adfs02According to the Intune alerts you may run into issues when using Windows Phone 8.1, Microsoft Intune together with ADFS for device registration and authentication on your own Active Directory domain instead of directly in Azure Active Directory. Let’s have a look.

If you use  ADFS for on-premises device registration you may have configured a setting called DeviceAuthenticationEnabled to be enabled in the ADFS global authentication policy. Because of this setting users with a Windows Phone cannot authenticate while accessing the Company Portal. Users will be redirected to the Sign In button on the Windows Phone every time you supply your UPN. The redirection to the AD FS logon screen will not happen.

Read more

Next week new features for Microsoft Intune are released during the scheduled service maintenance which is scheduled from 21st until the 27th of August.

Features that are added are the following;

  • Multi-identity support for OneDrive app on Android
  • Deployment of certificates in .pfx format (without the need for NDES)
  • Conditional access for Windows PCs
  • User-specific terms and conditions
  • Management of Activation Lock feature for iOS
  • Support for custom VPN profiles for iOS
  • Intune Company Portal app for Android updated

Stay tuned for more information, read the Microsoft Intune blog here!

Microsoft is very busy developing the next version of System Center Configuration Manager, today Microsoft released technical preview of VNEXT. Like the other technical previews Microsoft allows you to test the next version in a lab environment. This version allows you to test the following new features;

  • Deployment of required applications to Windows 10 devices managed via on-premises mobile device management (MDM)
  • Cluster-aware settings
  • High availability support with SQL Server 2014 AlwaysOn
  • Ability to run software update cleanup tasks

And of course the features released in the earlier versions. (TP1 info, TP2 info)

Read the blog of the ConfigMgr Team here. Download the Technical Preview here. The Technical Preview is like the earlier versions time bomed at 60 days. See the TechNet docs here.

If you want to see the on premise MDM options in real live? Be sure to attend Greg Ramsey and my session at IT/Dev Connections!!

IntuneA couple of days ago Microsoft released an Microsoft Intune Information Bulletin. As from September Microsoft Intune  will deploy the Azure Authenticator app as a required app to all users that are using an Android device.

In one of the next Intune releases an option to opt out will become available under the Mobile Device Management, Android node in the Intune admin console.

Read more

Luckily we still have the BriForum pictures

Categories: Community, Speaking
Comments: No

This week I was able to attend and speak at BriForum in Denver. Wow what is BriForum a nice community event, no sales, no marketing just techies sharing knowledge and experience with others. What a great week it was, met some really nice people and attending a non Microsoft only conference was sometimes a real eyeopener 😉 Without joking, normally I attend Microsoft oriented conferences like TechEd and MMS (both Microsoft Management Summit as Midwest Management Summit) but BriForum is a place where you can find it all. Microsoft, Citrix, Vmware all the VMI and Mobility experts. So much knowledge in one building, phew. Being part of BriForum felt like being part of the BriForum family since many of the attendees and speakers knows each other for years and years.. To summarize it in three words: IT WAS GREAT!
briforum_US_logo

Luckily we still got the pictures and the nice memories. Look for the official BriForum pics here or www.brianmadden.com. Download my Slides here and session resources here.

Read more

As part of book writing I used Azure Active Directory Connect to setup Directory Sync, ADFS and ADFS Proxy in a lab environment. While configuring I saw something helpful which I wanted to share with you. If I wanted to initiate a Sync with the good old DirSync I always ran the Configuration Wizard again, since the last step of the wizard was initiating a sync. Always fun with remembering the accounts and passwords. 😉

With Azure Active Directory a scheduled task is configured to run every 3 hours after the initial configuration. This means that you are able to start the task manually to initiate a sync. May save you some time waiting for objects to be synchronized to Azure Active Directory.

aadsyncscheduler

AAD Sync Scheduled Task

 

briforumsessionYesterday I was honored to speak at BriForum about managing Mac OS X devices with ConfigMgr 2012 R2 SP1 natively and with the Parallels Mac Management for SCCM plugin. During this session I showed what we need to enable and configure Mac OS X support in ConfigMgr 2012 R2 SP1 and what options are currently available.

If you want to “play” with the different Configuration Items I showed during the demo’s, please have a look here. You are able to download and import them into your ConfigMgr environment.

During the session I showed also the Parallels Mac Management (PMM) for SCCM plugin, the version I showed was beta-3 of version 4.0. Next Friday the new version of PMM available. Expect more about the new abilities later on this blog. Also referred to the fact that Mac OS X support for Microsoft Intune has been announced at Microsoft Ignite, if you want to see that session again have a look here.

If you want to read earlier blogs about managing Mac devices with ConfigMgr have a look here.

Thanks for joining my session and hopefully until next year. If you have any feedback, please let me know.

briforum_US_logo

Last two months it was community wise very busy, I spoke at BriForum London, TechDays Netherlands and last Friday I was invited to speak at the Swiss Configuration Manager Community. Next month I am invited at BriForum in Denver to speak about managing Mac OS X devices with SCCM 2012 R2 natively and when you extend it with the Parallels Mac Management plugin for SCCM.

Read more

Console extendedCurrently more and more applications in the Apple and Google Play stores become manageable via Microsoft Intune.

For instance, when you have the Microsoft Office mobile apps available in Microsoft Intune for a while you may want to use the Mobile Application Management policies to control what the users are able to do with the corporate data in the apps. Currently, if you do nothing the app currently stay unmanaged.

So let’s see what you can do in both Intune and Configuration Manager.

Read more

sccmfeedbackToday the Enterprise Client Management Team of Microsoft released two new initiatives to allow the community to shape both Configuration Manager and Microsoft Intune. Microsoft uses the Uservoice platform to get feedback from their users / us. You are able to submit feedback or ideas for features you like to see in the products or not.

Other users are able to vote for the best (new) features or feedback.

Have a look via the links below and shape Configuration Manager and Microsoft Intune so that it fits your needs :)

I have posted some ideas here, here,  here and here.