In this blog post, we will see how to use conditional access to deny/block access to Office 365 Exchange Online (emails) from windows devices and mac devices . conditional access allow access to company data only for authenticated users from compliant devices (If you apply conditional access to list of users ,device must enroll before they check for device compliance) from approved apps under the right conditions. More information about conditional access read from Technet https://docs.microsoft.com/en-us/intune/conditional-access To block access to o365 exchange online (not for exchange on-prem) from windows and mac devices using mobile apps and desktop apps like outlook…
Author: Eswar Koneti
Microsoft has released SCUP 2017 preview 2 update with enhanced update catalog to provide better experience for users in consuming large catalog updates. While old catalog formats are still supported, catalog providers will need to add information to their existing catalogues to take advantage of these improvements that exist in this preview 2 update. This preview 2 update contains the following improvements: Indexing for quicker imports of previously imported catalogs – Catalog producers can now index their catalogs. This will allow users to import large catalogs containing few new updates more quickly. Inclusion of signing certificates within updates catalogs –…
This is quick blog post to address the issue of blank site in the installation options while installing SCCM Client software using client push installation method. In SCCM 2012 and above ,you have RBAC (Role based administration access) to secure the access that is needed to administer Configuration Manager. You also secure access to the objects that you manage, like collections, deployments, and sites. For more information about RBAC ,please read https://docs.microsoft.com/en-us/sccm/core/understand/fundamentals-of-role-based-administration and https://blogs.technet.microsoft.com/hhoy/2012/03/06/role-based-administration-in-system-center-2012-configuration-manager/ Coming to the subject line ,We have created security scopes and security roles for different LBU’s with required permissions limiting to their country collections (Note: we…
I was contacted by colleague that Configmgr is not showing the updates that were published day ago by SCUP . So i started checking the SCUP configuration (proxy) and the updates status if they are published or not using the date published and also verified SCUP logs. From SCUP perspective,all looks good. Next to look at Configmgr ,in this ,i checked the SUP properties if the published products are selected or not , check the proxy details in site system role properties. Next to look at proxy details that are configured in IE for system account for which ,you…
Beginning with configuration manager version 1702, clients use boundary groups to find a new software update point. You can add individual software update points to different boundary groups to control which site servers, a client can find the content or update scan. More information about boundary groups and its relationship with software update point changes in 1702 and 1706 ,please refer TechNet link https://docs.microsoft.com/en-us/sccm/core/servers/deploy/configure/boundary-groups ,it has lot of information than i explain. Few weeks ago ,i was looking at the boundaries and boundary groups that are configured for my environment with fallback information (especially distribution point and software update point).…
Microsoft Azure portal for Intune provide you the information about user sign-in activities (includes usage of managed applications) and Audit Logs (information about users ,group management ,your managed applications and directory activities) through reporting. The information which is tracked ,will help you to determine sign-in status for applications,with MFA(Multi factor authentication),MFA results etc To see the activity of Sign-ins and Audit logs, login to https://portal.azure.com ,click on Intune ,right side you will see Users Click on Users to see activity with Sign-ins and Audit logs ,Click on Sign-Ins On the right side ,you will see list of all users with…
Maintenance windows in SCCM Configmgr enable you to define a time when SCCM operations can be carried out on members of a device collection. These maintenance windows are helpful to ensure that client configuration changes occur during periods that do not affect the productivity of the organization. More information about Maintenance windows refer https://docs.microsoft.com/en-us/sccm/core/clients/manage/collections/use-maintenance-windows I had requirement to remove all Maintenance windows that are set on list of collections .Removing the Maintenance windows for each collection would be tedious task. Right click on collection ,select maintenance window and delete the Maintenance window. Note:Removing the Maintenance windows allow to install…
I had setup standalone intune (MDM authority to Intune) to manage mobile devices long-time ago ,but after doing some testing on android,windows and iOS devices ,i decided to change MDM authority from Intune to Configuration Manager console (hybrid) . To change the MDM authority from intune to hybrid ,Login login to SCCM console ,go to administration –>cloud services –>Microsoft intune subscription –>Add Microsoft Intune Subscription This process will prompt you to login using Microsoft intune subscription ,configure company contact information,logo etc. After doing all the initial setup , verified logs and confirm that the MDM authority is set to…