How to Manage Microsoft Defender on Windows Server via Intune
As companies adopt Microsoft Defender, there are certain questions coming from customers in terms of EPP management. These questions are mostly focusing on Microsoft Defender management in Windows Servers. I’d like to touch base on different management options for different ... continue reading

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082
October 1, 2022 update – Added information about Exploit:Script/ExchgProxyRequest.A, Microsoft Defender AV’s robust detection for exploit behavior related to this threat. We also removed a section on MFA as a mitigation, which was included in a prior version of this ... continue reading
LEDBAT Background Data Transfer for Windows
LEDBAT is the background data transfer product built into the Windows networking stack and recommended by the Windows Data Transport team for moving bulk data without interfering with foreground traffic. LEDBAT has a couple of advantages that make it our ... continue reading
To AAD Join or Not … That is the Question
As we all know, the cloud paradigm shifts in IT continue. When I worked in corporate IT - heck, when I started blogging out here - on-prem was really all there was. Active Directory, GPOs and WINS were all the ... continue reading
Getting started with Azure Bicep
As technology has evolved, so have the tools we can use to build (or rebuild!) standard, repeatable system configurations. I remember building my first Windows-based computer systems using an "answer file" to populate and bypass the "out of the box" ... continue reading
How to retrieve an Azure AD Bulk Token with PowerShell
Hi, my Name is Christian Kielhorn, and I’m a Senior Customer Engineer – formerly known as Premier Field Engineer – within Germanys Customer Success Organization for Modern Work. Today I’d like to come back to a customer’s question – as ... continue reading
System Center 2022
Datacenters are complex with multiple components across compute, storage and networking – components that are used to store and manage the most critical resources, vital for continuous operations of an organization. These IT environments quickly grew out of control, along ... continue reading
Deploying Windows 10 Application Control Policy
Dear IT Pros, Today we discuss about All things about WDAC – Windows Defender Application Control. WDAC was introduced with Windows 10 and could be applied to Windows server 2016 and later, its older name is Configurable Code Integrity (CCI) ... continue reading
Create Your Own Custom Endpoint Administration Console Using Microsoft Power Apps
I've heard a bit of interest expressed recently in the ability to create a customizable Endpoint Configuration Manager (SCCM/ConfigMgr) console that could either be pruned down or featured up in a way to customize it to fit the specific needs ... continue reading
MBAM Server Migration To Microsoft Endpoint Manager
Dear IT Pros, Today we discuss about MBAM's Bitlocker data migration to MEM Microsoft provides a range of flexible BitLocker management alternatives to meet organization’s needs, as follows: Cloud-based BitLocker management using Microsoft Endpoint Manager. On-premises BitLocker management using System ... continue reading