Brian Reid – Microsoft 365 Subject Matter Expert

Category: Endpoint Manager

  • Intune App Protection Policies and “All Apps” Do Not Automatically Stay Up To Date

    Intune App Protection Policies and “All Apps” Do Not Automatically Stay Up To Date

    When you create an App Protection Policy and select “All Apps”, Microsoft points out in Intune that they will keep the policy up to date for you and add new apps as they are released (so it is always “All Apps”) and not “All Apps on the date I made the policy and no changes…

  • Renewing Apple Tokens in Intune

    Renewing Apple Tokens in Intune

    To sync Apple OS devices to Intune you need a token created by Apple and uploaded to Intune. There are at least 3 seperate tokens that you might use and each of these expires one year after creation and needs renewing before they expire. The three (plus) tokens you need are: Apple MDM Push Certificate…

  • Enabling BitLocker In Silent Mode Using the Settings Catalog (2023)

    Enabling BitLocker In Silent Mode Using the Settings Catalog (2023)

    There are many blog posts and articles online about the old way to configure silent BitLocker. These used a template that Microsoft added to Intune. Since March 2023 BitLocker has moved (along with lots of other configurations) to using the Settings Catalog. Often the settings are similar and you can take a old blog post…

  • Adding App Tokens To Intune From Apple Business Manager (VPP)

    Adding App Tokens To Intune From Apple Business Manager (VPP)

    Documentation on this process is hard to come by. Either Microsoft says “download the Apple Business Manager location token (Apple VPP token) for your account” but does not say how, or other documentation covers other bits of the process, but not this step. So, how do you download and create a Apps Content Token so…

  • Intune MAM Exemptions – Discovering URL Protocols

    In Microsoft Intune you can create a secure container where the data in your apps cannot leak outside of. That is, you can restrict copy/paste outside of the supported apps and restrict opening the data in a different app. But sometimes you need to open the data in a different app and with the Intune…

  • What Is The Value of enrollmentProfileName

    In Microsoft EndPoint Manager there are a few different device registration scenarios that make use of a property called device.enrollmentProfileName. To find and apply other settings (apps, config, etc) to these devices later on you need to have a Dynamic Device Group based on this property. The problem is the value of the property is…

  • Blocking Apps With a Low Reputation

    One of the benefits of Microsoft 365 is the interaction across many products and features to create services that otherwise you might not have available to you or need to implement unrelated and unconnected additional software and maybe client agents as well. Recently announced is an interaction between Windows Defender (client AV and other security…