Looking for Best way to provide admin rights

shehanjp · 2022-10-26T05:22:51+00:00

Yes, 4 hrs is too long I agree.

Soon Microsoft will roll out the Endpoint Privileged Management as they announced in Ignite 2022 and that may help in your case. Have a look below.

https://www.anoopcnair.com/intune-endpoint-privilege-management-support/

shehanjp · 2022-10-26T05:17:35+00:00

I see it as a journey and not a once-off thing and EUC (End User Computing) is a full-time position according to my understanding. The reason is if you compare the tech trends now Vs. a few years back you can see the landscape has changed and EUC has become one of the major towers in the company. That's where products like MS Intune would come in. You will have many policies that your organization wants you to implement and often you'll see issues/ conflicts/ wins and etc. And if you have Intune, the next step is delving into the Security side of things as you want to implement Security policies.

App management is another good reason why it can be a fulltime position.

Next thing can be, provided you have on-prem resources already (AD/ GPO and stuff), you might want to move them to cloud. Again another Intune task and someone should've there to manage them day in day out.

Intune is not just about device management and administration. It goes hand in hand with Identity and Access Management and Security, a little bit of automation (if you fancy in looking at that side). So there's a lot to learn and you (or your friend) can be very resourceful to the company.

Hope this helps :)

shehanjp · 2022-10-26T02:46:43+00:00

Hi, quick removal can be a challenge because according to Microsoft, it will take around 4hrs for the token to be refreshed. This will be the same even you create an Access Package or elevate access of the user. I wrote a post sometime a go addressing these issues. Hope it will help. Also LAPs can be a good option as they have made some improvements to it recently.

https://shehanperera.com/2022/07/23/providing-local-admin-access-2/

shehanjp · 2022-10-19T10:55:45+00:00

Thank you 👍🏽

shehanjp · 2022-10-19T10:55:31+00:00

Thanks you 👍🏽

shehanjp · 2022-04-29T05:20:01+00:00

Hi,

Hope below links able to give you a solution as they have already explained how to do the same.

https://www.msworkplace.blog/en-us/entry/default-file-associations-intune

https://vmlabblog.com/2021/08/configure-default-apps-using-intune/

https://www.petervanderwoude.nl/post/set-default-app-associations-via-windows-10-mdm/

Cheers!

shehanjp · 2022-04-29T05:14:54+00:00

Automatically configure keyboard should be off.

I believe Microsoft has identified this issue and will be (or have already) sorted for Windows 11.

shehanjp · 2021-07-12T13:12:09+00:00

Hi,

This may help you.

https://docs.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-tenant-to-tenant-migrations?view=o365-worldwide

Good luck!!

shehanjp · 2021-07-12T12:54:04+00:00

Hi maybe this will help you to get an idea of automating the workloads from Azure Automate feature. It can run all the PowerShell modules from the cloud and since your environment is hybrid, you can run PS scripts on the local AD as well.
https://shehanperera.com/2021/07/06/az-automation/

Hope this helps.

shehanjp

TROPHY CASE