Uncategorized

Getting started with the Microsoft Purview extension for Google Chrome

by

This week is all about the Microsoft Purview extension for the Google Chrome browser. Not because it’s something really new, but mainly to create some awareness around its existence. The Microsoft Purview extension for Google Chrome extends the Endpoint data loss prevention (Endpoint DLP) capabilities to sensitive items in the Google Chrome browser. After the installation of the Microsoft Purview extension for Google Chrome, on Windows devices, organizations get the ability to also monitor attempts to access or upload sensitive items to a Cloud service when using the Google Chrome browser, and to actually enforce protective actions via data loss prevention policies. This post will provide a brief overview of the Microsoft Purview extension for the Google Chrome browser, followed with the steps to automatically …

Read more

Notifying about Intune audit logs with Azure Logic Apps and notifications in Teams

by

This week is all about notifying about Intune audit logs by using Azure Logic Apps and notifications in Teams. That means no new technology but using technology in a different way. The combination of Microsoft Intune and Azure Logic Apps is nothing new. The different examples on this blog, however, have not been focused at using logs, such as Log Analytics, as a source for monitoring. Of course, there are many different methods for using those logs for monitoring purposes. From directly using Azure Monitor, till using Azure Logic Apps. The latter, in combination with Teams, is a very affordable method for monitoring the Intune audit logs and performing actions. The idea of this post is to show the strength and simplicity of that combination. …

Read more

Understanding Windows Autopatch groups

by

This week something completely different, but maybe even more intriguing at some level. That something is Windows Autopach groups. Windows Autopatch groups are logical containers, or units, that can group several Azure AD groups and different software update policies, within Windows Autopatch. That’s a really nice addition to Windows Autopatch that is available starting with the latest service update of May 2023. Windows Autopatch groups enable organizations to create different selections of devices with as many as 15 unique deployment rings, custom cadences and content. And a tenant can contain up to 50 Windows Autopatch groups. That enables IT administrator to create nearly any structure for patching their devices within Windows Autopatch. This post will start with some more details for understanding Windows Autopatch groups, …

Read more

Working with Windows Autopilot deployment events

by

This week is a short post about the Windows Autopilot deployment events that are registered in Microsoft Intune. In a way, a follow up post on this post of about a year ago. While that post was mainly focused on informing IT administrators about the status of Windows Autopilot deployments, this post will be more focused on awareness. Awareness for the deviceManagementAutopilotEvent resource type in Microsoft Graph that contains all the information about Windows Autopilot deployment events. It’s still an often forgotten resource type that does provide a lot of useful information about Windows Autopilot deployments and is also the basis for Windows Autopilot deployment report. This post will provide some more details of the properties that are available within that resource type, the content …

Read more

Using the Microsoft Defender for Endpoint app for connecting to Microsoft Tunnel Gateway

by

This week is something completely different, compared to the last couple of weeks. This week is back to Microsoft Tunnel. Microsoft Tunnel is the VPN gateway solution for Microsoft Intune that fully integrates with Azure AD (and Conditional Access) for providing access to on-premises resources on iOS and Android devices. In the early stages of Microsoft Tunnel, there used to be a separate Microsoft Tunnel app for iOS and Android devices. One of the challenges with those devices is that there can only be one active VPN at the same time. That’s especially challenging when using it in combination with Microsoft Defender for Endpoint. That makes the combination of both products into a single app, a logic move. That’s been the case for Android already …

Read more

Windows Insider MVP 2022!

by

Not at the beginning of the year anymore, but that doesn’t make it any less special and that still makes an awesome start of the year! I just received that great email stating that I’m re-awarded as a Windows Insider MVP! Still a great feeling! I feel really proud, honored and privileged to be awarded with my fourth Windows Insider MVP award and to already been holding the Microsoft MVP (Enterprise Mobility) award for seven years! Just awesome! No other words. Of course none of this would be possible without the support of my great family! I love them and couldn’t do this without their support! With their support, I’m ready for another awesome year! 

App protection policies and managed iOS devices

by

This week is all about app protection policies for managed iOS devices. More specifically, about some default behavior that might be a little bit confusing when not known. When creating app protection policies, those policies can be configured for managed devices or managed apps. That sounds simple. By default, however, when creating and assigning separate policies for managed devices and managed apps, every iOS device will apply app protection policies that are assigned to managed apps. That behavior is caused by the fact that the device will only be identified as a managed device when a specific configuration is in place. That configuration is the user UPN setting. Even better, the user UPN setting opens even more use cases for managed devices. This post will …

Read more

Android Enterprise and Microsoft Intune: And Android Device Policy

by

I’ve mentioned Android Device Policy before, earlier this year, in my post about Android Enterprise and Microsoft Intune. In that post, however, I’ve only briefly mentioned that app, while that app is an important piece of the Microsoft management solution for corporate-owned devices. That’s why I thought it would be good to devote a blog post to that app. To simply show it’s importance. Android Device Policy is really important for configuring managed devices and also provides some nice capabilities. The importance should be familiar with any IT administrator, responsible for managing Android devices, and those capabilities are sometimes slightly hidden, but provide a good starting point for troubleshooting. Especially when verifying whether settings are already applied or not. In this post I’ll start with …

Read more

Migrated my blog from BlogEngine.NET to WordPress

by

It took a lot more effort then I hoped/ expected, but as you all can see my blog has changed. The most important part is that it went from BlogEngine.NET to WordPress. This means that the lay-out has changed and everything is just a little bit different, but as always you will get used to it! The downside of this move is that WordPress sets the links to the posts on a different way then BlogEngine.NET did. This means that if you had a direct link to an article it probably won’t work anymore… There are two possibilities to still go to the correct post: Remove the .aspx from the end of the link to the post Go to Archive as all the posts can …

Read more