SCCM/MDT – The latest version of the Microsoft Deployment Toolkit is available

After few months of waiting, the latest version (8456) of the Microsoft Deployment Toolkit (MDT) is now available for download. This version provides support for Windows 10 1809 and Windows Server 2019. You can get it from https://aka.ms/mdtdownload As always, you will have to update your existing MDT share and/or the SCCM integration.

Read More

Intune – You can now check the compliance from SCCM

As you may already know, System Center Configuration Manager (SCCM) and Intune can work together, delivering a co-managed device management solution. Well, you can now use the compliance state from SCCM with Intune. This setting will only apply to co-managed devices, if the devices are managed by Intune only, this will not be applicable. To enable the ‘co-management compliance state’ go to your Azure portal (https://portal.azure.com) and reach out the…

Read More

Azure – Azure AD B2B now supports one time password (preview)

Azure Active Directory (Azure AD) is making things easier to collaborate with external users (guest) by supporting email one-time password. This new capability (in preview) allows external users (guests) to sign in and authenticate against your Azure AD using a one time password (OTP) send by email when they do not have already a Microsoft corporate account (Azure AD), Google ID or Microsoft personal account (MSA). Each time such guest…

Read More

SCCM – An update for SCCM Current Branch is available and solves the incorrect available updates for Windows Server 2019

An update for System Center Configuration Manager Current Branch (SCCM 1810) has been made available and solves the issue with the incorrect Windows version displayed when updating Windows Server 2019 image (as explained here https://t.co/AoTjH1q0pS Additional fixes are also available: see https://support.microsoft.com/help/4486457

Read More

Azure – Workday integration with Azure AD is getting stronger

As you may already know you can use Workday to automatically manage user account provisioning/termination with Azure AD (and/or Active Directory). Well this integration is getting stronger and simpler as the solution is now reaching the general availability state with some interesting updates: The new Provisioning Agent with built-in support for high availability and failover allows you to configure user provisioning to multiple on-premises Active Directory domains User account provisioning…

Read More

Azure – An MSI package is now available for Az PowerShell module

Following the general release of the new Azure PowerShell module (Az) (see https://t.co/xrzdIDmG7M), Microsoft has made MSI packages available to allow you deploying this new module (as it used to be for the previous Azure PowerShell module) which will be helpful if you use software deployment system like SCCM. You can get the MSI package from: x86 bits https://github.com/Azure/azure-powershell/releases/download/v1.1.0-January2019/Az-Cmdlets-1.1.0.25353-x86.msi x64 bits https://github.com/Azure/azure-powershell/releases/download/v1.1.0-January2019/Az-Cmdlets-1.1.0.25353-x64.msi These packages are available for the latest version…

Read More

Azure – New capabilities for Azure Backup applicable to Azure Files (preview)

Azure  Backup has been updated to provide new capabilities: Azure Backup now supports backing up NTFS ACL’s set on Azure Files (see https://docs.microsoft.com/en-us/azure/storage/files/storage-files-active-directory-overview to know more about). This means when you restore Azure Files, the NTFS permissions will be also restored. This capability is currently in preview. PowerShell can now be used to run backup and restore operation for Azure Files. This requires the latest version of the PowerShell Az…

Read More

OneDrive for Business – Files mass deletion notification is coming in OneDrive for Business client

You may already know that you can have notification when a files mass deletion occurs (thanks to the Security & Compliance alert). Well, this is going to get better as this alert is being sent only after the mass deletion has been executed and is being sent to administrators. OneDrive for Business client is going to get an update to notify end-users when a files mass deletion (more than 200…

Read More

Azure Information Protection – Central management for AIP Scanner is coming

The Azure Information Protection (AIP) scanner is going to be easier to manage: a central management for Azure AIP scanner is coming. This new capability is currently in preview; this means you need to use the Azure Information Protection preview client (version 1.45.32.0 or later) and the required Azure administration portal configuration blade (if this is not yet available in your tenant, you will have to wait as the deployment…

Read More

Office 365 – A new network performance tool is coming

Office 365 services can have a significant impact on network. Since Office 365 has been in the market, Microsoft has been provided guidance and tool (formerly known as SpeedTest or Office 365 Client Performance Analyzer more recently) to analyse the network impact of the various services offered by Office 365. A new tool is underway (currently in preview / proof of concept) to help identifying connectivity and performance issues. The…

Read More

Flow – You can use Flow to automate actions based on Cloud App Security event

If you are using the Cloud App Security (CAS) service, you can connect Microsoft Flow to it in order to automate actions like generating ticket in SIEM system, send notification to user and/or manager, disable account… To do so you must, off course, have an active Cloud App Security and Flow subscription. Then you need to generate a token to allow Flow to connect to CAS Connect to your Cloud…

Read More

Intune – Group Policy is coming in Intune (preview)

The latest update on Intune is providing (in preview) the ability to configure group policy (GPO) for Windows 10 devices. This is not (yet?) the exact group policy we have in Active Directory but the idea is the same and based on the well known Administrative Templates (ADM/ADMX). NOTE this is currently not supported for co-managed device (aka Azure AD joined devices managed with System Center Configuration Manager (SCCM)) but…

Read More

Intune – New Intune tenant details blade available

Intune has been updated to include a new blade resuming all Intune tenant details and health information. This new blade, called Tenant Status, is available below the Help and Support section of your Intune tenant, accessible either from the Azure portal – https://portal.azure.com It gives you your Intune tenant details (name, location, service release (version), number of licenses available and applied, number of enrolled devices) as well as health details…

Read More

Outlook – Notification when a known issue is detected (preview)

The Outlook client, coming with the Office 365 Click To Run (C2R), is now providing notification when a known issue has been detected. I got this notification with the Office 365 Click To Run 1901 build 11220.20008 (or version 16.0.11220.20000) The ‘title’ of the issue is a clickable element which then open the related Microsoft KB article or the Office updates details page. This is something which is going to…

Read More

Office 365 – New cloud-based management options for Office 365 Pro Plus

A new configuration tool (in preview) is available for Office 365 Pro Plus (Office Click to Run) to help administrator to define and apply configuration policy. This new capability helps to manage Office C2R installation on Windows without the ‘classic’ management infrastructure or MDM service. The defined Office configuration will apply to both managed and unmanaged devices as it uses Azure Active DIrectory. It does not replace group policy objects…

Read More