Skip to content

Configure Edge Chromium for a seamless end-user migration from Google Chrome with MEM

As you know by now, Edge Chromium is Microsoft’s newest browser which integrates Edge and Internet Explorer into the one browser to rule them all. There are a lot of valid reasons to migrate to it, but the most difficult part with is getting your users to adopt the new browser. In this blog post, … Continue Reading Configure Edge Chromium for a seamless end-user migration from Google Chrome with MEM

Using a Lighthouse Service Principal within Azure DevOps

I just blogged on the website of The Collective about using a Lighthouse Service Principal from within Azure DevOps. We use this process internally to manage the Azure Sentinel environment of our customers. Check out the article here.

Hybrid vs Azure AD Join

When organizations are starting their journey to the cloud, they are most likely starting off by joining their Windows 10 machines to both their local Active Directory domain and Azure Active Directory in a Hybrid Azure AD Join. That way, they can enjoy the power of the cloud, while keeping all the legacy applications that … Continue Reading Hybrid vs Azure AD Join

Retire non-compliant devices through Power Automate

With the 2003 release of Microsoft Endpoint Microsoft, a new compliance setting was introduced to retire non compliant devices. It sounds like this would automatically retire non-complaint devices, but this is not the case. If a non-compliant has this setting assigned, the device shown up in the ‘Retire noncompliant devices’ section in the MEM portal. … Continue Reading Retire non-compliant devices through Power Automate

Assigning MDATP tags through the machine name & logged on user with Logic Apps

I recently published a blog on the website of The Collective (my employer), where I talk about assigning MDATP tags through Logic Apps. This article goes over a solution where tags are assigned according to the machine name and current logged on user of a MDATP device. I also touch on a few tips on … Continue Reading Assigning MDATP tags through the machine name & logged on user with Logic Apps

Choosing the right Android enrollment method

When starting off with Intune, choosing which Android enrollment you want to use, can be pretty difficult. During this blog post I will walk you through all the possibilities and help you make the right decision. Overview There are 6 different ‘enrollment’ method for Android devices within Intune: Mobile Application Management without Enrollment Device Administrator … Continue Reading Choosing the right Android enrollment method

Requiring two MFA methods with the Combined Registration

Last month, the combined MFA and password reset registration portal has been made generally available. Previously, a user could register his security information on two separate locations, for MFA and for Self Service Password Reset. Self Service Password Reset Self Service Password Reset is a feature of Azure Active Directory which enables the user to … Continue Reading Requiring two MFA methods with the Combined Registration

Android Enterprise Dynamic Groups for Intune

Microsoft Endpoint Manager (Intune) currently supports fours different Android Enterprise enrollment methods: Work Profile Dedicated Device Fully Managed Fully Managed Devices with Work Profile (Corporate Owned – Personally Enabled (COPE)) Each method has it’s own purpose. Work Profile is mostly used for employees who want access to company resources using their own personal device. A … Continue Reading Android Enterprise Dynamic Groups for Intune

Sync Named Locations to MCAS IP Ranges using Azure Automation

Every Microsoft 365 Security engineer has the same struggle: maintaining corporate IP-address range needs to be done in two places. Once in trusted named locations in Azure AD and once in corporate ‘IP ranges’ in MCAS. It is really important to configure these both. In Azure AD, (trusted) named locations are used in Conditional Access … Continue Reading Sync Named Locations to MCAS IP Ranges using Azure Automation

Setting up calendar sharing in a multilingual company

A lot of companies want all their employees to have all calendars open by default. That way any employee can view the calendar of a colleague to check if he/she is available. We can set calendar permission in Office 365 pretty easy by running the command ‘Set-MailboxFolderPermission’. The recommend syntax is as follows: This command … Continue Reading Setting up calendar sharing in a multilingual company

Updating the flag status of an Exchange email through Powershell EWS

I was recently involved in a Exchange Migration that also involved an Enterprise Vault migration. The company in question currently had about 2000 archived that needed to be moved into the Exchange on-prem mailboxes before migrating them to Exchange Online. For that migration, we used Archive Shuttle from Quadrotech which does an amazing job migrating … Continue Reading Updating the flag status of an Exchange email through Powershell EWS

Automating 3rd Party application deployment in Intune with PatchMyPc

Patch My PC is probably the most known product for Automated Third Party Application Patch Management with SCCM integration. This is an amazing product that simplifies your Third Party Application deployment and patching. Last week Patch My PC announced theirpreview for Win32 Application Management for Intune. This means Patch My PC can now automate the … Continue Reading Automating 3rd Party application deployment in Intune with PatchMyPc

Protecting against OAuth attacks: Setting-up Admin Consent Workflow

During recent weeks, an increase in OAuth phishing attacks has been spotted. OAuth Phishing attacks are an evolution of the old phishing attacks we all know and hate. During a regular phishing attack a user is sent a suspicious mail where he/she is asked to enter their current Office 365 credentials because there is some … Continue Reading Protecting against OAuth attacks: Setting-up Admin Consent Workflow

Loading…

Something went wrong. Please refresh the page and/or try again.

%d bloggers like this: