Modern Device Management

Unlike in AAD, where one can select multiple devices to perform a limited number of actions like delete etc, the same cannot be said for Intune as the process is completely different. As a matter of fact, in my opinion it is actually a lot better. With the introduction of Bulk actions back in March 2020, things became a lot convenient. I never got to covering this topic in my blog so decided to do it now. With Bulk actions one can perform the following - 1. Autopilot reset 2. Custom notifications 3. Delete 4. Rename 5. Restart 6. Sync 7. Wipe 8. Retire The best part is that these actions are not just limited to Windows and are supported across other OS platforms as well. However, please note that not all actions will work against all the supported OS platforms. I recently needed to delete personal Windows devices that were enrolled in Intune so decided to use Bulk actions . Process is as follows - 1. Open https://endpoint.microsoft.com 2. Select OS and device action. I selected  Delete

CMPivot was first introduced in ConfigMgr CB 1806 and since its release, ConfigMgr as a product has became a little more real time. Especially when it comes to pulling deployment or compliance status. I must admit that I didn’t use CMPivot much earlier, but ever since remote working became the new normal, I started using CMPivot queries regularly and the more I used it, the more I found myself appreciating the efforts of the product team behind implementing this great feature . If you manage your end user devices over the internet using  Cloud Management Gateway  (CMG), you would understand the pain of not being able to perform any remote administration tasks like checking the logs, or taking remote control etc. This is where CMPivot query can be really helpful. According to Microsoft:- CMPivot allows you to quickly assess the state of devices in your environment and take necessary actions. When you enter a query, CMPivot will run a query in real - time on all currently connected devic

In one of my earlier blogs , I had covered how to setup Windows Hello for Business (WHfB). In this blog I want to cover how you can block it completely using Intune. Recently, I had a requirement where the customer wasn’t ready to enable WHfB in their organization. While the feature can be disabled tenant wide, it only applies during the Out of Box Experience or OOBE at the time of device enrollment. Also, the tenant wide setting will not apply if a device is already enrolled. One obviously needs to meet the pre-requisites to be able to use the feature and you can refer to the Microsoft's official link . Now if you want to perform an Autopilot reset to re-provision a device, then WHfB will get enabled by default.  This is because according to Microsoft , “When Windows 10 was released to general availability, Microsoft changed the behavior of the Office 365 Azure AD stack. When a user selects the option to join a work or school network, the device is automatically joined to the Of