How to enable and configure Microsoft Remote Help in Microsoft Intune

Recently Microsoft made Remote Help generally available. Remote Help is an application to offer remote assistance to end users that are using Windows 10 or 11 endpoints. Remote Help is a Microsoft Endpoint Manager Premium add-on. It can be fully configurated within the Microsoft Endpoint Manager admin center. Both the IT support engineer and the end user needs to authenticate through Azure AD...

Read More

How to update Security Baselines in Microsoft Intune to a newer version

Security Baselines in Microsoft Intune are templates that contains policy configurations that by default are configured with the best practice from the Microsoft security teams. And that makes a Security Baseline the perfect starting point when creating a new policy set for the modern workplace. When creating a Security Baseline, all settings are pre-configured with the security best-practice...

Read More

How to exclude Shortcuts from syncing to OneDrive with Microsoft Endpoint Manager – Microsoft Intune

Microsoft OneDrive is a great service for storing your files. And when you have “Known Folder Redirection” enabled, your Desktop, Documents and Pictures folders are redirected to OneDrive and synched to the cloud. This way you have the same Desktop, Documents and Pictures folders available on every device which benefits the user experience. However, you have applications that place a...

Read More

How to move or restore a Windows 11 VM in Hyper-V with TPM enabled (Shielded VMs)

In my previous blog I showed you step-by-step how to install Windows 11 as a VM in Hyper-V. The difference with Windows 10 is that Windows 11 requires a TPM (Trusted Platform Module) chip in order to boot. As you could read in my previous blog, this is no problem at all. However, I’m the kind of guy that regularly reinstalls my laptop/desktop and also uses multiple devices to run the same...

Read More

How to install Windows 11 in Hyper-V

Windows 11 has now been released over a month ago and many companies are now considering the switch. It is always good to test extensively first and get some hands-on experience.  If you don’t have a physical PC available to test Windows 11, a good alternative is to do this in a virtual machine (VM). Personally, I use VMs a lot when I need to test Microsoft Intune configurations or when...

Read More

How to setup Android Zero-Touch Enrollment with Microsoft Endpoint Manager – Microsoft Intune

Android Zero-Touch Enrollment is a (free) service to automate and enforce MDM enrollments for Android devices running Android 9 or higher, independent of device manufacture. It offers end-to-end security because the MDM enrollment cannot be skipped by the user. The first time the user tuns on the device, clear instructions will be displayed to start the enrollment. All policies and applications...

Read More

How to add iOS devices manually in the Apple Business Manager (ABM) for automatic Microsoft Endpoint Manager – Microsoft Intune enrollment

It’s a best practice to enroll corporate owned iOS/iPadOS devices via the Apple Automated Device Enrollment (ADE) program (PKA Device Enrollment Program – DEP). It offers “out of the box” security because the enrollment with the MDM solution will start automatically and the user can’t work around it. Next to automatic device enrollment it makes it possible to set...

Read More

How to create and deploy a Windows 11 custom image with Windows 365 Enterprise Cloud PC

Less then a month ago I wrote a blog about How to create and deploy Windows 365 Enterprise Cloud PC Custom Images. What could be the case with cloud services such as Windows 365 is that developments can go fast. So, what have changed in the last 4 weeks after wring my previous blog? In this case a lot! First of all, Microsoft released Windows 11 (Oct, 5) and made it directly available for Windows...

Read More

How to stop receiving “Your weekly PIM digest” emails – A workaround

Microsoft Privileged Identity Management (PIM) is a powerful Azure AD service that provides time-based and approval-based role activation for access to resources in Azure, Azure AD and connected Microsoft services like Microsoft Intune and Microsoft 365. In company environments I always recommend to use PIM. Once PIM is activated you will receive a “Weekly PIM digest” if you have Privileged Role...

Read More

How to create and deploy Windows 365 Enterprise Cloud PC Custom Images

UPDATE : A new version of this blog with Windows 11 Gen2 images is available here. With Windows 365 you can deploy your Cloud PCs with a standard Azure Gallery image. There are Windows 10 Enterprise images available optimized for Cloud PC, with or without the Microsoft 365 Apps pre-installed on it (including Microsoft Teams with AV redirection optimization). However, with Windows 365 Enterprise...

Read More

About Robin Hobo

Robin Hobo

I work as a Senior Solution Architect with focus on the Modern Workspace. I am specialized in Azure Virtual Desktop (AVD), Windows 365 and Microsoft EM+S (including Microsoft Endpoint Manager - Microsoft Intune).

For my full bio, check the About Me page. You can also join me on the following social networks:

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close