Microsoft Intune has a pretty good RBAC model to allow you to give permissions to users who need to be able to perform an administrative task or role within Intune. A role can be for instance a predefined role in Intune or a custom role. Before digging into the Intune roles, there are also Intune […]READ MORE
New App Protection capabilities added to Microsoft Intune
The App Protection Policies in Microsoft Intune are used to protect corporate data in apps that have the Intune SDK integrated. During the last service update of Microsoft Intune some nice new features were added to the policy set. While accessing a by Microsoft Intune managed app, the device can be checked if for instance […]READ MORE
New in Intune location-based device compliance for Android
Released this week in Intune is location-based compliance. In other words, based on your location your device is marked as compliant or not, based on the location you get access to services in Azure or Office 365 or not. A location can be based on the following IPv4 variables; IPv4 Range (eg. 192.168.1.0/24) IPv4 Gateway […]READ MORE
Couple of things to look at when using Office 365 MDM and full Intune MDM together
A couple of weeks ago I had a customer already using the lightweight MDM solution in Office 365, which is built on Microsoft Intune. The lightweight MDM is part of many Office 365 subscriptions and it allows you to control a bit more settings than you can for instance with Exchange ActiveSync Access Policies, for […]READ MORE
Tune your Microsoft Intune device compliance behavior
Last year Microsoft was planning to mark devices that were not evaluated by a compliance policy as non-compliant. The default behavior is that if a device is not evaluated by a compliance policy that it is being marked as compliant and therefor the user has access to services controlled by Conditional Access in Azure AD, […]READ MORE
Device type and limit (enrollment) restrictions can now be assigned to groups
Today I noticed in a couple of Intune tenants that Microsoft is now supporting group-assigned enrollment restriction, with that you are also able to prioritize the restrictions. With this change Microsoft Intune now also supports the ability to not only allow or disallow Android but also allow or disallow Android for Work (Android Enterprise) as […]READ MORE
Jamf Pro and Microsoft EMS better together – macOS devices – part 3
Now that we have configured the connection between EMS and Jamf Pro we need to make sure that the macOS devices can also be registered to Azure AD. To be able to complete the scenario we need to do the following; configure compliance policies deploy the company portal app with Jamf Pro create a Jamf […]READ MORE
Jamf Pro and Microsoft EMS better together – configuration – part 2
In my last blog I introduced the new Jamf Pro integration with Microsoft EMS. In this blog I would like to dive into the configuration of the integration and show you the experience. Setting it up is pretty straightforward and easy. To be able to integrate the two services, we need to: configure an Azure […]READ MORE
Jamf Pro and Microsoft EMS better together – part 1
When it comes to managing Macs, Jamf Pro is currently the number one product to be used in this space when you want to fully control and manage those fruity macOS devices via the MDM channel. Just before Jamf Nation User Conference (JNUC) back in September Microsoft and Jamf announced the upcoming partnership, at JNUC […]READ MORE
How to use PowerShell to access Microsoft Intune via Microsoft Graph API?
In earlier blogs we have had an introduction to Microsoft Graph and what we can do with Microsoft Intune via the Microsoft Graph API. In this blog I want to add PowerShell to the story and show what we need to use PowerShell to access Microsoft Intune via the Microsoft Graph API. As you may […]READ MORE
So, what can we do with Microsoft Intune via Microsoft Graph API?
In part 1 I gave a brief introduction to Microsoft Graph API. In this part I’ll explain how to get started and give you some useful examples. As I mentioned in Part 1, almost everything that can be done in the Intune portal can be automated via REST API calls to the Microsoft Graph API. […]READ MORE
About Peter Daalmans
Also one of the founders and leads of the Windows Management User Group Netherlands.
Peter tries to speak every year on several events like TechDays Netherlands, ExpertsLive, IT/Dev Connections, BriForum, Midwest Management Summit, TechEd Australia, TechEd New Zealand and in 2017 Peter had the honor to speak at Microsoft Ignite. See more here.
Author of four books about Configurtion Manager and Microsoft Enterprise Mobility +Security