Security Baselines in Microsoft Intune are templates that contains policy configurations that by default are configured with the best practice from the Microsoft security teams. And that makes a Security Baseline the perfect starting point when creating a new policy set for the modern workplace. When creating a Security Baseline, all settings are pre-configured with the security best-practice...
Category - Microsoft Endpoint Manager
Enterprise Mobility + Security, Intune, Microsoft Endpoint Manager
How to exclude Shortcuts from syncing to OneDrive with Microsoft Endpoint Manager – Microsoft Intune
Microsoft OneDrive is a great service for storing your files. And when you have “Known Folder Redirection” enabled, your Desktop, Documents and Pictures folders are redirected to OneDrive and synched to the cloud. This way you have the same Desktop, Documents and Pictures folders available on every device which benefits the user experience. However, you have applications that place a...
Enterprise Mobility + Security, Intune, Microsoft Endpoint Manager, Windows 10
How to move or restore a Windows 11 VM in Hyper-V with TPM enabled (Shielded VMs)
In my previous blog I showed you step-by-step how to install Windows 11 as a VM in Hyper-V. The difference with Windows 10 is that Windows 11 requires a TPM (Trusted Platform Module) chip in order to boot. As you could read in my previous blog, this is no problem at all. However, I’m the kind of guy that regularly reinstalls my laptop/desktop and also uses multiple devices to run the same...
Enterprise Mobility + Security, Intune, Microsoft Endpoint Manager, Windows 10
How to install Windows 11 in Hyper-V
Windows 11 has now been released over a month ago and many companies are now considering the switch. It is always good to test extensively first and get some hands-on experience. If you don’t have a physical PC available to test Windows 11, a good alternative is to do this in a virtual machine (VM). Personally, I use VMs a lot when I need to test Microsoft Intune configurations or when...
Intune, Microsoft Endpoint Manager
How to setup Android Zero-Touch Enrollment with Microsoft Endpoint Manager – Microsoft Intune
Android Zero-Touch Enrollment is a (free) service to automate and enforce MDM enrollments for Android devices running Android 9 or higher, independent of device manufacture. It offers end-to-end security because the MDM enrollment cannot be skipped by the user. The first time the user tuns on the device, clear instructions will be displayed to start the enrollment. All policies and applications...
Enterprise Mobility + Security, Intune, Microsoft Endpoint Manager
How to add iOS devices manually in the Apple Business Manager (ABM) for automatic Microsoft Endpoint Manager – Microsoft Intune enrollment
It’s a best practice to enroll corporate owned iOS/iPadOS devices via the Apple Automated Device Enrollment (ADE) program (PKA Device Enrollment Program – DEP). It offers “out of the box” security because the enrollment with the MDM solution will start automatically and the user can’t work around it. Next to automatic device enrollment it makes it possible to set...
UPDATE : A new version of this blog with Windows 11 Gen2 images is available here. With Windows 365 you can deploy your Cloud PCs with a standard Azure Gallery image. There are Windows 10 Enterprise images available optimized for Cloud PC, with or without the Microsoft 365 Apps pre-installed on it (including Microsoft Teams with AV redirection optimization). However, with Windows 365 Enterprise...
Enterprise Mobility + Security, Intune, Microsoft Endpoint Manager
How to setup Samsung Knox Mobile Enrollment with Microsoft Intune
Samsung Knox Mobile Enrollment (KME) is a Zero Touch provisioning solution. You can fully automate the enrollment of new, or factory reset devices into an MDM solution like Microsoft Intune. The end user only have to turn on their company-owned Android device and connect to a Wi-Fi or cellular network. This will start the enrollment which the end user cannot cancel or work around.
Intune, Microsoft Endpoint Manager
How to remove Microsoft Store for Business apps in Microsoft Intune
The Microsoft Store for Business is a powerful service to distribute and manage modern Windows 10 applications from the Windows 10 Store (both free and paid applications). You can connect the Microsoft Store for Business with Microsoft Intune to sync the applications for easy deployment via Microsoft Intune. After the application is synced to Intune you only have to assign the application to a...
In July, 2018, I wrote this blog about how to setup Windows Autopilot and add existing devices the quickest way. After publishing this blog the Get-WindowsAutoPilotInfo script has been updated several times by the author Michael Niehaus. New functionalities have been added to the scripts. Therefore Windows 10 devices can be added to Windows Autopilot even faster then described in my old blog...
Enterprise Mobility + Security, Intune, Microsoft Endpoint Manager
How to start with Shared iPads for Business with Microsoft Endpoint Manager (Intune) and Apple Business Manager
I get the following question regularly; “can we configure our Apple iPads as Shared device. Where you as a user, can login and logoff without seeing each other’s data?”. Most of the time it’s about medical personal that works in shifts and don’t have a personal device. But you can also think of maintenance and field agents or flight crew members for example. In this case you want to let the...
Microsoft Endpoint Manager
How to deploy Microsoft Office 365 ProPlus with Microsoft Endpoint Manager (MEM) – VLOG#5
In this VLOG I will cover the following topics step-by-step;
– Publish and deploy a customized Microsoft Office 365 ProPlus installation with Microsoft Endpoint Manager / Intune.
– Test the result on a new Windows 10 device managed by Microsoft Intune
In this vlog I show you step-by-step how to deploy Work Folders with Microsoft Windows Server 2019. In this 3rd VLOG I show you step-by-step How to deploy Work Folders with Windows Server 2019. This VLOG is based on this blog I wrote earlier.This VLOG will cover the following steps; Create a DNS record for the Work FoldersInstall the Work Folder server roleInstall and configure the SSL...
About Robin Hobo
I work as a Senior Solution Architect with focus on the Modern Workspace. I am specialized in Azure Virtual Desktop (AVD), Windows 365 and Microsoft EM+S (including Microsoft Endpoint Manager - Microsoft Intune).
For my full bio, check the About Me page. You can also join me on the following social networks:
Instragram
📅Windows Powers the Future of Hybrid Work
Join us for the keynote address on April 5, 2022 at 17:00 CET (8AM PT).
more info: https://www.microsoft.com/en-us/windows/business/event #memcm #windows #hybridwork #windows11 #mem #msintune
#MVPBuzz - Some of y'all are giving me anxiety! If you haven't done it yet, please enter your contributions to be considered for MVP Re-Award. It's the final countdown to the March 31 deadline... Sing it with me! https://www.youtube.com/watch?v=9jK-NcRmVcw
NC-series Azure Virtual Machines retirement extended to 31 August 2023 https://azure.microsoft.com/en-us/updates/ncseries-azure-virtual-machines-retirement-extended-to-31-august-2023/?utm_source=dlvr.it&utm_medium=twitter