Tech, Toronto and Travel – A Blog.
Microsoft Entra Privileged Identity Management (PIM) is a licensed feature that can help you manage, control, and monitor access to your resources by enabling time-based, just-in-time, and approval-based administrative access to Microsoft Entra ID, Azure resources, and Microsoft 365. The primary licensing route is through Entra ID P2. What does that mean exactly? I’ll give … Read more
Security baselines in Microsoft Intune are a pre-configured set of recommended security settings designed to help organizations quickly secure their devices according to Microsoft and industry best practices. They can be customized if a given setting does not meet your needs. Some key items to remember when it comes to Intune Security Baselines: Time for … Read more
In this post, I’ll show what the experience looks like when initiating the Out-of-Box experience on a Windows 11 Device that is enrolled in Autopilot. For transparency, this is what I would call the “bare-bones” experience. If you are familiar with Intune and Autopilot to some extent, you might be aware of configuration options such … Read more
If you’re here, you probably know what Autopilot is all about. But what is an Autopilot deployment profile? It is a configuration in Intune used to define the Out-of-Box Experience (OOBE) for new devices. It automates the setup process by skipping initial setup screens (some optional), requiring an organization-specific login and allowing the configuration of … Read more
Dynamic Groups are an Entra feature (that I wish existed in on-prem Active Directory) that allows you to assign users or devices to groups dynamically instead of statically. As you would expect, there are all kinds of uses for this – assigning licenses, granting access to applications, managing device configurations in Intune and much, much … Read more
Capturing a Device Hardware Hash and uploading it into Intune is one way to enable the Autopilot process for a device. The hardware hash is an ID unique to a particular device. This is the “manual method” and useful on a small scale. Other methods do exist – for example, a hardware OEM can perform … Read more
In the last post, we setup our fresh tenant to allow our licensed Intune user to join a device (Windows 11 Pro, Education or Enterprise) to Entra ID. MDM User Scope was also setup to enable automatic MDM (Intune) management. Now let’s verify that it works! The idea is to confirm functionality manually so that … Read more
For my first post, we’re going to get the baseline settings in place to start working with Intune and get Autopilot working. The goal is to get the fundamentals going in bite-sized chunks, and refine along the way. Basically, let’s get a development pilot going. We are starting with a brand new tenant, so we … Read more