Enroll Windows 365 Business in 3 steps

Windows 365 Business and Enterprise has been around for the last year and the companies begin to see all the advantages to easy deploy a Windows pc. In this post I want to show how easy it is to deploy Windows 365 Business for a user. Are you […]

Proactive Remediations – MS Defender

Microsoft Defender on each client is a high important tool as it both are an Antivirus tool – but also deliver info to Defender for Endpoint as a sensor. Microsoft developed Tamper Protection that should make sure evil software/process not should be able to disable Microsoft Defender. But […]

AVD tip! – Logon script with RemoteApp

When you setup RemoteApp in Azure Virtual Desktop – Microsoft has designed it to minimize the load of: The Run registry entry The RunOnce registry entry The startup applications Simply to make a better and faster experience on the logon phase.Read more about this.The 2 workarounds Microsoft suggested […]

Admin by Request: LAPS for Autopilot device

I have over time been more and more impressed with Fasttrack: Admin by Request.How they solve a nightmare for IT admins. It can be hard to deliver all software for the endpoints – and some software is so special and maybe need to be installed in a various […]

Create bootable USB w. Windows 11 incl. Autopilot JSON file

This guide will go through all steps to create a bootable USB with Windows 11 – that includes the Autopilot profile for your Microsoft Endpoint Manager tenant. This USB can be used to onboard all computer – just after reinstall. First you need Windows 11 ISO image – […]

Admin by Request + MS AppLocker = GREAT

Companies need to fulfil regulations, to document what specific applications that is running on the PC. Here it can be hard to make sure users don’t download software that is not approved and run ex. Shareware/malware, TeamViewer QuickSupport or Google Chrome. But Companies still want the flexibility to allow […]

Admin By Request – Tray Tools

Previous Client management projects – was with a focus on lock down the client much as possible, so end-user couldnt install anything manually. But working with the product Admin By Request on more projects, it is clear, that it is no problem to give the user just-in-time(JIT) access […]

Use MDfE to hunt for PrintNightmare

We have the last week tried to patch endpoints for the PrintNightmare Vulnerability(CVE-2021-34527) – and Microsoft still have an open gab for this. But to follow the patching – here Microsoft Defender for Endpoint gets handy. Specially with the Advanced Hunting. Query to search for Windows 10 devices […]

Boost Microsoft Edge startup

If your organisation already switched to Microsoft Edge – maybe this feature can be ussful. With a simple policy – you can get the Edge Chromium to start instantly.You just need to be on version: 88.0.705.50 or above. The policy is named:HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge StartupBoostEnabled DWORD (delete) = Default0 = Always disabled1 = […]

Onboard existing devices

When we talking about Windows 10 and Autopilot – we always recommend to make and agreement with the OEM partner, so they prepare the hardware to the Autopilot device list. But for existing hardware we need to onboard to Autopilot – can be another story. If you have […]