Using the clipboard between Azure Virtual Desktop and the users client is a great way to send data back and forth. But it is also could big leak into the system. So maybe you want to limit the use of the clipboard or get more control on how the clipboard could be used between the user and the Azure Virtual Desktop enviroment.
Continue Reading
Welcome to this blog about configuring Azure Virtual Desktop session host with Microsoft Intune. The Intune settings catalog is growing very fast and now also AVD settings making it to the settings catalog.
Continue Reading
Emergency accounts are a fundamental part of any security strategy. They are used to access systems when the primary account is unavailable or locked out. In the past, emergency accounts were often called “break glass” accounts. In an earlier post, I explained how to create an emergency account based on a user account with a password. In this post, I will show you how to automate the creation of a passwordless, multi-layered emergency account using Graph API.
Continue Reading
I often write blogs about getting data with the Graph API and using it for monitoring. A while ago I was thinking about how to get my own data into Log Analytics.
In this blog post, I show how to ingest custom MEM data into a Log Analytics table. I also show how to configure all components in an automated way.
The IT landscape is changing. Private becomes public, local resources are moving to the public cloud. More and more workloads return to the local endpoint. Cloud endpoints (AVD, W365) are mostly used to run legacy software. With all those movements, it could be challenging to keep the herd in the pasture. Devices are everywhere and what about security?
Continue Reading
https://learn.microsoft.com/en-us/mem/intune/protect/advanced-threat-protection-configure
Find the if there is a connector already. Otherwise, create one.
$url = "https://graph.microsoft.com/beta/deviceManagement/mobileThreatDefenseConnectors/fc780465-2017-40d4-a0c5-307022471b92" #/fc780465-2017-40d4-a0c5-307022471b92
$request = Invoke-RestMethod -Uri $url -Method Get -Headers $authHeader
$request.value | ConvertTo-Json -Depth 9
$body = @{
androidEnabled = $false
iosEnabled = $false
androidDeviceBlockedOnMissingPartnerData = $false
iosDeviceBlockedOnMissingPartnerData = $false
partnerUnsupportedOsVersionBlocked = $false
windowsEnabled = $false
partnerUnresponsivenessThresholdInDays = 6
} | ConvertTo-Json
$postRequest = Invoke-RestMethod -Uri $url -Method Patch -Headers $authHeader -Body $body
$postRequest
