All my posts
A Coffee with... Maura Perra
Since 1994, Microsoft has been involved in device management: first with SMS, which later became SCCM, and then in 2011, with the advent of mobile devices, the Mobile Device Management service called Intune was created, which has grown… and grown… And today, it has become a suite! Let’s clarify the various pieces of technology we can find within this suite with Maura Perra, Technical Specialist in Cloud Endpoint for Microsoft!
All my posts
Windows LAPS in Azure AD (preview)
I have tried the new Windows LAPS (Local Administrator Password Solution) with direct support for Azure AD.
If you have Windows 11 machines (which natively support it), it is really simple and fast to implement.
Here are some useful information:
📌 No licensing requirement, available from Azure AD Free and above
📌 Supported operating systems:
Windows 11 22H2 - April 11, 2023 Update Windows 11 21H2 - April 11, 2023 Update Windows 10 20H2, 21H2, and 22H2 - April 11, 2023 Update Windows Server 2022 - April 11, 2023 Update Windows Server 2019 - April 11, 2023 Update In the video, besides configuring the Intune profile to re-enable the built-in local Administrator, I also tested a slightly more specific scenario by renaming the Administrator.
All my posts
Video of the Tech Bits Event: Modern Endpoint Management is Available
On March 22, 2023, the Microsys event “Tech Bits: Modern Endpoint Management” took place, and now the video of the event is available!
Together with the legendary Paolo Bodini, we presented the 10 key elements to consider for modern management of corporate and personal devices.
Enjoy watching!
Riccardo
All my posts
Windows Hello for Business is the MFA for Windows login!
Why Windows Hello for Business is the Multi-Factor Authentication for Windows login and how to configure it via Intune in Azure AD Kerberos Cloud Trust mode, through the Settings Catalog.
Below is the documentation I refer to in the video:
📄 Windows Hello for Business Overview 📄 How Windows Hello for Business works in Windows Devices 📄 Windows Hello for Business and Authentication 📄 Cloud Kerberos trust deployment 📄 Enable passwordless security key sign-in to on-premises resources by using Azure AD Have you implemented Windows Hello for Business?
All my posts
A coffee with... Elisa Pirrone
Here we are with a new episode of “A Coffee with…”! Today’s protagonist is Elisa Pirrone, CSA Security for Microsoft Italy. Together with her, we will talk about disabling legacy protocols, creating conditional access policies, best practices, and why Windows Hello for Business is an MFA!
Here are some additional links for further information:
Common Conditional Access policy: Block legacy authentication Windows Hello for Business Overview How Windows Hello for Business works in Windows Devices Don’t forget to subscribe to our other channels as well:
All my posts
Configuring BitLocker via Intune using the Settings Catalog
A few days ago, I came across a very interesting article from the Intune Customer Success Team. The article discusses how to configure BitLocker through the Intune Settings Catalog. This piqued my curiosity because, considering the Settings Catalog, there are now three different ways to deploy BitLocker from Intune.
I wanted to understand the advantages of using the Settings Catalog compared to the already available methods. Here’s my experience!
⚠️ As mentioned in the video: the settings you see were done for purely educational and illustrative purposes.
All my posts
A coffee with... Valeria Sava
Today’s episode is a true injection of caffeine and valuable resources: Valeria Sava talks to us about ADFS and how to retire it by migrating applications to Azure AD.
Are you interested? Yes? Then after watching the video, don’t miss this workshop in Italian dedicated to this very topic! Valeria and I extensively discussed it while enjoying our coffee. Here are all the details!
🗓️ March 28, 2023
➡️ Microsoft Workshops: How to successfully migrate away from AD FS to Azure AD
All my posts
Azure Virtual Desktop: Single Sign-On su Azure AD
It took me a while to make this video, but finally, here I am: Azure Virtual Desktop Single Sign-On to Azure AD.
One of the main “criticisms” always directed at AVD is the double authentication, which many consider a hassle. With Single Sign-On, the process becomes smoother, and the required authentications decrease.
Could I have just shown you the simple SSO?
Clearly NO, so I even included a FIDO2 security key in it!
All my posts
Sessions from the community event on March 8, 2023, now available
On March 8, 2023, a joint event was held between the Microsoft Intune Italian Users Group and the Microsoft Security Italian Users Group: the video of the sessions is now available.
Together with the legendary Michele Sensalari, we talked about certificate-based authentication on Azure AD.
Marco Moioli and Davide Salsi, on the other hand, delved into how to use the MAM (Mobile Application Management) features of Intune to provide security in BYOD scenarios, and Davide also demonstrated the new Microsoft Tunnel for Mobile.
All my posts
A coffee with... Francesco Molfese
“How can we leverage a public cloud while maintaining a proper security posture?”
Today, we ask this question (while sipping a cup of coffee) to Francesco Molfese (MVP), who has a clear understanding of how to maintain the right level of security both in the cloud and on-premises.
Here are some additional links for further reading:
Francesco’s blog Defender for Cloud Don’t forget to follow us on our social channels as well: