Category - Enterprise Mobility + Security

How to update Security Baselines in Microsoft Intune to a newer version

Security Baselines in Microsoft Intune are templates that contains policy configurations that by default are configured with the best practice from the Microsoft security teams. And that makes a Security Baseline the perfect starting point when creating a new policy set for the modern workplace. When creating a Security Baseline, all settings are pre-configured with the security best-practice...

Read More

How to exclude Shortcuts from syncing to OneDrive with Microsoft Endpoint Manager – Microsoft Intune

Microsoft OneDrive is a great service for storing your files. And when you have “Known Folder Redirection” enabled, your Desktop, Documents and Pictures folders are redirected to OneDrive and synched to the cloud. This way you have the same Desktop, Documents and Pictures folders available on every device which benefits the user experience. However, you have applications that place a...

Read More

How to move or restore a Windows 11 VM in Hyper-V with TPM enabled (Shielded VMs)

In my previous blog I showed you step-by-step how to install Windows 11 as a VM in Hyper-V. The difference with Windows 10 is that Windows 11 requires a TPM (Trusted Platform Module) chip in order to boot. As you could read in my previous blog, this is no problem at all. However, I’m the kind of guy that regularly reinstalls my laptop/desktop and also uses multiple devices to run the same...

Read More

How to install Windows 11 in Hyper-V

Windows 11 has now been released over a month ago and many companies are now considering the switch. It is always good to test extensively first and get some hands-on experience.  If you don’t have a physical PC available to test Windows 11, a good alternative is to do this in a virtual machine (VM). Personally, I use VMs a lot when I need to test Microsoft Intune configurations or when...

Read More

How to add iOS devices manually in the Apple Business Manager (ABM) for automatic Microsoft Endpoint Manager – Microsoft Intune enrollment

It’s a best practice to enroll corporate owned iOS/iPadOS devices via the Apple Automated Device Enrollment (ADE) program (PKA Device Enrollment Program – DEP). It offers “out of the box” security because the enrollment with the MDM solution will start automatically and the user can’t work around it. Next to automatic device enrollment it makes it possible to set...

Read More

How to setup Samsung Knox Mobile Enrollment with Microsoft Intune

Samsung Knox Mobile Enrollment (KME) is a Zero Touch provisioning solution. You can fully automate the enrollment of new, or factory reset devices into an MDM solution like Microsoft Intune. The end user only have to turn on their company-owned Android device and connect to a Wi-Fi or cellular network. This will start the enrollment which the end user cannot cancel or work around.

Read More

How to start with Shared iPads for Business with Microsoft Endpoint Manager (Intune) and Apple Business Manager

I get the following question regularly; “can we configure our Apple iPads as Shared device. Where you as a user, can login and logoff without seeing each other’s data?”. Most of the time it’s about medical personal that works in shifts and don’t have a personal device. But you can also think of maintenance and field agents or flight crew members for example. In this case you want to let the...

Read More

How to configure automatic Contact Syncing from Microsoft Outlook to the native Contacts App including Contact Fields filtering on iOS and Android BYOD devices with Microsoft Endpoint Manager

After companies apply Mobile Application Management (MAM) / App Protection Policies to their employees’ mobile devices, and forced them to use the Managed Outlook app instead of the native mail application, one of the most frequently asked questions are “how can I see who’s calling me?” and “where are my contacts? I don’t see them in my native contacts app”. This has everything to do with...

Read More

Call to Action : Add the new Microsoft Office (Hub) app for iOS and Android to your current Microsoft Endpoint Manager / Microsoft Intune App Protection Policies

In the last few weeks I have had contact with a few companies that use Microsoft Endpoint Manager / Microsoft Intune for managing their mobile devices. In most cases they do this for a longer time and they also use Mobile Application Management (App protection policies) for securing the company data, for example, on BYOD (Bring Your Own Devices / Private owned devices). And this is a good thing...

Read More

Quicker assign multiple resources within Microsoft Intune with Policy Sets

With the October 14, 2019 Microsoft Intune update, management of Microsoft Intune has become a little easier. And with “little easier” I mean that it is now possible to assign multiple resources like applications and policies at once. With Policy Sets you can assign applications, application protection policies (MAM), configuration-, compliance- and type restriction policies, AutoPilot profiles...

Read More

About Robin Hobo

Robin Hobo

I work as a Senior Solution Architect with focus on the Modern Workspace. I am specialized in Azure Virtual Desktop (AVD), Windows 365 and Microsoft EM+S (including Microsoft Endpoint Manager - Microsoft Intune).

For my full bio, check the About Me page. You can also join me on the following social networks:

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close