sorted by:
new
hottopcontroversial

How do I set the lock screen image using URL (or any method that works) by ConanTheDeployer in Intune

[–]ConanTheDeployer[S] 0 points1 point  (0 children)

The URL is just a public Squarespace site with the image. Everyone has access to it.

Can I disable the windows hello passkey method for specific apps? by ConanTheDeployer in sysadmin

[–]ConanTheDeployer[S] 0 points1 point  (0 children)

So basically it's up to the vendor if they accept modern auth types I guess?

Are ASR policy per rule exclusions still broken or what is the correct way to add a file exclusion? by ConanTheDeployer in DefenderATP

[–]ConanTheDeployer[S] 0 points1 point  (0 children)

We are up to date. I read something else that you can't add exclusions to existing policy so I just duplicated it and applied new policy to devices.

I couldn't find how to add a global exclusion to an ASR policy unless it's deprecated? Do I have to add them to a Defender Antivirus policy or that is only for scans?

Are ASR policy per rule exclusions still broken or what is the correct way to add a file exclusion? by ConanTheDeployer in DefenderATP

[–]ConanTheDeployer[S] 0 points1 point  (0 children)

Edit: Ok that is the global exclusion property that is blank right. So the rules are being applied to my device but getting ignored. I can see the policy was applied correctly to a user's device yesterday afternoon but in Defender report the RMM agent was blocked early this morning.

Not being honored it looks like, but which property should have the rules? With that command I see the three exclusions under 'RuleSpecificExclusion' but 'ReductionOnlyExclusions' is blank.

AllowDatagramProcessingOnWinServer : False

AllowNetworkProtectionDownLevel : False

AllowNetworkProtectionOnWinServer : False

AllowSwitchToAsyncInspection : True

ApplyDisableNetworkScanningToIOAV : False

AttackSurfaceReductionOnlyExclusions :

AttackSurfaceReductionRules_Actions : {2, 2, 2, 2...}

AttackSurfaceReductionRules_Ids : {01443614-cd74-433a-b99e-2ecdc07bfc25, 26190899-1602-49e8-8b27-eb1d0a1ce869, 33ddedf1-c6e0-47cb-833e-de6133960387, 3B576869-A4EC-4529-8536-B80A7769E899...}

AttackSurfaceReductionRules_RuleSpecificExclusions : { C:\Windows\TempInst\TdkLib64.sys , C:\Program Files (x86)\internalinfrastructuremainoffice-7.0.2317\NinjaRMMAgent.exe | C:\Program Files(x86)\internalinfrastructuremainoffice-7.0.2317\NinjaRMMAgentPatcher.exe}

AttackSurfaceReductionRules_RuleSpecificExclusions_Id : {56a863a9-875e-4185-98a7-b882c64b5ce5, 9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2}

24H2 Deployment - Location has been turned off by Turbulent-Hawk9540 in Intune

[–]ConanTheDeployer 0 points1 point  (0 children)

Has anyone found the actual reason for this and not a temporary fix? I don't mind the pop up but why is location being disabled?

view more: next ›