System Center ConfigMgr
854 FOLLOWERS
System Center ConfigMgr is a blog about ConfigMgr, EMS, Intune, Windows 10, PowerShell. Follow this blog to get in depth knowledge in ECM and EMM.
System Center ConfigMgr
2d ago
Greetings, fellow IT admins! Repackaging setup files and editing your Win32 app again can be tedious and time-consuming. Thankfully, I bring you good news! There is a way to deploy a Win32 app and have it always install the latest version of the app on the computer.
To achieve this, we will deploy a PowerShell script as a Win32 app. This script will grab the latest version from the vendor’s site, download it, and then install it on the end computer. IT admins will not have to repackage the same app over and over again, edit their Win32 apps with every patch, and all your new device ..read more
System Center ConfigMgr
2M ago
Are you looking to cut mailbox licensing costs for your Office 365 tenants admin mail accounts? Well, look no further, and I will share a few ways for you to save money on Exchange Online licensing fees for your admin accounts that need to exchange e-mails.
So what do I mean by “admin accounts”?
In this case, the admin account (sometimes referred to as an ADM account) is a separate privileged account used by IT staff to perform their privileged duties. These account types are a standard security measure implemented in many companies, and in some cases, they need to be mail-enabled.
Some valid ..read more
System Center ConfigMgr
8M ago
In this post we will do some digging on Win32 app state messages and look at the compliance state and enforcement state messages stored in the local registry for win32 app policies processed by the client. We will also take the state values and convert them into a readable format to help you understand if a Win32 app was processed successfully
Where are Win32 app policy results stored on the client?
Compliance State Messages
Enforcement State Messages
Understanding State Messages
Applicability
ComplianceState
DesiredState
TargetingMethod
InstallContext
TargetType
EnforcementState
Power ..read more
System Center ConfigMgr
1y ago
The long waited for Endpoint Privilege Management is finally in public preview! This post is about my first look at this feature, so not a deep dive post. If you need more details on EPM, please read more from the official doc Learn about using Endpoint Privilege Management with Microsoft Intune | Microsoft Learn
I was curious about the feature, how to configure all the settings in Intune, and how it looks and works on users’ devices. But before we go into details, let’s talk about what is Endpoint Privilege Management, short for EPM.
I remember attending one of the security talks presented ..read more
System Center ConfigMgr
1y ago
In this blog post I will be showing you how to get started with certificate based authentication for Azure applications.
Table of Contents
The story so far
App Registrations
Client Secrets
Certificates
Create a Self Signed Certificate
Certificate Requirements
The “New-SelfSignedCertificate” PowerShell Cmdlet
Export the Public Portion for use in Azure
Export the Private Key
Create and Export the Public and Private Keys
Configure Certificate Authentication for an App Registration
Easy: Authenticate to Azure AD when the private key is in the local certificate store
Example: Authenticate ..read more
System Center ConfigMgr
1y ago
Over recent times we have seen Microsoft introduce a range of security hardening configuration options as the world continues to adopt to the fact that their internal infrastructure is no longer the main threat surface. In this post we will look at the latest of which (due to be enforced in January 2024).
The new Authentication Methods Policies configuration (also referred to as the “converged authentication method experience”) is something which brings a welcome change, retiring per user based MFA configurations managed through the Microsoft admin portal (which effectively just launches a le ..read more
System Center ConfigMgr
1y ago
Cloud Kerberos Trust for Windows Hello for Business is the apex of single sign-on solutions for your Windows devices. in this Trilogy you can expect to learn the what, the how and the wow!
The story so far
We continue our mini series on Windows Hello for Business Cloud Kerberos Trust. In part 2 we walked through the configuration of Cloud Kerberos Trust for both on-premise infrastructure and clients.
If you missed part 1 of our series, your journey into “Cloud Kerberos Trust” should start here: Simplify Windows Hello for Business SSO with Cloud Kerberos Trust – Part 1
We love the elegance and ..read more
System Center ConfigMgr
1y ago
Cloud Kerberos Trust for Windows Hello for Business is the apex of single sign-on solutions for your Windows devices. in this Trilogy you can expect to learn the what, the how and the wow!
The story so far
We continue our mini series on Windows Hello for Business Cloud Kerberos Trust. In part 1 we introduced the concept of Cloud Kerberos Trust and spoke to some of the challenges it can help organisations overcome. One of the things that we love is the simplicity of configuration – both for green field tenants and for organisations already using a different trust method with Windows Hello for ..read more
System Center ConfigMgr
1y ago
Cloud Kerberos Trust for Windows Hello for Business is the apex of single sign-on solutions for your Windows devices. In this Trilogy you can expect to learn the what, the how and the wow!
The story so far
Windows Hello for Business Cloud Kerberos Trust – Every silver lining begins with a journey through pain, non optimal circumstance and wisdom gained through grit and determination. The trust model story has never been simple..
This Photo is licensed under CC BY-SA
In this 3-part mini series, we will talk about concepts, strategies, configurations and pain points that we commonly come across ..read more