How to Setup 3rd Party Device Compliance Partners in Intune for Conditional Access

While Intune and Entra ID as a whole provide industry-standard device compliance policies and conditional access policies to govern them, there might be a chance that a subset of your device fleet is managed via a different MDM. In the field when I'm talking with the customers, this is mostly because Microsoft Intune was catching … Continue reading How to Setup 3rd Party Device Compliance Partners in Intune for Conditional Access

3. Windows Autopatch Device Readiness

Existing GPOs, Registry Settings, Config Manager and MDM Settings In this section, I would like to go through some important changes required in your environment before moving to Widows Autopatch. Ideally, this comes in step 3 of the development journey - Pilot. With everything in place, you may have selected the devices that need to … Continue reading 3. Windows Autopatch Device Readiness

2. Setting up Prerequisites for Windows Autopatch

Windows Autopatch Guide Blog 2 of 7 In this section, I will look at the prerequisites that need to be setup in order to carry out a successful Windows Autopatch implementation. Minimum Windows OS Version (at the time of writing)RBAC SetupLicenses for AutopatchNetwork ConfigurationDevice ManagementWrapping Up Minimum Windows OS Version (at the time of writing) … Continue reading 2. Setting up Prerequisites for Windows Autopatch

Microsoft Defender for Endpoint – Passive Mode

Passive mode and EDR in block mode. It's fair to assume that if Defender is not the "Active" or the "Primary" AV on the computer, then that will be running in Passive mode. However, in the Defender world, it is one of the states where you can leave Defender running. However, that might not be … Continue reading Microsoft Defender for Endpoint – Passive Mode

Quick Defender SmartScreen Deep Dive with Niklas Tinner

Recently I got the opportunity to sit with Niklas Tinner, a like-minded tech guru and an End User Computing specialist to discuss Defender SmartScreen and its benefits, advanced hunting for SmartScreen incidents, policies, and best practices. https://www.youtube.com/watch?v=YI_x_dtrSFQ And detailed blog post on the same can be found below. https://shehanperera.com/2022/12/14/defender-smartscreen-deep-dive-02/

How to Track Devices with a Faulty MDE Sensor Health State, Using a Logic App Workflow?

The MDE Sensor Health what we like to see is "Active". The sensor health we don't want is "Inactive" or "Misconfigured". But sometimes it is almost impossible to track the sensor status of all the devices every day so the devices will be all healthy. However, in order to properly communicate with Defender, the endpoint's … Continue reading How to Track Devices with a Faulty MDE Sensor Health State, Using a Logic App Workflow?

How to Enable the New Security Settings Management Feature in Defender Security Portal

In Public Preview at the time of the writing. This is a much-needed feature I believe. Also in most of the IT departments due to the tasks being segregated among different admins, most of the time it is a team game and you need 2 different admins (Intune Administrator and a Security Administrator) to collaborate … Continue reading How to Enable the New Security Settings Management Feature in Defender Security Portal

A Summary of the Microsoft Entra Announcements

❗A Summary of the Microsoft Entra Announcements in case you have missed the chatter 🙂 Full Story - https://www.microsoft.com/en-us/security/blog/2023/07/11/microsoft-entra-expands-into-security-service-edge-and-azure-ad-becomes-microsoft-entra-id/ ⚡Microsoft Entra IDAzure AD --> Now "Microsoft Entra ID"🔗https://lnkd.in/gmr756ws ⚡Microsoft Entra ID Governance - Now Generally Available🔗https://lnkd.in/gJ3zQbj5 ⚡Microsoft Entra Internet Access (preview) - An identity-centric Secure Web Gateway that protects access to internet, software as a service (SaaS), … Continue reading A Summary of the Microsoft Entra Announcements

How to Use the Conditional Access Policy Gap Analyzer Workbook?

Did you know that like in all other Azure services, workbooks are available in Azure AD too? And the good thing about this is, there are a lot of good workbooks ready to be opened and no need to write your KQL queries again. Well, if you fancy your KQL, you can start a new … Continue reading How to Use the Conditional Access Policy Gap Analyzer Workbook?

🎙️MS EMS Community Podcast EP04

https://www.youtube.com/watch?v=XWvXVCIUm2c In this episode, myself along with Jonas Bøgvad , Andrew Taylor MVP, Lewis Barry and Eric Woodruff, CIDPRO discusses about,⚡️Intunemaps.com and the thought process behind that⚡️An in-depth look at AAD App Registration⚡️An in-depth look at the PRT⚡️MFA Number matching⚡️FIDO and Security

Configure Intune Built-In Roles Using Azure AD PIM for Groups

The perfect Azure AD, Intune combo does not exi..... Some time ago I wrote about Azure AD PIM for groups and its usages. This came to light a few days ago in Microsoft Tech Community as an article and I thought I will give my touch to it. What is it and Why Does This … Continue reading Configure Intune Built-In Roles Using Azure AD PIM for Groups

Protected Actions in Azure AD

At the time of writing this is still in Preview, but I was curious to find out more about this as anything Security and Azure AD-related is good 🙂 What are Protected Actions? Protected Actions feature is an added layer of security in Azure AD for certain actions you perform What Licenses You Require? Azure … Continue reading Protected Actions in Azure AD

Intune Policy Assignment Basics

The easiest step in any policy creation. Yet there is a possibility that the policy assignment to end up with errors. I want to discuss that in this article. We have our policy created with all the settings and we are pretty happy with it. The next step is assigning it to one of the … Continue reading Intune Policy Assignment Basics

Intune Remote Help – From Zero to Hero

This is a comprehensive guide to Intune Remote Help. Hope you find this useful. Remote Help BenefitsRemote Help License RequirementsNetwork ConsiderationsConfigure Remote Help App in IntuneRemote Help Win32 App DeploymentFirewall Rules ConsiderationsRBAC - Assign Users to roleCreate a new RBAC Permission RoleCreate The Conditional Access Policy for the Remote Help AppHow to UseInitiating Chat in … Continue reading Intune Remote Help – From Zero to Hero

🔗IntuneMaps – Device Profile Templates

Going one step ahead from my previous IntuneMaps.com click-friendly infographic. For anyone who is starting out with Microsoft Intune or wants to know what templates to set up and why, I hope this will be helpful to understand what Intune's Windows-based (Windows 10 and later) built-in config profiles are and how to apply them.  Microsoft Learn can … Continue reading 🔗IntuneMaps – Device Profile Templates

4 Steps to Configure Azure AD PIM for Groups

Few uses of PIM-managed groupsChallengeSolutionFew NotesPrerequisites - LicensesStep 1 - Group CreationStep 2 - Onboard the group for PIMStep 3 - Add PIM AssignmentsStep 4 - Setup Role SettingsUser ActivationUse Access ReviewsWrapping Up When I 1st posted the below infographic in my Socials, I thought I made myself clear that this is not an Azure … Continue reading 4 Steps to Configure Azure AD PIM for Groups

Setup Prerequisites for Windows LAPS in Azure AD

By now you may have seen a lot of updates and posts on how to configure Windows LAPS in Azure AD. Credit goes to all the wonderful gurus out there who really contribute to the community in different ways. My approach in this post is to prepare for the Windows LAPS in Azure AD so … Continue reading Setup Prerequisites for Windows LAPS in Azure AD

🔗IntuneMaps

This is a small passion project of mine.Microsoft Intune has evolved like never before and continues to add more features as we speak. I always wanted to create a one-stop location for all things Intune Windows Platform that can be helpful to anyone who is starting out with the product, looking for the right Learn … Continue reading 🔗IntuneMaps