Featured
Redirect and move the Downloads folder to OneDrive

Redirect and move the Downloads folder to OneDrive

Comments 0 Comment

Introduction In general, the Downloads folder is intended for temporary files and should not be redirected to OneDrive. However, for the particular use case described in this post, moving Downloads to OneDrive can improve the end user experience by providing better integration between two different environments. Use case Organizations are modernizing their way of working and often implementing Intune with (cloud-native) Azure AD Joined devices. Some of these organizations still have some “Legacy” apps that may not be supported to…

Read More Read More

Featured
How to deploy an Always On VPN to Azure VPN Gateway with Conditional Access

How to deploy an Always On VPN to Azure VPN Gateway with Conditional Access

Comments 20 comments

In a previous blog post, I’ve published a way to configure and deploy an Always On VPN on Intune-manage devices, connecting to an Azure VPN Gateway. The goal was to achieve an Always On VPN deployment with cloud-native solutions more easily than it would be using their traditional counterparts. However, the solution presented was with the use of self-signed certificates, which generally should not be used from a security point of view. I was triggered by a comment from one…

Read More Read More

Featured
Why it is important to block access to Azure AD PowerShell

Why it is important to block access to Azure AD PowerShell

Comments 2 comments

In one of my recent blogs, I’ve published a tool to use Intune as your e-mail signature manager for Outlook. This tool uses the AzureAD PowerShell module. Leveraging Single Sign On (SSO) on Azure AD joined devices, it queries for the user’s contact information of the user that’s signed in on the device. In doing so, I found that, as a non-administrative user, I was also able to query the contact information of all other users. Dumping the Azure AD…

Read More Read More

Featured
Deploy an Always On VPN to Azure VPN Gateway for Intune managed devices

Deploy an Always On VPN to Azure VPN Gateway for Intune managed devices

Comments 12 comments

In this blog post, you’ll learn about deploying an Always On VPN on Intune-managed devices, connecting to an Azure VPN Gateway. Generally, building an Always On VPN can be complex. In this post, I’d like to show an option to achieve an Always On VPN deployment more easily. You’ll learn how to build an Always On VPN deployment leveraging the Azure and Endpoint Management platforms, without having to configure any server infrastructure. In a “traditional” Always On VPN deployment, you…

Read More Read More

Featured
Intune as your Email Signature Manager for Outlook

Intune as your Email Signature Manager for Outlook

Comments 33 comments

Looking for a free and lightweight solution for Microsoft Intune to manage company e-mail signatures for Outlook? Look no further! Prerequisites You manage Windows 10 devices that are: Azure AD Joined; Managed with Microsoft Intune; Deployed with the Microsoft 365 Apps (Outlook) Note: The app leverages the -AccountId parameter of the Connect-AzureAD cmdlet for Single Sign-On. Please note that this has only been tested on Azure AD Joined devices. It may or may not work on Hybrid Azure AD Joined…

Read More Read More

Featured
Advanced deployment of shortcuts to web apps with Microsoft Intune – Revamped

Advanced deployment of shortcuts to web apps with Microsoft Intune – Revamped

Comments 38 comments

Back in 2018, I blogged about deploying web links to Windows 10 devices using a PowerShell Script solution in Intune. Because when admins use the web app deployment type in Intune, shortcuts are only created in the start menu with the default browser’s icon. The PowerShell solution I blogged about has added benefits compared to the built-in option in Intune, for example, it enables admins to place shortcuts on the desktop, in the startup folder and provides the option to…

Read More Read More

Featured
Retrieving RDP files to leverage the new Remote Desktop client for connecting to Windows Virtual Desktop resources

Retrieving RDP files to leverage the new Remote Desktop client for connecting to Windows Virtual Desktop resources

Comments 1 comment

If you are using Windows Virtual Desktop, there are two supported options for launching Windows Virtual Desktop resources: Using the new Remote Desktop Client (MSRDC) Using the Windows Virtual Desktop (HTML5) web client ( http://aka.ms/wvdweb) Many customers that I work for use web portals that contain tiles to business applications, comparable to the Microsoft My Apps portal, that includes custom tiles to apps they use. To access Windows Virtual Desktop RemoteApps, a common question is whether or not they can…

Read More Read More

Featured
Managing your modern workplace with Microsoft Intune and Azure Automation

Managing your modern workplace with Microsoft Intune and Azure Automation

Comments 0 Comment

If you are looking for a way to simplify your modern workplace management, Microsoft Endpoint Manager (Intune) is your answer. I’m a big fan of deploying Windows 10 devices with Windows Autopilot, enrolling them as Azure AD Joined machines into Microsoft’s cloud-based MDM (Mobile Device Management) solution: Intune. There’s already so much one can do with Microsoft Intune, and it gets better every week. However, there’s something that I feel is missing, namely the ability to remotely manage and troubleshoot…

Read More Read More

Featured
Removing the pre-installed Office 365 ProPlus Suite with Microsoft Intune

Removing the pre-installed Office 365 ProPlus Suite with Microsoft Intune

Comments 5 comments

Today I would like to share a method to remove the pre-installed Office 365 ProPlus suite from Microsoft Intune managed devices managed with you. Scenario Recently I’ve been deploying a lot of Surface Go’s with Windows Autopilot and Microsoft Intune in an environment where these devices are shared amongst firstline workers. Most of the firstline workers have an Office 365 F1 or Office 365 E1 license assigned, which do not include the Office Desktop apps, but instead offer the Office…

Read More Read More

Featured
Fast sign-in experience on Windows Autopilot enrolled Shared Devices

Fast sign-in experience on Windows Autopilot enrolled Shared Devices

Comments 12 comments

Consider a scenario where you deploy devices, that are shared amongst multiple users, with Windows Autopilot and the Enrollment Status Page. By default, every user that logs on to the device will go through the account setup phase of the enrollment status page. This can be a lenghty process for some users, that just want to log in and use the device. Especially if you deploy many resources assigned to devices in system context, and only few in user context,…

Read More Read More

Featured
Backup and Restore your Microsoft Intune configuration with PowerShell!

Backup and Restore your Microsoft Intune configuration with PowerShell!

Comments 39 comments

6/25/20: BREAKING Update: IntuneBackupAndRestore v2.0.0 released, which relies on the Microsoft.Graph.Intune PowerShell module instead of MSGraphFunctions Thanks to community feedback and with the version 2.0.0 release of the IntuneBackupAndRestore PowerShell Module, the MSGraphFunctions PowerShell Module is now deprecated and will no longer be maintained by me. As of version 2.0.0, the IntuneBackupAndRestore PowerShell Module has migrated from the MSGraphFunctions PowerShell module to the Microsoft.Graph.Intune PowerShell module. This allows you to use what’s already there instead of having to maintaining a seperate custom dependency. If you update to the latest version, please make sure you meet the new prerequisites below. Requires Microsoft.Graph.Intune PowerShell Module Install-Module -Name Microsoft.Graph.Intune Connect to Microsoft Graph using the Connect-MSGraph PSCmdlet first. Do note that the cmdlet…

Read More Read More