Last year Microsoft was planning to mark devices that were not evaluated by a compliance policy as non-compliant. The default behavior is that if a device is not evaluated by a compliance policy that it is being marked as compliant and therefor the user has access to services controlled by Conditional Access in Azure AD, […]READ MORE
Tune your Microsoft Intune device compliance behavior
Device type and limit (enrollment) restrictions can now be assigned to groups
Today I noticed in a couple of Intune tenants that Microsoft is now supporting group-assigned enrollment restriction, with that you are also able to prioritize the restrictions. With this change Microsoft Intune now also supports the ability to not only allow or disallow Android but also allow or disallow Android for Work (Android Enterprise) as […]READ MORE
Jamf Pro and Microsoft EMS better together – macOS devices – part 3
Now that we have configured the connection between EMS and Jamf Pro we need to make sure that the macOS devices can also be registered to Azure AD. To be able to complete the scenario we need to do the following; configure compliance policies deploy the company portal app with Jamf Pro create a Jamf […]READ MORE
Jamf Pro and Microsoft EMS better together – configuration – part 2
In my last blog I introduced the new Jamf Pro integration with Microsoft EMS. In this blog I would like to dive into the configuration of the integration and show you the experience. Setting it up is pretty straightforward and easy. To be able to integrate the two services, we need to: configure an Azure […]READ MORE
Jamf Pro and Microsoft EMS better together – part 1
When it comes to managing Macs, Jamf Pro is currently the number one product to be used in this space when you want to fully control and manage those fruity macOS devices via the MDM channel. Just before Jamf Nation User Conference (JNUC) back in September Microsoft and Jamf announced the upcoming partnership, at JNUC […]READ MORE
How to use PowerShell to access Microsoft Intune via Microsoft Graph API?
In earlier blogs we have had an introduction to Microsoft Graph and what we can do with Microsoft Intune via the Microsoft Graph API. In this blog I want to add PowerShell to the story and show what we need to use PowerShell to access Microsoft Intune via the Microsoft Graph API. As you may […]READ MORE
So, what can we do with Microsoft Intune via Microsoft Graph API?
In part 1 I gave a brief introduction to Microsoft Graph API. In this part I’ll explain how to get started and give you some useful examples. As I mentioned in Part 1, almost everything that can be done in the Intune portal can be automated via REST API calls to the Microsoft Graph API. […]READ MORE
Windows Hello asking to setup PIN in Windows RS3 (1709)?
Since the Windows 10 Fall Creators Update RS3 (1709) update several customers of mine got a message that they needed to configure a Windows Hello PIN while logging in to Windows 1709 . The devices were all Azure AD joined and managed via Microsoft Intune. In those cases Microsoft Intune was configured to disable Windows Hello, […]READ MORE
Apple iOS Lost (and found) mode in Microsoft Intune
In my last blog I wrote about how to use the Apple Configurator and Microsoft Intune to manage your supervised iOS devices. By supervising your iOS device more (cool) management features come available for you as an Administrator. Today during my session at Ignite about how to conduct a successful pilot deployment of Microsoft Intune […]READ MORE
Manage Apple Configurator configured iOS devices with Intune
With the new Intune on Azure portal released you can add iOS devices that are configured as Supervised devices via the Apple Configurator 2. Configuring the Apple iOS device via the Apple Configurator requires that you have the iOS device connected to a macOS device that is running the Apple Configurator. What is Supervised Mode? […]READ MORE
Intune Company Portal for Macos in preview
Microsoft released almost two weeks ago Conditional Access for Macos operating systems as part of Azure AD, which allows you to control that you only allow access from devices that are managed by Microsoft Intune and that are compliant. At the same time Microsoft released the preview of the Company Portal for the same device […]READ MORE
Subscribe to my YouTube channel!
About Peter Daalmans
Peter tries to speak every year on several events like TechDays Netherlands, ExpertsLive, IT/Dev Connections, BriForum, Midwest Management Summit, TechEd Australia, TechEd New Zealand and in 2017 Peter had the honor to speak at Microsoft Ignite. See more here.
Author of four books about Configurtion Manager and Microsoft Enterprise Mobility +Security