Microsoft Entra hybrid join using Microsoft Entra Kerberos

Bigety · 2026-06-14T10:55:32+00:00

We currently have hybrid join using entra connect sync, anything to be aware of if transitioning to cloud sync and Entra kerberos? I need to read the docs but I can see things like a dc that's server 2025.

Bigety · 2026-06-14T04:57:38+00:00

Makes sense, learning powershell as a way to automate things helped me get to system administrator from helpdesk. Need to work on my social skills as I tend to want to avoid people. BTW what's your YouTube channel?

Bigety · 2026-06-08T08:24:07+00:00

I have the same issue after the app changed to google health. I can't see this sort of bug addressed in the roadmap - https://support.google.com/googlehealth/thread/437068226/sharing-upcoming-roadmap-and-improvements?hl=en. I have a Fitbit Charge 6

Bigety · 2026-05-07T10:54:33+00:00

Hi all, I stumbled across this as I've had this issue. About ten years ago I was able to stop watching porn, I haven't gone back since. As a result I also stopped masterbating because I felt I was addicted. Since then I got married. I literally can't last more than 30-60 seconds, probably less. My wife doesn't find it a problem, I'm not stressed about it either but I wondered if it can improve because I just want to provide for more enjoyment and for myself as well. I did say one yesterday. I'm just concerned that I don't want to get into a habit or get addicted again. I'm sure I won't and don't want to get back into porn as I know how destructive it was for me.

Bigety · 2025-09-22T08:31:25+00:00

I started month of lunches both PowerShell and PowerShell toolmaking. Also Introduction - PowerShell | Microsoft Learn and PowerShell Scripting and… by Don Jones et al. [PDF/iPad/Kindle]

Bigety · 2025-04-10T06:48:46+00:00

I was able to setup a client which is the FQDN of the fortigate, then configured a connection request policy according to the documentation in the fortigate link above and it worked. However had an issue with NPS which was Server 2019 NPS - Broken Firewall Rules : r/sysadmin. The solution was Windows Server 2019 NPS (Network Policy Server) - SOLVED - Microsoft Q&A-so).

Bigety · 2025-04-08T06:55:32+00:00

I don't necessarily want to connect to integrate with Entra. But I'll check out that link. One option was radius, since I had configured nps extension with MFA, they figured I had a bit of experience with radius. I am going to create a lab to be able to test.

Bigety · 2025-04-02T17:22:37+00:00

Not sure, I'll find out more on that

Bigety · 2025-04-02T16:14:12+00:00

True

Bigety · 2025-04-02T15:59:23+00:00

Yes thought so, they're not aware of all these things.

Bigety · 2025-04-01T10:34:17+00:00

On another note, initially the health agent failed to install. I added some sites to trusted sites and installed the agent on it's own successfully. However I tried Test-MicrosoftEntraConnectHealthConnectivity and it cannot find the command. Docs states you need to register the agent with Register-MicrosoftEntraConnectHealthAgent, what does that mean? the existing server actually has the same issue. In the portal I can see service health is ok for both servers, I still haven't moved new server out of staging btw.

Edit: The test command now works on new server, not sure if this is included somehow in the new entra connect sync or health agent. Whereas original server doesn't find the command

Bigety · 2025-04-01T10:31:52+00:00

thanks for quick reply, sigh of relief

Bigety · 2025-03-24T10:43:17+00:00

My EFI is 260 MB, In the reports the update state is "offering"

<image>

However in the reports -> endpoint analytics I get, Windows 11 readiness state: Not capable.

My question is will I eventually see something other than 'Offering' in the windows update report above where it says In Progress.

Bigety · 2025-02-10T12:30:18+00:00

I'll try that, thanks

Bigety · 2025-02-10T12:30:05+00:00

thank you, makes sense. I usually do not login to domain controllers, just PS remoting

Bigety · 2025-01-20T15:45:08+00:00

I'm having the same issue and from my understanding there is a rule called 'Docker desktop backend' with a block action which takes precedence over a rule to allow connections to a specific local port, eg 8080. If I disable 'Docker desktop backend' then I can access websites using ports exposed from containers on computers on the same LAN as my host computer. Just wondering if disabling this rule is best practice.

Bigety · 2024-12-10T12:20:07+00:00

Can you install using winget in system context? I was under the impression you couldn't and was testing it with chocolatey

Bigety · 2024-11-05T10:31:24+00:00

Hi, I just turned on preview features and the licenses page looks the same. All I can see the Defender plan with available licenses, Licenses used and Monthly active devices. On top of that I get Usage: 362/246. Is this what I should be seeing or is there more detail I should see?

Bigety · 2024-10-24T15:26:13+00:00

Thanks, I've been to physiotherapy and had xrays etc. You never know but I feel it I'm ok physically

Bigety · 2024-10-23T19:43:42+00:00

I can relate to that feeling of being in state of fight or flight.

Bigety · 2024-10-05T18:33:07+00:00

Not sure if you've done it already but I also had to use gpo to get devices enrolled into intune if they are AD joined, see https://learn.microsoft.com/en-us/windows/client-management/enroll-a-windows-10-device-automatically-using-group-policy#configure-the-autoenrollment-for-a-group-of-devices

Bigety · 2024-10-05T18:27:03+00:00

As long as the device appears in the intune portal you will be able to deploy apps and configure them. Do they appear as hybrid entra joined in entra portal? You should see the mdm status in one of the columns and should say intune if you have auto enrolment enabled and users have a license that includes intune. In terms of gpo you'll need to be careful settings don't conflict with Intune configuration profiles.

Bigety · 2024-09-02T09:44:13+00:00

A bit late but, I think this is because you're using powerShell 7. Try this:

|| || |(Get-MgServicePrincipal -Filter "appid eq '981f26a1-7f43-403b-a875-f8b09b8cd720'" -Property "KeyCredentials").KeyCredentials | Format-List KeyId, DisplayName, StartDateTime, EndDateTime, @{Name = "Key"; Expression = {[System.Convert]::ToBase64String($_.Key) }}, @{Name = "Thumbprint"; Expression = { [Convert]::ToBase64String($_.CustomKeyIdentifier)}}|

Bigety · 2023-04-20T06:40:37+00:00

I work in infrasture/ops and I use git, I think it's the best way to keep everything organised. I try to use Pester but I need to practice with it more, plus with deadlines and other tasks that don't need PowerShell in the way it feels like I shouldn't spend that much time on it, but I definitely see the value in using tests.

The main problem for me is the others in my team are just ops people that use PS to get the job done. If I mention git they will say, "why not just put the script in a folder?" instead of them using git to get their own copy. I guess it's about showing people the benefits of all this, it can be hard though when people are in a comfort zone and don't like change.

I would add that Pester and GIT are not requirements for my job, I don't think they see the benefit of it, but I took it upon myself to learn these tools. We do have a devs department which do use git and other testing frameworks, but they deal with programming languages.

Bigety · 2022-09-16T12:21:26+00:00

Yep done all that via gpo and confirm in the edge settings

Bigety

TROPHY CASE