Ru (Ruairidh) Campbell is a Microsoft MVP and Microsoft security solutions architect, helping customers with security, compliance, identity, and modern device management. Specializing in Azure AD, Enterprise Mobility + Security, and Microsoft Defender.
Last Update: Sep 04, 2024
Enrollment restrictions are sets of rules assigned to Azure AD groups. There are two types of enrollment restrictions: device type and device limit.
Last Update: Sep 04, 2024
On-premises Active Directory domain-joined PCs have typically been managed with tools such as Group Policy. At larger scales, you may have Configuration Manager or third-party tools. The availability of Intune (part of Endpoint Manager) in Microsoft 365 subscriptions such as Business Premium and E3 has opened up an alternative. The benefit many are seeing over…
Last Update: Sep 04, 2024
Intune Administrators can deploy, make optionally available, or uninstall Win32 apps with the help of Windows 10’s Intune Management Extension (IME). The IME is a service installed on Windows 10 that acts as the engine to execute these actions and, additionally, PowerShell scripts (which were originally its only purpose). Win32 apps in the context of…
Last Update: Sep 04, 2024
To protect data at rest on your Intune-managed Windows devices, BitLocker disk encryption can be applied automatically using the BitLocker CSP. If you are deploying devices with Autopilot, this will also allow you to encrypt them at the time of deployment. Existing devices will be encrypted as soon as the device checks in with Intune…
Last Update: Jul 01, 2022
Microsoft Defender has many layers and trying to understand all of the different components can be complex.