Windows 10

OSDCloud – Image devices without need of infrastructure

Introduction Have you ever been in a situation where you need to image or reimage your device? Of course, you have and so have I. Recently David Segura launched some awesome PowerShell code called OSDCloud. You might know him better for the Offline patching of images OSDBuilder, which has been

Continue to read »

MSIX Modern Packaging – Part 5

  Introduction In the last “MSIX Modern Packaging – Part 4” we did some ninja tricks to be able to use context menu to right click a file and open with Notepad++ captured into MSIX. As you probably also experienced, context menus are something that are not going very well

Continue to read »

MSIX Modern Packaging – Part 4

Introduction In the last “MSIX Modern Packaging – Part 3” we transformed Notepad++ from a legacy installer to MSIX. There is more to packaging like testing and make sure the application work as intended after we changed how the bits and bytes flow to the device. Most companies introduce user

Continue to read »

MSIX Modern Packaging – Part 3

Introduction In the last “MSIX Modern Packaging – Part 2” I showed you how to create a certificate (PFX) to use while creating MSIX packages. In this chapter I will show you how to “capture” an easy package to MSIX. Requirements Hyper-V Start packaging MSIX Let’s start by fire up

Continue to read »

MSIX Modern Packaging – Part 2

Introduction In the last “MSIX Modern Packaging – Part 1” I showed you how to get a virtual environment to start creating MSIX. For MSIX to work we need to sign our packages, and this is typically where we say "ok, I give up". At least back in the days

Continue to read »

MSIX Modern Packaging – Part 1

Introduction If you are working with system management, you also come across applications that need to be mass deployed to your endpoints. Before that can happen the vendor either deliver unattended parameters to their installation process or they deliver another installation format like MSI or MSIX. Every business can benefit

Continue to read »

MEMCM debug in-place upgrade (IPU) using Azure blob

Introduction A couple weeks ago I showed you how to get vital logs from a client without disturbing the user. This blog post will cover how to deal with in-place upgrades that did not go as expected. Now as most people still work from home, it can be difficult to

Continue to read »

MEMCM debug using Azure blob

Introduction Transitioning more and more to modern, many strive to get rid of the classic VPN for their endpoints. As we have more options managing endpoint without building a large and complex infrastructure it become natural to disconnect the traditional access model and build more enterprise applications to authenticate with

Continue to read »

Transition from legacy WSUS to Windows Update for Business

Introduction In this blog post I will describe how you can transition to Windows Update for Business from a legacy WSUS environment. It is easy to just set it up “modern management” so to speak but managing legacy systems and make sure every system works and get its updates from

Continue to read »

Manage security polices directly from the cloud without co-management

Introduction When you use the Configuration Manager tenant attach scenario, you can deploy endpoint security policies from Intune to devices you manage with Configuration Manager. Prerequisites Tenant attach CMG (only if you need it to apply policies to internet based devices) Configuration Manager current branch version 2006 or later, with

Continue to read »

Windows and Office deployment lab kit

Introduction Microsoft just introduced an updated kit for IT pros to plan, test and validate deployment and management of desktops running Windows 10 Enterprise and Microsoft 365 Apps for enterprise. This was earlier known as “Windows insider lab for Enterprise” or “Olympia”.   The lab will cover technologies: Microsoft Endpoint

Continue to read »

Modern Roaming Profile – Enterprise State Roaming (ESR) + UE-V

     Introduction Enterprise State Roaming is available to any organization with an Azure AD Premium or Enterprise Mobility + Security (EMS) license. It enables users to sync user- and application settings across devices. It is an upgraded version of what you probably know as Roaming profile, but with no

Continue to read »

Microsoft Endpoint Analytics – Proactive remediations

Introduction Proactive remediations in Endpoint analytics will help your organization to fix common issues automatically. Stuff that you know are broken or reoccur can be automated and your helpdesk and Admins will save time. It can also be used for monitoring in your environment, and in this blog post I

Continue to read »

Step by step Autopilot scenarios

Last updated 14.08.2020 Introduction I have written the following blog to share some of the valuable sources of information I have discovered while developing my knowledge related to the rollout of Modern Workplace clients using Microsoft365 Intune and Autopilot. Instead of a standard how to guide I have decided to

Continue to read »

Automatic bitlocker installation on Windows 10

  One of my top recommendations is to always encrypt fixed drives. This recommendation is even more relevant in a world where a large percentage of the workforce is mobile and carries around laptops with access to corporate data, or even worse has corporate data on their laptops. For this

Continue to read »

Azure AD support for FIDO2 in hybrid environments

Last year we wrote about Azure AD and password-less sign-in Now we also have support (Public preview) for this in hybrid environments, so let’s try it out. We will use the same Yubico security NFC as last time. First thing we need to be aware of is that we

Continue to read »

Desktop Analytics

Desktop analytics is now available but only integrated with SCCM, so no Intune configuration for now, but let’s give it a test spin. We will start by clicking Desktop Analytics in Microsoft 365 Device Management or by using this direct link Select Start. Then we need to Accept service

Continue to read »

Azure AD and password-less sign-in

One of the interesting solutions a lot of us has been waiting for is now in public preview – password-less sign-in with Azure Active Directory (Azure AD). We have been able to use it with personal Microsoft accounts, but now we also can start testing with Azure AD accounts. So

Continue to read »
Search blog posts
Modern Workplace consultant and a Microsoft MVP in Enterprise Mobility.
Modern Workplace consultant and a Microsoft MVP in Windows and Devices for IT.

Infrastructure architect with focus on Modern Workplace and Microsoft 365 security.

Passionate IT professional with 20+ experience in IT architecture, consulting, and design. 

Cloud & security specialist with focus on Microsoft backend products and cloud technologies.

Cloud & Security Specialist, with a passion for all things Cybersecurity

Cloud and infrastructure security specialist with background in networking.

Infrastructure architect with focus on design, implementation, migration and consolidation.

Infrastructure consultant with focus on cloud solutions in Office365 and Azure.

follow us in feedly

Follow on SoMe