• A day in Windows 365

    Today I set out to experience a day working only in Windows 365, to first hand experience how this would work for consultants like my self. Introduction: The idea behind this times use of Windows 365 is to fast and easy administrate a compliant workspace for the external consultants, rather then dealing with everything around […]

    Read more
  • ,

    Microsoft Security – Get all users without a compliant device

    When you want activate security it is useful to understand who will potentially be negatively impacted by your settings. For instance if your enabling compliant device requirement for certain applications, I would recommended knowing who will be blocked and doesn’t have a compliant device they can access the applications from. If you are implementing Azure […]

    Read more
  • Exchange Hybrid Agent fails with Exit Code 1603

    Recently had the pleasure of upgrading a customers hybrid configuration to using Hybrid Agents, with the main reason being less complicated hybrid design. It did fail rather early on Install Hybrid Agent, right after entering my credentials for Azure AD with this error: Setup terminated with an Exit Code 1603. We could see further detailed […]

    Read more
  • Why does ADFS, WIA and Kerbeos work togethere?

    Google search for ADFS and Kerberos, will tell you ADFS uses Kerberos Constrained Delegation, in order to validate your credentials, so there is kerberos authentication between ADFS and your Domain Controllers. Windows Integrated Authentication (WIA) or true SSO, is when you sign-in without entering your credentials. But why does it only work from inside your local […]

    Read more
  • Intune fails to Upgrade Windows from 1709 to 1803

    Intune fails to Upgrade Windows from 1709 to 1803

    Azure AD Joined Windows 10 devices with Intune Enrollment can have Intunes Software Update manage Windows Update, and perhaps the device image from your vendor is 1709 and you need Intune to upgrade devices to 1803 in order to become compliant. A very easy task to configure in Intune, but we have been struggling for […]

    Read more
  • Intune testing with Virtual Machines

    Intune testing with Virtual Machines

    Testing Windows 10 Compliance policy and configuration policies, and Update Rings using Virtual Machines, because I didn’t have the necessary thick clients yet. Of course I would need to test them too, but using virtual machines is a good way to learn about Intune’s Mobile Device Management of Windows 10 clients. What kind of challenges did […]

    Read more
  • Why I choose Apple Watch?

    Why I choose Apple Watch?

    I like a classic watch, and for that reason I didn’t find any smartwatch or training associate worthy my money. To be honest, I was ready to purchase a Samsung Gear S3 Classic, because it is the closest smartwatch to a classic watch, and I came across articles saying it could now work with iPhone […]

    Read more
  • Setup Error during pre-reqs for CU8 to Exchange 2016

    Setup Error during pre-reqs for CU8 to Exchange 2016

    Due to an unknown error when accessing Outlook Web Access (did not affect ECP) in CU4, we decided to upgrade to CU8. Also note that Microsoft will only support you on the two latest CU for Exchange, so they don’t care that much what isn’t working if you haven’t followed the updates. During the pre-reqs […]

    Read more
  • Improved Select-AzureRmSubscription

    Improved Select-AzureRmSubscription

    Are you managing multiple subscriptions with a single corporate account? I sometimes work with customers that uses multiple subscriptions in Azure, but uses the same Azure Active Directory, so you can atleast access them all from one account. I searched the Internet and found this simple way of selecting the subscription from a list: #Get […]

    Read more
  • Set HomePage for Azure AD Application Proxy applications

    Set HomePage for Azure AD Application Proxy applications

    I want to address the situation when you would like to publish a web service, but the endpoint isn’t at the top level of the web site or the endpoint you publish uses sources from other subsites at the same, but different level as your endpoint. So if you try to publish the endpoint, the […]

    Read more


I am Roy Apalnes, a Microsoft Cloud Evangelist working av Sopra Steria. Main focus in Microsoft Security and Endpoint Management, with a bigger picture in mind.

Featured Posts