How to Change Intune Security Baseline Policy to Version 23H2?
Shehan Perera
by Shehan Perera
1w ago
I’m excited to see the new Security Baseline version is finally available in Intune. Version 23H2 for Windows 10/11. This is a quick look at the policy and useful details on migration to the new policy. What you will see in the Security Baselines now What’s Available in Version 23H2 Some Notable Settings Migrating from an older Baseline If You Were Using An Older Profile Released Before May 2023 If You Are Using A Profile Released After May 2023 Test Before Applying! What’s Gone? Useful Links What you will see in the Security Baselines now When you go into the Baseline, you will see ..read more
Visit website
How to Use Intune to Create a Dell BIOS Config Profile?
Shehan Perera
by Shehan Perera
1w ago
Creating BIOS Configs and ingesting it during the imaging process is a tad bit old school when you think about moving to newer technologies that can do the same. Microsoft Intune recently introduced the BIOS Config Profile as a template in Intune. At this stage, DELL devices can be set up with this. At the time of writing, only Dell is available as the Hardware option to select and config the profile. So lets jump in. This is a 3 step process Creating your Config file using the Dell Client Configuration Toolkit (CCTK) Creating the Config Profile in Intune and import the CCTK file Per-d ..read more
Visit website
Control Device Code Flow With Entra ID Conditional Access Policies
Shehan Perera
by Shehan Perera
2w ago
With the latest developments in Entra ID Protection space, Conditional Access Policies got a bit of a facelift with the Authentication Flow control feature. Still, in Preview, Device Code Flow and Authentication Transfer are the features introduced with the Authentication Flows. I want to cover the Authentication Transfer process in a different article so this will be all about the Device Code Flow. This article is mainly about going through the Device Code flow controlling and simplifying the technicality behind them. Let’s jump in. Why Use Device Code Flow Device Code Flow was introduced so ..read more
Visit website
Why Does Group Policy Analytics Matter In Microsoft Intune?
Shehan Perera
by Shehan Perera
1M ago
“We never know what that GPO really does”, and “The person who created this GPO is not in the business anymore”. Sounds familiar? Most of the businesses that have a Microsoft ecosystem and who have been using AD/ GPO for a long time always have stories to tell about the Group Policies. This blog is not about creating another group policy, but some guidance on how to start planning to move to Intune Configuration profiles. This is one of the golden tools in Intune that can be used with the current Intune Licensing (yes, no need for the Intune Plan 2 or Inutne Suite), and can get the benefit tod ..read more
Visit website
5 Practical Usages of PIM for Groups Explained
Shehan Perera
by Shehan Perera
1M ago
I have always been a huge advocate of Entra ID Governance and its usage. It is paramount to make sure the Identity Governance health is in a good position while applying the best practices because Identity is an attack vector, period. Once a bad actor gets hold of the identity, accessing confidential data, Azure resources, and stealing data is imminent. Privileged Identity Management is one of the key pillars in Microsoft Entra ID Governance structure and the goal of the PIM for Groups is to provide Just In Time Access. If you have the required license already or planning to add the feature se ..read more
Visit website
Microsoft Intune Enterprise App Catalog is Here!
Shehan Perera
by Shehan Perera
2M ago
As announced in Microsoft Ignite 2023, the latest addition to the Intune Suite features the Enterprise Application Management and it’s Enterprise App Catalog is finally GA as of today. This will remove a lot of hassle that the Device Management Admins need to go through in re-packaging apps in to a .intunewin file and adding all the parameters accurately as one small mistake will end up in an unsuccessful app installation in the endpoint. In this Guide Licensing Requirements What this does? Notes Example – Adding Win32 App 7Zip from the Catalog Wrapping Up Licensing Requirements Enterprise ..read more
Visit website
How a Synthetic Registration in Entra ID Can Protect the Devices ASAP with Defender for Endpoint?
Shehan Perera
by Shehan Perera
2M ago
One of the popular queries I have got by working with many customers for their Defender for Endpoint deployment projects is We need the Defender Security Policies to be assigned and working as soon as the device is onboarded to MDE. Having Onboarded to MDE, if and when Intune enrollment and Device Registration in Entra ID won’t go as expected, the device is waiting for the policies to be assigned. Meaning, you have an unprotected device in the fleet. Not Long Ago, Device needs to be onboarded to MDE, Joined to Entra ID and Enrolled in Intune in order to receive the Security policies. Devic ..read more
Visit website
Device Hardening with Intune Security Baseline for Windows Policy
Shehan Perera
by Shehan Perera
2M ago
The word on the street is not “If I get hacked” but “when I will get hacked” and securing your infrastructure starts from your end users and devices and hardening those devices that the users use every day has never been so important. Security Baseline policy for Windows 10 and later. This is one of the recommended policies that just needs to be created at a minimum level and the latest settings template will be assigned to the devices. I would say the effort to configure this policy is just less than 5% of what needs to be enabled to give your device that “acceptable” security configuration ..read more
Visit website
From ConfigMgr to Fully Intune Managed in 2024. Let’s Make That a Reality
Shehan Perera
by Shehan Perera
4M ago
If you have Config Manager today and if you are thinking or planning on moving the devices and the workloads to Intune, this article is for you. If you are in that state today, chances are you have a stable (or near stable) method of managing the devices, patch updates, and GPOs. Moving the capabilities to the cloud makes your life easier as you know. Chances are you have the Enterprise licenses (M365 E3 as an example) and you are finding ways to fully utilize it. Using the Microsoft Intune components opens the world to a lot of opportunities. By now you may have seen a lot of blog posts about ..read more
Visit website
Infographic – Migrate MFA and SSPR Policies to the Converged Authentication Methods Policy
Shehan Perera
by Shehan Perera
4M ago
Some useful URLs apart from the below infographic: Microsoft Learn doc converged-authentication-methods-policyDownload ..read more
Visit website

Follow Shehan Perera on FeedSpot

Continue with Google
Continue with Apple
OR