The word on the street is not "If I get hacked" but "when I will get hacked" and securing your infrastructure starts from your end users and devices and hardening those devices that the users use every day has never been so important. Security Baseline policy for Windows 10 and later. This is one of … Continue reading Device Hardening with Intune Security Baseline for Windows Policy
Tag: MEM
🎙️MS EMS Community Podcast EP04
https://www.youtube.com/watch?v=XWvXVCIUm2c In this episode, myself along with Jonas Bøgvad , Andrew Taylor MVP, Lewis Barry and Eric Woodruff, CIDPRO discusses about,⚡️Intunemaps.com and the thought process behind that⚡️An in-depth look at AAD App Registration⚡️An in-depth look at the PRT⚡️MFA Number matching⚡️FIDO and Security
[Nugget Post] How to Check All Intune Filter Related Associated Assignments?
![[Nugget Post] How to Check All Intune Filter Related Associated Assignments?](https://emsroute.com/wp-content/uploads/2023/02/downloadpage.png?w=863&h=0&crop=1)
You implement more and more filters in policies, but how to go back and see all the associated assignments? Rather than remembering or noting down all the filters you have created and checking manually, you can now see this in the Associated Assignments tab in the required filter. To check the created filter, go to … Continue reading [Nugget Post] How to Check All Intune Filter Related Associated Assignments?
Microsoft Intune Bulk Device Actions
This will be a short blog post, but I want to cover something that is important when you have a large device fleet. This is a useful feature if you haven't seen it yet or not tried it yet, because rather than using a CLI, you can use the Intune Portal to perform bulk actions. … Continue reading Microsoft Intune Bulk Device Actions
How to Configure Multiple Admin Approvals Over Intune Resources
A new feature was recently introduced and is still in the Public Preview mode. Multiple Admin Approvals or MAAs. At this stage, this can be only applied to Apps and Scripts. What this does is let you as an Admin create MAA policies to make sure changes to App policies and Scripts will go through … Continue reading How to Configure Multiple Admin Approvals Over Intune Resources
Organizational Messages – A Better Way to Push Important Messages to Your Users via Microsoft Intune
There were a lot of new updates for Microsoft Intune at the Ignite 2022. Organizational Messages are one of them. This feature is still in preview and believe more options will be available in the coming months. Imagine you need to send that one quick important message to the users on a Friday afternoon reminder … Continue reading Organizational Messages – A Better Way to Push Important Messages to Your Users via Microsoft Intune
My First Speaking Session and the First Microsoft EM+S Community Live Event
So last week I finally did my very 1st speaking session. This is the very 1st community event held by the Discord Group Microsoft EM+S Community. Microsoft EM+S Community https://www.youtube.com/watch?v=Cxr61C4g7iQ Shout out to the other speakers as they've all done a great job in presenting their sessions as well as continuously sharing their knowledge on … Continue reading My First Speaking Session and the First Microsoft EM+S Community Live Event
The Calm After the Storm. Microsoft Ignite 2022 All Endpoint Management and Identity and Access Announcements
Microsoft Ignite 2022 just finished and it was a blast! So many new product updates and announcements. It was truly exciting to see all the Ignite related news. Because obviously it was a lot and probably the LinkedIn feeds are flooded with the updates and reposts and what not, I thought to give it a … Continue reading The Calm After the Storm. Microsoft Ignite 2022 All Endpoint Management and Identity and Access Announcements
Get Started with Microsoft Graph Intune PowerShell Module for Endpoint Manager Tasks
This is my very first blog post after being awarded as a Microsoft MVP and during the past few days it was all about processing this new avenue that just opened up in my life and was mentally getting ready for it. I will be writing a separate article about that later. But for now, … Continue reading Get Started with Microsoft Graph Intune PowerShell Module for Endpoint Manager Tasks
Configure “Enhanced Phishing Protection in Microsoft Defender SmartScreen” in Windows 11 22H2 via Endpoint Manager
Windows 11 22H2 update brought a lot of good stuff and as a tech enthusiast I really appreciate what Microsoft is doing to ensure the end user devices are protected. Enhanced Phishing Protection in Microsoft defender SmartScreen is one of them. While the features are available to the standard Windows Home user, I tested these … Continue reading Configure “Enhanced Phishing Protection in Microsoft Defender SmartScreen” in Windows 11 22H2 via Endpoint Manager
How to Use Endpoint Manager Import ADMX Function to Map Shared Drives
Earlier this year I wrote the same but more of a manual method to map drives using Endpoint Manager OMA-URI function and by ingesting the ADMX files in raw form to configure the drives. https://shehanperera.com/2022/04/01/network_shares_with_mem/ After Microsoft announced the Preview of the Import ADMX function, I was thrilled as I wanted to test out a … Continue reading How to Use Endpoint Manager Import ADMX Function to Map Shared Drives
Azure AD Device Registration – Part 1 – How to Fix the Pending Registration State Issue?
Firstly I must say, during your cloud journey you may have seen this error many times and fixed this many times. Also there can be engineers who are yet to see this error (among other errors) and want to fix this. In a Hybrid AAD Joined (HAADJ) environment, ideally what you want the device registration … Continue reading Azure AD Device Registration – Part 1 – How to Fix the Pending Registration State Issue?
Device Control Polices with Microsoft Defender for Endpoint and Endpoint Manager
Device Control is one of the core components of any Device Management solution. This identifies what devices the user can install in their system or plug and play. While there are devices that need to be installed on user computers such as printers, specific computer peripherals, and USB keys, you don't want to allow the … Continue reading Device Control Polices with Microsoft Defender for Endpoint and Endpoint Manager
[Product Feature] Passwordless Authentication with FEITIAN BioPass FIDO2 Security Key K49
![[Product Feature] Passwordless Authentication with FEITIAN BioPass FIDO2 Security Key K49](https://emsroute.com/wp-content/uploads/2022/07/windows-feature-update-device-readiness-reports-11.png?w=863&h=0&crop=1)
FEITIAN Technologies recently reached me out via LinkedIn to request if I can review one of their latest Passwordless key products - K49. This is not a paid review and only contains my independent opinion as a technologist as well as an avid Identity and Access Management enthusiast. I'm always a big fan of going … Continue reading [Product Feature] Passwordless Authentication with FEITIAN BioPass FIDO2 Security Key K49
A Closer Look At The Azure AD Joined Device Local Administrator Role And Endpoint Manager Account Protection Policy
Local Admin is a must needed account/ access that requires in a domain setup for so many reasons. Over the years Microsoft brought many options to manage these accounts in a secure manner. Restricted groups/ LAPS etc. With Azure AD and Endpoint Manager in the scene, many devices are moved to cloud managed rather than … Continue reading A Closer Look At The Azure AD Joined Device Local Administrator Role And Endpoint Manager Account Protection Policy
An Attempt to Configure Defender for Endpoint and Endpoint Manager With the Same Device Tag
Most often the device tagging requirements are simple or you do have a set of tags for the devices that are enrolled in Intune and a set of tags for the devices onboarded in Defender for Endpoint. However there can be situations where you need both services to have the same device tagging setup. This … Continue reading An Attempt to Configure Defender for Endpoint and Endpoint Manager With the Same Device Tag
How to Easily Configure Google Chrome Policies via Microsoft Endpoint Manager?
I would say this is a long time coming and Admins can take a bit of a rest without looking for the Google Chrome ADMX files and updating the custom OMA-URI content whenever the ADMX updates.The good news is Microsoft Endpoint Manager has the relevant Google Chrome policy settings within the portal! This is a … Continue reading How to Easily Configure Google Chrome Policies via Microsoft Endpoint Manager?
Intune Remote Help to the Rescue
I think it's too soon to compare Remote Help with a tool like TeamViewer because the Remote Help feature with Microsoft Intune just went on GA this week. I was looking at this option for quite a while and finally got time to test and write about it. Remote Help BenefitsRemote Help License RequirementsNetwork ConsiderationsConfigure … Continue reading Intune Remote Help to the Rescue
How To Map a Shared Drive Using Microsoft Endpoint Manager Instead of GPOs
Welcome to another MEM how to article. Among Microsoft Endpoint Manager's wonderful capabilities I see this as a big win towards promoting it's modern device management capabilities. This will simply supersede the local AD, OUs and GPMC that used to manage drive mappings to user sessions. Update [03 Sep 2022] Microsoft have recently announced the … Continue reading How To Map a Shared Drive Using Microsoft Endpoint Manager Instead of GPOs
How To Create and Usages of Microsoft Endpoint Manager (MEM) Device Filters
MEM device filters finally came out of preview to General Availability (GA) and lets see why we need to use device filters. What Device Filters Does? This helps the Endpoint Manager policies to apply in a more targeted manner. This feature is similar to the setting up targeted GPO assignments or probably GPO loopback processing. … Continue reading How To Create and Usages of Microsoft Endpoint Manager (MEM) Device Filters
EMS Route 