All posts in category Windows 11

Mastering Certificates with Microsoft Intune September 2026

I’m excited to announce that I will be delivering another edition of the Mastering Certificates with Microsoft Intune course, hosted by ViaMonstra Online Academy. This is a three-day live online training course that takes place September 1-3, 2026. This course dives deep into issuing and managing certificates using Microsoft Intune, covering both on-premises and cloud-based solutions.

Course Overview

This interactive training equips IT professionals with the skills to provision and manage enterprise PKI certificates using Microsoft Intune. It explores Active Directory Certificate Services (AD CS), Microsoft Cloud PKI for Intune, and non-Microsoft solutions, with live demonstrations featuring real-world scenarios.

Key Learning Objectives

Those taking the online training course will learn the following.

  • Certificate Basics: Understand certificate roles and enterprise use cases.
  • Deployment Options: Master Intune certificate deployment (Intune policies, revocation, security) and Microsoft Cloud PKI (licensing, benefits, limitations, BYOCA).
  • Intune Deployment: Learn PKCS and SCEP deployment, security best practices, and troubleshooting.
  • High Availability: Explore strategies for reliable certificate management.

Course Highlights

Here are some key highlights for attendees of the training.

  • Expert-Led: Learn from a veteran IT professional, a Microsoft MVP, with deep PKI and Intune expertise.
  • Interactive Demonstrations: The course includes numerous practical exercises in real-world scenarios.
  • Resources: Access to security best practices and sample scripts for automated configuration.
  • Community: Join a private Facebook group for peer collaboration.
  • Live Q&A: Engage directly with the instructor for a clearer understanding.

Who Should Attend?

This training event is ideal for IT administrators, security professionals, and systems engineers working with Intune, AD CS, or Microsoft Cloud PKI for Intune.

Prerequisites

Those attending the online training course should be familiar with the following.

  • Basic networking knowledge (TCP/IP, DNS).
  • Familiarity with Active Directory, Windows OS, and Intune.
  • Access to an AD CS setup and an Azure subscription with Intune Suite licenses.

Why It Matters

Certificates are vital for secure authentication and communication. This course bridges theory and practice, equipping you to deploy and manage digital certificates effectively in cloud-native environments.

Details

Here is some additional information about the training event.

  • When: September 1-3, 2026 (sessions begin at 9:00 AM CDT).
  • Where: Live online via ViaMonstra Online Academy.
  • Cost: $2,395.00 (Sold separately – not included in All-Access Pass).

Why ViaMonstra?

ViaMonstra delivers top-tier IT training from Microsoft MVPs, focusing on practical, up-to-date skills and fostering a collaborative community.

Take the Next Step

Ready to master certificate management with Microsoft Intune? Register at ViaMonstra Online Academy for the August 2025 Mastering Certificates with Microsoft Intune training course today!

Leave a comment
by Richard M. Hicks on June 8, 2026  •  Permalink
Posted in Active Directory, Active Directory Certificate Services, AD CS, administration, authentication, Azure Active Directory, Azure AD, CBA, Certificate Authentication, Certificate Authority, Certificate Connector for Intune, Certificate Services, Certificate-Based Authentication, certificates, cloud, Cloud PKI, Cloud Service, Cryptography, Deployment, Device Management, education, Encryption, Endpoint Manager, Enterprise, enterprise mobility, Entra, Entra CBA, Entra Certificate-Based Authentication, Entra ID, Infrastructure, Intune, Intune Certificate Connector, Intune PFX Connector, learning, MDM, MEM, Microsoft, Microsoft Endpoint Manager, Microsoft Entra, Microsoft Entra ID, Microsoft Intune, Mobile Device Management, Mobility, NDES, Network Device Enrollment Service, Network Device Enrollment Services, Operational Support, PFX Connector, PKCS, PKI, public cloud, public key infrastructure, SCEP, Security, Simple Certificate Enrollment Protocol, systems management, Training, troubleshooting, Trusted Platform Module, Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022, Windows Server 2025
Tagged , , , , , , , , , , , , , , , , , , , ,

Posted by Richard M. Hicks on June 8, 2026

https://directaccess.richardhicks.com/2026/06/08/mastering-certificates-with-microsoft-intune-september-2026/

Webinar: Certificate Automation in Practice – A Technical Deep Dive

If you manage Windows Server workloads that require public TLS certificates like Always On VPN, DirectAccess, Remote Desktop Gateway, Internet Information Services (IIS), and others, you know that certificate expirations don’t send friendly reminders. Certificates expire quietly. Too often, end users are the ones who sound the alarm—when resources are already unavailable. Of course, this never happens at a convenient time. It’s usually the middle of the night, on the weekend.

Current State

Most Windows IT teams are still managing certificates the same way they did years ago, using spreadsheets, calendar reminders, and an assortment of renewal scripts. It usually works… until it suddenly doesn’t.

