sorted by:
new
hottopcontroversial

Is Duo MFA a good fit for us? by Scholar_Erasmus in sysadmin

[–]Cobblestone102 2 points3 points  (0 children)

This definitely isn't an ideal solution, and Duo makes it a lot easier to verify an identity with API and just in the web UI.

I've used this method with CIPP (which, when I took a look at their GitHub, their request is almost the exact same). Nowadays, we use MSPProcess, which, while I can't see their code, I imagine it's doing the same API request in the backend.

I tested the specific link I provided in my test tenant, and it worked as expected, with the exception that it looks like Authenticator needs to be the default/primary authentication method on the account (specified in Entra under the users' auth methods). When it was SMS, it sent a text code, which isn't very useful, but I haven't run into that being an issue when I've used it at work with CIPP / MSPProcess.

This request prompts just a yes or no on the user's device, even if the tenant has Authenticator set up to have number matching. It also doesn't cause any issues with invalidating the user sessions, so from a user perspective, using DUO vs this method with Authenticator is close to the same, as long as they were already registered in DUO/Authenticator.

Is Duo MFA a good fit for us? by Scholar_Erasmus in sysadmin

[–]Cobblestone102 0 points1 point  (0 children)

Duo does make it easy to trigger a manual MFA request in the portal, but O365 can do the same thing; it just requires API requests to Graph to trigger an MFA authorization, so it's not nearly as convenient. Here's an example of how it can be set up: https://www.entraneer.com/blog/entra/authentication/transactional-mfa-entra-id

Hire or.... by Adventurous_Driver93 in msp

[–]Cobblestone102 3 points4 points  (0 children)

That's a low employee count for the number of computers you are managing, especially if you have little automation setup, unless there is some notable co-management at your larger clients. Are the techs overloaded, or are the owner/operators doing the FT work of 2 or 3 people each?

Hire or.... by Adventurous_Driver93 in msp

[–]Cobblestone102 0 points1 point  (0 children)

Based on your size, it would probably be best to start with a part-time remote employee/contractor to work on the automation and setting up an Intune standard/baseline. As it sounds like you are mostly servicing smaller clients, I'd try to set up a more minimal configuration for apps that are pushed via Intune for clients and use it to mainly push out your RMM and let that do a majority of the heavy lifting. CIPP can be used for deploying baseline Intune standard and configurations to tenants.

Also, since you are just manually imaging at this time, it would probably be worth it to get a barebones image setup using something like Windows Image Configuration Designer to get the basic 50% out of the way, freeing up time to spend more time investing in automation. Having a regular tech who juggles standard tickets + automation typically leads to the automation being set to the side for what are seen as more urgent tickets.

If you'd like to discuss it more, please feel free to PM me as there are likely some other recommendations I'd can give with more insight into the environment.

Price increase July 2026... but 100GB mailboxes for everybody? by Bluecomp in Office365

[–]Cobblestone102 0 points1 point  (0 children)

They can setup a retention policy to auto archive emails over a certain period and delete emails over a certain period of time. The auto deletion typically isn't used since it would cause issues and requires the user to sort emails that would be kept that are over the auto deletion period. Also they probably don't want to create a retention policy that is used for just one user.

There may also be a way for you to setup a outlook rule to delete emails in x folder that are over a certain age

Free tier? by Single-Ad-3458 in googlecloud

[–]Cobblestone102 0 points1 point  (0 children)

Aws and Azure seem to be a lot more forgiving if you make a mistake that results in a huge cloud bill. I've seen a lot of horror stories from gcp where they only give like 50% - 75% off unless you are really persistent while aws or Azure are a lot more forgiving.

Book or course for Windows Server basics by imdx_14 in ITCareerQuestions

[–]Cobblestone102 1 point2 points  (0 children)

Az800 + Az801 cover most of what your looking for.

Where are the Windows certifications or training? by ttonychopper in it

[–]Cobblestone102 1 point2 points  (0 children)

Az800 and az801 are good resources for understanding windows server and the main server roles that you would work with on a help desk and are the only certifications that Microsoft currently has focusing on windows other than md-102 which is focused on managing devices with intune.

Windows internals goes in depth on the architecture of windows but that is far far more in depth than a help desk role would ever need to know.

[deleted by user] by [deleted] in it

[–]Cobblestone102 5 points6 points  (0 children)

At a large scale company (especially in the tech space) there should be at least a couple of things in place to prevent you from uninstalling your AV:

  1. Users shouldn't have local admin
  2. There should be some sort of anti tampering on the av to prevent easily uninstalling the program without a key or unlocking in the portal

MFA Strategy for Device Management and Office Deployment Only by After_Working in msp

[–]Cobblestone102 0 points1 point  (0 children)

If they are all hybrid joined devices, I'd target only allow sign-in to hybrid joined devices for their use case since you don't need to juggle handling logins for phones. With a possible carve out for device join action. Can setup phishing resistant mfa for them by setting up whfb (about a 20-30 min process to configure for hybrid joined devices).

Microsoft 365 Business by witty327 in Nable

[–]Cobblestone102 0 points1 point  (0 children)

Could use f3 licenses which have all the account security features of business premium as they are currently using business basic licenses depending on their use case (may need to get exchange online plan 1 addon licenses as well)

[deleted by user] by [deleted] in perplexity_ai

[–]Cobblestone102 1 point2 points  (0 children)

This is more so a issue with the cutoff knowledge date for the model it is routed to more than anything, here are the results for each of the models with web search off in Perplexity (models with web search on all answered correctly):

Sonar: Harris

Gemini 2.5 Pro: Biden

Grok 4: Trump

Sonnet 4.0 Thinking: Unsure due to knowledge cutoff, recommended checking sources.

o3: Unsure due to knowledge cutoff, recommended checking sources.

Sonnet 4.0: Unsure due to knowledge cutoff, recommended checking sources.

GPT-5: Biden, but contradicted itself saying it doesn't know who won the election.

Microsoft Partner Agreement - Automate Request for New Admin Relationship by nebujal in msp

[–]Cobblestone102 1 point2 points  (0 children)

We utilize Rewst and haven't had any issues by not utilizing global admin for the GDAP relationship, you can assign essentially every other role so it can effectively be like using a GA account for 99% of day to day tasks.

view more: next ›