Author: martin
-
Active Directory: Find closest Domain Controller with Powershell
You want to use the closest Domain Controller (DC) in you powershell script, then you can simply use this one-liner: Get-ADDomainController -Discover -NextClosestSite The parameter -NextClosestSite does deliver you the closest Domain Controller, either in your Site, or in the best Site based on the Site link costs, based on the Microsoft Article about the…
Written by
-
Azure AD – Protect your directory better by using Administrative Units (Preview)
The Azure AD administrative units are in Preview since a while, but lastly they got an update and I decided to check the opportunities that it might gives. Right from the bat, this feature has still a lot of possible improvement, I list those which would affect me the most at the end of the…
Written by
-
Office 365 – Data Location
This blog post covers some information about the data location of your Office 365 tenant. First I show you where you can get the information, where your Office 365 data is currently stored. Open https://admin.microsoft.com and navigate to “Settings”:
Written by
-
Windows 10 – Troubleshoot Intune Multi App Kiosk Configuration
This is a short one: While you will find plenty of blogs how to configure a Windows 10 Kiosk Device, I was not able to find a very important information: Where can I find Information, if starting an app within a multiple App Kiosk configuration fails. And it’s that simple: Open Event Viewer and go…
Written by
-
Intune Autopilot – Prepopulate the Startmenu
It might be not that popular with Windows 10, but every company wants a well curated startmenu, rather than the default delivered from Microsoft: We have multiple Options to configure the startmenu, I’m sure I don’t know them all. But when it comes to Windows 10 and Intune autopilot, we do not really have an…
Written by
-
Azure AD – Create dynamic group containing all Windows 10 Azure AD joined devices managed by Intune
Title says it all, and at first sight, simply to achieve, right? Let me tell you: In my opinion, it is not quite as easy as it should be. Lets start by creating a new group within Azure AD, to do this, navigate to your Azure AD and open the Groups blade, where you can…
Written by
-
Intune – Configure “Fast startup” (HiberBoot) for Windows 10
Since I changed my clients from GPO managed to Intune controlled, not all settings from GPO, but some of them needs to be set through Intune as well. As outlined in my previous blog, I tried to disable the Fast Startup Option on Windows 10 through a CSP. And I did not even found a…
Written by
-
Windows 10 settings management with Intune
Azure AD, Client Settings, Endpoint Protection, homelab, MDM, Office365, Remote Workplace, Windows 10When a journey ends, a new journey will begin. My journey with the old school domain joined and GPO managed devices within my LAB ended, and I finally conquer new areas with Azure AD join and Intune controlled devices. Due to the lack of opportunities, I still waited so long, because a lot of settings…
Written by
-
I have configured “Network Security: Restrict NTLM: NTLM authentication in this domain” months ago, here is why it catched me
Today I would like to share my experience with troubleshooting a overcommitted security admin with less knowledge than it would be required (In fact, I’m talking about me here). Some month ago, I read about NTLM (v2 as well), and I decided to restrict NTLM in my LAB, to check what is working afterwards, and…
Written by