Depending on the use cases and the requirements of the company, Android Enterprise Work Profile can be a great enrollment mode for both BYOD devices and company owned devices (in fully managed mode) when using Microsoft Intune. With an Android Enterprise Work Profile, you separate private apps and data from the corporate apps and data to prevent data leakage. Depending on the manufacture and the...
Tag - Intune
Enterprise Mobility + Security, Intune, Microsoft Endpoint Manager
How to update Security Baselines in Microsoft Intune to a newer version
Security Baselines in Microsoft Intune are templates that contains policy configurations that by default are configured with the best practice from the Microsoft security teams. And that makes a Security Baseline the perfect starting point when creating a new policy set for the modern workplace. When creating a Security Baseline, all settings are pre-configured with the security best-practice...
Enterprise Mobility + Security, Intune, Microsoft Endpoint Manager
How to exclude Shortcuts from syncing to OneDrive with Microsoft Endpoint Manager – Microsoft Intune
Microsoft OneDrive is a great service for storing your files. And when you have “Known Folder Redirection” enabled, your Desktop, Documents and Pictures folders are redirected to OneDrive and synched to the cloud. This way you have the same Desktop, Documents and Pictures folders available on every device which benefits the user experience. However, you have applications that place a...
Intune, Microsoft Endpoint Manager
How to setup Android Zero-Touch Enrollment with Microsoft Endpoint Manager – Microsoft Intune
Android Zero-Touch Enrollment is a (free) service to automate and enforce MDM enrollments for Android devices running Android 9 or higher, independent of device manufacture. It offers end-to-end security because the MDM enrollment cannot be skipped by the user. The first time the user tuns on the device, clear instructions will be displayed to start the enrollment. All policies and applications...
Enterprise Mobility + Security, Intune, Microsoft Endpoint Manager
How to add iOS devices manually in the Apple Business Manager (ABM) for automatic Microsoft Endpoint Manager – Microsoft Intune enrollment
It’s a best practice to enroll corporate owned iOS/iPadOS devices via the Apple Automated Device Enrollment (ADE) program (PKA Device Enrollment Program – DEP). It offers “out of the box” security because the enrollment with the MDM solution will start automatically and the user can’t work around it. Next to automatic device enrollment it makes it possible to set...
In August 2021, Microsoft released Windows 365 Cloud PC. A new cloud-based service that provides Cloud PCs to end users. With this Windows 365 Cloud PC, users get their own personalized desktop in the cloud, which can be accessed from anywhere on any device. It is optimized for Microsoft 365 including Microsoft Teams AV redirection. Unlike Azure Virtual Desktop you pay a fixed price per-user per...
Azure Virtual Desktop (AVD), Intune
How to manage your Windows Virtual Desktop session hosts (single user) with Microsoft Endpoint Manager – Microsoft Intune.
By default all Windows Virtual Desktop session hosts are joined with your domain. And in most cases you will apply policy configurations to them via Group Policy Objects (GPO). If you also using Microsoft Endpoint Manager – Microsoft Intune for managing Windows 10 devices, it might also be worth considering to manage your WVD session hosts VMs with it as well.
Enterprise Mobility + Security, Intune, Microsoft Endpoint Manager
How to start with Shared iPads for Business with Microsoft Endpoint Manager (Intune) and Apple Business Manager
I get the following question regularly; “can we configure our Apple iPads as Shared device. Where you as a user, can login and logoff without seeing each other’s data?”. Most of the time it’s about medical personal that works in shifts and don’t have a personal device. But you can also think of maintenance and field agents or flight crew members for example. In this case you want to let the...
Enterprise Mobility + Security, Intune
How to configure automatic Contact Syncing from Microsoft Outlook to the native Contacts App including Contact Fields filtering on iOS and Android BYOD devices with Microsoft Endpoint Manager
After companies apply Mobile Application Management (MAM) / App Protection Policies to their employees’ mobile devices, and forced them to use the Managed Outlook app instead of the native mail application, one of the most frequently asked questions are “how can I see who’s calling me?” and “where are my contacts? I don’t see them in my native contacts app”. This has everything to do with...
Microsoft Endpoint Manager
How to deploy Microsoft Office 365 ProPlus with Microsoft Endpoint Manager (MEM) – VLOG#5
In this VLOG I will cover the following topics step-by-step;
– Publish and deploy a customized Microsoft Office 365 ProPlus installation with Microsoft Endpoint Manager / Intune.
– Test the result on a new Windows 10 device managed by Microsoft Intune
Enterprise Mobility + Security, Intune
Quicker assign multiple resources within Microsoft Intune with Policy Sets
With the October 14, 2019 Microsoft Intune update, management of Microsoft Intune has become a little easier. And with “little easier” I mean that it is now possible to assign multiple resources like applications and policies at once. With Policy Sets you can assign applications, application protection policies (MAM), configuration-, compliance- and type restriction policies, AutoPilot profiles...
Enterprise Mobility + Security, Intune
How to configure Windows AutoPilot with White Glove deployment
Some time ago I wrote a blog about “How to setup Windows AutoPilot and add existing devices the quickest way”. At that time, White Glove did not exist yet. And it’s great to know how to setup Windows AutoPilot and add existing devices the fastest way, but how to get endusers to work on a new device the fastest way?
Enterprise Mobility + Security, Intune
How to enroll an Apple device with iOS 13 “User Enrollment” mode in Microsoft Intune
With the release of iOS 13 there were a few major changes, not only did the iPad’s got their own iPadOS, also with the Mobile Device Management (MDM) enrollment modes there are major changes. The Device Enrollment Program (DEP) is renamed to “Automated Device Enrollment” and all devices enrolled with “Automated Device Enrollment” are now automatically set in supervised mode. There is also a new...
Enterprise Mobility + Security, Intune
How to control iOS app uninstall behavior at device unenrollment with Microsoft Intune
Previously, during a device unenrollment, all applications were removed that where pushed/installed via Microsoft Intune by default. This is not always handy, for example take the Microsoft Office applications. You can add multiple accounts within these applications and if you are using Microsoft Outlook for your work mail and also for your private mail. You want Microsoft Outlook to stay...
About Robin Hobo
I work as a Senior Solution Architect with focus on the Modern Workspace. I am specialized in Azure Virtual Desktop (AVD), Windows 365 and Microsoft EM+S (including Microsoft Endpoint Manager - Microsoft Intune).
For my full bio, check the About Me page.
Instragram
How to deploy Windows #Autopatch with #Microsoft Endpoint Manager – #Intune https://robinhobo.com/how-to-deploy-windows-autopatch-with-microsoft-endpoint-manager-intune/ #MSIntune #MEMPowered #M365 #ModernManagement #MVPBuzz
#Microsoft will permanently disable basic auth in all tenants beginning Oct 1, 2022, regardless of usage, except for SMTP Auth.
Keep this in mind & disable legacy auth for all apps.
You can quickly determine if legacy auth is in use with these 4 steps #Azure #Identity #Security
How to add or remove system apps in the Android Enterprise Work Profile with Microsoft Intune (like camera and gallery) https://robinhobo.com/how-to-add-or-remove-system-apps-in-the-android-enterprise-work-profile-with-microsoft-intune/ #MSIntune #Microsoft365 #Intune #EnterpriseMobility #MVPBuzz #MEMPowered