SCCM 2012 – Exchange Conditional Access Mail sent Error 0x80131500

08/11/201508/11/2015 Martin Wüthrich MDM, SCCM 2012

Referring to my last blogpost, I did not receive the Email telling me that my Device is not enrolled or compliant. The following Error was shown inside the Exchange Connector log (EasDisc.log):

ERROR: Failed to call ProcessConditionalAccess of managed COM. error = Unknown error 0x80131500

Continue reading →

SCCM 2012 – Configure Exchange On-Premise Conditional Access with Microsoft Intune

08/11/201517/12/2015 Martin Wüthrich MDM, SCCM 2012

Hi Reader,

referring to my old Blogpost, where I described the Integration of the Conditional Access in System Center 2012 Configuration Manager for Exchange Online (Link) and because there was an Update with the Intune Extension to support the On-Premise Exchange Server aswell, I decided to create a new blogpost about this.

The Supported Exchange Versions are currently 2010 and 2013, be sure suing one of them with a current Update Rollup (afaik for 2013 UR6 is required).
And you can use the conditional Access to restrict the EAS connection on the following Devices:
•Windows 8 and later (when enrolled with Intune)
•Windows Phone 8 and later
•Any iOS device that uses an Exchange ActiveSync (EAS) email client
•Android 4 and later. Continue reading →

SCCM 2012 R2 SP1 – Application Management Policies for Android and iOS

02/06/2015 Martin Wüthrich Application Management, MAM, MDM, SCCM 2012

Hey, here is Martin serving you with some new Information about the MAM (Mobile Application Management) Features in the SCCM 2012 R2 SP1 Release.
There is a new section in the Application Tree of the Software Library wunderbar, it is called “Application Management Policies”:
Continue reading →

SCCM 2012 R2 SP1 – New Intune Features: Block Apps natively and deploy a iOS custom profile

26/05/201506/09/2015 Martin Wüthrich Application Management, Client Settings, MDM, SCCM 2012

Hi there,
finally I got time to check, which new Features was brought to us System Center 2012 configuration Manager guys with the R2 SP1 update. My interests were on the iOS and Windows Management. And for both of them, some nice Features were added.

Blocking Apps
The availability of blocking Apps is now supported through the normal configuration, rather than using OMA-URIs as before (https://blog.hosebei.ch/2014/11/10/sccm-2012-r2-windows-phone-8-1-black-listing-apps-and-vendors/). You can create a Configuration Item with the specific Settings: Continue reading →

SCCM 2012 R2 SP1 – No longer Need of Company Portal for Windows Phone 8.1

18/05/2015 Martin Wüthrich BYOD, Client Agent, MDM, SCCM 2012

Hi all, here’s Martin serving some new Informations about the Intune Integration in System Center 2012 Configuration Manager R2 SP1.

With the newly available Service Pack 1 for SCCM 2012 R2, there is no Need to create a self-signed Company Portal for the Windows Phone 8.1. For old Windows Phone 8.0 you will still need the signed Company Portal, but who really does still use Windows Phone 8.1? Continue reading →

Intune – New Company Store as appx

19/04/201502/09/2015 Martin Wüthrich MDM, Remote Workplace

Last week I was surprised to find the Windows Intune Company Portal as a APPX file on the download area of the Microsoft Homepage. So I thought that it should be possible to use this Company Portal in the SCCM integrated Intune Scenario, rather than the old xap-File.

Continue reading →

Microsoft EMS – Intune – ADFS federation relying party trust secure hash algorithm

27/03/2015 Martin Wüthrich ADFS, BYOD, MDM

Hi, here’s Martin again with a short blogpost about the ADFS federation for Intune.

I was going through the Options of the ADFS Infrastructure after reading this very interesting Blog on TechNet from David Gregory:
http://blogs.technet.com/b/askpfeplat/archive/2015/03/02/adfs-deep-dive-onboarding-applications.aspx

There is the Secure Hash algorithm Pointed out:

The relying party trust in ADFS must be configured with the correct secure hash algorithm. Most SAML applications will support SHA-1 while most WS-Fed applications will support SHA-256.

Continue reading →

SCCM 2012 R2 + Microsoft Intune – Exchange Conditional Access

17/03/201517/12/2015 Martin Wüthrich BYOD, MDM, SCCM 2012

Hi, here is Martin with a Blogpost about the new Feature that has been shipped to the Microsoft Mobile Device Management Solution Intune: Conditional Echange/Sharepoint Access. This means, you are now able to restrict the Access to Exchange Online, ~~On-Premise Exchange~~ and ~~SharePoint Online~~ to Devices, which has to be Intune enrolled.

Update: Intune in combination with SCCM currently only allows you to restrict the Access to Exchange Online.
Continue reading →

Azure Active Directory – Multi Factor Authentication through SmartPhone App

20/02/201502/09/2015 Martin Wüthrich MDM

Hi there,

today I would like to show, how End-Users can configure their Multi Factor Authentication for Windows Azure Logons. This might be important for them, because they could have different choices on how they would get contacted.
First they can login to their Azure Active Directory Profile, which is available as Users from your On-Premise Active Directory, but also for Users which resides only in the cloud. The URL of the Profile is the following:
https://account.activedirectory.windowsazure.com/profile/default.aspx
The following Webpage appears:
Continue reading →

SCCM 2012 R2 – Create your own Windows Phone 8.1 App and deploy it with SCCM/Intune

10/11/2014 Martin Wüthrich Application Management, BYOD, MDM, SCCM 2012, Software Deployment

Hey, here’s Martin.

Today I decided to create a simple App to demonstrate how you can deploy our own Apps within System Center 2012 Configuration Manager R2 connected to Microsoft Intune.

Before you begin: Be sure that you have a Code Signing Certificate for windows mobile Devices.

Everything starts with Visual Studio Express 2013 for Windows, you can get it for free from Microsoft. Continue reading →