In my last blog I showed you the new feature that allows you to send all audit events to Log Analytics. It is nice that all events are send to Log Analytics, but if you don’t do anything with it, it is useless. When managing and working with cloud services like Microsoft Intune you want […]READ MORE
Quick tip – App Config Made easier for Android apps
A quick tip this time, a couple of weeks ago working for my customer I noticed that the App Config configuration designer for Android is exposing configuration options that are available in the apps. Microsoft is supporting Appconfig already for a very long time, but now it is much easier to use it. After adding […]READ MORE
Session controls in Conditional Access now also controlling Exchange Online
I have had and still have customers that want to restrict access via Outlook Web App (OWA) to Exchange Online. For instance, they want to block download of attachments when users access their mailbox via OWA. Until recently this could be done via the OWA Mailbox Policy in Exchange (Online), by setting the DirectFileAccessOnPublicComputersEnabled and […]READ MORE
RBAC in Azure AD, Intune and scope tags explained
Microsoft Intune has a pretty good RBAC model to allow you to give permissions to users who need to be able to perform an administrative task or role within Intune. A role can be for instance a predefined role in Intune or a custom role. Before digging into the Intune roles, there are also Intune […]READ MORE
Global- , Exchange-, SharePoint-, Conditional Access Admins -> action required!
Yesterday I was triggered by a colleague of mine that administrators of services in Azure or Office 365 are automatically required to login via Multi-Factor Authentication (MFA) when accessing the service in the future. When logging in to one of my tenants indeed a new conditional access policy listed in the conditional access blade of […]READ MORE
Jamf Pro and Microsoft EMS better together – macOS devices – part 3
Now that we have configured the connection between EMS and Jamf Pro we need to make sure that the macOS devices can also be registered to Azure AD. To be able to complete the scenario we need to do the following; configure compliance policies deploy the company portal app with Jamf Pro create a Jamf […]READ MORE
Jamf Pro and Microsoft EMS better together – configuration – part 2
In my last blog I introduced the new Jamf Pro integration with Microsoft EMS. In this blog I would like to dive into the configuration of the integration and show you the experience. Setting it up is pretty straightforward and easy. To be able to integrate the two services, we need to: configure an Azure […]READ MORE
Jamf Pro and Microsoft EMS better together – part 1
When it comes to managing Macs, Jamf Pro is currently the number one product to be used in this space when you want to fully control and manage those fruity macOS devices via the MDM channel. Just before Jamf Nation User Conference (JNUC) back in September Microsoft and Jamf announced the upcoming partnership, at JNUC […]READ MORE
Switching MDM authority to ConfigMgr Hybrid without user impact
In my last blog I wrote about switching the MDM Authority from Configuration Manager Hybrid to Intune Standalone, as promised today a description of the reverse path. With Configuration Manager 1610 and the latest version of Intune we are also able to switch the MDM Authority from Intune standalone to Configuration Manager Hybrid. There are […]READ MORE
Switching MDM authority to Intune standalone without user impact
Since Configuration Manager 1610 and the latest Intune release a new feature became available which allows you to switch MDM authority without needing to contact Microsoft Support and without needing to reenroll the enrolled mobile devices. In this blogpost I want to cover the experience of switching from Configuration Manager Hybrid (connected with Intune) to […]READ MORE
App Protection Policies enhanced big time!
During the last update of Intune on Azure service last weekend, some really nice Application Protection Policies were added for Android and iOS. One new feature is that you can control if a PIN needs to be set for a Managed App or not when a device PIN is already being managed by Microsoft Intune. This […]READ MORE
About Peter Daalmans
Peter tries to speak every year on several events like TechDays Netherlands, ExpertsLive, IT/Dev Connections, BriForum, Midwest Management Summit, TechEd Australia, TechEd New Zealand and in 2017 Peter had the honor to speak at Microsoft Ignite. See more here.
Author of four books about Configurtion Manager and Microsoft Enterprise Mobility +Security