The Issue In Operations you may get approached by your Security Team from time to time to help them close new Vulnerabilities that have been identified after a Vulnerability Scan was run. It might look like the below and contain a list of Vulnerabilities that need to be addressed. The Investigation If you are lucky … Continue reading Microsoft Endpoint Manager – “Defeating Vulnerability Scans”
As you start to connect your Intune/Endpoint Manager logs to Azure Sentinel, you may see right away that there's a DeviceType column exposed that looks valuable but the results show ID numbers instead of just device names. This DeviceType column is directly related to the DeviceTypeID for Intune device entities. As an example, the following … Continue reading Intune DeviceType Reference for Azure Sentinel KQL
Last week I finally found some time to start digging into managing security for Intune-enrolled devices with Azure Sentinel. Obviously, the first thing that had to be done was to connect Intune data to Azure Sentinel. Read about how to do that here: Connecting Intune to Azure Sentinel. The next step was to ensure that … Continue reading Digging Deeper into Intune and Azure Sentinel
We have some deeper integration coming for all endpoints in the future for Azure Sentinel through the standard ATP, DATP, and etc. connectors, but for now you can connect your Intune/Endpoint Manager tenant to Azure Sentinel pretty easily to get started sifting through the available data. It takes less than a few minutes to set … Continue reading Connecting Intune to Azure Sentinel
Intro I really love building solutions that contain a vast variety of the tools you could ever want or need to do your job. This may be a bit excessive and you might end up with tools you only click once in a blue moon. Never-the-less if you are a Configuration Manager Admin and also … Continue reading Microsoft Endpoint Manager – “Ultimate Environment”
Now, before I get inundated with "Don't use ConfigMgr Backup, SQL Backup is where it is at..." let me say, I agree with this to a point. You should be using SQL Backup for a variety of reasons the primary of which is Data Compression - ConfigMgr Site Backup Maintenance Task doesn't Compress the Database, … Continue reading Run PowerShell Script after Configuration Manager Site Backup Maintenance Task.
Picture this - It is Friday afternoon; you have one more application to test before heading home for the weekend. You deploy it to your test machine, you attempt the install and "Failed" with Error 0x8007007B (-2147024773). You don't immediately recognize this error code, so you use CMTrace to look at the AppEnforce.log and you … Continue reading 0x8007007B – While Installing Application through Configuration Manager
There are known issues with Autopilot with regards to mixing LOB Apps and Win32 Apps that install MSI's that may cause the Application Installation to Fail. As a result, wrapping even the simplest of MSI as a Win32 App ensures success in Autopilot Deployments... I'm not going to go into wrapping Win32 Apps, you can … Continue reading Deploy Configuration Manager Client through Intune, namely Autopilot…
In this post, we will look at switching SCCM infrastructure and clients to use a different certificate authority when using HTTPS only mode in SCCM.
Introduction As a Premier Field Engineer (PFE) at Microsoft, I was recently asked for Assistance in Setting up High Availability on an Environment as part of their DR plan so I thought I'd shared the process with you. Solution Historically, you could add redundancy to most of the roles in Configuration Manager by having multiple … Continue reading System Center Configuration Manager – Setting up High Availability