Microsoft Intune

Remote device actions in ConfigMgr

by

Updated May 15, 2015: Yesterday the latest service pack, for ConfigMgr 2012 R2 and ConfigMgr 2012 SP1, was released. With the new functionalities in this service pack it’s now also possible to perform the same remote device actions in ConfigMgr 2012. The look-and-feel is an exact match with everything described in this post about the first technical preview of ConfigMgr vNext. This morning I’ve started exploring the technical preview of ConfigMgr vNext. I’ve been quite busy tweeting about the stuff I could easily find, but I would also like to devote a small blog post to some new features, from a ConfigMgr perspective, for mobile devices. The reason for that is because it’s cool and because the speed of it scared the crap out of …

Read more

Automagically set the mobile device owner to company

by

Before I’ll start with this blog post I would like to say thank you to Kim Oppalfens, for his great suggestion to look at WMI Eventing. I didn’t know that it was that versatile and powerful! Thanks Kim! Scenario The scenario for this post is actually quite simple and is applicable to an environment with Microsoft Intune integrated with ConfigMgr. By default, the device owner of a mobile device is set to Personal and that’s not always the desired value. A lot of customers still provide their employees with (mobile) devices and want the tooling to reflect that information. This blog post will provide an automagic method to set the mobile device owner to Company, by default. The best thing is that it’s still possible …

Read more

Store accounts and the Microsoft Intune Company Portal app

by

In this blog post I will answer a question that I get, with a lot of customers, and that’s if it’s required for end-users to have an account for the app store, of their platform, to download the Microsoft Intune Company Portal app. The app store that I mean here is can be the Google Play app store, the Apple app store,  the Windows Phone app store or the Windows app store. All these stores match with their platform and require their own store account to download apps. Before I can answer the initial question, I first have to answer another question. That question is if it’s required to use the Microsoft Intune Company Portal app, simply because a store account is not required if …

Read more

Windows Phone 8.1 and the Microsoft Intune Company Portal app

by

This blog post will be about the magical world of Windows Phone 8.1 and the Microsoft Intune Company Portal app. More specifically, about Windows Phone 8.1 and the two Microsoft Intune Company Portal apps. The Microsoft Intune Company Portal app of the Windows Phone Store and the Microsoft Intune Company Portal app deployed via either Microsoft Intune or ConfigMgr. Yes, I know there was recently a KB article released about the same subject. In this post I’ll go through more scenarios and I’ll go in more detail about the possible solutions and the pro’s and cons of those solutions. Scenarios Now lets start with summarizing the different scenarios that are possible with the combination of Microsoft Intune, ConfigMgr, Windows Phone 8.1 and the Microsoft Intune …

Read more

Retire or wipe mobile devices via PowerShell

by

This blog post will be about a new tool, written in PowerShell, to retire and/ or wipe a mobile device. Let’s start with the fact that I know that it’s possible to retire and/ or wipe a mobile device through the ConfigMgr console, but that didn’t stop me from creating this tool. The reason for that is related to how mobile devices are managed and who is usually responsible. In most cases the service desk is responsible for helping end-users with their mobile devices. Now what if a company rather not provides the ConfigMgr console to the service desk, or a company wants to prevent the service desk from wiping a mobile device? That’s were this tool comes in place. >> Available via download here …

Read more

Troubleshooting Windows Phone 8.1 enrollment – Part 2

by

A few months ago I did a blog post about How to troubleshoot Windows Phone 8.1 enrollment via Microsoft Intune. By then that was the only method to get log files from a Windows Phone 8.1 device for troubleshooting, but that has changed. A few days ago Microsoft released a document describing a different and easier method to get log files from a Windows Phone 8.1 device. This method is all around the, recently released, Field Medic app. As I previously wrote about troubleshooting Windows Phone 8.1 enrollment, I thought it would be good to do a short follow up with this easier method. Steps Let’s go through the required steps on a Windows Phone 8.1 device, to get the required logging. It’s pretty straight …

Read more

The MDM distribution point

by

This blog post will be about the MDM distribution point. The MDM distribution point is the distribution point that’s added after completing the Microsoft Intune integration. To be honest, I didn’t even know that the distribution point was named MDM distribution point. Also, I don’t know if it’s the official name, but I do know that it’s being referenced like that in every related log file. In the rest of this blog post I’ll describe the high level flow of a package to the MDM distribution point. SMS_DISTRIBUTION_MANAGER The SMS_DISTRIBUTION_MANAGER is the default component for handling all the content notifications. Once a distribution point is added to a package, the SMS_DATABASE_NOTIFICATION_MONITOR drops a notification file in the distmgr.box and by that triggers the SMS_DISTRIBUTION_MANAGER to …

Read more

Updated Configuration Baseline and Hardware Inventory for Windows Phone 8.1

by

Microsoft has started with releasing the GDR2 update for Windows Phone 8.1. The good thing from a management perspective is that this update contains new management features. There are seven new additions to the PolicyManager configuration service provider (CSP). As I created the Windows Phone 8.1 configuration baseline and the Windows Phone 8.1 hardware inventory extension, I’ve updated both of them with these latest additions. This blog post will describe the newly added settings and a reminder about the download locations. Note: Another new feature that comes with the GDR2 update is bulk enrollment. Even though it’s not part of this post, I thought it’s definitely worth mentioning. For more information see the Windows Phone 8.1 MDM Protocol document. New settings The newly added settings …

Read more

Installing the Microsoft Intune client directly after a task sequence

by

This blog post will be about a bit strange scenario, it will be about deploying a device via a task sequence of ConfigMgr and ending up with the Microsoft Intune client. There are some cases in which the customer elects to manage some devices through Microsoft Intune, instead of ConfigMgr, but still wants to deploy the operating system via ConfigMgr. In those cases creativity is required to get the Microsoft Intune client installed. The ConfigMgr client and the Microsoft Intune client can’t coexist on one device and it’s not possible to remove the ConfigMgr client during the task sequence (without breaking the task sequence).  That’s were the SMSTSPostAction task sequence variable comes in place. This variable can be used to trigger an (unmonitored) action after …

Read more

Key configurations steps for implementing the ability to deploy certificate profiles with ConfigMgr 2012

by

This blog post is about key configuration steps, which are often forgotten, for implementing the ability to deploy certificate profiles with ConfigMgr 2012. By key configuration steps, I’m talking about the key configurations of every component used for creating the ability to deploy certificate profiles. That means Internet Information Services (IIS), Network Device Enrollment Service (NDES), the Certificate Registration Point site system role, the Configuration Manager Policy Module and even Web Application Proxy (WAP). To understand these steps, knowledge of certificates, IIS and ConfigMgr is required, because it’s not a step-by-step configuration guide. Good step-by-step information can be found in the More information section of this blog. Internet Information Services The first component I would like to mention is probably the most known component, which …

Read more