SCCM 2012 – Configure Exchange On-Premise Conditional Access with Microsoft Intune

Hi Reader,

referring to my old Blogpost, where I described the Integration of the Conditional Access in System Center 2012 Configuration Manager for Exchange Online (Link) and because there was an Update with the Intune Extension to support the On-Premise Exchange Server aswell, I decided to create a new blogpost about this.

The Supported Exchange Versions are currently 2010 and 2013, be sure suing one of them with a current Update Rollup (afaik for 2013 UR6 is required).
And you can use the conditional Access to restrict the EAS connection on the following Devices:
•Windows 8 and later (when enrolled with Intune)
•Windows Phone 8 and later
•Any iOS device that uses an Exchange ActiveSync (EAS) email client
•Android 4 and later. Continue reading

SCCM 2012 R2 SP1 – New Intune Features: Block Apps natively and deploy a iOS custom profile

Hi there,
finally I got time to check, which new Features was brought to us System Center 2012 configuration Manager guys with the R2 SP1 update. My interests were on the iOS and Windows Management. And for both of them, some nice Features were added.

Blocking Apps
The availability of blocking Apps is now supported through the normal configuration, rather than using OMA-URIs as before ( You can create a Configuration Item with the specific Settings: Continue reading

SCCM 2012 R2 SP1 – No longer Need of Company Portal for Windows Phone 8.1

Hi all, here’s Martin serving some new Informations about the Intune Integration in System Center 2012 Configuration Manager R2 SP1.

With the newly available Service Pack 1 for SCCM 2012 R2, there is no Need to create a self-signed Company Portal for the Windows Phone 8.1. For old Windows Phone 8.0 you will still need the signed Company Portal, but who really does still use Windows Phone 8.1? Continue reading

Microsoft EMS – Intune – ADFS federation relying party trust secure hash algorithm

Hi, here’s Martin again with a short blogpost about the ADFS federation for Intune.

I was going through the Options of the ADFS Infrastructure after reading this very interesting Blog on TechNet from David Gregory:

There is the Secure Hash algorithm Pointed out:

The relying party trust in ADFS must be configured with the correct secure hash algorithm. Most SAML applications will support SHA-1 while most WS-Fed applications will support SHA-256.

Continue reading

SCCM 2012 R2 + Microsoft Intune – Exchange Conditional Access

Hi, here is Martin with a Blogpost about the new Feature that has been shipped to the Microsoft Mobile Device Management Solution Intune: Conditional Echange/Sharepoint Access. This means, you are now able to restrict the Access to Exchange Online, On-Premise Exchange and SharePoint Online to Devices, which has to be Intune enrolled.

Update: Intune in combination with SCCM currently only allows you to restrict the Access to Exchange Online.
Continue reading

Azure Active Directory – Multi Factor Authentication through SmartPhone App

Hi there,

today I would like to show, how End-Users can configure their Multi Factor Authentication for Windows Azure Logons. This might be important for them, because they could have different choices on how they would get contacted.
First they can login to their Azure Active Directory Profile, which is available as Users from your On-Premise Active Directory, but also for Users which resides only in the cloud. The URL of the Profile is the following:
The following Webpage appears:
Azure AD Profile Continue reading

SCCM 2012 R2 – Create your own Windows Phone 8.1 App and deploy it with SCCM/Intune

Hey, here’s Martin.

Today I decided to create a simple App to demonstrate how you can deploy our own Apps within System Center 2012 Configuration Manager R2 connected to Microsoft Intune.

Before you begin: Be sure that you have a Code Signing Certificate for windows mobile Devices.

Everything starts with Visual Studio Express 2013 for Windows, you can get it for free from Microsoft. Continue reading