Azure AD Device Registration – Part 2 – Use Azure Automation to Get Notified When Devices Go Pending State

This is the 2nd post of this 2 part troubleshooting series and In the 1st part of this series I showed you why the devices can go on Pending and what can you do to troubleshoot and fix the issue. But what if you go Hybrid AAD Join mode with your fleet and you need … Continue reading Azure AD Device Registration – Part 2 – Use Azure Automation to Get Notified When Devices Go Pending State

Azure AD Device Registration – Part 1 – How to Fix the Pending Registration State Issue?

Firstly I must say, during your cloud journey you may have seen this error many times and fixed this many times. Also there can be engineers who are yet to see this error (among other errors) and want to fix this. In a Hybrid AAD Joined (HAADJ) environment, ideally what you want the device registration … Continue reading Azure AD Device Registration – Part 1 – How to Fix the Pending Registration State Issue?

[Nugget] Replace Edge Browser F1 Key Help URL with Endpoint Manager

Quick nugget and this can be a handy way to push your IT Support/ Helpdesk info in to the user's browser and its literally one key stroke away. F1 that is. In the Edge Brower, if you press F1 key, you will get the below default webpage But wouldn't that be nice to make it … Continue reading [Nugget] Replace Edge Browser F1 Key Help URL with Endpoint Manager

Device Control Polices with Microsoft Defender for Endpoint and Endpoint Manager

Device Control is one of the core components of any Device Management solution. This identifies what devices the user can install in their system or plug and play. While there are devices that need to be installed on user computers such as printers, specific computer peripherals, and USB keys, you don't want to allow the … Continue reading Device Control Polices with Microsoft Defender for Endpoint and Endpoint Manager

[Product Feature] Passwordless Authentication with FEITIAN BioPass FIDO2 Security Key K49

FEITIAN Technologies recently reached me out via LinkedIn to request if I can review one of their latest Passwordless key products - K49. This is not a paid review and only contains my independent opinion as a technologist as well as an avid Identity and Access Management enthusiast. I'm always a big fan of going … Continue reading [Product Feature] Passwordless Authentication with FEITIAN BioPass FIDO2 Security Key K49

A Closer Look At The Azure AD Joined Device Local Administrator Role And Endpoint Manager Account Protection Policy

Local Admin is a must needed account/ access that requires in a domain setup for so many reasons. Over the years Microsoft brought many options to manage these accounts in a secure manner. Restricted groups/ LAPS etc. With Azure AD and Endpoint Manager in the scene, many devices are moved to cloud managed rather than … Continue reading A Closer Look At The Azure AD Joined Device Local Administrator Role And Endpoint Manager Account Protection Policy

Microsoft 365 Defender – Advanced Threat Hunting Basics

With this post, I'm focussing anyone who is keen on knowing more about advanced features of MDE and how to get into that realm of threat hunting, and what are the controls available. So you have proper licensing enabled, and you have Microsoft Defender for Endpoint on your users' devices and they are onboarded to … Continue reading Microsoft 365 Defender – Advanced Threat Hunting Basics

Windows Autopatch – General Availability With Improvements

This is an update post on the much awaited Windows Autopatch service. This went from Public Preview to General Availability today (12/06/2022) and number of good improvements have been introduced and I would like to go through them. If you haven't read my previous posts on Windows Autopatch, please check them from below. Features Enrollment … Continue reading Windows Autopatch – General Availability With Improvements

An Attempt to Configure Defender for Endpoint and Endpoint Manager With the Same Device Tag

Most often the device tagging requirements are simple or you do have a set of tags for the devices that are enrolled in Intune and a set of tags for the devices onboarded in Defender for Endpoint. However there can be situations where you need both services to have the same device tagging setup. This … Continue reading An Attempt to Configure Defender for Endpoint and Endpoint Manager With the Same Device Tag

Get Notified When You Have Group Based License Assignment Issues

I'm considered as a citizen developer and I know the ways to get some automation happening when it needed the most. This is one of them. This has been in my head for a while and I've seen this happening many times. SO thought to do some findings, playing around with the tools to come … Continue reading Get Notified When You Have Group Based License Assignment Issues

Web Content Filtering with Microsoft Defender for Endpoint Advanced Features

I recently realised I haven't done much writing on Microsoft Endpoint Manager (MDE) side of things for a while. Web Content Filtering via MDE is a straight forward implementation and this will work on the devices that are onboarded currently. MDE has a lot of good features that makes it a next level XDR and … Continue reading Web Content Filtering with Microsoft Defender for Endpoint Advanced Features

Windows Autopatch – 3. Support Requests

This will be a short post, but I like to emphasize this great feature Windows Autopatch provides. In case you haven't seen the news, Windows Autopatch is now in Public Preview and I'm thrilled to write about it. Post 1 and Post 2 can be found below 1. Tenant Onboarding and Device Registration 2. Deployment … Continue reading Windows Autopatch – 3. Support Requests