emsappsettings01Since this week Microsoft Intune supports Mobile App Configuration Policies which allows you to configure settings in an application that you are deploying via Microsoft Intune. The must be enabled to support App Configuration via MDM but does not have to be the Intune SDK integrated.

On this page you see the MAM enabled apps for Intune, on the same page I will also create references to apps that support Mobile App Configuration soon!

Read more

As from next Monday until the 5th of October Microsoft is deploying a new update to Microsoft Intune, this time the following features will be added.

  • iOS Managed App configurations; create and deploy configuration policies for iOS managed apps which means that you are able to preconfigure iOS apps that are managed and are supported. Think of a custom port number, language settings, security settings, and branding settings. Read more information here.
  • Ability to deploy MSI apps to Windows 10 devices that are managed via the MDM channel.
  • Ability to create and deploy Windows 10 configuration policies to the users with Windows 10 devices. Read more information here.

See the complete announcement here.

mmsThe (if you ask me) community for community event this year will be again the Midwest Management Summit in Minneapolis this 9-11 November. Last year this event was organized for the first time by the Minnesota System Center User Group and it was a huge success! See here my wrap-up blog of the first edition. So if you want to attend a real knowledge event with many speakers and MVPs from around the world be sure to attend this November in the Mall Of America, it is getting sold out!!

Read more

pmm-4-03Last year I wrote several blogs about a great plugin for Configuration Manager 2012 R2, Parallels Mac Management for Configuration Manager. While I was in Denver for BriForum presenting about the 3.5 version, the new version 4.0 was released with some great new features related to OS Deployment of Mac OS X images.

Read more

adfs02According to the Intune alerts you may run into issues when using Windows Phone 8.1, Microsoft Intune together with ADFS for device registration and authentication on your own Active Directory domain instead of directly in Azure Active Directory. Let’s have a look.

If you use  ADFS for on-premises device registration you may have configured a setting called DeviceAuthenticationEnabled to be enabled in the ADFS global authentication policy. Because of this setting users with a Windows Phone cannot authenticate while accessing the Company Portal. Users will be redirected to the Sign In button on the Windows Phone every time you supply your UPN. The redirection to the AD FS logon screen will not happen.

Read more

Next week new features for Microsoft Intune are released during the scheduled service maintenance which is scheduled from 21st until the 27th of August.

Features that are added are the following;

  • Multi-identity support for OneDrive app on Android
  • Deployment of certificates in .pfx format (without the need for NDES)
  • Conditional access for Windows PCs
  • User-specific terms and conditions
  • Management of Activation Lock feature for iOS
  • Support for custom VPN profiles for iOS
  • Intune Company Portal app for Android updated

Stay tuned for more information, read the Microsoft Intune blog here!

Microsoft is very busy developing the next version of System Center Configuration Manager, today Microsoft released technical preview of VNEXT. Like the other technical previews Microsoft allows you to test the next version in a lab environment. This version allows you to test the following new features;

  • Deployment of required applications to Windows 10 devices managed via on-premises mobile device management (MDM)
  • Cluster-aware settings
  • High availability support with SQL Server 2014 AlwaysOn
  • Ability to run software update cleanup tasks

And of course the features released in the earlier versions. (TP1 info, TP2 info)

Read the blog of the ConfigMgr Team here. Download the Technical Preview here. The Technical Preview is like the earlier versions time bomed at 60 days. See the TechNet docs here.

If you want to see the on premise MDM options in real live? Be sure to attend Greg Ramsey and my session at IT/Dev Connections!!

IntuneA couple of days ago Microsoft released an Microsoft Intune Information Bulletin. As from September Microsoft Intune  will deploy the Azure Authenticator app as a required app to all users that are using an Android device.

In one of the next Intune releases an option to opt out will become available under the Mobile Device Management, Android node in the Intune admin console.

Read more

Luckily we still have the BriForum pictures

Categories: Community, Speaking
Comments: No

This week I was able to attend and speak at BriForum in Denver. Wow what is BriForum a nice community event, no sales, no marketing just techies sharing knowledge and experience with others. What a great week it was, met some really nice people and attending a non Microsoft only conference was sometimes a real eyeopener 😉 Without joking, normally I attend Microsoft oriented conferences like TechEd and MMS (both Microsoft Management Summit as Midwest Management Summit) but BriForum is a place where you can find it all. Microsoft, Citrix, Vmware all the VMI and Mobility experts. So much knowledge in one building, phew. Being part of BriForum felt like being part of the BriForum family since many of the attendees and speakers knows each other for years and years.. To summarize it in three words: IT WAS GREAT!

Luckily we still got the pictures and the nice memories. Look for the official BriForum pics here or www.brianmadden.com. Download my Slides here and session resources here.

Read more

As part of book writing I used Azure Active Directory Connect to setup Directory Sync, ADFS and ADFS Proxy in a lab environment. While configuring I saw something helpful which I wanted to share with you. If I wanted to initiate a Sync with the good old DirSync I always ran the Configuration Wizard again, since the last step of the wizard was initiating a sync. Always fun with remembering the accounts and passwords. 😉

With Azure Active Directory a scheduled task is configured to run every 3 hours after the initial configuration. This means that you are able to start the task manually to initiate a sync. May save you some time waiting for objects to be synchronized to Azure Active Directory.


AAD Sync Scheduled Task


briforumsessionYesterday I was honored to speak at BriForum about managing Mac OS X devices with ConfigMgr 2012 R2 SP1 natively and with the Parallels Mac Management for SCCM plugin. During this session I showed what we need to enable and configure Mac OS X support in ConfigMgr 2012 R2 SP1 and what options are currently available.

If you want to “play” with the different Configuration Items I showed during the demo’s, please have a look here. You are able to download and import them into your ConfigMgr environment.

During the session I showed also the Parallels Mac Management (PMM) for SCCM plugin, the version I showed was beta-3 of version 4.0. Next Friday the new version of PMM available. Expect more about the new abilities later on this blog. Also referred to the fact that Mac OS X support for Microsoft Intune has been announced at Microsoft Ignite, if you want to see that session again have a look here.

If you want to read earlier blogs about managing Mac devices with ConfigMgr have a look here.

Thanks for joining my session and hopefully until next year. If you have any feedback, please let me know.