Intune – Dybbugt.no

Hacking Windows kiosk mode – Single Intune config for multiple devices needing unique URL’s, with self-provisioning autopilot.

This writeup will show you how to hack the windows kiosk mode so you can use one config to target a multitude of devices requiring their own unique url. Unique kiosk device URL's normally means unique configuration profiles in intune - or does it?

Geir Dybbugt July 20, 2023

Daily life Device Management Intune

Setting up cloud kerberos trust – passwordless access to on-prem resources.

This post will show you how to set up your environment to support AzureAD joined devices authenticating with your on-prem resources. When devices are setup as pure azure ad joined, and not hybrid joined, devices we need to handle authentication to your on-prem resources in a better way. Your on-prem resources does not in itself understand the authentication from these devices. It will also add support for using Windows Hello for Business/biometrics, FIDO security keys

Geir Dybbugt June 16, 2023

Cloud Device Management Intune

Enabling Microsoft “Cloud enabled LAPS” (Local Admin Password Solution)

LAPS - Local Admin Password Solution, has for a long time been one of those great tools to have in the toolbox when it comes to securing your devices from lateral movement from a potential attacker. And Microsoft LAPS have been around for quite some time already. This tool was orginally available for deployment to server/desktop devices connected to a traditional domain (on-prem) setup. This changed as of April 2023, and Microsoft have now introduced Microsoft LAPS (Preview) with support for configuration with Intune, and saving the passwords to Azure AD, giving us - once again - a native LAPS solution to handle the local admin account.

Geir Dybbugt May 22, 2023

Applications Cloud Daily life

How to configure screensaver settings on non-enterprise editions of Windows with Intune

his is another post to deal with one of thelimitations of the various licensing editions of Windows. To be specific, there are certain features that are only available if you have an Enterprise or Education edition of Windows. This post beeing around the limitation of controlling the settings around enforcing and controlling the screen saver on devices via intune. As always, every problem has a solution, or a viable workaround.

Geir Dybbugt February 18, 2022

Applications Daily life Device Management

Holding back the upgrade to Windows 11 with Intune

With Windows 11 pushing its way towards your environment’s devices, you may find the need to hold back this upgrade to some or maybe all your devices, for any reason. Holding back the upgrade can be done via Intune for easy deployment to your devices. Script can be found in the post.

Geir Dybbugt December 15, 2021

Cloud Daily life Device Management

Manageability – Part 1: Naming Conventions

When it comes to managing anything within IT, it will always be a good thing to keep things organized, in one way or another. You should also make sure that the way you organize things, is made understandable for others as well (maybe you share the responsibility of management with a group, or may do so in the future). Make it a habit to creating an organizational model that others can jump in or out of over time, that is logical and understandable by others than yourself. Document the logic/model that is defined, and make sure not to deviate from the actual definition as time goes by.

Geir Dybbugt October 20, 2021

Cloud Daily life Device Management

Security: How to enable sign-in with FIDO2 security keys on Windows 10 Devices and Azure AD

FIDO2 security keys are an unphishable standards-based passwordless authentication method that can come in any form factor. Fast Identity Online (FIDO) is an open standard for passwordless authentication. FIDO allows users and organizations to leverage the standard to sign in to their resources without a username or password using an external security key or a platform key built into a device. Read the post to see how you can enable this for your Azure ad and windows 10 devices.

Geir Dybbugt May 11, 2020

Autopilot Daily life Device Management

Intune: Setting custom wallpaper and lockscreen on Windows 10 devices with PowerShell and Azure Storage Blobs

Many organizations want to deploy custom branded wallpapers and lockscreens on corporate managed devices. Doing this with Microsoft Intune is natively limited to Windows 10 Enterprise and Education. Follow this guide to see how you can do this with Intune and PowerShell toghether with Azure Storage Blobs.

Geir Dybbugt April 25, 2020

Applications Citrix Cloud

Citrix FAS: Sample setup leveraging FAS/ Azure iDP/ ShadowAccounts and Hybrid domain join.

Here's an example of a usecase where Citrix FAS comes into play.If you are not familiar with Citrix FAS and the use of it you may find this useful to…

Geir Dybbugt October 27, 2019

Autopilot Daily life Device Management

Windows Autopilot – Failing on app configuration when running Windows 10:1903

If you are running Windows autopilot on devices you may experience issues during enrollment/configuration after the 1903 update.
The issue comes when deploying Windows store apps with autopilot, and you may get faced with the enrollment process giving you an error when it gets to this step.

Geir Dybbugt June 9, 2019

Share this post:

Like this: