Entries by Ivo Uenk

Control Winget with the Desktop App Installer policy

By default every Windows 10/11 can have the App Installer package installed and use Winget to install apps from the Winget or Microsoft Store repository. Even if the user has no admin permissions it can still install apps in user context by using the “Winget install” command.

Import or remove Windows Autopilot devices based on specific criteria

Enrolling a device with Windows Autopilot requires it to be imported in Microsoft Intune. The import can be done by either your applicable vendor or by your IT department by using a CSV file containing hardware hashes. The CSV file will be checked for invalid characters and bad hardware hashes to ensure a valid import. […]

Custom images for Windows 365 Cloud PC

I want to share my experience building and assigning a custom image for Windows 365 Cloud PC. I already wrote a blog about the Azure Image Builder process and the prerequisites. We are using Microsoft Intune, Azure Image Builder (AIB), PowerShell and ARM templates for this in combination with GitHub Actions. By adding custom configuration […]

Shared mailbox user objects

By default a shared mailbox creates a user object in Azure AD that is active. It is possible to reset the password for this user object and login directly into a shared mailbox. This is a potential security issue because they will not get Azure MFA or will be hit by any conditional access rule. […]

Training: SC-900

The network perimeter of enterprises are extending to the cloud. This will result in the need of solid security and compliance methods to stay in control of your corporate data. Microsoft provides those methods and connects them, so you have all the necessary info in the security and compliance portal. Learn what options are available […]