Great content and a well-structured demo! I have a few questions regarding the Adobe settings you used, if you don't mind.First question, in your example, you created an elevation rule policy specifically for Adobe, targeting Fred as a user. I’m wondering: is it possible to apply this rule to all users within your tenant, rather than just Fred? Second question, besides the method you used to configure this policy for a specific app (in this case, Adobe), how would the configuration differ if the application is set as a required or available app for enrolled devices through the Company Portal?

simple and clear, thank you for the video

This was really helpful, thank you!

Very cool. So this is very similar to Group Policy "Software Restriction Policy" only more robust. I used to whitelist apps in that.

Thanks Jonathan, very helpful

Great video! What is the great benefit over this instead of publishing the allowed apps via Company Portal as available? The first part about the idea of blocking is great.

some of these cloud solutions like intune has these cool features like this - but with AD + GPO in a local environment, you cannot do these things natively unless you use a third party integration.

Intro was amazing!

7:00 Where do you set up which email the request will be send to?

This is insane, I was setting this up a few days ago, if you uploaded this video sooner it would save me hours :D

Thanks for all the wonderful stuff ♥

At my previous company they used AutoElevate for this, I'm not sure how to compare licensing/pricing but AutoElevate does have a few more additional features eg. mail notification to admins as requested below. But very interesting video thank you Jonathan

This is amazing John especially the part with deny and using that to filter a lot of junkware! This is a first party alternative to Admin By Request which has been great where I have used it as well. Ill have to look, did you do one on PIM too?

What do you use to have that virtual machine?

Excellent video, Very very good how you do the demo, that is very important to understand the concept. excellent video 😁😁😁😁😁

Hej . I have followed your instructions and made a back up disk to a spare external HD. Great, now how do i use it if something goes wrong on my laptop ? I have another laptop that had the ususal updates etc and after updates the screen went black, well you can see some kind of bluish black on the screen but i cant get into it. Is there a way i can get into my laptop without taking it into a repair shop ? Thanx

i have q about this :) is there any mail notifications for admins about user request to install an app?

Thank you for the excellent video, it was very informative. I use the company portal where applications are available for users to install since both .exe files and the Microsoft Store are blocked for me. The issue is that the new Microsoft Teams has to be installed separately. Could you create a video on how to install custom applications using the company portal?

what about an app you gave elevated permissions to install. What if you want to allow the same user to be able to uninstall ? I am running into that now, where it's asking for admin credentials for uninstallation.

10:00 Specific policy for each app seems stupid, why not just package the app to Company Portal. I can see if there is an app that is not possible to automate the installation but othervice I dont get the point. Love your videos though :D

This falls short of something like ThreatLocker, doesn't it?

this is unreal, but from an MSP point of view how to we know that a support request has gone to enpoint manager, can an email be sent to our helpdesk as a ticket so we know to go review and approve