How to Configure Azure AD Authentication Strengths

Require Multifactor Authentication is good, but what if the methods that can be registered aren't powerful enough to secure the resources? Eg: Accept the Auth push notification or SMS or Phone Call method. Those traditional methods have proved user authentication methods must be strengthened in-order to defend today's sophisticated phishing attacks. Introducing  Authentication strengths Conditional … Continue reading How to Configure Azure AD Authentication Strengths

The Calm After the Storm. Microsoft Ignite 2022 All Endpoint Management and Identity and Access Announcements

Microsoft Ignite 2022 just finished and it was a blast! So many new product updates and announcements. It was truly exciting to see all the Ignite related news. Because obviously it was a lot and probably the LinkedIn feeds are flooded with the updates and reposts and what not, I thought to give it a … Continue reading The Calm After the Storm. Microsoft Ignite 2022 All Endpoint Management and Identity and Access Announcements

Get Started with Microsoft Graph Intune PowerShell Module for Endpoint Manager Tasks

This is my very first blog post after being awarded as a Microsoft MVP and during the past few days it was all about processing this new avenue that just opened up in my life and was mentally getting ready for it. I will be writing a separate article about that later. But for now, … Continue reading Get Started with Microsoft Graph Intune PowerShell Module for Endpoint Manager Tasks

Configure “Enhanced Phishing Protection in Microsoft Defender SmartScreen” in Windows 11 22H2 via Endpoint Manager

Windows 11 22H2 update brought a lot of good stuff and as a tech enthusiast I really appreciate what Microsoft is doing to ensure the end user devices are protected. Enhanced Phishing Protection in Microsoft defender SmartScreen is one of them. While the features are available to the standard Windows Home user, I tested these … Continue reading Configure “Enhanced Phishing Protection in Microsoft Defender SmartScreen” in Windows 11 22H2 via Endpoint Manager

Device Hardening with Endpoint Manager Security Baseline for Windows Policy

The word on the street is not "If I get hacked" but "when I will get hacked" and securing your infrastructure starts from your end users and devices and hardening those devices that the users use every day have never been so important. Security Baseline policy for Windows 10 and later. This is one of … Continue reading Device Hardening with Endpoint Manager Security Baseline for Windows Policy

Endpoint Manager and Defender for Endpoint Relationship Simplified

I stumbled upon this so many times, tripped and fell, read things over, test things again and again and finally thought to write about it. Without understanding the high-level architecture and how these two services talk to each other, using this in day-to-day tech life can be challenging. Especially if you are coming from a … Continue reading Endpoint Manager and Defender for Endpoint Relationship Simplified

How to Use Endpoint Manager Import ADMX Function to Map Shared Drives

Earlier this year I wrote the same but more of a manual method to map drives using Endpoint Manager OMA-URI function and by ingesting the ADMX files in raw form to configure the drives. https://shehanperera.com/2022/04/01/network_shares_with_mem/ After Microsoft announced the Preview of the Import ADMX function, I was thrilled as I wanted to test out a … Continue reading How to Use Endpoint Manager Import ADMX Function to Map Shared Drives

Azure AD Device Registration – Part 2 – Use Azure Automation to Get Notified When Devices Go Pending State

This is the 2nd post of this 2 part troubleshooting series and In the 1st part of this series I showed you why the devices can go on Pending and what can you do to troubleshoot and fix the issue. But what if you go Hybrid AAD Join mode with your fleet and you need … Continue reading Azure AD Device Registration – Part 2 – Use Azure Automation to Get Notified When Devices Go Pending State

Azure AD Device Registration – Part 1 – How to Fix the Pending Registration State Issue?

Firstly I must say, during your cloud journey you may have seen this error many times and fixed this many times. Also there can be engineers who are yet to see this error (among other errors) and want to fix this. In a Hybrid AAD Joined (HAADJ) environment, ideally what you want the device registration … Continue reading Azure AD Device Registration – Part 1 – How to Fix the Pending Registration State Issue?

[Nugget] Replace Edge Browser F1 Key Help URL with Endpoint Manager

Quick nugget and this can be a handy way to push your IT Support/ Helpdesk info in to the user's browser and its literally one key stroke away. F1 that is. In the Edge Brower, if you press F1 key, you will get the below default webpage But wouldn't that be nice to make it … Continue reading [Nugget] Replace Edge Browser F1 Key Help URL with Endpoint Manager

Device Control Polices with Microsoft Defender for Endpoint and Endpoint Manager

Device Control is one of the core components of any Device Management solution. This identifies what devices the user can install in their system or plug and play. While there are devices that need to be installed on user computers such as printers, specific computer peripherals, and USB keys, you don't want to allow the … Continue reading Device Control Polices with Microsoft Defender for Endpoint and Endpoint Manager

[Product Feature] Passwordless Authentication with FEITIAN BioPass FIDO2 Security Key K49

FEITIAN Technologies recently reached me out via LinkedIn to request if I can review one of their latest Passwordless key products - K49. This is not a paid review and only contains my independent opinion as a technologist as well as an avid Identity and Access Management enthusiast. I'm always a big fan of going … Continue reading [Product Feature] Passwordless Authentication with FEITIAN BioPass FIDO2 Security Key K49