Use Intune Policy CSP manage Windows 10 settings - Internet Explorer Site to Zone Assignment List

For start, I was actually testing ConfigMgr cloud gateway management and Client Installation over Internet, see this post https://blogs.technet.microsoft.com/arnabm/2017/08/27/client-installation-over-internet/ I did managed install ConfigMgr client on AAD joined Windows 10 (version 1709), but I also want configure some Internet Explorer settings to my AAD joined device. Since Windows 10 (version 1703), we can use Intune Policy CSP to… Read More »

How to query Infineon firmware TPM (Microsoft Advisory ADV170012) in ConfigMgr

If you don’t know what is this about, you must read this https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012 Additional, in this article https://support.microsoft.com/en-us/help/4046783/bitlocker-mitigation-plan-for-vulnerability-in-tpm, it said  When TPM-based protector is used to protect the operating system volume, the security of the BitLocker protection is affected only if the TPM firmware version is 1.2. But the script what Microsoft provided doesn’t include detection if TPM… Read More »

Use PowerShell detect if Lenovo laptop is attached docks

Big thanks for Joe Parker (@joe_lenovo) gave us PnP ID of Lenovo ThinkPad Pro/Ultra docks. ThinkPad Pro dock 40A1: USB\VID_17EF&PID_1012 ThinkPad Ultra 40A2: USB\VID_17EF&PID_1010   This a simple PowerShell script for detect if Lenovo laptops are attached to dock station, includes mechanical Lenovo ThinkPad docks and Lenovo USB 3.0 Pro/Ultra docks. 

or:

 

Devices Management: Azure AD Join vs. Azure AD Device Registration vs. Domain Join

For start, please read this article https://blogs.technet.microsoft.com/trejo/2016/04/09/azure-ad-join-vs-azure-ad-device-registration/, there are details regarding these matters. So why am I writing these? As an IT professionals, we can read those technical articles, understand like MDM, MAM, ConfigMgr/SCCM, AAD, GPO, but customers don’t. When customer wants a device management solution, they often ask “What kind of devices management you can offer?” or… Read More »