Get Users from Azure AD with a large number of Registered Devices

The Challenge One of the challenges when managing an Azure AD Hybrid Join implementation is monitoring the number of devices registered to each Azure AD user. The default “limit” in Azure AD is 20 devices for each user. This number can quickly be reached in a shared computer environment, especially […]

Windows 10 – Hybrid Azure Active Directory Join for Federated Domains

What is ADFS? Active Directory Federation Services (ADFS) provides a secure mechanism to authenticate users, accessing applications (often in the cloud), using Active Directory credentials when Windows Integrated Authentication (WIA) is not possible. Not so long ago ADFS was considered the go-to option when needing to authenticate Domain users accessing […]

Windows 10 – Servicing Stack Cadence

What are Servicing Stack Updates? Servicing Stack Updates (SSU’s) are Critical, Security Updates. They are shipped separately to the monthly Latest Cumulative Updates (LCU’s) because they modify the component that installs Windows updates. Microsoft strongly recommend that you install the latest SSU before the LCU. More information on SSU’s can […]

Configure Managed Google Play for Intune

Before you can start using Android Enterprise Work Profiles, or enroll your Android Devices into Intune, you have to link Managed Googled Play. Google Managed Play allows you to select, purchase, and manage apps for your organization. You can create lists of approved apps and manage updates. This quick post […]

Deploy RSAT for Windows 10 1809 using SCCM

Starting Windows 10 1809 Remote Server Administration Tools (RSAT) is now included as a set of “Features on Demand”. In the following post we will show you how to deploy individual features with SCCM. The RSAT tools are added using the “Add-WindowsCapability” cmdlet https://docs.microsoft.com/en-us/powershell/module/dism/add-windowscapability?view=win10-psBecause we are deploying each feature with […]

SCCM Lab Pre-Req Checklist for Server 2019 and SQL 2017

I decided to rebuild one of my LABs for SCCM 1902 Technical Preview. During the build, someone posed a question on Twitter for examples of scripts/material to get a LAB up and running. @ncbrady has a great post that goes into great detail for building out SCCM servers at:- https://www.windows-noob.com/forums/topic/16114-how-can-i-install-system-center-configuration-manager-current-branch-version-1802-on-windows-server-2016-with-sql-server-2017-part-1/ […]

Converting legacy packages into applications with SCCM 1810 Package Conversion Manager

Background Since SCCM 2012 Microsoft have been steering us towards using “applications” to install apps over the traditional “packages” method. Applications give us additional benefits over packages like detection methods, dependencies and requirement rules . An example might be:- Install APP-B if the folder “C:\Program Files\APP-B_FOLDER” doesn’t exist (detection), only […]

Generate Office 365 PAC Files with PowerShell

If you have a proxy server in your environment and are using (or thinking about using) Office 365 then you will hit some pain barriers. As awesome as Office 365 is, she just isn’t a fan of proxies. We used to be left to our own initiative, creating complex proxy […]

Create an Intune App Protection Policy to force an app “Pin Reset” after x days

The Intune Team announced a nifty app protection policy addition for the “Week of January 7, 2019” edition > https://docs.microsoft.com/en-us/intune/whats-new You can now change the number of days before the app PIN must be changed. This new policy works for both IOS and Android devices. Create an Intune App Protection […]