Intune

Windows BitLocker configuration using Intune

by

In this article, I will show you Windows BitLocker configuration using Intune. BitLocker encrypts the hard disk data to prevent data loss if a device is stolen/ lost. If the device is stolen or lost, data is secured. Others can still format the system but won’t be able to get the data. 265-bit encryption has … Read more

Identify simple passwords in the organization

by

We can set some configurations to identify simple passwords in the organization, but first, let’s see what can happen with simple or weak passwords in the organization: Data Breaches: Weak passwords will welcome vulnerability which leads to data breaches. Attackers can gain access to sensitive information about the organization. Account Takeovers: Simple passwords make it … Read more

Setup Outlook profile automatically via Intune

by

Setup Outlook profile automatically via Intune will be great for the organization’s users when setting it up. They don’t have to worry about all the difficult steps like POP3, SMTP or IMAP. The application will automatically get all configuration and setup done without much effort. Intune configuration Let’s dive into the configuration to setup Outlook … Read more

Set Default Apps via Intune

by

Setting up Default apps saves time and reduces efforts for non-IT users. You can’t set for all the apps at once but you can do which are most essentials. Let’s learn how to set default apps via Intune.

Here I will give you two examples but you can add as much as possible in the configuration file.

Configuration

Before we do the configuration, we need to do some preparation work, to prepare the configuration file, follow the below-mentioned steps:

  • Open command prompt as Administrator
  • Run the command – Dism /Online /Export-DefaultAppAssociations:c:\temp\DefaultApps.xml

Set Default Apps via Intune

  • Open the file in Notepad or Notepad++, whichever extension you want to edit start editing in the file.
  • I am going to change for Google Chrome & Outlook application
  • It will look like this:
<?xml version="1.0" encoding="UTF-8"?>
<DefaultAssociations>
  <Association Identifier=".htm" ProgId="ChromeHtml" ApplicationName="Google Chrome" />
  <Association Identifier=".html" ProgId="ChromeHtml" ApplicationName="Google Chrome" />
  <Association Identifier="http" ProgId="ChromeHtml" ApplicationName="Google Chrome" />
  <Association Identifier="https" ProgId="ChromeHtml" ApplicationName="Google Chrome" />
  <Association Identifier="read" ProgId="ChromeHtml" ApplicationName="Google Chrome" />
  <Association Identifier=”.eml” ProgId=”AppXn1scph4yxkh5tvym038c6zjjfpmdg2fg” ApplicationName=”Outlook (new)” />
  <Association Identifier=”mailto” ProgId=”AppXbx2ce4vcxjdhff3d1ms66qqzk12zn827″ ApplicationName=”Outlook (new)” />
</DefaultAssociations>
  • Now, Intune won’t understand this format we need to change it to Base64 format.
  • You can use any of the Base64 Encode websites for this.

Now your preparation work has been completed, let’s go to Intune for further configuration:

  • Go to the Microsoft Intune Admin Center
  • select Devices and open Windows
  • In Configuration Profiles, create a new profile.
  • Select custom template

Set Default Apps via Intune

  • Add a Name and Description as you want.
  • In the Configuration setting Add the New setting.
    • Name & Description – as per your configuration
    • OMA-URI = ./Device/Vendor/MSFT/Policy/Config/ApplicationDefaults/DefaultAssociationsConfiguration

Set Default Apps via Intune

  • You can add as much as you want

Set Default Apps via Intune

  • Assign assignment as per your deployment
  • Applicability Rule will be as per your OS-based deployment or leave it blank.
  • Review the configuration and save.

That’s it, the configuration is done.

Read more

Block Microsoft Store via Intune

by

Keep Store app available in the corporate environment is risky for business, Hence, this article will guide you on how to block Microsoft Store via Intune There are some reasons why it is necessary to block the store: Improve Security: It will reduce the risk of Malware Control Software Installations: Stop users from downloading and … Read more

Block Change Date and Time in Windows via Intune

by

I have created this article to show you how to block change Date and time in Windows via Intune. This will stop users from changing the date and time in the Windows system as this is a common security practice and it is required for the integrity of data and security. There are a couple … Read more

OneDrive Access Delegation

by

OneDrive makes it easy to collaborate by sharing files and folders with others in or outside the organization. Sometimes, we may need to give access to another user’s OneDrive with another user. For the left employee, OneDrive access is required for business users. In this article, I will guide you on OneDrive access delegation. How … Read more

Printer installation via Intune

by

Printer installation looks straightforward, but when it comes to big organizations, multiple printers and IT are required for installation, and it becomes a burden for the IT team. We will create a configuration for Printer installation via Intune so that users can install the printer by themselves from the company portal. Script preparation and Intune … Read more

Intune Error code 0x801c003

by

This document was created for enrollment errors, specifically the Intune error code 0x801c003 “This user is not authorized to enroll”, when you try to enroll a new Windows device. Details about Error codes The Intune error 0x801c003 may have different error messages depending on the cause: Error code 0x801c003: This user is not authorized to … Read more

Optimized by Optimole