Storage management is a critical aspect of device administration that often gets overlooked until it’s too late. Low disk space can cause application failures, prevent updates from installing, and impact user productivity. For IT administrators managing hundreds or thousands of devices through Microsoft Intune, manually checking disk space on each device is simply not feasible.
Continue Reading
Microsoft has updated their security baselines in Microsoft Intune which you can read in the What is new in Intune. A part of the updates is that Microsoft has added recommended settings based on your organisation. In this blog post, I show how to monitor these recommendations that are part of the security baseline and generate a response when a setting does not met Microsoft’s recommendation.
Continue Reading
Another big helper in implementing a Zero Trust environment is the use of Privileged Identity Management, aka PIM. It is a best practice assigning the least permissions as needed for the shortest amount of time. PIM helps you with that. After implementing PIM you have left-overs of admins assign roles to identities without PIM. In that case there is a mechanism that check if there are roles assign outside PIM.
Continue Reading
Implementing conditional access policies have a huge impact on your identities and organisation. After implementation, there could be a situation conditional policies need changes. Think about the state, adding or excluding users, or adding a security strength for example.
Continue Reading
https://learn.microsoft.com/en-us/mem/intune/protect/advanced-threat-protection-configure
Find the if there is a connector already. Otherwise, create one.
$url = "https://graph.microsoft.com/beta/deviceManagement/mobileThreatDefenseConnectors/fc780465-2017-40d4-a0c5-307022471b92" #/fc780465-2017-40d4-a0c5-307022471b92
$request = Invoke-RestMethod -Uri $url -Method Get -Headers $authHeader
$request.value | ConvertTo-Json -Depth 9
$body = @{
androidEnabled = $false
iosEnabled = $false
androidDeviceBlockedOnMissingPartnerData = $false
iosDeviceBlockedOnMissingPartnerData = $false
partnerUnsupportedOsVersionBlocked = $false
windowsEnabled = $false
partnerUnresponsivenessThresholdInDays = 6
} | ConvertTo-Json
$postRequest = Invoke-RestMethod -Uri $url -Method Patch -Headers $authHeader -Body $body
$postRequest
Intune and the rest of Microsoft Intune are growing. To keep your environment nice, clean and secure it is a good idea to monitor your MEM environment. In this blog, I explain how to monitor Intune based on Graph API and PowerShell with Azure Functions.
Continue Reading