This is my very first blog post after being awarded as a Microsoft MVP and during the past few days it was all about processing this new avenue that just opened up in my life and was mentally getting ready for it. I will be writing a separate article about that later. But for now, … Continue reading Get Started with Microsoft Graph Intune PowerShell Module for Endpoint Manager Tasks
Tag: Microsoft Intune
Configure “Enhanced Phishing Protection in Microsoft Defender SmartScreen” in Windows 11 22H2 via Endpoint Manager
Windows 11 22H2 update brought a lot of good stuff and as a tech enthusiast I really appreciate what Microsoft is doing to ensure the end user devices are protected. Enhanced Phishing Protection in Microsoft defender SmartScreen is one of them. While the features are available to the standard Windows Home user, I tested these … Continue reading Configure “Enhanced Phishing Protection in Microsoft Defender SmartScreen” in Windows 11 22H2 via Endpoint Manager
Microsoft Intune and Defender for Endpoint Relationship Simplified
I stumbled upon this so many times, tripped and fell, read things over, test things again and again, and finally thought to write about it. Without understanding the high-level architecture and how these two services talk to each other, using this in day-to-day tech life can be challenging. Especially if you are coming from a … Continue reading Microsoft Intune and Defender for Endpoint Relationship Simplified
How to Use Endpoint Manager Import ADMX Function to Map Shared Drives
Earlier this year I wrote the same but more of a manual method to map drives using Endpoint Manager OMA-URI function and by ingesting the ADMX files in raw form to configure the drives. https://shehanperera.com/2022/04/01/network_shares_with_mem/ After Microsoft announced the Preview of the Import ADMX function, I was thrilled as I wanted to test out a … Continue reading How to Use Endpoint Manager Import ADMX Function to Map Shared Drives
Device Control Polices with Microsoft Defender for Endpoint and Endpoint Manager
Device Control is one of the core components of any Device Management solution. This identifies what devices the user can install in their system or plug and play. While there are devices that need to be installed on user computers such as printers, specific computer peripherals, and USB keys, you don't want to allow the … Continue reading Device Control Polices with Microsoft Defender for Endpoint and Endpoint Manager
[Product Feature] Passwordless Authentication with FEITIAN BioPass FIDO2 Security Key K49
![[Product Feature] Passwordless Authentication with FEITIAN BioPass FIDO2 Security Key K49](https://emsroute.com/wp-content/uploads/2022/07/windows-feature-update-device-readiness-reports-11.png?w=863&h=0&crop=1)
FEITIAN Technologies recently reached me out via LinkedIn to request if I can review one of their latest Passwordless key products - K49. This is not a paid review and only contains my independent opinion as a technologist as well as an avid Identity and Access Management enthusiast. I'm always a big fan of going … Continue reading [Product Feature] Passwordless Authentication with FEITIAN BioPass FIDO2 Security Key K49
A Closer Look At The Azure AD Joined Device Local Administrator Role And Endpoint Manager Account Protection Policy
Local Admin is a must needed account/ access that requires in a domain setup for so many reasons. Over the years Microsoft brought many options to manage these accounts in a secure manner. Restricted groups/ LAPS etc. With Azure AD and Endpoint Manager in the scene, many devices are moved to cloud managed rather than … Continue reading A Closer Look At The Azure AD Joined Device Local Administrator Role And Endpoint Manager Account Protection Policy
An Attempt to Configure Defender for Endpoint and Endpoint Manager With the Same Device Tag
Most often the device tagging requirements are simple or you do have a set of tags for the devices that are enrolled in Intune and a set of tags for the devices onboarded in Defender for Endpoint. However there can be situations where you need both services to have the same device tagging setup. This … Continue reading An Attempt to Configure Defender for Endpoint and Endpoint Manager With the Same Device Tag
How to use Log Analytics on Endpoint Manager
Ever since I learned about KQL I'm obsessed about it and what it can do in Azure Log Analytics space and this is my attempt on plugging another service to Log Analytics to experiment with the logs. KQL has proven to be a clever tool when it comes to dig deeper in to Log Analytics. … Continue reading How to use Log Analytics on Endpoint Manager
