Ru Campbell MVP

Update BitLocker Unique Identifiers with Intune

March 22, 2021

BitLocker unique identifiers are values used to identify the ownership of an encrypted volume. The device that performs the encryption holds the unique identifier and as encryption begins, it also records this against the metadata of that encrypted volume. T...

How Conditional Access Assignments and Access Controls Work

March 21, 2021

When you authenticate with Azure AD, Conditional Access policies let you apply if-then rules for licensees of Azure AD Premium P1 or P2. The conditions within Conditional Access (CA) are called assignments, but you may also see them referred to as signals, se...

Microsoft Defender Antivirus – Schedule & Install Updates via Network Shares

March 13, 2021

Although not common, there are scenarios out where you will have LAN-only devices onboarded in Microsoft Defender for Endpoint (MDE), or at least using Microsoft Defender Antivirus (MDAV). With no line of sight to the internet, you can use options such as WSU...

Microsoft Defender Network Protection - Not Enabling via Intune - Troubleshooting & Fix

March 7, 2021

When configuring Defender for Endpoint (MDE) customer recently, I ran into a problem when trying to enable network protection. Network protection is a feature of MDE and Microsoft Defender Antivirus (MDAV) that takes the filtering capabilities of SmartScreen...

Microsoft Information Protection Sensitivity Labels - Custom User Permissions and Do Not Forward

February 25, 2021

With Microsoft Information Protection, you can apply sensitivity labels to files, emails, and containers such as SharePoint Libraries. These labels apply protection which, in the context of files and emails, really means encryption using AES-128 or 256 (key s...

Microsoft Defender for Endpoint - Offline Onboarding for Windows 10 via a Proxy

February 18, 2021

Getting your devices into Defender for Endpoint is referred to as onboarding and can be done in lots of different ways, depending on the scenario. The tools you use for Windows Server 2008 R2, for example, are different from the tools you use for Windows Serv...

Block LSASS.exe using Attack Surface Reduction

February 13, 2021

Use Intune to Manage Microsoft Defender for Endpoint Tags and Device Groups

February 11, 2021

In Microsoft Defender for Endpoint (MDE), tags can be attached to a device for reporting, filtering, and as a dynamic attribute for membership of a device group. Device groups (previously machine groups), are used to assign devices different rules and adminis...

Turn Existing Azure AD Devices into Windows Autopilot Devices

February 6, 2021

To provision Windows 10 PCs using Autopilot and Intune, they must first be registered as Windows Autopilot devices in the Device Directory Service, which is really the cloud Autopilot service. When a device is registered to the Autopilot service, its hardware...

Understanding Application Guard for Office, Now Generally Available

January 30, 2021

Application Guard first appeared in Windows 10 1709 ("Fall Creators Update") to isolate Edge browser activity within a Hyper V container. Microsoft now extends that same idea to Word, Excel, and PowerPoint in Office 365 ProPlus Microsoft 365 Apps for Enterpri...