In a project lately we use Windows 10 Personal devices that enroll into Intune. Works great, but…. When we configured Conditional Access even if the device is compliant it still blocks access since more Work accounts are configured on the device. On the personal device in this scenario a personal Microsoft Account is used to…
Tag: Intune
Co-Management / Intune – Wipe device after x failed logins
I did a presentation at Techdays Sweden on security features in M365. I still get the question many times on what the benefits of Co-Management is that is why this post is written. There are many great features we can use when using Intune / Co-Management for managing our Windows 10 devices. Now that Microsoft…
QuickTip: Intune Win32app and .intunewin file name
A quick Friday tip about Intune Win32Apps that I find annoying. When using PSAppDeploymentToolkit togethe with Intune the filename in Intune will always be “Deploy-Application.Intunewin” as we point to that when we wrap the application as shown below. The same applies for setup.exe or install.exe as well and other unattended setups. The filename of the…
Configuring Dell BIOS Settings using Intune Win32App and PowerShell
By my Padawan and co-worker Sassan. This is a quick post about the possibility to manage and configure some BIOS settings on Dell computers using Intune and Win32 apps. In this example we’re going to set an BIOS/admin password, but this could of course be expanded to configure other settings that are available through the…
HP Smart W10 store app – solves a classic issue
One of the biggest challenges and discussion points when it comes to removing the local admin permissions from users is that they cannot add multi-function printers without admin permissions as they need to install additional software to work. I bought a new OfficeJet printer the other day and was happily surprised that the HP Smart…
Managing Google Chrome version 69 and later using Intune
Google Chrome has a great set of Group Policy settings we can configure which makes it possible for us to even use Chrome in environments with high-security requirements, and we can also do this with Intune as it supports ADMX ingestion and ADMX backed policies! Starting with Google Chrome version 69 and later it supports…
Creating a dynamic Azure AD Group for Corporate owned devices
One of the most common requests I get when deploying Intune is that they want to deploy for instance a Certificate, VPN, WiFi or a specific app only to corporate owned devices and not personal(BYOD) devices. We have Dynamic groups in AzureAD that can solve this for us, however when I looked at the documentation…
Configuration Manager/ Intune and Apple VPP
I get a lot of questions if there are any difference in functionality in Intune Standalone and in Hybrid with Configuration Manager. There are a lot of differences, in this post I will show how to setup the Apple Volume Purchase Program(VPP) integration in Configuration Manager 1602 with Intune and cover the differences in functionality…