How to Setup Endpoint Manager RBAC
Welcome to another MEM article. Today I'm going to talk about an essential component of Microsoft Endpoint Manager where a lot of admins ignore or fail to configure. As your team grows or if you planning on outsourcing tasks to a different team of admins, a MSP perhaps, it is vital to configure correct RBAC … Continue reading How to Setup Endpoint Manager RBAC
FIX and Thoughts on Autopilot Pre-Provision Error 0x80180014
It was one of days where you get these sort of errors just after completing a task. That big ol' unsatisfying red screen with an error. This time it was We couldn't finish MDM enrollment. Error 0x80180014 At 1st glance, though the Reset button will fix the issue. However it didn't. It resets the machine … Continue reading FIX and Thoughts on Autopilot Pre-Provision Error 0x80180014
Pros and Cons of Using Microsoft Endpoint Manager Policy Sets Feature
What else can be a great feature in Microsoft Endpoint Manager other than bundling up all the policies and create that "Golden Image" type policy and assign it to the Device or User groups so from an Administrators perspective, you don't need to individually assign groups in to policies and apps and managing this will … Continue reading Pros and Cons of Using Microsoft Endpoint Manager Policy Sets Feature
How to Migrate Group Policies to Microsoft Endpoint Manager using Group Policy Analytics
Hello again. Today I'm writing about the MEM Group Policy Analytics feature which is still in preview, and how you can inspect your local GPOs and migrate them to MEM. Why you ask? Organizations whether the are big or small, if they are managed by Active Directory domain service, chances are there are Group Policies … Continue reading How to Migrate Group Policies to Microsoft Endpoint Manager using Group Policy Analytics
How to Easily Configure Google Chrome Policies via Microsoft Endpoint Manager?
I would say this is a long time coming and Admins can take a bit of a rest without looking for the Google Chrome ADMX files and updating the custom OMA-URI content whenever the ADMX updates.The good news is Microsoft Endpoint Manager has the relevant Google Chrome policy settings within the portal! This is a … Continue reading How to Easily Configure Google Chrome Policies via Microsoft Endpoint Manager?
Intune Remote Help to the Rescue
I think it's too soon to compare Remote Help with a tool like TeamViewer because the Remote Help feature with Microsoft Intune just went on GA this week. I was looking at this option for quite a while and finally got time to test and write about it. Remote Help BenefitsRemote Help License RequirementsNetwork ConsiderationsConfigure … Continue reading Intune Remote Help to the Rescue
How To Map a Shared Drive Using Microsoft Endpoint Manager Instead of GPOs
Welcome to another MEM how to article. Among Microsoft Endpoint Manager's wonderful capabilities I see this as a big win towards promoting it's modern device management capabilities. This will simply supersede the local AD, OUs and GPMC that used to manage drive mappings to user sessions. Update [03 Sep 2022] Microsoft have recently announced the … Continue reading How To Map a Shared Drive Using Microsoft Endpoint Manager Instead of GPOs
How To Create and Usages of Microsoft Endpoint Manager (MEM) Device Filters
MEM device filters finally came out of preview to General Availability (GA) and lets see why we need to use device filters. What Device Filters Does? This helps the Endpoint Manager policies to apply in a more targeted manner. This feature is similar to the setting up targeted GPO assignments or probably GPO loopback processing. … Continue reading How To Create and Usages of Microsoft Endpoint Manager (MEM) Device Filters
Two Ways To Enable Hybrid AAD Join Mode For A Controlled Deployment
When you planning (of course you are!) to bring the local AD joined Windows workstations to Microsoft Endpoint Manager/ Intune, one of the first things you need to complete is a Pilot/ controlled deployment to understand the end result, Hybrid AAD Joined state's features and what options will be opened for you to test and … Continue reading Two Ways To Enable Hybrid AAD Join Mode For A Controlled Deployment
Microsoft Endpoint Manager Shared Multi-User Device Profiles
In this article, I'm planning on uncovering a configuration profile in MEM which is known as the Shared Multi-User Device Profiles. These profiles can be used and applied to the devices in the fleet which will be used by many users periodically and does not require to retain the data in the disk and have … Continue reading Microsoft Endpoint Manager Shared Multi-User Device Profiles
EMS Route 