Microsoft edge Security Baseline: Unable to get login prompt / authorization required

Issue So we implemented the Microsoft Edge Security baseline using MEM a while ago. Today I received a question from some users being unable to access a website that requires a sign-in. The only obvious error message received was “Authorization Required” but the login/sign-in prompt never appeared. Troubleshooting […]

Install Outlook extension in Edge using MEM

Microsoft has created a handy Outlook extension to Edge. You will be able to send and receive emails, use calendar and todo-list, all from the extension! The extension is currently in preview but seems to work well. In this blog we will have a look at how to […]

Disable Legacy Authentication Part 2

In part one we created a log analytics workspace and used a workbook to identify legacy authentication. In this part we will have a look at how to block legacy auth by using a Conditional Access policy. Step 1 (communicate). The workbook from part 1 comes useful when […]

Disable Legacy Authentication Part 1

Background In this blog series we will look at what Legacy Authentication is and how to improve our security posture by disabling it. There are quiet a few guides like this already out there but I hope this step-by-step guide will be a good complement and shine some […]

Move Bitlocker Management to Microsoft EndPoint Manager Part 3

In part two we deployed a device encryption policy to make our Windows 10-devices encrypt the OS-drive with Bitlocker and upload the Bitlocker info to Azure AD. In the last part of this blog series we will look at the admin and end-user experience when you are in […]

Move Bitlocker Management to Microsoft EndPoint Manager Part 2

In part 1 we had a look at: How to export Bitlocker info from MBAM How to export Bitlocker info from Active Directory How to export an encryption report using MEM In this part we will: Deploy a PowerShell script to have our devices upload their Bitlocker info […]

Move Bitlocker Management to Microsoft EndPoint Manager Part 1

You will find part 2 of this series here You will find part 3 of this series here Demo Environment In this blog post divided into three parts we will look at how to move from traditional Bitlocker management to Microsoft EndPoint Manager (MEM). Our demo environment looks […]

Azure AD Connect Sync Issue: Showing a modal dialog box…

Background:Today I run into an issue after doing some changes to a Conditional Access policy. More precisely I changed the MFA-settings. Issue:“Azure AD Connect” was unable to sync and “Synchronization Service” showed no warnings or errors. PowerShell gave below error message and the “Showing modal dialog box” indicated […]

AutoPilot Tool – Upload HW hash with a user interface

.Version is now possible to set a default domain name. Get the latest version ( from GitHub and you will find “config.txt” – edit as per your need. Thanks Dylan Brown for the idea! Example: .Version is now possible to use a custom logo. Place “logo.png” […]

Windows Autopilot White Glove 0x801c0003 error

Issue:I recently run into an error with Windows AutoPilot and got the 0x801c0003 error code. I reset TPM, UEFI FW and Secure Boot but that did not solve the issue so I dug into it. Specifications: HP EliteBook 820 G4 TPM 2.0 Windows 10 1909 (November ISO) Latest […]