Blog
Deep Dive into Windows Patching with Microsoft Intune
Microsoft Intune presents a new approach to Windows patching, replacing on-prem servers with Windows Update for Business (WUfB). It offers features like Update Rings, Automatic Update Behavior, and a Deployment Service. Windows Autopatch on Intune automates patch deployment, but requires specific software/licensing. Best-in-class reporting is also available, addressing traditional reporting issues.
Securing Local Administration with Microsoft Intune
The article discusses securing local administrators with Microsoft Intune, covering creating the admin account, deploying the LAPS policy, protecting local administration groups, and working with Entra users and groups. It emphasizes the ease of using Intune for these purposes and shares insights on Entra user and group challenges. Overall, it advocates leveraging Microsoft’s EPM alongside Intune for robust security.
The Workspace ONE Admin’s Guide to Microsoft Intune Part 3: Apps
In Part 3 of transitioning from Workspace ONE to Microsoft Intune we turn our attention to application delivery. We look at the different ways we can deliver apps on Windows devices.
ControlUp Secure DX: The Next Frontier of the Digital Employee Experience
The emergence of Digital Employee Experience Management (DEX) has been influential, with ControlUp Secure DX now enhancing the approach. Built on the ControlUp Edge DX platform, it focuses on security issues, leveraging policies and templates. Configuration is streamlined, and the admin experience offers comprehensive insights.
The Workspace ONE Admin’s Guide to Microsoft Intune Part 2: To Profiles and Beyond!
Part 2 delved into profiles, baselines, scripts, and product provisioning. It demonstrated how to configure Windows 10 PCs in Workspace ONE and Microsoft Intune, covering CSPs and translating profiles. Baselines and scripts in both platforms were compared, highlighting differences and capabilities. Product provisioning was briefly outlined.
The Workspace ONE Admin’s Guide to Microsoft Intune Part 1
The author details their transition from VMware to the Microsoft stack and introduces a series called “The Workspace ONE Admin’s Guide to Intune.” In Part 1, they discuss UEM Core components in both Workspace ONE and Intune, covering infrastructure, device compliance, and integrations. They also compare device enrollment and compliance in both platforms, highlighting their differences and similarities.
The author plans to continue the series with a focus on profiles, policies, and scripts.
Microsoft Cloud PKI: SCEPman Killer?
The post discusses the introduction of Microsoft Cloud PKI as an alternative to SCEPman, highlighting its features, cost comparison, and user experiences. It covers the process of building a Microsoft Cloud PKI Root CA and Issuing CA, deploying certificates, and the platform’s reporting aspects. The author expresses a positive outlook towards Cloud PKI’s capabilities and future implications.
Cloud Kerberos Trust: The Windows Hello for Business Easy Button
Windows Hello for Business (WH4B) is often misunderstood as complex, but Cloud Kerberos Trust simplifies it. With familiar concepts and a straightforward setup process, it allows for seamless authentication to Azure/Entra ID. Configuring Azure AD Connect and Entra Kerberos Server for Cloud Kerberos Trust is simple, elevating user and admin experience.
Mobile Jon’s Final Act in VMware EUC: Android Secure Launcher Password Rotation
We can automate the rotation of the Workspace ONE Android Secure Launcher password via API with this tool that anyone can use.
New Windows 365 Boot Features in Public Preview
Microsoft recently announced new features in Public Preview, including Intune guided setup, dedicated and shared modes, fail-fast mechanism, and local PC settings management. These enhancements allow for personalized experiences and improved troubleshooting, showcasing Microsoft’s commitment to evolving Windows 365.
Evaluating Microsoft Entra ID Against Okta SSO Part 2: Advanced Features
This article discusses the evaluation of Microsoft Entra ID and Okta SSO, covering various aspects such as provisioning, lifecycle management, security, and cost considerations. Entra ID’s capabilities for app provisioning, HR-driven provisioning, and security attributes are detailed. Okta’s profile management, app provisioning, lifecycle management, and security features, including ThreatInsight and Contextual Access Management, are also highlighted. The article concludes with a cost analysis and a final comparison of the two platforms, favoring Entra ID for hybrid companies and acknowledging Okta’s strengths. Both platforms are praised for their excellent features, with a preference for Okta based on manageability.
Evaluating Microsoft Entra ID Against Okta SSO Part 1: The Basics
Microsoft Entra ID has made huge improvements over the last 12 months. Okta is the SSO marketplace leader. How close are they on core capabilities? Read part one of my Entra vs Okta battle for SSO supremacy.