Panos Panay leaves Microsoft after 19 years

 

Iconic Panos Panay announced today that he's leaving Microsoft after 19 years.
The Microsoft veteran and passionate manager that was in charge for Surface, and more recently Windows client leaves the company has announced by Rajesh Jha, Microsoft's EVP of Experiences & Devices in an internal email this morning:

"After nearly 20 years at the company, Panos Panay has decided to leave Microsoft. Panos has had an incredible impact on our products and culture as well as the broader devices ecosystem. Under Panos’ leadership, the team created the iconic Surface brand with loved products. More recently, as the leader of Windows, the team has brought amazing services and experiences to hundreds of millions with Windows 11 on innovative devices including those from our OEM partners. He will be missed, and I am personally very grateful for his many contributions over the years. Please join me in wishing him well. 

Moving forward, we will double down on our strategy. These changes will be effective immediately with Panos’ help in the transition. 

Build silicon, systems and devices that span Windows, client and cloud for an AI world. This team will be led by Pavan Davuluri, who will report directly to me. Brett Ostrum, Nino Storniolo, Linda Averett, Ken Pan, Ralf Groene, Aidan Marcuss, Carlos Picoto, Stevie Bathiche, Robin Seiler, Ruben Caballero and Anuj Gosalia will move to report to Pavan with their teams intact. Windows planning and release management will continue to be in this team. Our commitment to Surface and MR remains unchanged.

Build experiences that blend web, services and Windows for an AI world. To this end, Shilpa Ranganathan, Jeff Johnson and Ali Akgun will directly report to Mikhail Parakhin and form a new Windows and Web Experiences Team, moving with their teams intact. 

Yusuf Mehdi will take on the responsibility of leading the Windows and Surface businesses with our OEM and Retail partners. In addition, Charles Simonyi, Terri Chudzik and Erin Kolb will join the E+D management teams and Ralf Groene and Mike Davidson will work together on the best alignment on design teams. We will set up time for an AMA in the coming days to answer questions. Let’s continue to stay focused on executing on our existing plans. Thank you for all that you do, and the impact that you have for our customers and partners. "

With all is passion and charismatic presentations, Panos made Windows cool again. Let's hope that who substitutes him can deliver the same feeling.

Intune - Switching MDM Authority from O365 to Intune

 

So for some strange reason, when you navigate to your Tenant Status Details, you notice that your MDM authority is Microsoft Office 365 instead of Microsoft Intune?

This can happen for a variety of reasons:

• You may have enabled "Basic security and mobility" a long time ago and you don't remember
• When you first time opened Intune you selected O365 as the MDM Autorithy
• etc.

Now...you have purchased a Microsoft 365 plan that have an Intune license and you want to change the MDM Authority to Microsoft Intune.

At least for me, the easiest way to do it asap, is like this:

1. Open the Intune for Education with a global admin (https://intuneeducation.portal.azure.com/)
2. Next go to "Tenant Settings" and from there select "Microsoft Intune" as the MDM Authority.

Quick and easy. And...you're done! :)

Exchange Online - Enable auditing for DiscoverySearchMailbox

In my last post, I've talked about how to identify and enable auditing for specific mailboxes.

One mailbox that you probably going to identify, it's the eDiscovery Mailbox. Usually it's "name" is something like "DiscoverySearchMailbox{alotofnumbers}@yourdomain.com".

For this one, my previous posted command does not work.
So, to be able to enable auditing for this mailbox, the easiest way that I found is this one:

	#Catch the mailbox name and add it to a variable
	$dsm = Get-Mailbox -ResultSize unlimited | Where-Object {$_.name -match "discovery"} | Select-Object alias,displayname,auditenabled
	#Enable mailbox auditing where identity it's catched from the previous variable
	Set-Mailbox -Identity $dsm.alias -AuditEnabled $true

view raw gistfile1.txt hosted with ❤ by GitHub

And...you're done! :)

Exchange Online - Identify mailboxes with audit disabled

 

One of the Microsoft Secure Score recommendations is to ensure mailbox auditing for all users is enabled.
Although within the recommendation implementation there's a powershell command to do it organization wide, there's always the need to do it individually for resource mailboxes for example.

So, to enable auditing organization wide command is this one:

Set-OrganizationConfig -AuditDisabled $false

view raw EXOSetAuditEnabledOrganizationWide.ps1 hosted with ❤ by GitHub

Now, to identify which mailboxes still aren't enabled, just run this command:

Get-Mailbox -ResultSize unlimited | where {$_.auditenabled -eq $False} | select userprincipalname, auditenabled

view raw gistfile1.txt hosted with ❤ by GitHub

Finally, to enable auditing in that mailboxes, run this command for each one:

Set-Mailbox -Identity "userprincipalname" -AuditEnabled $true

view raw gistfile1.txt hosted with ❤ by GitHub

And you're done! :)

Autopilot - Manually register devices with automatic upload

 

This can be very useful for everyone that have a test lab where you want to register your virtual machine in Intune.

Here's the quick step on how to register your machine from the OOBE:

1. When you get to OOBE, press "Shift + F10" to open a command-prompt:
   
   
2. Now, all you need to do is run this commands:

	PowerShell.exe -ExecutionPolicy Bypass
	Install-Script -name Get-WindowsAutopilotInfo -Force
	Set-ExecutionPolicy -Scope Process -ExecutionPolicy RemoteSigned
	Get-WindowsAutopilotInfo -Online

view raw autopilotregisteronline.ps1 hosted with ❤ by GitHub


3. After running the commands, you'll be prompt for valid credentials for adding the device to Intune.
   
   

And...you're done! The device information (hardware hash, etc.) gets registered and if you boot up your device again, you'll enter the autopilot process.