Free Webinar

I’m pleased to announce that I’ll be joining Todd Gardner from CertKit for a free live webinar on Tuesday, June 16, at 11:00 AM CDT, in which we will break down the following:

  • Why certificate mismanagement causes so much pain at scale
  • How to build real automation that works across your full environment, including internal services and vendor appliances
  • A live demonstration of CertKit showing end-to-end discovery, monitoring, and automated renewal

There will also be time for live Q&A, so bring your questions!

Join Us!

If you’re tired of patching the problem with fragile scripts and assorted reminders, join us to learn about a fully automated solution that can dramatically improve the situation. Register now and don’t miss this opportunity to reduce your TLS certificate management burden and end the need for 2 AM certificate renewal fire drills.

Webinar Details

Webinar: TLS Certificate Automation for Windows Infrastructure
Hosts: Todd Gardner (CertKit) and Richard Hicks (Richard M. Hicks Consulting, Inc.)
Date: Tuesday, June 16
Time: 11:00 AM CDT
Registration: Click here to register!

Recording

If you are unable to attend the live session, be sure to register to receive a link to the recorded session for on-demand viewing.

Leave a comment
by Richard M. Hicks on June 5, 2026  •  Permalink
Posted in Automation, Certificate Authentication, Certificate Lifecycle Management, Certificate Services, certificates, CertKit, CLM, Microsoft, SSL and TLS, TLS, Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022, Windows Server 2025
Tagged , , , , , , , , , , , , , , , , , ,

Posted by Richard M. Hicks on June 5, 2026

https://directaccess.richardhicks.com/2026/06/05/webinar-certificate-automation-in-practice-a-technical-deep-dive/

What’s New in Entra Global Secure Access Client v2.31.125

On June 2, 2026, Microsoft released version 2.31.125 of the Entra Global Secure Access (GSA) client. This update introduces several enhancements designed to improve client resiliency, simplify troubleshooting, and provide administrators with better visibility into network connection status.

Changes in v2.31.125

GSA client v2.31.125 includes new features to streamline connectivity troubleshooting.

Network Status

The new GSA client can now distinguish between a complete network disconnection and a scenario where the device remains connected to a local network but lacks internet access. This distinction helps administrators and users more quickly identify the source of connectivity issues and reduce troubleshooting time.

Network Disconnected

No Internet Connectivity

Local Access

When Intelligent Local Access (ILA) is enabled, the client now clearly indicates when a device is connected to a trusted private network. This provides additional visibility into ILA decision-making and helps confirm that local access policies are functioning as expected.

Sign Out

The new GSA client includes an account picker when a user signs out on Entra-registered or Entra-joined devices. This enhancement simplifies account management on shared or multi-user devices by allowing users to switch identities without fully reinstalling or reconfiguring the client.

The sign out option is disabled by default. It must be enabled by setting the following registry key.

HKLM\Software\Microsoft\Global Secure Access Client\HideSignOutButton DWORD = 0

User Session Detection

Because the GSA client supports only a single interactive Windows session, this new indicator helps quickly identify unsupported multi-session scenarios that may impact client functionality or troubleshooting efforts.

Other Changes

In addition to the new features and capabilities outlined above, these changes are also included.

  • Updated embedded .NET Runtime to version 8.0.26.
  • GSA Forwarding Profile Service now automatically restarts after a failure.
  • Improved detection and tunneling of agentic network connections.
  • Various bug fixes and performance improvements.

Summary

GSA Client v2.31.125 introduces several useful enhancements focused on troubleshooting, resiliency, and user experience. Improved network status visibility, Intelligent Local Access awareness, account sign-out support, and enhanced session detection provide administrators with better diagnostic capabilities while making the client easier for end users to understand and manage. Although this release remains in preview, administrators are encouraged to begin testing this latest release soon.

Additional Information

Microsoft Entra Global Secure Access (GSA) Client v2.31.125

Microsoft Entra Private Access Intelligent Local Access

Leave a comment
by Richard M. Hicks on June 4, 2026  •  Permalink
Posted in administration, Azure Active Directory, Azure AD, Azure AD Join, cloud, Cloud Service, Deployment, Device Management, Enterprise, enterprise mobility, Entra, Entra Global Secure Access, Entra ID, Entra Internet Access, Entra Private Access, Global Secure Access, GSA, Hybrid Azure AD Join, Hybrid Entra ID Join, Hybrid Entra Join, ILA, Intelligent Local Access, Microsoft, Microsoft Entra, Microsoft Entra Global Secure Access, Microsoft Entra ID, Microsoft Entra Internet Access, Microsoft Entra Private Access, Mobility, Operational Support, Remote Access, SASE, Secure Access Service Edge, Security, Security Service Edge, Windows 10, Windows 11, Zero Trust, Zero Trust Network Access, ZTNA
Tagged , , , , , , , , , , , , , ,

Posted by Richard M. Hicks on June 4, 2026

https://directaccess.richardhicks.com/2026/06/04/whats-new-in-entra-global-secure-access-client-v2-31-125/

« Older Posts