Azure

Report changes in Microsoft Intune

In this blog post I will describe how you easily can help yourself and your management to know if someone changed configurations or apps in your Microsoft Intune environment.Many of my customers do have more than one administrator. With a modern way of working “Hybrid work” we sit at different

Continue to read »

Report risky signins past 24 hours

Identity theft is a major concern for most companies. Complex Conditional Access rules/setups may unintentionally leave accounts without multifactor authenticaton. Another aspect of this “not following up” on the technical security features that is set up, is that every day tasks tends to take precedence over tasks that has an

Continue to read »

Creating a computer group as a function

Introduction To use Machine Groups in our Automation Account inventory we must first create a group by saving a kql query as a function. Requirements – Azure Subscription – if you do not already have a subscription, you can get a free trial here – Log Analytics workspace configured (See

Continue to read »

How to manage servers using Azure Arc – Part 2

Part 2 – Fundamental’s (Log Analytics workspace and Automation Account) Introduction Azure Arc relies on other Azure services to be able to manage machines. Particularly Log Analytics and Automations Accounts.   So, to take advantage of management features like Update management, change tracking etc. we must setup a Log Analytics

Continue to read »

How to manage servers using Azure Arc part 1

How to manage servers using Azure Arc part 1 Introduction In this new series we will cover how to manage your server environment using Azure Arc. But first, what is Azure Arc? Azure Arc is the place to manage your servers if you are allowed to have them internet connected.

Continue to read »

How to configure Windows 365 Enterprise Azure AD join

Windows 365 Enterprise Azure AD join – Microsoft Hosted Network.   Introduction Many of us have been waiting for native Azure AD join for Windows 365 Enterprise since its release in August 2021. But wait no longer! The native Azure AD join support has finally become a reality. In this

Continue to read »

How to secure Windows 365 using a FIDO2 security key

Secure your Windows 365 Cloud PC(s) with Conditional Access and FIDO2 security keys. Introduction We have already written about FIDO2 security keys on several occasions (I will add the links below), which has inspired me to see how I could secure Windows 365 using Conditional Access and a FIDO2 security

Continue to read »

Intune multi app kiosk mode using the new Microsoft edge

Introduction This is my notes while playing around with kiosk. I was testing the brand-new Kiosk setting for the new Microsoft Edge and the only result I got out of that was a non-working device. Eventlog saying MDM Session: Failed to get AAD Token for sync session User Token: (Unknown

Continue to read »

MEMCM debug in-place upgrade (IPU) using Azure blob

Introduction A couple weeks ago I showed you how to get vital logs from a client without disturbing the user. This blog post will cover how to deal with in-place upgrades that did not go as expected. Now as most people still work from home, it can be difficult to

Continue to read »

Modern Roaming Profile – Enterprise State Roaming (ESR) + UE-V

     Introduction Enterprise State Roaming is available to any organization with an Azure AD Premium or Enterprise Mobility + Security (EMS) license. It enables users to sync user- and application settings across devices. It is an upgraded version of what you probably know as Roaming profile, but with no

Continue to read »

Microsoft Defender ATP

This time we will take a closer look on how easy it is to onboard clients into Microsoft Defender Advanced Threat Protection with System Center Configuration Manager. First we will go the the Microsoft Defender Security Center https://securitycenter.windows.com/ On this page we select Settings – Onboarding – Windows 10 –

Continue to read »

Azure Bastion

Since we now have Azure Bastion in preview it’s time to take a closer look. Azure Bastion will allow us to have private RDP and SSH access to our Virtual Machines from a HTML5 Web Browser over SSL. We can do this without using public IP address on the VM.

Continue to read »

Desktop Analytics

Desktop analytics is now available but only integrated with SCCM, so no Intune configuration for now, but let’s give it a test spin. We will start by clicking Desktop Analytics in Microsoft 365 Device Management or by using this direct link https://aka.ms/desktopanalytics Select Start. Then we need to Accept service

Continue to read »

Azure Sentinel

Since we have Azure Sentinel in preview, let’s give it a test spin. Azure Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyze large volumes of data across the enterprise. Azure Sentinel aggregates data from a lot of sources, including users,

Continue to read »

Azure Portal Application

We now have an Azure portal application available on Windows, I haven’t found a lot of information but you can download the Application here: https://ms.portal.azure.com/App/Download It will install in your user profile in C:Users[user]AppDataLocalMicrosoftAzurePortalProduction At the time of writing the downloaded version is 1.0.18.0, but just a hour ago it

Continue to read »

Azure Privileged Identity Management – Part 1

Administrating resources and services in a company has always been a challenge and most companies struggle with assigning the right level of access. On one hand administrative privileges are needed to ensure productivity and implementation of new services, while on the other hand these privileges are under attack from adversaries.

Continue to read »

Azure KMS Server

You might find yourself in a situation where you want all your computers to activate using Active Directory based activation except for your Azure VM’s, they should use the Azure KMS server. By default, when Active Directory based activation is enabled all computers on your domain will use Active Directory

Continue to read »

Enterprise State Roaming

This time I will have a quick test-drive of the Enterprise State Roaming Feature (ESR) with a hybrid Azure AD joined device, for those of us still using our own AD. Enterprise State Roaming will offer a secure synchronization of user settings from Windows and applications to the cloud. You

Continue to read »
Search blog posts
Authors
Modern Workplace consultant and a Microsoft MVP in Enterprise Mobility.
Modern Workplace consultant and a Microsoft MVP in Windows and Devices for IT.

Infrastructure architect with focus on Modern Workplace and Microsoft 365 security.

Passionate IT professional with 20+ experience in IT architecture, consulting, and design. 

Cloud & security specialist with focus on Microsoft backend products and cloud technologies.

Infrastructure architect with focus on design, implementation, migration and consolidation.

Infrastructure consultant with focus on cloud solutions in Office365 and Azure.

follow us in feedly
Categories

Follow on SoMe