Before I get into this, no, I do not suggest disabling BitLocker or running with decrypted drives in production. BitLocker is good and should be used. However, sometimes clients have requests that we must fulfill. Perhaps they are moving to a third-party encryption solution, or they want to re-encrypt their devices using a stronger encryption […]
Disable BitLocker on Existing Devices with Intune Read More »
This seems to come up every once in a while, as a question on Reddit or on LinkedIn – How can I block browser Internet access or only allow access to certain sites on an Intune managed device? This post will cover how to completely block internet access from web browsers and how to only
Block Internet Browsing with Intune Read More »
This issue started out as a support ticket where many users were being asked to authenticate to M365 apps every time they signed into AVD. For context, this was a smaller environment with only a few Windows 11 multi-session hosts. The session hosts are also hybrid-joined and Intune enrolled. So, the first thing I usually
Intune Enrollment Error 0x80180005 on AVD multi-session host Read More »
While troubleshooting some client AVD issues, I came across something I had not seen before. There were many errors in the FSLogix event log showing that a volume had errors, and this was pointing to user VHDX profile disks. After taking a closer look, this was happening on around half of the user profile disks.
Repair all FSLogix Profiles using PowerShell (or any VHDX files) Read More »
I do a lot of MAM rollouts. Most of them go off without a hitch and any issues are usually resolved by reinstalling the application. However, I encountered a couple of issues recently and figured I’d share this. I should say that I’ve rolled MAM out to thousands of devices and this is the first
iOS MAM error “Device Passcode Required” Read More »
If you work at an MSP and are you’re not fortunate enough to have a good cert tracking tool like ITGlue or Hudu, you’re probably on your own to track certificate expirations. After encountering too many times where out of nowhere, a client has iOS Intune enrollments start failing due to an expired MDM push
Automate Notifications for Intune iOS Cert/Token Expirations with one Script Read More »
A few months ago Intune started allowing us to export settings catalog profiles as a JSON file, which also allows us to import those JSON files. This is a welcomed addition, but we can only import these individually (for now) using the Intune GUI. If you frequently onboard new clients and use many standard settings
Bulk Import Intune Settings Catalog Profiles Read More »
If your organization or clients are using Cisco Umbrella for additional endpoint protection, this blog walks through deploying the Umbrella Roaming client to Windows workstations using Intune. Umbrella is usually used for providing DNS-level security and as a secure web gateway but contains several other security features. If you’re not familiar with the additional security
Deploy the Cisco Umbrella Roaming Client with Intune Read More »
MAM is becoming an increasingly popular Intune implementation. Especially for smaller organizations that don’t provide corporate cell phones but still want to allow employees access to company email and data from their personal devices. Manually configuring MAM for organizations can be slightly time consuming, so I’ve created a script that creates and assigns everything needed
Configure MAM for iOS/Android with one Script Read More »
If you’re familiar with Apple Business Manager, Android Zero Touch is the equivalent for corporate Android devices. There are some differences in how ABM and AZT are set up and the overall functions they provide, but the goal for devices is the same – to seamlessly enroll new or wiped devices in your MDM. When
Get Started with Android Zero Touch and Intune Read More »