How to work with Administrative Units

More and more organizations are working with Azure Active Directory. Those organizations can have an Azure AD only implementation or and hybrid situation (On-Premises Active Directory where users/groups/devices are synchronized towards Azure AD). The on-premises Active Directory consists of Organizational Units where users and groups are hierarchical stored in the units, you can also assignContinue reading “How to work with Administrative Units”

Secure Windows Virtual Desktop with Conditional Access

Currently a lot of organizations are using Windows Virtual Desktop. A lot of security administrators asks questions how to secure Windows Virtual Desktop as this feature is public accessible. I’ve already implemented some conditional access policies regarding Windows Virtual Desktop. Examples are: Block access when a user is outside the network and his/her device isContinue reading “Secure Windows Virtual Desktop with Conditional Access”

Manage application permissions for your B2B users

It’s quite difficult for an IT department to manage access towards corporate data for B2B users. The IT department is mostly not aware which companies needs access to which resources of your organization. Also the IT department isn’t aware of the people that needs to have access towards a specific application. This article describes howContinue reading “Manage application permissions for your B2B users”

Secure administrator access in Intune with Intune RBAC

For larger companies it can be quite challenging to assign the correct permissions for their helpdesk users. For example if your company is located in Brussels and New York you don’t want to give your helpdesk staff access towards all devices and configuration settings. We often see companies that are using the default Intune AdministratorContinue reading “Secure administrator access in Intune with Intune RBAC”

Synchronize Bitlocker recovery keys to local AD

Most companies are working with different IT specialist, some of them are more experienced in configuring and managing Microsoft Endpoint Managers while others are working on first line support. In this situation IT does not want to grant access towards the Microsoft Endpoint Management portal for their first line support. For example, first line supportContinue reading “Synchronize Bitlocker recovery keys to local AD”

Pushing Teams Background images through Intune

Microsoft announced that you can finally use custom background images during Teams meetings. Our customers directly contacted us how to upload those images. Some of them already created their own custom branding background image and wanted to distribute this towards their end users. The procedure for uploading your custom background images can be to technicalContinue reading “Pushing Teams Background images through Intune”