Search

Håvard Siegel Haukeberg

Paste life: Ctrl+C -> Ctrl+V [MVP]

Tag

Microsoft Passport

Create a GPO Script for Microsoft Intune

Microsoft Intune can not push out Group Policies onto computers, but we can target users or devices with scripts that change that setting in the registry.

Here is how you create a simple script that does just that.

@Echo off
echo A Script to set a Registry value using Windows Intune
REM registry key
reg add HKLM\Software\Policies\Microsoft\PassportForWork /f
reg add HKLM\Software\Policies\Microsoft\PassportForWork\ /v Enabled /t REG_DWORD /d 0 /f
if errorlevel 1 (
echo Error installing reg key
exit /b 1
) else (
echo Installed regkey
)
exit /b 0

 

Simply copy this script into a notepad file and then save it as PassportForWork.CMD right click and Run as Administrator to input the software policy where we set Passport for Work enabled as = 0 “Turn Off”

You can enter some of these register values:

REG_BINARY
REG_DWORD
REG_EXPAND_SZ
REG_LINK
REG_MULTI_SZ

Read more here: Registry Values (Technet)

 

Thanks to Richard Harrison at http://www.cableplugger.com/2013/03/adding-windows-registry-entry-with.html

Advertisements

Disable PIN code when joining Azure AD *UPDATED 2018

*THE AZURE AD PORTAL EXPERIENCE HAS BEEN UPDATED, TO FIND THIS SETTING IN THE NEW PORTAL LOOK HERE: Enable or Disable Windows hello in new AAD portal

If you are a larger organization or a school, simply asking your users to enter a pin and start authenticating with a phone might be challenging. Even more so when they have never done that before.

Here is how you disable PIN challenge and phone verification when joining Azure AD

UPDATE: In Azure.

  1. https://manage.windowsazure.com
  2. Go to Active Directory
  3. Select your Domain
  4. Select Applications
  5. Select Microsoft Intune
  6. Select Configure
  7. Under manage devices for these users, select All and click Save.
apps
Apps in Azure AD
configure
Configure the Intune app
manage all
Turn on MDM

In Intune.

  1. https://manage.microsoft.com
  2. Go to: Admin > Mobile Device Management > Windows > Passport for Work.
  3. Select: Deactivate Passport for Work on registered devices

Thats it.

deactivate passport

Blog at WordPress.com.

Up ↑

%d bloggers like this: