Updating your Mobile Devices against Meltdown and Spectre with Intune

Nicolas PilonEMS, Intune0 Comments

Everyone has heard of Meltdown, and Spectre vulnerabilities in modern computers leak passwords and sensitive data. In case you don’t, the most important thing to remember is to update all devices that mainly have an Intel processor, including mobile devices. If you are using Microsoft Intune to manage mobile devices in your organization, you can configure compliant rules to force the users to update their operating system version. For those who want to keep their old OS version, will lose their access to Office 365 at one point. It’s essential that employees know the importance of updating their devices more often, … Read More

How to help Intune users Using Intune Troubleshooting Portal

Benoit LecoursIntune0 Comments

The Intune troubleshooting portal can be used by Intune administrators to view information about a specific Intune user. It can be used to troubleshoot many problems for example, licensing problem, the devices assigned to a user, details about enrollment issues, compliance issues, app installation failure and much more. The Intune Troubleshooting portal can also give suggested remediation steps to resolve issues. You need at least the  HelpDesk Operator role (RBAC) to use the troubleshooting portal. How to use the Intune Troubleshooting Portal Go to your Azure portal Select Microsoft Intune On the Intune pane, in the Help and Support section, select Troubleshoot On the left, click Select to select a user to troubleshoot … Read More

How to enable SCCM 1710 Co-Management

Jonathan LefebvreIntune, SCCM, WINDOWS 102 Comments

With the release of SCCM 1710, one of the key new features is the Co-Management possibility with Microsoft Intune. There are two main paths to reach to co-management: Windows 10 devices managed by Configuration Manager and hybrid Azure AD joined get enrolled into Intune Windows 10 devices that are enrolled in Intune and then install with the Configuration Manager client We will describe how to enable co-management and enroll an SCCM managed Windows 10 device into Intune. SCCM 1710 Co-Management Prerequisites SCCM 1710 or later A new SCCM KB is available to fix an enrollment issue for the client Azure … Read More

Import Windows Devices for AutoPilot using Microsoft Intune

Benoit LecoursIntune6 Comments

Windows Autopilot is a new and emerging solution designed that allows to setup and pre-configure Windows devices for your environment using Azure and Intune. The goal of Autopilot is to reduce the Os deployment complexity. If done correctly, a user logs to an out-of-box computer, logs on his computers with his ADD user account and applications and configurations gets deployed. All that with minimum infrastructure requirements. When announced a couple of months ago, Autopilot has its flaws but it’s improving very fast. One of those flaws was that device importation was made from the Windows Store for Business or the Microsoft … Read More

Automatic Windows 10 PC Enrollment in Microsoft Intune or SCCM

Benoit LecoursIntune, SCCM, WINDOWS 100 Comments

The process of enrolling your Windows 10 computers in Intune should be as simple as possible for your users. If you’re using Azure Active Directory in your organization, the enrollment process can be made automatically when a user joins it’s device to AAD. It couldn’t be simpler. The process is the same rather for Intune Standalone or Hybrid mode (integrated with SCCM) Windows 10 Intune Automatic Enrollment Prerequisites CNAME DNS Entry created on your domain for automatic name resolution A valid Intune Tenant (Standalone or SCCM Integrated) Azure Active Directory Premium enabled For this post, we’ll be using a Windows 10 1703 device but … Read More

How to Deploy an iOS Application with Intune and SCCM

Benoit LecoursIntune, SCCM8 Comments

Updated 2018-03-19 One of Microsoft Intune feature is to deploy useful mobile applications that your users need to get their job done. We can think of the Office suite such as Word, Excel, Powerpoint and One Note. This blog post will show how to deploy Microsoft Word on managed iOS devices with Microsoft Intune and SCCM. This is the 9th post of the Mobile Device Management with Intune and SCCM 2012 blog series. Microsoft Word for iOS devices requires Mobile Application Management (MAM) policies in Microsoft Intune. Since it’s a pre-requisites for Microsoft Word, we will configure a MAM policy … Read More

No Enrollment Policy during Intune Client Installation

Nicolas PilonClient, Intune, SCCM1 Comment

  When a company wants to manage an iOS mobile device, an Apple Push Notification Service (APN) certificate is installed on the iOS devices. This certificate installation makes sure that the connectivity between the devices, Apple, and your MDM solution is trusted. Intune makes no exception to this process. It’s the main reason why, from Intune or SCCM console, you have the possibility to send remote actions directly on iOS devices. After the certificate is configured in Intune, users can install the Company Portal app to enroll their devices (Android, iOS, Windows). When you open the Company Portal for the … Read More

How to enable Android for Work in SCCM and Intune

Benoit LecoursIntune, SCCM6 Comments

Starting with SCCM 1702, mobile device management with SCCM and Microsoft Intune (Hybrid) now supports Android for Work device enrollment and management. You can manage compliance settings, wipe or delete Android devices, deploy apps, and collect software and hardware inventory. Users can download the Android company portal app from Google Play that lets them enroll Android for Work devices. Enable SCCM Android for Work The first step is to create a Google account and configure your Intune subscription to accept Android for Work devices. Refer to our previous blog post, if you don’t already have an active Intune subscription. Create … Read More

Send Sync Request to Intune Mobile Devices from SCCM 1610 Console

Nicolas PilonConsole, Intune, SCCM0 Comments

This month, SCCM 1610 was released with a bunch of new features, including exiting Intune features. One of these Intune feature is to send sync request directly from the SCCM console. It’s a new remote actions that Intune administrators will use daily. For example, you can send sync request to a mobile device that is having deployment or client health issue. In fact, each mobile devices managed by Intune need to communicate with Intune to get the latest policy and compliance state. Normally, the Intune client synchronizes every 6 hours for iOS and 8 hours for Android. Additionally, there’s a scan every … Read More

How to Strengthen Security for Intune with RBAC in SCCM

Nicolas PilonApplication, Console, Intune, SCCM0 Comments

  The majority of companies use SCCM to manage laptops, computers, servers and some for mobile devices, if they use Microsoft Intune in hybrid mode. In some situations, Intune and SCCM management is done by 2 different teams. Except for the Full Administrator role in SCCM, it’s possible to separate Intune with Configuration Manager infrastructure in the console by using security roles and security groups (RBAC). The goal is to ensure that an Intune administrator does not access Configuration Manager client devices and objects, as you don’t want to end up with people who may wipes or manages mobile devices when they are … Read More