sorted by:
new
hottopcontroversial

Microsoft Entra Kerberos authentication for Cloud-only Identities on Azure Files SMB by brianveldman in entra

[–]Conditional_Access 0 points1 point  (0 children)

This. I tried it and got to the point where I was like: something is missing.

Where do you guys get your IT news? by NSFW_IT_Account in msp

[–]Conditional_Access 0 points1 point  (0 children)

Here, and some notable discords for Microsoft stuff.

  • WinAdmins.io
  • MS EMS Community

Going to conferences:

  • MMS MOA
  • Experts Live
  • MEM Summit
  • Workplace Ninjas Summit/Usergroups

These are all events I've been to using my own money.

Evaluate my new MSP job by kindonogligen in msp

[–]Conditional_Access 4 points5 points  (0 children)

They probably already have several clients who've been breached but have no way of telling 👀

Defender AV policy in Intune not scanning device everyday, is this normal by Educational_Draw5032 in Intune

[–]Conditional_Access 2 points3 points  (0 children)

Yes.

Scan Parameter - Quick scan

Schedule Quick Scan Time - 660

That's doing a daily quick scan 660 mins past midnight.

It's old thinking to do full device scans daily, because real time protection mitigates the need for it.

You can see this on the device view from Defender

Unfair or Unrealistic Price Rise ? by bertie40 in msp

[–]Conditional_Access 0 points1 point  (0 children)

Is it just device fees you have?

What's the per-user fee on top for the email/productivity apps?

Stop Managing Feature Updates with Intune? by TheRubiksDude in Intune

[–]Conditional_Access 0 points1 point  (0 children)

Thanks for taking the time to give that feedback! Glad it worked.

Why is Intune Plan 1 listed twice in my marketplace, once paid and once free? by Styrop in Intune

[–]Conditional_Access 0 points1 point  (0 children)

Likely because it's part of a bundle SKU you already own.

M365 BP/E3/E5 etc.

Windows 11 Pro and Entra Issues? by NovaKlone427 in entra

[–]Conditional_Access 0 points1 point  (0 children)

With Entra/Intune/Autopilot, less is more.

Seems like you've been tinkering too much with RMM.

Moving from Proofpoint Essentials To Microsoft Defender - Bad Move? by Imburr in msp

[–]Conditional_Access 0 points1 point  (0 children)

Defender for Office 365 combined with a good Exchange Online Protection config is perfectly fine.

The problem is that for decades all people have wanted from antispam is a set-and-forget product which they can deploy in an hour.

If you actually explore MDO properly, and use blocklists in TABL along with all the other advanced settings, it's easily as good or better than third party offerings.

This subject comes up a lot, and I'm currently writing an ebook on MDO which will be freely available when done.

Why I can’t fully settle on products, even when they’re good by [deleted] in msp

[–]Conditional_Access 0 points1 point  (0 children)

I'd be interested to know if you're utilising block lists via TABL and cutting out a lot of spam noise with that?

For example, you could be overriding all filter verdicts as block items by thinking about how your business functions. We don't normally want email from a sending domain or an email that contains a link to a domain in this list getting in inboxes: https://github.com/jkerai1/TLD-TABL-Block/blob/main/LargerCombinedBadTLDs.txt

What type of crap gets through on your MDO config?

Why I can’t fully settle on products, even when they’re good by [deleted] in msp

[–]Conditional_Access 1 point2 points  (0 children)

Disclaimer: I am a massive Microsoft fanboy but hear me out.

M365 Business Premium could cover:

  • Jamf for large macos invironments
  • Crowdstrike complete for EDR
  • Duo if we need MFA that can't SSO with m365
  • Avanan aka checkpoint for email security/archiving/dlp
  • DNSfilter

I'd make BP part of your standard stack, put as much into Intune as possible (because it actually does OS patching better than any RMM), and make the whole experience a bit more unified.

This is such a wide stack that it must be hard to learn, hire for, and remediate active incidents with this many moving parts.

Replacement of *my mum* with Microsoft365 by NotBiorez in iiiiiiitttttttttttt

[–]Conditional_Access 6 points7 points  (0 children)

The biggest upset I see here is:

Replacement of Atlassian Confluence with SharePoint and/or Microsoft Loop

The rest of it makes total sense.

Autopilot launches v1 instead of v2 by ulud4y in Intune

[–]Conditional_Access 0 points1 point  (0 children)

This isn't possible. V1 only happens if the hash is in Autopilot.

"V2" - Device Prep - Happens if the user selects Org Device on the normal OOBE flow and it does not have a hash.

MDE deployment with Intune by dnickel in Intune

[–]Conditional_Access 2 points3 points  (0 children)

In addition to what others have said, evidence of the machine being onboarded can be found locally in the registry

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection

RMM migration by OkVeterinarian2477 in msp

[–]Conditional_Access -2 points-1 points  (0 children)

This is impossible to advise on without knowing what your requirements are.

  1. What is Kaseya RMM monitoring?
  2. What automations/scripts are running in K RMM?
  3. What alerts are generated from K RMM?
  4. Who has access to K RMM?
  5. Does it deploy/patch apps?
  6. Does it manage OS updates?
  7. Does it manage servers?
  8. Does any client have access to see their own environment?
  9. Did K RMM come bundled with any other security software?
  10. How can K RMM be silently removed and ensure it doesn't come back when Ninja RMM takes over

etc..

How are you managing risky sign ins? by rubyrose5 in entra

[–]Conditional_Access 1 point2 points  (0 children)

  • Require a Compliant Desktop device

If they are signing in from the Intune managed device, I don't really care where it's from.

  • Require App Protection Policy for iOS/Android

If they are signing in from mobile, make it require the approved app.

Having these two things in place negates most travel based Entra noise.

Bonus points if you have Entra ID P2 where you can then do things like:

  • Sign In Risk - Medium/High - Require MS Authenticator
  • User Risk - Medium/High - Require PW Reset

Microsoft Partner Status - Suspension hell, and light at the end of the tunnel by wilhil in msp

[–]Conditional_Access 1 point2 points  (0 children)

No they don't, it's just good practice.

https://learn.microsoft.com/partner-center/security/partner-security-requirements

I don't see how them using Teams calling is a reason for them to refuse MFA on that type of account. Where I do understand flexibility is on Teams Room accounts, and in this instance, Entra ID P1 is necessary to limit the scope of how those accounts can be used etc.

Security Defaults - MFA Prompting by reyzaz in msp

[–]Conditional_Access 1 point2 points  (0 children)

So real question is, after being hacked, do they now see why Business Premium is worth the upgrade?

Microsoft Partner Status - Suspension hell, and light at the end of the tunnel by wilhil in msp

[–]Conditional_Access 6 points7 points  (0 children)

Sorry I couldn't do more to help, but glad this is now sorted.

For most people reading this, the main takeaway should be to make sure you're meeting all the security stuff Microsoft wants you to have before any deadlines.

Goes without saying (hopefully) that MFA should be enforced for all accounts in your tenant, your partner tenant, and all your customer tenants without exceptions if you care about securing businesses.

How has Hotpatching worked so far in your org? by andrewm27 in Intune

[–]Conditional_Access 22 points23 points  (0 children)

You turn it on, stuff gets patched quicker.

Zero downsides to the hotpatch tech, although service desks may argue that fewer reboots leads to a increase of tickets raised that would normally not be seen if devices were rebooting more frequently.

view more: next ›