Fortunately, the realization and necessity to use MFA has penetrated many administrators. But are the settings set via a conditional access policy the correct settings? At a number of organizations I have now come across that have a single conditional access policy configured where users are members of a security group when logging in must…
In my previous blog I created a step-by-step guide for enrolling dedicated Android devices via a Power App. This way you don’t have to give permissions to the servicedesk in Intune. But what happens if the token expires? Because there is no standard way of knowing if the token has expired other than look within…
When you don’t want to provide Intune permissions to the servicedesk because they only need to scan a QR Code for enrolling Android dedicated devices building a portal isn’t a bad idea. I have been playing around with the roles and the permissions within Intune and haven’t found a way to provide permissions to the…
A customer asked if there was a secure method to connect to an Azure SQL Database. Employees were connecting to the SQL database from home and connected with the public interface. When users want to access the database, a firewall rule must be added. This requires a lot of management for the it department. This…
Before configuring Microsoft Tunnel on the Linux machine a site and server configuration must be present within Microsoft Intune. Create the server configuration The server configuration is intended to create a single configuration that includes IP address ranges, DNS servers and split-tunneling rules. This configuration can be applied to multiple servers and maintained from the…
First step is to build a Linux Server, deploy Docker and configure a certificate. Create Linux Server I decided to setup a Linux server my Azure tenant and followed this guide from Microsoft: Create a Linux VM in Azure with multiple NICs – Azure Virtual Machines | Microsoft Docs Create FireWall ports After the machine…
At Ignite 2020, Microsoft announced the preview of Microsoft MS Tunnel Gateway. Microsoft MS Tunnel Gateway is a solution that allows Intune enrolled iOS and Android devices to access on-premises apps and resources. You can find the announcement with demo here: Introducing Microsoft Tunnel for remote access to corporate resources from iOS and Android –…
Configuring Controlled Folder Access (CFA) with Intune to protect users against ransomware.
The build in Microsoft Defender AntiVirus on Windows 10 has a nice capability to protect you from malware. This feature is called block at first sight, this feature is introduced since Windows 10 build 1803. It can block non portable executable files like Javascript, Visual Basic script or macro and it can block regular exe.…
Over time you have deployed maybe several Win32 apps, but those apps need to be maintained or updated. I want to update a Win32 app based on a new version number. I think this can be done in two ways, deploy a new version of the app by adding another (version) app to the Windows…
I came across a few tools which can be handy to use in backup, restoring and documenting your Intune configuration. Backup & Restore I’ve used two tools in order to do a Backup & Restore that satisfied my needs: Backup & Restore via PowerShell Backup & Restore via an Azure application Backup & Restore via…
At a customer, we had some incidents regarding the VPN Gateway. If the internet lines had a hiccup we had the problem with connection. Resetting the VPN Gateway restored the connection, but it was a manual proces. We needed an automatic solution. First thing i did was finding out if it was possible to reset…
