Notify users when their device is running low on disk space using Toast Notifications and Endpoint Analytics Proactive Remediations

Introduction

This is a follow up, on the post I did a few weeks ago, on notifying users with devices being low on disk space, using Toast Notifications and Configuration Manager

This time, I’m moving all of it, into the Endpoint Analytics Proactive Remediations feature of Microsoft Endpoint Manager Intune. This will actually simplify things a lot, as it removes the need for custom collections, Configuration Items and Baselines.

Read more…

How I change the update channels for Microsoft 365 Apps using Configuration Manager

Introduction

OK, so this post is admittedly a few weeks overdue, but regardless still relevant. Microsoft has decided, as we know by now, to carry out a name change of the Office 365 ProPlus suite, and rename the product to Microsoft 365 Apps (for Enterprise).

Following this change of name, Microsoft also decided to introduce some new changes to the update channels, which includes new names as well as a brand new update channel: Monthly Enterprise Channel.

So I figured, all things taken into considerations, that I wanted to go into details on how I’m changing the update channels using Configuration Manager.

This is a somewhat continuation of my previous blog post: Use Powershell to create device collections in Configuration Manager for the new Microsoft 365 Apps update channels

Carrot on a stick: All of the configurations I have made for this setup, I have exported for you to download. No real configuration needed in your end. Just download and import – almost. 😀

Read more…

A brief first look on Microsoft Defender ATP Tamper Protection

Introduction

Late last night my time, Tamper Protection in the Microsoft Defender stack went Generally Available.

In short and as the name implies, this is a feature which essentially locks Microsoft Defender and prevents your security settings from being tampered with, including changes made by an administrator.

From a security perspective, this is a great and welcomed addition – let’s take a closer look. 🙂

PS. I did find some oddities in some of the behavior when trying to disable Microsoft Defender through Group Policy. More on that in the end of the post.

Read more…