After getting some questions recently about deploying S1 with Intune and noticing some documentation still instructing people to use an MSI LOB app (ew), I made a quick guide on how to deploy the S1 agent to Windows workstations. Hope this helps.
Deploy SentinelOne with Intune Read More »
I’ll start this post by saying I do not endorse disabling Windows Hello for Business. There are big benefits to using WHfB, and I recommend using it. But, different organizations have different desires. So, this post will describe how to remove Windows Hello as an authentication method on workstations. To clarify – how to remove
If you do a lot of testing with different Intune tenants, you probably have several test devices or VMs that you use. Occasionally, you may forget to remove one from a client tenant after doing your testing. When this is a test VM, it’s not a very big deal. Tearing it down and recreating it
Find the Tenant Where a Device is Autopilot Registered Read More »
I recently had a situation I hadn’t encountered before while moving a client to Hybrid Device Join + Intune (or Entra ID Join, HAADJ, EIDJ, or whatever you want to call it these days). This involved both firewall settings and configuration manager blocking device registration (see Ben’s post here for more on that Co-management Series
Hybrid Device Join – What Happens Behind the Scenes Read More »
Intro: I just recently moved into a new house. Moving with four young kids meant some of my things had to take a back seat being unpacked. One of which was my home lab hardware. I forgot how much I used my home lab until it wasn’t available for a few days. That’s what sparked
A Guide for Creating an Entra & Intune Lab Read More »
***A new post covering how to do this for New Teams is available here – Deploy Custom Backgrounds to New Teams with Remediations – SMBtotheCloud A client recently wanted to deploy organizational backgrounds to all Teams users. However, this is now a Teams Premium feature, which is an additional cost per user per month (Custom
Intro Every couple of weeks I see a Reddit post or question asking about device group memberships or filters for certain properties that Azure AD doesn’t natively contain. One common request is making a dynamic group for all desktops or all laptops. There may be other specific properties about your devices that Azure AD doesn’t
Dynamically add Device Extension Attributes using Remediations Read More »
Conditional Access is constantly evolving and adding new features. One of the newer features is conditional access for workload identities. This allows us to secure service principals for our app registrations. At the moment, this is limited to two conditions – service principal risk and/or Locations. Personally, I’d like to see grant controls for compliant
Testing Conditional Access for Workload Identities Read More »
