Azure Information Protection Deployment Guide

This is a deployment guide for Azure Information Protection. I couldn’t find what I needed in the Microsoft Documentation so I have written a complete deployment guide. This guide includes the following subjects: Azure Information Protection Deployment GuideAzure Log Analytics deployment to check activityMicrosoft 365 compliance integration (SharePoint & OneDrive)Examples for labeling and Log Analytics … Read more

UnAttended Azure AD Join

This is a blogpost about joining Windows 10 machines unattended to Azure AD with a provisioning package created with the Windows Configuration Designer. The enrollment is done with a token which is created by a service account which services the Azure AD Join. Prerequisites Create a service account in Azure AD to create the bulk … Read more

Collect AutoPilot Info from Remote Machine

How can you collect AutoPilot information from a Remote Machine? In this blog I will show you how you can grab this information. Prerequisites Remote Machine You need to have the following prequisites ready: 1. On the remote machine the WinRM service must be running.2. The network must allow WinRM connections. 3. The Windows Firewall … Read more

Update Application via Win32App in Microsoft Intune

This blog is about updating an application which you can not update through automation like Chocolately and/or PatchMyPC. I am going to update an application via Win32App in Microsoft Intune. I am deploying this using a script which first uninstalls the old version and then installs the new one. The application that I am going … Read more

Windows 10 AutoPilot Hybrid AD Join vs Azure AD Join

If you are looking to deploy Windows 10 AutoPilot you are going to have to make a choice. Are you going to use an Hybrid AD Join or a Azure AD Join deployment? I am going to give you my thoughts on a Windows 10 Autopilot Hybrid AD Join vs Azure AD join. Furthermore I … Read more

Create Windows 10 AutoPilot Hybrid Azure AD joined profile

This blogpost is about creating a Windows 10 AutoPilot deployment profile based on a Hybrid Azure AD Joined scenario via Microsoft 365/Microsoft Intune. Creating Windows 10 AutoPilot Hybrid Azure AD joined profile Go to https://devicemanagement.microsoft.com/ and log on. Go to Devices and to Windows: After that click on “Windows Enrollment”: We first need to setup automatic enrollment. … Read more

Create Windows 10 AutoPilot Azure AD joined profile

This blogpost is about creating a Windows 10 AutoPilot deployment profile based on a Azure AD joined scenario via Microsoft 365 or Microsoft Intune. Creating the profile Go to https://devicemanagement.microsoft.com/ and log on. Go to Devices and to Windows: After that click on “Windows Enrollment”: We first need to setup automatic enrollment. Click on automatic … Read more

Block Outlook on Unmanaged Windows 10 Devices

When you move to Exchange Online the connectivity to your mailboxes is no longer limited by your firewall. Microsoft enables everything by default. So if you don’t want users to configure Outlook on their unmanaged Windows 10 devices you need create policy to do so. To block Outlook on unmanaged Windows 10 devices you need … Read more

Windows 10 Updates via Microsoft Intune

Updating your Windows 10 devices was always a challenge. The devices were not on the corporate network or for some other reason they were not able to install Windows Updates. Microsoft Intune now partly solves this problem. Configuring Windows Updates is fairly easy. Prerequisites Update Rings We are going to create update rings. These update … Read more