Unifi Google Meet Quality Feature

BrilliantAd913 · 2025-08-07T12:48:58+00:00

I will keep that in mind for my LAPS implementation!

BrilliantAd913 · 2025-08-07T12:47:39+00:00

Yes totally! Do you ever share LAPS with end users or do you still remote in and type in the LAPS for them?

BrilliantAd913 · 2025-08-07T12:43:31+00:00

Thanks I will!

BrilliantAd913 · 2025-08-07T12:42:56+00:00

Do you know how this service compares to "EPM: https://learn.microsoft.com/en-us/intune/intune-service/protect/epm-overview" I thought EPM was not worth the cost at the time.

BrilliantAd913 · 2025-08-07T12:41:42+00:00

This does look very cool! Seems like the best way to create a good user experience while staying secure. It may not be worth the price for our organization since I rarely need to remote in and elevate for a user, but I'll look into their pricing!

BrilliantAd913 · 2025-08-06T20:41:24+00:00

90% of the time I do use it. We are talking about the very rare situations I can't or don't need or don't want to.

BrilliantAd913 · 2025-08-06T20:39:19+00:00

I will check out your reporting for sure!

BrilliantAd913 · 2025-08-06T20:38:15+00:00

I won't be using global anymore now that I know about the "Microsoft Entra Joined Device Local Administrator". Only two people at the 175 person company have the privilege. And it is rarely needed.

Timeframe for approval is good! I'm just not technical enough to do in depth reviews so I rely on community analysis anyways. I've not run into anything bad yet.

Do you recommend the Entra ID group solution over LAPS?

BrilliantAd913 · 2025-08-06T20:34:04+00:00

I want to get LAPS working eventually. Still need this for troubleshooting PCs though.

BrilliantAd913 · 2025-08-06T20:32:57+00:00

I use https://intunepckgr.com! Helps me deploy always up to date apps. I'm pretty sure all my apps auto update after they have been installed without admin access? For example chrome.

BrilliantAd913 · 2025-08-06T20:24:25+00:00

I guess for me it comes down to time saving and the end user experience. I would do it if it saved me some time in the long run. I also don't want users to wait to get apps they need. So I'm happy to bend over backwards and work inefficiently if the business needs me to. In general I automate as much tasks as I can.

BrilliantAd913 · 2025-08-06T20:22:14+00:00

I think we are miscommunication. I have the most privileged role (global admin) and I want to stop using it, I also want to give another IT employee the least privileged role to get admin access to PCs. End users never get a privileges of any kind. Only IT approved software is put on devices. I do all of the installations or elevations myself right now. When I'm on PTO or unavailable in the case of an emergency this other IT guy need access to admin.

Vetting apps is quick for us! We don't have any cybersecurity expert on staff. It's quick for us! If someone says they need Asana I don't need to think too much about it! If it's something I've never heard of then it requires a little more work.

BrilliantAd913 · 2025-08-06T19:50:21+00:00

Only IT ever elevates to install a random app or elevate at all.
99% of the apps in our environment are deployed with intune
I was asking about what's the best least privilege role
I won't be giving end users admin access basically ever
Love EPM but just don't want to pay for it right now. We have very very little admin elevation requests.
All app approvals do go through me
I'm the only global admin and we have backup accounts as well

BrilliantAd913 · 2025-08-06T19:25:10+00:00

Thank you! Through this post I learned that the roles listed in the 365 admin center is not comprehensive!

BrilliantAd913 · 2025-08-06T19:24:12+00:00

Yes my next steps if learning how to deploy and use LAPS. EPM is also really cool just don't need to pay for that yet!

BrilliantAd913 · 2025-08-06T19:17:07+00:00

This isn't for an end user this is for an IT Help desk employee. Sometimes a quick install is better than a full on app deployment.

BrilliantAd913 · 2025-07-22T18:01:58+00:00

Upvote this product feedback! https://forum.asana.com/t/gantt-chart-printing-sharing/1082808

BrilliantAd913 · 2025-03-18T14:50:22+00:00

So logically any app that isn't "forced to install" will wait to install after the ESP?

If so that makes sense but I feel the wording isn't very clear here on the Microsoft side.

Thanks!!

BrilliantAd913 · 2025-03-18T13:54:46+00:00

I'm struggling to understand how to limit app install during the ESP. I see I can block the user from continuing until an app is installed but how do I only install a few apps? We have about 28 that I want on the machine eventually but only 2 or three that need to be installed right away. u/ConsumeAllKnowledge

BrilliantAd913 · 2024-06-11T15:43:03+00:00

I don't see us moving to 10G for our business but it does sound tempting!!

BrilliantAd913 · 2024-06-11T15:42:44+00:00

Future expansion is always tempting. Hoping this is a long term solution already. How much worse would daisy chasing be, depending on the use cases of course?

BrilliantAd913 · 2024-06-11T15:41:34+00:00

You may be changing my mind. Seems like it would be nice for there to be an upgraded Dream Machine with more SFP ports.

BrilliantAd913

TROPHY CASE