SCCM – You can now view currently logged user on a device

With the latest version of System Center Configuration Manager (SCCM) Current Branch (1806), you can now view who is currently logged on a managed device from the SCCM Console (this includes opened and disconnected session) From your Assets and Compliance workspace, select the Devices branch and right click on the list header to select Currently Logged on User

Read More

SCCM – New co-management options

With the latest version of SCCM Current Branch (1806), new options are available for the co-management capability: Mobile apps, to use Intune for mobile applications deployment while keeping your Windows client managed by SCCM Office Click-To-Run, to use your Intune for Office 365 Click to Run deployment

Read More

SCCM – A new version of SCCM Current Branch is now available

The update 1806 for System Center Configuration Manager (SCCM) Current Branch has been released and is now available for production customers. As usual the update is being delivered with the ‘in-console update’ (Administration workspace\Updates and Servicing) If the update is not yet available and you do not want to wait, a PowerShell script is available to force the detection here https://gallery.technet.microsoft.com/ConfigMgr-1806-Enable-3eb4b46c As part of the new capabilities, you can: add…

Read More

Intune – Third party certification authorities is now supported for SCEP

One of the important security management responsibilities of Microsoft Intune is the ability to issue certificates to devices using the Simple Certificate Enrollment Protocol (SCEP). Starting today, Intune now supports third party certification authorities for SCEP – starting with Entrust as first CA. Support of Active Directory Certificate Services is still supported of course Below an high level diagram explaining how SCEP works with Intune (courtesy Microsoft) To setup the…

Read More

Office 365 – New anti-phishing capabilities added to Advanced Threat Protection

A new default policy is being deployed for Office 365 ATP (Advanced Threat Protection) to protect you against phishing. The new policy is/will be available through the Security and Compliance administration portal (https://protection.office.com/) From there, reach out the Threat Management\Policy section and then click on ATP anti-phishing option Then the Default policy is not displayed in the list of policy; it is displayed using the button Default policy By clicking…

Read More

Azure – An updated interface for Azure AD Roles management

The Azure Active Directory Roles configuration blade has been updated to provide more details and management option for Azure AD Roles. Connect to your Azure administration portal (https://portal.azure.com) or Azure AD administration portal (https://aad.portal.azure.com) and reach out your Azure Active Directory blade or Then reach out the Roles and administrators blade At first sight it does not seems to had some changes but it has been updated; first, if you…

Read More

Azure / Office 365 – You can now use your Microsoft Authenticator mobile app for SSPR (preview)

The Self Service Password Reset, available with Azure AD and Office 365, has been updated to let your end-user use the Microsoft Authenticator mobile app when using the Self Service Password Reset (SSPR). First you need to enable this new capability from your Azure AD portal (https://aad.portal.azure.com/) or Azure portal (https://portal.azure.com) and reach the Password reset configuration blade Then go to the Authentication methods blade and enable the Mobile app…

Read More

Sway – Sway is moving to a new URL

This is not a big change but could impact your end-users if you whitelist Office 365 endpoints at your proxy level. Sway is moving to a new URL: http://sway.office.com So if you have whitelisted Office 365 services endpoints, you will have to update it to replace sway.com to sway.office.com; let me also remind you, you should start using the Office 365 Endpoints web service to maintain the whitelisting (see https://t.co/B4A5CMAkRh)

Read More

Azure – New version of Azure AD Connect available for autoupgrade

If you have configured your Azure AD Connect (the directory synchronization tool for Azure AD and Office 365), a new version (1.1.880.0) has been made available. This version solves the issue with Azure AD Connect Health agent running 100% CPU – which was (incorrectly?) reported to be related to the Framework update. Also part of this update support for Windows Server 2019 Essentials and GA (general availability) of the integration…

Read More

Azure – Azure AD Conditional Access sign-ins reports in preview

You may already be aware of this security feature called Azure AD Conditional Access helping you protecting and securing access to your resources published through Azure AD. A new capability to this feature has been added (in preview) to provide a better reporting and troubleshooting capabilities: Azure AD Conditional Access Sign-Ins Report To start using it, logon to your Azure AD administration portal – either from the Azure portal (https://portal.azure.com)…

Read More

Office Server – The previews for Exchange and Skype for Business 2019 is now available

This is it, it has just been announced: the preview of the next major version of Exchange and Skype for Business is now available (SharePoint will come later). You can get the bits here: Exchange 2019: https://www.microsoft.com/en-us/download/details.aspx?id=57167 Skype for Business 2019: http://download.microsoft.com/download/2/0/9/209372AB-F64F-4F04-8BDA-FBAB1C685BA3/W17_2044.76_Eval.iso As part the new features/capabilities: Exchange 2019 Exchange 2019 can be deployed on Windows Server Core (2016 or 2019), off course deploying on Windows Server with Desktop Experience…

Read More

Office 365 – Reminder to move to TLS 1.2

A quick reminder as the date is fast approaching: you must have moved to TLS 1.2 before October 31, 2018 It has been announced about a year ago (October 2017), all client-server and browser based communication with Office 365 services will use TLS 1.2 After October 31, 2018, if you are still using older TLS version (1.0 or 1.1), you will not be able to access your Office 365 services…

Read More

Azure AD / Office 365 – Integration with LinkedIn is finally here

It has been announced some time ago already, but now the integration is finally here. You can now enable the LinkedIn integration with your Office 365 (Azure AD) tenant. NOTE the integration is turned off by default. To enable the feature, you need to logon to your Azure portal (https://portal.azure.com/) or your Azure AD administration portal (https://aad.portal.azure.com) Then go to your Azure AD configuration blade Access the User settings configuration…

Read More

Windows 10 – Error 0x80180014 when joining Windows 10 to Azure AD

I just got an interesting error when trying to join a Windows 10 1803 to Azure AD; I was continuously getting the error ‘0x80180014’ when trying to join the device to Azure AD. The interesting thing was this device has been already Azure AD Joined but has been reset, with all reference in Azure AD or Intune removed. Nonetheless, each time I tried to join again I was getting this…

Read More

Exchange Online – Mailbox Auditing will be enabled by default

A good news for compliance and security, Exchange Online Mailbox auditing will now be enabled by default. The schedule is all commercial tenant will be set by end of calendar year. All mailboxes already set for auditing will continue to be enabled, while all others will then be audited. A new parameter for the Set-OrganizationConfig cmdlet will also be introduce for Exchange administrator to override (not recommended) this new configuration.…

Read More