Category: Uncategorized

I recently posted a blog about the many ways to enroll Windows 10 devices into Intune. I didn’t go into detail on troubleshooting existing devices and how to work out the method they used to enroll in the first place. The reason you might want to know how a device was enrolled is because some …

Over the last month or so I’ve fielded some questions about the Company Portal app on Windows. The main one – “Do we need it?”. The reason for the confusion is mainly due to the fact that downloading the company portal on iOS and Android is almost always a critical step for users to get …

If you’ve been watching the Intune Whats New page closely, you may have noticed you can now use Intune to push down applications to MacOS devices. This is a quick post on how to achieve that – We’ll use Skype for Business as the example app. The IT admin process is pretty straight forward but …

The purpose of this post is to help IT pro’s and architects understand Windows Hello for Business as it relates to Windows 10 modern management (with Intune). The deployment guide for Windows hello for business is very comprehensive so I’m not reproducing that – but instead want to strip out much of the complexity and …

Part 4 – Deploy a certificate to Mobile Devices and test it out This is the last part of this blog series and is focussed on getting some user certificates to your devices and testing that certificate authentication works for the office apps. To get to this point you should have Published a CRL, Setup Azure AD …

Part 3 – Set up ADFS Active Directory Federation Services is a key requirement in making this solution work. You’ll need to configure some claims (serial Number and Issuer) so that they are issued to users and eventually presented to Azure AD. You also need to make the “Sign in using an X.509 certificate” option …

Part 2 – Configure Azure AD as a Certification Authority To get to this step, you need to have setup a public facing CRL. We are going to reference that URL in this part so you need to do it. (See Part 1). This Post covers how to extend your CA into Azure AD. If …

Part 1 – Get your Certificate Authority CRL Ready If you are not doing this already, you need to publish your CRL so that it can be hit by everyone (internally and externally to your organisation). I’ll detail the steps to publish this onto an internal web server that you already have, then use Azure …

A while back, Microsoft announced the ability to allow office apps on the phone to authenticate to office 365 services using a certificate rather than user name and password.A bunch of office apps support this – here is a list for iOS and android. Since the end-end setup is pretty complex, with a few moving …