Conditional Access: Skip MFA for Company Devices on the Company Network
Posted inConditional Access Entra ID (Azure Active Directory) Microsoft 365

Conditional Access: Skip MFA for Company Devices on the Company Network

A common Conditional Access policy is to add trusted locations as an exception to multi-factor authorisation requirements.  The logic goes, if you accessing resources such as Office 365 from a location such as the corporate office, that's an element of verification in itself that your login should be trusted, so we should improve your user experience by removing MFA.  Personally, I support the use of MFA regardless of where you are authenticating (at the…
Update BitLocker Unique Identifiers with Intune
Posted inBitLocker Intune Microsoft 365 Microsoft Intune Windows

Update BitLocker Unique Identifiers with Intune

BitLocker unique identifiers are values used to identify the ownership of an encrypted volume.  The device that performs the encryption holds the unique identifier and as encryption begins, it also records this against the metadata of that encrypted volume. The identifiers are typically used in tandem with the BitLocker removable data-drive setting write access to devices configured in another organisation which, if set to block, will prevent write operations on devices where the unique…
Microsoft Defender Antivirus – Schedule & Install Updates via Network Shares
Posted inMicrosoft 365 Microsoft Defender Microsoft Defender for Endpoint Microsoft Defender XDR PowerShell

Microsoft Defender Antivirus – Schedule & Install Updates via Network Shares

Although not common, there are scenarios out where you will have LAN-only devices onboarded in Microsoft Defender for Endpoint (MDE), or at least using Microsoft Defender Antivirus (MDAV).  With no line of sight to the internet, you can use options such as WSUS, but in this blog, I'll explore using a network share, as WSUS isn't always an option. Set up the network share for updates 1. Create a directory on your file server…
Microsoft Defender Network Protection – Not Enabling via Intune – Troubleshooting & Fix
Posted inIntune Microsoft 365 Microsoft Defender for Endpoint Microsoft Intune SmartScreen/Network Protection

Microsoft Defender Network Protection – Not Enabling via Intune – Troubleshooting & Fix

When configuring Defender for Endpoint (MDE) customer recently, I ran into a problem when trying to enable network protection.  Network protection is a feature of MDE and Microsoft Defender Antivirus (MDAV) that takes the filtering capabilities of SmartScreen and applies them to all network traffic.  It is a prerequisite for things such as MDE's web content filtering and URL/domain indicators of compromise. This blog details the specific problem I had enabling it with Intune…