Microsoft Passport

Microsoft Intune can not push out Group Policies onto computers, but we can target users or devices with scripts that change that setting in the registry.

Here is how you create a simple script that does just that.

@Echo off
echo A Script to set a Registry value using Windows Intune
REM registry key
reg add HKLM\Software\Policies\Microsoft\PassportForWork /f
reg add HKLM\Software\Policies\Microsoft\PassportForWork\ /v Enabled /t REG_DWORD /d 0 /f
if errorlevel 1 (
echo Error installing reg key
exit /b 1
) else (
echo Installed regkey
)
exit /b 0

Simply copy this script into a notepad file and then save it as PassportForWork.CMD right click and Run as Administrator to input the software policy where we set Passport for Work enabled as = 0 “Turn Off”

You can enter some of these register values:

REG_BINARY
REG_DWORD
REG_EXPAND_SZ
REG_LINK
REG_MULTI_SZ

Read more here: Registry Values (Technet)

Once you have created the script, here is how you package it : Package Scripts
Here is how you deploy it: Deploy custom script with Microsoft Intune

Thanks to Richard Harrison at http://www.cableplugger.com/2013/03/adding-windows-registry-entry-with.html

Disable PIN code when joining Azure AD *UPDATED 2018

*THE AZURE AD PORTAL EXPERIENCE HAS BEEN UPDATED, TO FIND THIS SETTING IN THE NEW PORTAL LOOK HERE: Enable or Disable Windows hello in new AAD portal

If you are a larger organization or a school, simply asking your users to enter a pin and start authenticating with a phone might be challenging. Even more so when they have never done that before.

Here is how you disable PIN challenge and phone verification when joining Azure AD

UPDATE: In Azure.

https://manage.windowsazure.com
Go to Active Directory
Select your Domain
Select Applications
Select Microsoft Intune
Select Configure
Under manage devices for these users, select All and click Save.

In Intune.

https://manage.microsoft.com
Go to: Admin > Mobile Device Management > Windows > Passport for Work.
Select: Deactivate Passport for Work on registered devices

Thats it.

February 24, 2016 27

Tips og advarsel til deg som skal velge #fiskebensparkett det kan være lett å bli lurt av prøver #gulvhandelen.no… twitter.com/i/web/status/1… 4 months ago
I own it and paid for it but @NIOGlobal won’t let me take it home. Unless I sign a special waiver which I never see… twitter.com/i/web/status/1… 5 months ago
#Hertz bilpool svindel med #Ikea leiebil slik tjener stort de på gamle riper og småskader haukeberg.no/2022/09/09/her… 6 months ago
Dyre og dårlige #Spilepanel fra #KonzeptK Ujevn kvalitet, dårlig monteringsanvisning kostet tusenvis av kroner og t… twitter.com/i/web/status/1… 1 year ago
#Foreldremestring.no, moderne kvakksalveri med kynisk utnyttelse av folk i en sårbar fase for å selge egne kurs. haukeberg.no/2021/10/15/for… 1 year ago

Håvard Siegel Haukeberg

Paste life: Ctrl+C -> Ctrl+V

Tag

Create a GPO Script for Microsoft Intune

Disable PIN code when joining Azure AD *UPDATED 2018

Howie Tweets

Follow Blog via Email

Håvard Siegel Haukeberg

Paste life: Ctrl+C -> Ctrl+V

Tag