If you didn’t already know, per user MFA can cause issues when connecting to Entra-Joined Azure virtual machines. Specifically, AVD and Windows 365 instances. When this happens, you will get an error when signing in like this: That error is almost always pointing to one of two things: I had an interesting situation where we […]
Over the last few weeks, several posts have been made about the release of the Windows 11 24H2 security baselines. If you’re unfamiliar with security baselines, they’re a pre-configured set of security settings based on Microsoft’s best security practices. Applying all security baseline settings, especially in an existing environment, can cause chaos and problems for
Import all 24H2 Security Baseline Policies with a Script Read More »
Several weeks ago, I wrote a script and blog to bulk export Intune policies. That blog can be found here. What started as trying to export/import settings catalog policies in bulk evolved into more, and I added to the script to do more than just settings catalog policies. This is useful for people who often
Bulk Import Intune Policies and Configurations Read More »
Usually, when I’m working with Google Workspace, it’s to help migrate away from Google Workspace and into Microsoft 365. However, I recently had a client who was already using the full M365 suite but needed to create a Google Workspace tenant so they could also manage Google Workspace IDs. This is not a common scenario,
Configure Entra ID as the SSO provider for Google Workspace Read More »
There’s no shortage of posts regarding updating the background and lock screen images for your endpoints. The question that usually comes up is how to do this on Windows 10/11 Pro. This is because the Intune device restriction policy makes adding background/lock screen images easy, but it’s only compatible with Windows Enterprise/Edu SKUs. If that
Auto Rotate Background & Lock Screen Images with AZ Automation + Graph API Read More »
I do a lot of testing for clients and prospects with Azure, Intune, and Autopilot. Although I do the vast majority of my testing using Hyper-V VMs (I made a post about this here for quickly provisioning machines – Use Hyper-V and PowerShell to quickly spin up Windows test machines – SMBtotheCloud), sometimes there is
Identify where a Self-Deploying Autopilot device is registered Read More »
If you’re reading this, you probably know what Azure Site Recovery is (ASR). At a high level, ASR is a disaster recovery solution that replicates workloads on your Azure VMs or Physical on-prem servers to a secondary Azure Region. This allows you to failover your production workloads to the secondary region with minimal downtime. Configuring
I recently had an issue with an AVD client, where the time zone on AVD hosts randomly changed to the US Central time zone, even though the Time Zone was configured to MST with Intune. Adding a scheduled task to set the time zone at user login still didn’t completely resolve the issue. Users still
AVD Host Time Zone Randomly Changing Read More »
