Introduction To use Machine Groups in our Automation Account inventory we must first create a group by saving a kql query as a function. Requirements – Azure Subscription – if you do not already have a subscription, you can get a free trial here – Log Analytics workspace configured (See
Part 2 – Fundamental’s (Log Analytics workspace and Automation Account) Introduction Azure Arc relies on other Azure services to be able to manage machines. Particularly Log Analytics and Automations Accounts. So, to take advantage of management features like Update management, change tracking etc. we must setup a Log Analytics
How to manage servers using Azure Arc part 1 Introduction In this new series we will cover how to manage your server environment using Azure Arc. But first, what is Azure Arc? Azure Arc is the place to manage your servers if you are allowed to have them internet connected.
Windows 365 Enterprise Azure AD join – Microsoft Hosted Network. Introduction Many of us have been waiting for native Azure AD join for Windows 365 Enterprise since its release in August 2021. But wait no longer! The native Azure AD join support has finally become a reality. In this
Secure your Windows 365 Cloud PC(s) with Conditional Access and FIDO2 security keys. Introduction We have already written about FIDO2 security keys on several occasions (I will add the links below), which has inspired me to see how I could secure Windows 365 using Conditional Access and a FIDO2 security
Windows 365 Enterprise Cloud PC with a custom Windows 11 image on my son’s iPad. Introduction A few months back I wrote a blog post about how to configure Windows 365 Enterprise in Microsoft Endpoint Manager, which was provisioned with a standard gallery Windows 10 image and after Windows
A Cloud PC (Windows 365) with Windows 11 on my son’s iPad and some hot chocolate – What’s not to like? Introduction A few months back I wrote a blog post about how to configure Windows 365 Enterprise in Microsoft Endpoint Manager, which was released with Windows 10. But now
Borrowed from Microsoft Introduction Test Base for Microsoft 365 is a validation service made for Software Vendors and System Integrators. Why should that be interesting for you as a Configuration Manager or Intune admin? Because most businesses does have critical applications that they like to test properly and to
Connected to my Windows 365 Cloud PC from my son’s iPad ATTENTION: Microsoft has paused their free Windows 365 trial program while they provision additional capacity! Sign up to learn more about Windows 365 Introduction In this blog post we’ll take a first look at Windows 365 Enterprise
Introduction Today I will be looking at enrollment restrictions in Intune, which is a method to block personally owned devices. Did you know that all users (with an Azure AD P1 and Intune license) in your Azure AD by default is allowed to enroll (Azure AD join) their devices
Introduction This is my notes while playing around with kiosk. I was testing the brand-new Kiosk setting for the new Microsoft Edge and the only result I got out of that was a non-working device. Eventlog saying MDM Session: Failed to get AAD Token for sync session User Token: (Unknown
Introduction A couple weeks ago I showed you how to get vital logs from a client without disturbing the user. This blog post will cover how to deal with in-place upgrades that did not go as expected. Now as most people still work from home, it can be difficult to
Introduction Enterprise State Roaming is available to any organization with an Azure AD Premium or Enterprise Mobility + Security (EMS) license. It enables users to sync user- and application settings across devices. It is an upgraded version of what you probably know as Roaming profile, but with no
For some organizations there is a concern when deploying OneDrive for Business that users will access corporate data from their personal device. I completely understand you! To address those concerns, it is possible to restrict OneDrive so that it only synchronizes files to domain-joined computers. Normally in this case a
This time we will take a closer look on how easy it is to onboard clients into Microsoft Defender Advanced Threat Protection with System Center Configuration Manager. First we will go the the Microsoft Defender Security Center https://securitycenter.windows.com/ On this page we select Settings – Onboarding – Windows 10 –
Since we now have Azure Bastion in preview it’s time to take a closer look. Azure Bastion will allow us to have private RDP and SSH access to our Virtual Machines from a HTML5 Web Browser over SSL. We can do this without using public IP address on the VM.
Desktop analytics is now available but only integrated with SCCM, so no Intune configuration for now, but let’s give it a test spin. We will start by clicking Desktop Analytics in Microsoft 365 Device Management or by using this direct link https://aka.ms/desktopanalytics Select Start. Then we need to Accept service
Since we have Azure Sentinel in preview, let’s give it a test spin. Azure Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyze large volumes of data across the enterprise. Azure Sentinel aggregates data from a lot of sources, including users,
We now have an Azure portal application available on Windows, I haven’t found a lot of information but you can download the Application here: https://ms.portal.azure.com/App/Download It will install in your user profile in C:Users[user]AppDataLocalMicrosoftAzurePortalProduction At the time of writing the downloaded version is 1.0.18.0, but just a hour ago it
Administrating resources and services in a company has always been a challenge and most companies struggle with assigning the right level of access. On one hand administrative privileges are needed to ensure productivity and implementation of new services, while on the other hand these privileges are under attack from adversaries.
You might find yourself in a situation where you want all your computers to activate using Active Directory based activation except for your Azure VM’s, they should use the Azure KMS server. By default, when Active Directory based activation is enabled all computers on your domain will use Active Directory
This time I will have a quick test-drive of the Enterprise State Roaming Feature (ESR) with a hybrid Azure AD joined device, for those of us still using our own AD. Enterprise State Roaming will offer a secure synchronization of user settings from Windows and applications to the cloud. You
Starting in December 2018, the Azure PowerShell Az module is in general release and now the intended PowerShell module for interacting with Azure. Az offers shorter commands, improved stability, and cross-platform support. Az also offers feature parity and an easy migration path from AzureRM. Az uses the .NET Standard library,
This time lets try to join a Windows 10 client build 10061 to Azure AD. First we need to enable Device Registration Azure AD. open the Azure portal and browse to your Directory, select Configure and select Yes on Enable Device Registration, then save the change: On the Windows 10
Infrastructure architect with focus on Windows Client management & security.
Cloud & security specialist with focus on Microsoft backend products and cloud technologies.
Infrastructure architect with focus on design, implementation, migration and consolidation.
Infrastructure consultant with focus on cloud solutions in Office365 and Azure.
