Connect to Microsoft Graph for Intune with Powershell ISE Add-ons (with a single click!)

March 4, 2019March 4, 2019 by Martin Bengtsson

Introduction

If you are working with Microsoft Intune on a daily basis, chances are that you are familiar with the awesome Powershell Intune Graph script samples over at GitHub: https://github.com/microsoftgraph/powershell-intune-samples.

I have previously blogged specifically about putting 2 of the scripts to use here:

If you are less familiar with Powershell, the script samples might seem a bit intimidating and difficult for some to put to use. The new Microsoft.Graph.Intune PowerShell Module to the rescue!

Now, this post is not about using the actual module, but how you with a single click can connect to the Graph API and gain access to all the available cmdlets in a very easy and sufficient way.

Install Google Chrome Extensions using Microsoft Intune in 3 different ways (Powershell, ADMX ingestion and MSI)

March 3, 2019February 27, 2019 by Martin Bengtsson

Introduction

I have previously covered the approach on how to install Google Chrome extensions using System Center Configuration Manager. Find my post here: https://www.imab.dk/forcefully-deploy-the-windows-defender-google-chrome-extension-using-configuration-manager/

Then it came to my attention that Microsoft released another and new extension for Chrome last week. It’s called Microsoft Web Activities. This made me go through the approach again, and figured I wanted to cover the methods on how to install Google Chrome Extensions using Microsoft Intune.

Windows as a Service: Sharing my PreCache and In-Place Upgrade Task Sequences, part 2

January 17, 2019January 14, 2019 by Martin Bengtsson

Introduction

This is an extremely hot topic and I do know that we have some awesome OSD experts out there sharing their content already (Gary Blok, Mike Terrill etc.). Now, their content is way superior to mine and probably suit a lot of needs already, but I think that content around WaaS in particular is interesting and especially when sharing how one does Windows Servicing in details.

So, this is me doing just that – sharing my precaching and in-place upgrade task sequences – in details. This will be a lengthy post, so grab a good cup of coffee 🙂

Also, this is based on a mid-size company in Denmark and we don’t manage thousands and thousands of devices. WaaS is a small part of my daily job and I’m the only one doing it, so the time and effort put into this is reflecting the size of the company and the resources available, but is still done with an eye on the detail. With that being said, some of the stuff I do here is done with inspiration from how some of the mentioned people does it (credit where due during the posts). If you find yourself in similar position or just need some more inspiration – then this will be for you 🙂

Part 1: https://www.imab.dk/windows-as-a-service-sharing-my-precache-and-in-place-upgrade-task-sequences-part-1/

Windows as a Service: Sharing my PreCache and In-Place Upgrade Task Sequences, part 1

January 14, 2019January 9, 2019 by Martin Bengtsson

Introduction

This is an extremely hot topic and I do know that we have some awesome OSD experts out there sharing their content already (Gary Blok, Mike Terrill etc.). Now, their content is way superior to mine and probably satisfy a lot of needs already, but I think that content around WaaS in particular is interesting and especially when sharing how one does Windows Servicing in details.

So, this is me doing just that – sharing my precaching and in-place upgrade task sequences – in details. This will be a lengthy post, so grab a good cup of coffee 🙂

Part 2: https://www.imab.dk/windows-as-a-service-sharing-my-precache-and-in-place-upgrade-task-sequences-part-2/

Install RSAT (Remote Server Administration Tools) for Windows 10 v1809 using Microsoft Intune

December 30, 2018December 29, 2018 by Martin Bengtsson

Introduction

I don’t know if this will have many uses, but I did a similar post on how to deploy RSAT for Windows 10 v1809 using SCCM (System Center Configuration Manager) back in October when 1809 was initially released. As most people know by now, RSAT is no longer a separate downloadable add on to Windows, but something which is included as “Features on Demand” in the OS itself.

For your convenience, find my previous post here: https://www.imab.dk/deploy-rsat-remote-server-administration-tools-for-windows-10-v1809-using-sccm-system-center-configuration-manager/)

What if you don’t have SCCM and instead are fancying Microsoft Intune for software deployments? You might even run SCCM and Microsoft Intune Co-Management and like to do stuff differently and experimenting like I do? Then this post will be for you 🙂

Company Portal displaying my RSAT 1809 Win32 app (Sorry for the obscure language (Danish). Company portal insists on being in Danish on my computer)

Flipping the switch, part 5: A closer look on the client apps workload (Co-management with SCCM and Intune)

December 22, 2018December 21, 2018 by Martin Bengtsson

Introduction

The client apps workload (also known as mobile apps for co-managed devices) was introduced in System Center Configuration Manager 1806 and was done so as a pre-release feature. The documentation on the workload is today still somewhat lacking, so I figured I’d give you some more insights based on my own findings.

The main idea here is, that apps deployed from Microsoft Intune are available through the Company Portal, and apps deployed from SCCM are available through the Software Center. This is quoted directly from the documentation, but what does this really mean? What types of apps are we able to deploy from Microsoft Intune and what’s the expected behavior? This is something I will try to address in this post. Curious? Read on 🙂

Apps installed from Microsoft Intune to a Co-managed device. Sorry about the obscure language. The company portal on my computer insists on being in Danish 🙁

Convert and deploy .MSIX applications using SCCM 1810 (System Center Configuration Manager)

December 20, 2018December 19, 2018 by Martin Bengtsson

Introduction

The ability to deploy .MSIX files has been available since System Center Configuration Manager 1806. Starting with 1810, we now also have the option to convert existing .MSI applications into .MSIX. Exciting! MSIX is told to be the future of software packaging, so getting a better understanding of how it works, and how it works with SCCM 1810 in particular, is not a bad idea.

So let’s walk through the entire process of converting an existing application, how to digitally sign the application and in the end, how to deploy the application. Curious? Read on 🙂

My first .MSIX application in the Software Center

Repairing broken applications using Software Center and SCCM 1810 (System Center Configuration Manager)

December 1, 2018December 1, 2018 by Martin Bengtsson

Introduction

This is a quick and short post on one of the new and welcomed additions to application management in System Center Configuration Manager 1810 (SCCM). Starting with 1810, we now have the ability to let the end users quickly repair installed applications through the Software Center.

This will come handy in self-service scenarios or when support-personal are trying to solve application specific issues. A common and well known troubleshooting scenario, is to try and repair a broken application. Curious? Read on 🙂

The repair function at display in the Software Center

Updating Configuration Manager Current Branch to version 1810 (Example from a production environment)

November 29, 2018November 28, 2018 by Martin Bengtsson

Introduction

Good news everyone! System Center Configuration Manager Current Branch 1810 was released today, and similar to previous releases, I’m going to walk you through the process on how I updated my production environment.

Not much has changed, but I know someone will fancy to have an A-Z guide as inspiration, and as of such, I here give you the exact steps I went through to update SCCM to the very latest and greatest version.

The 1810 update ready for installation in the console

Azure AD Application Proxy, Single Sign-On and Conditional Access

November 19, 2018November 18, 2018 by Martin Bengtsson

Introduction

As the topic suggests, the following post will be about the Azure AD Application Proxy feature – a feature within Azure Active Directory. I haven’t blogged specifically about this feature before, but I do think it deserves a mention here as well.

I will go into details on how to provide secure remote access to an internal IIS website, and give an example on how to add single sign-on to that experience while protecting everything with Conditional Access.

This post will be followed up with a continuation, where everything will be put to use on a mobile device with a Microsoft Intune managed Edge browser. Curious? Read on and stay tuned 🙂

The end result where an internal IIS is reachable from www