All my posts

IT specialists, hello everyone! In this video, we will see the tools that Azure AD and Intune provide us with to manage local group membership. Video You can find the entire video below, or you can continue reading the article. Article After playing with the new Windows LAPS in my previous video, I was reviewing the list of local administrators on my lab machine, and since the machine is registered in Azure AD Join, the Azure AD user who joined it has become an administrator.

Friday resource! If you’re tinkering with Local Groups Membership policies in Intune and (like me) have cursed a bit while converting group/role ObjectIDs to SIDs and vice versa, here’s a website that does it online instantly and conveniently. 🔹 ObjectId ➡️ SID 🔹 SID ➡️ ObjectId I’d love to tag the author of this wonderful utility (Erik Engberg) here, but from what I’ve seen, they’re not on LinkedIn. If I’m mistaken and someone knows their exact profile, please let me know so I can give them proper thanks.

If you’re interested, I’m starting from scratch on Twitter with a brand new profile. There, I’ll be primarily writing in English. Why? Several reasons: To get used to using English more frequently: I read a lot of content in this language every day, but I go through (too) long periods without writing or speaking it. Because in the Microsoft sphere on Twitter, there are truly unmissable profiles and content, and the MVP community there is very active.

I have tried the new Windows LAPS (Local Administrator Password Solution) with direct support for Entra ID. If you have Windows 11 machines (which natively support it), it is really simple and fast to implement. Here are some useful information: 📌 No licensing requirement, available from Entra ID Free and above 📌 Supported operating systems: Windows 11 22H2 - April 11, 2023 Update Windows 11 21H2 - April 11, 2023 Update Windows 10 20H2, 21H2, and 22H2 - April 11, 2023 Update Windows Server 2022 - April 11, 2023 Update Windows Server 2019 - April 11, 2023 Update In the video, besides configuring the Intune profile to re-enable the built-in local Administrator, I also tested a slightly more specific scenario by renaming the Administrator.

On March 22, 2023, the Microsys event “Tech Bits: Modern Endpoint Management” took place, and now the video of the event is available! Together with the legendary Paolo Bodini, we presented the 10 key elements to consider for modern management of corporate and personal devices. Enjoy watching! Riccardo

Why Windows Hello for Business is the Multi-Factor Authentication for Windows login and how to configure it via Intune in Azure AD Kerberos Cloud Trust mode, through the Settings Catalog. Below is the documentation I refer to in the video: 📄 Windows Hello for Business Overview 📄 How Windows Hello for Business works in Windows Devices 📄 Windows Hello for Business and Authentication 📄 Cloud Kerberos trust deployment 📄 Enable passwordless security key sign-in to on-premises resources by using Azure AD Have you implemented Windows Hello for Business?