
Nickolaj Andersen
Senior Architect - Enterprise Mobility MVP
Stockholm, Sweden
Nickolaj specializes in Enterprise Mobility and Security, Windows deployments and automation. Additionally, he has extensive experience with planning, implementing and migrating Microsoft Endpoint Manager environments on a global scale. Nickolaj has also been awarded as PowerShell Hero 2015 by the community, is the creator of popular community tools and solutions such as Modern Driver Management, CloudLAPS, ConfigMgr Prerequisites Tool, ConfigMgr OSD FrontEnd, ConfigMgr WebService and a frequent speaker at conferences and user groups.
Links
Area of Expertise
Secure automation for your Intune devices
Would it not be cool if your Intune devices could securely connect to Intune or Azure AD to perform actions on query on itself? What if your device could query information about itself from MSGraph or even update some custom attributes in the cloud triggered by a script running locally.
This is all possible in many ways, but how can we do such things without compromising security or giving away secrets in our code?
In this session we dig deep into the concepts of automation for cloud managed devices, how to make sure communication between the device and cloud is secure and is only coming from a trusted device in your organization. We'll share best practices on how to secure your automations in a cloud-first world when retrieving data from Intune or Azure AD in scripts running locally on the device and which Azure services to leverage to accommodate everything.
If you manage Windows device with Intune and have ever been in need of retrieving data from Intune or Azure AD, or perhaps want to learn more how you can securely send log data from your devices to Log Analytics, you don't want to miss out on this demo heavy session.
• Learn about using Azure Functions and Managed Identities for automation
• Understand how Azure Functions and Conditional Access improves security
• Ensure only trusted devices can communicate with your infrastructure
• See real examples on how we use this in large companies today.
Proactive Remediations and Azure Functions better together
If you manage Windows device with Intune and have ever been in need of retrieving data from Intune or Azure AD, or perhaps want to learn more how you can securely send log data from your devices to Log Analytics, you don't want to miss out on this demo heavy session.
In this session we dig deep into the concepts of automation for cloud managed devices, how to make sure communication between the device and backend is secure and is only coming from a trusted device in your organization.
We'll share best practices on how to secure your automations in a cloud-first world when retrieving data from Intune or Azure AD in scripts running locally on the device and which Azure services to leverage to accommodate everything.
Proactive Remediations Deep Dive
With the addition of proactive remediations , organisations now have the ability to perform compliance item/baseline type jobs across all Windows managed devices.
In this session we will look at the underlying components, how to trace the running of the detection and remediation script, registry values, and how to extend logging for your own scripts.
We will also look at examples of how this awesome addition to your endpoint arsenal can benefit the admin, as well as the reports analysts.
Deep dive into CloudLAPS for Intune managed devices
Join this session for a deep dive of CloudLAPS Community Edition, a solution that provides a cloud-based local administrator password solution (LAPS) for devices managed with Intune. This will be a demo heavy session with walk-throughs of the different components and how they interact between each other, how to deploy and configure the solution in full, learn about important configuration variables and make custom changes to fit your own environment.
Migrate, manage and automate Win32 apps in Intune
If you are contemplating co-management in your environment or perhaps moving the client apps workload to Intune then this session is for you. We will show you how to migrate your existing applications from ConfigMgr to Intune using Microsoft and community tools.
But what happens once you've have migrated all your applications to Intune, what about management and packaging? What options are available? Should we continue to use the portal experience or can it be automated? What makes sense to actually automate? In this session, we'll answer those questions and demo solutions developed by the community to help automate as much as possible in regard to application management with Intune.
Getting started with Microsoft Intune and PowerShell
How do I use PowerShell with Microsoft Intune? What is Microsoft Graph API? How do I get started? If you’re asking yourself these questions, you should join this session about automating common tasks in Microsoft Intune with PowerShell such as creating apps, invoking device actions remotely, running unattended workflows and much more.
How we migrated some big organizations to Intune
Come join this session where industry experts will showcase how large organizations have successfully completed the steps to move their whole device management infrastructure to Intune. We'll discuss obstacles, solutions to where there's a gap in functionality, common pitfalls but also provide tips and tricks on how to shift the mindset when it comes to legacy organizational structures that requires new thinking where a flat-structured approach is the key to success.
In this session we'll focus on two large organizations that have recently gone through this journey and are now managing devices completely with Intune in a cloud-only fashion.
Deep dive into Win32 apps automation in Intune
Imagine a world where Win32 apps in Intune would just download, package and publish themselves, all made ready for your end users to consume the apps they want. Does that pique your interest? Join this session to get a deep technical understanding of tools and community solutions available today that can ease your daily administrative tasks associated with application packaging and take them to the next level, more or less fully automated.
This will be a session where there's more PowerShell code shown than PowerPoint slides! We will go through the IntuneWin32App module, IntuneWin32AppFramework and finally touch point on how these tools can be combined into a fully automated Azure DevOps Pipeline, the Intune App Factory.
Deep dive into Graph API and Intune
In this session, we will provide a deep dive into using the Graph API for automating Intune related tasks. We will discuss authentication, the different credential flows and when to use delegated or application scopes when setting up your own app registration to keep track of who can access your data.
By the end of this session, you'll have a better understanding of how to construct an efficient request using query parameters, deal with pagination, lazy properties and when to use the v1.0 and Beta versions of Graph API.

Nickolaj Andersen
Senior Architect - Enterprise Mobility MVP
Stockholm, Sweden