Deploy Custom Toast Notifications with Intune & how to run scripts from the action buttons – Part 1

| | Intune, Windows

You’re probably familiar with toast notifications in Windows. They are the notifications that pop up in the bottom right-hand corner of your screen. They can be purely informational or have action buttons to click, such as opening a website. I wanted to figure out how to create custom notifications and use the action buttons to […]

Deploy Custom Toast Notifications with Intune & how to run scripts from the action buttons – Part 1 Read More »

Removable Storage Automatic BitLocker Recovery Key Escrow to Azure AD | BitLocker-to-go Guide for Intune

| | Azure, Intune, Windows

BitLocker on removable drives is known as “BitLocker to go”, but I will just refer to it as BitLocker in this writing. Requiring BitLocker on removable drives is fairly easy with the built-in Intune Endpoint Security profile templates.  Some of you may be thinking removable storage should be completely blocked for security reasons. I agree

Removable Storage Automatic BitLocker Recovery Key Escrow to Azure AD | BitLocker-to-go Guide for Intune Read More »

SSO to on-premises resources with Azure AD Joined devices – Use AADJ unless you are certain you need Hybrid.

| | Azure, Intune, Windows

In this post I’ll take a closer look at how AADJ machines authenticated with an AD Synced identity can seamlessly access on-prem resources. This includes things like SMB file shares or other applications that require AD USER authentication. It’s important to remember if you have services utilizing machine authentication, those devices will need to remain AD joined

SSO to on-premises resources with Azure AD Joined devices – Use AADJ unless you are certain you need Hybrid. Read More »

PowerShell + Intune to edit HKCU registry as System when standard users don’t have permission.

| | Intune, Windows

A question was recently asked about how to set the wallpaper fit with Intune (fill, stretch, tile, etc.). This reminded me of a previous blog post about setting the background and lock screen on Windows 10 Pro devices with Intune (you can see that post here). I figured I’d update that post but found myself

PowerShell + Intune to edit HKCU registry as System when standard users don’t have permission. Read More »

Using Intune Custom Compliance policies – how they work and how to discover installed software versions

| | Intune

A client I recently worked with wanted to make sure only compliant devices could access corporate resources. This is a fairly common request and implementation, but they also wanted a compliance policy to make sure certain security applications were installed. This post will look at how custom compliance policies work and show you how to

Using Intune Custom Compliance policies – how they work and how to discover installed software versions Read More »

Managing Azure AD Authentication Methods, adding a FIDO2 Security Key, and Configuring Conditional Access Authentication Strength 

| | Azure, M365

Microsoft’s new authentication strength options for Conditional Access is awesome, and I encourage you to start using this feature. This post will add some clarification on using Conditional Access for MFA, how to add a FIDO2 security key as an authentication method, and then how to use conditional access to protect certain applications with different levels

Managing Azure AD Authentication Methods, adding a FIDO2 Security Key, and Configuring Conditional Access Authentication Strength  Read More »