunes App store you will run into the issue that the current Intune on Azure portal only searches for apps in the […]READ MORE
Support for native (LOB) apps added to Intune on Azure
Last week I showed you how you can deploy apps with the new Intune on Azure portal. This weekend the Intune on Azure Service was updated and new features became available One of the features is the ability to add Line Of Business apps and deploy them. As promised I would update the blog or dedicate […]READ MORE
About Peter Daalmans
Also one of the founders and leads of the Windows Management User Group Netherlands.
Peter tries to speak every year on several events like TechDays Netherlands, ExpertsLive, IT/Dev Connections, BriForum, Midwest Management Summit, TechEd Australia, TechEd New Zealand and in 2017 Peter had the honor to speak at Microsoft Ignite. See more here.
Author of four books about Configurtion Manager and Microsoft Enterprise Mobility +Security