Tag: EntraID
-
Prevent sign-in consent prompt on AVD or Windows 365 Single Sign On (SSO)
If you enabled Entra SSO on your AVD or Windows 365 Machines, you are probably familiar with the sign in consent prompt that asks you to allow the RDP connection to your Cloud PC / AVD Host. Your response is saved for up to 15 devices and for 30 days until you have to accept…
-
Automatically assign Intune Scope Tags based on User location using Entra ID Groups
A while ago I wrote a blog post, about how you can automatically assign Intune Scope Tags based on Entra ID User information: Set Intune Device ScopeTags based on User Locations – Mike’s MDM Blog (mikemdm.de) This script directly assigned the Scope Tag to the Intune object. While this script worked flawlessly for us for…
-
Automatically set Intune Device Categories based on Inventory data
Today I want to show you, how you can automatically set Intune Device Categories based on data already available in Intune / Entra, like Device Name, Device Model, Enrollment Profile Name, Join Type, etc. I found a few articles that will try to do similar, but most of what I found did not scale well…
-
Time based Group membership for Entra devices – Part 2
As promised last week, here is part 2 of my time-based group membership. In this part, I will show you, how you can use the backend from part 1 to allow admins to add Intune managed devices to the group using a PowerApp. PowerApp Let’s start with importing the PowerApp: You can find the sources…
-
Time based Group membership for Entra devices
Who don’t know these annoying assigned device groups in Entra used for example in Intune to exclude assignments for specific policies? Once created and assigned we tend to forget to remove the devices. This can lead to issues and security risks, if for example an excluded security policy needed to install a software, stays excluded…
-
Assign Device Tags in MDE using information from Intune and Entra ID
Today I want to show you, how you can automatically assign Tags in Microsoft Defender for Endpoint based on information from Intune and Entra ID. The goal was to assign Tags containing the Company Name of the user from Entra ID of all Intune managed devices in MDE. If a device that had a Tag…
-
Custom MacOS Client Inventory Data – Reporting Series Part 5
Inspired by the cool blog article about collecting custom MacOS inventory data to an Log Analytics Workspace:https://ugurkoc.de/collecting-customized-inventory-data-on-macos-devices-using-intune/I modified his script to upload the data using our Azure Function App from Part 1 of our Reporting Series to our existing Cosmos DB. If you haven’t seen it, check it out now: Part 1 Architecture As a…
-
Windows passwordless experience and Web Sign-in
Today I want to show you the new Windows passwordless experience and the new Web sign-in feature, which came with the latest Windows Update for Window 11 22H2. The passwordless experience will hide the password credential provider in the logon screen, to make it easier for the user to select a passwordless logon provider like…
-
Intune Remediation to verify BitLocker keys are uploaded to Entra ID
Today I want to show you how you can check if the BitLocker Key Backup to Entra ID (AzureAD) was successfully done. We have configured BitLocker encryption in Intune to silently encrypt the system drive and automatically upload the recovery key. Usually these Settings should ensure, that the device is only encrypted if the Recovery…