One of the biggest challenges and discussion points when it comes to removing the local admin permissions from users is that they cannot add multi-function printers without admin permissions as they need to install additional software to work. I bought a new OfficeJet printer the other day and was happily surprised that the HP Smart
One of the great new features in Windows 10 1809 is that Microsoft Edge now supports kiosk mode. It is extremely easy to configure and long awaited, so we don’t have to use Internet Explorer or Google Chrome for our kiosk computers anymore. Setting up Windows 10 1809 in kiosk mode using Intune is really easy
A quick post on how to check Bitlocker compliance where all computers with “Hardware” encryption is used will also be marked as non compliant which can be useful after the recent security advisory for SSD’s with Hardware encryption: https://redmondmag.com/articles/2018/11/06/microsoft-ssd-security-advisory.aspx?fbclid=IwAR21wX_6S32eyqdRXDeoNqdjb6DZw8UPNXT_d2FQ8pdH52Jop9lvx7g6Tko And the Security advisory from Microsoft on the topic. https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180028 This started with a discussion with
Today version 2 of the “Onevinn Windows 10 Upgrade tools” was released and there are many new great features in there created by my colleague Johan Schrewelius. It can be downloaded here: https://gallery.technet.microsoft.com/Windows-10-Upgrade-Tools-431094ca More information on what TSlaunch is can be found here: https://ccmexec.com/2018/05/windows-10-upgradeservicing-tools-demoed-at-mms-2018/ I will try to cover at least some of the new features starting
In my work to get Google Chrome being a good citizen in an enterprise environment it is not time to look at roaming the Chrome settings. Chrome has support for roaming profile data and it can be enabled using a Group Policy which is great. Is it perfect, no it doesn’t roam Extensions for example.
I am writing this post because I am lazy and already have Configuration Manager in my lab. But it is useful in other scenarios as well to get the latest version of Windows 10 on a computer before testing AzureAD Join/Autopilot for example. When I am testing more and more scenarios with AzureAD Join and
Google Chrome has a great set of Group Policy settings we can configure which makes it possible for us to even use Chrome in environments with high-security requirements, and we can also do this with Intune as it supports ADMX ingestion and ADMX backed policies! Starting with Google Chrome version 69 and later it supports
My dear colleague Johan Schrewelius has created some awesome tools for making it easier to upgrade/service Windows 10 to Windows 10 releases using a Task Sequence. We will start this blog series with a post on one of the tools UPGBackground. For those of you who use OSDBackground we can call it OSDBackgrounds little sister