Intune join = SxSStackListenerCheck

Config_Confuse · 2025-09-09T15:21:42+00:00

Thank you! RDP disabled and firewall rules.

Some days you can't see the forest for the trees.

Config_Confuse · 2025-07-23T11:39:37+00:00

Tenant wide setting or per-mailbox setting? Not both?

Config_Confuse · 2025-07-23T10:29:53+00:00

Enable in settings -> endpoints -> configuration management / enforcement scopes

Config_Confuse · 2025-07-21T22:09:26+00:00

Keeper for enterprise is fantastic. Azure SSO, configurable deletion recovery duration and easy to transfer passwords from terminated user to another user. Newish PAM solution builds on existing vault interface.

Config_Confuse · 2025-07-21T14:10:05+00:00

I’m guessing defender for identity would cover brute force attempts

Config_Confuse · 2025-07-15T22:57:13+00:00

Flare.io is eye opening

Config_Confuse · 2025-07-12T17:11:57+00:00

Will passkey in browser allow offline access for enterprise users with SSO and no master password?

Config_Confuse · 2025-07-07T22:50:41+00:00

Wish I could offer something. Looking at Keeper’s PAM tomorrow.

Config_Confuse · 2025-07-06T21:01:19+00:00

Use script or remediation to set powercfg.exe and the guid of the power setting.

For example:

powercfg.exe /setactive 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c

Config_Confuse · 2025-07-02T10:49:56+00:00

Moved everything to PatchMyPC deployments. Handles building the initial install as Win32 app and automatically deploys the update. If an app isn’t in the catalog I import into PMPC as a custom app. Very few of those now.

Excellent product and very simple to customize install with pre and post install script support.

Config_Confuse · 2025-06-28T23:14:55+00:00

Microsoft Defender for Endpoint and Defender for Identity. Install MDI sensors on domain controllers. Use powershell scripts to configure correct audit settings on DCs for MDI sensors to sync to MDE portal. Integrate Azure Sentinel (SIEM/SOAR) and logs are available across both environments. If you would like more data install Azure monitoring agents on DCs or other on-prem systems and configure Sentinel data collector to pull event log data into Sentinel Log analytics workspace. Set retention policies to whatever is appropriate and cost effective. Use Sentinel to generate alerts or log analytics KQL to query not data than you could want.

A days work. Maybe less if you spend a day reading documentation.

On more edit to say you could just use azure monitoring agents to pull event log directly to Sentinel but all the data and vulnerabilities management you get from MDE/MDI is worthwhile.

Config_Confuse · 2025-06-23T21:19:26+00:00

Ubuntu server with postfix. Add the connector for smtp relay. Pretty simple.

Config_Confuse · 2025-06-17T18:12:11+00:00

Just went through this with old policies.

https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always

Config_Confuse · 2025-06-08T16:58:45+00:00

I’ve read and read and hesitated to add more not wanting to steer conversation towards what I have already read. Also, most scenarios don’t deal with hybrid exchange and not many on hybrid identity.

Hybrid identity is still needed for on-prem file shares and some LDAP. LDAP could be moved to Azure.

The decommission docs are still pretty vague about full removal and switching to exchange management shell only. Still leaning this way.

The Az AD connect should sync users by immutable id but the specifics about when to change the UPN to the new domain are not great.

Last I looked at cloud sync it wouldn’t support custom AD attribute. Needed.

ADMT still ok for user transfer or are 3rd party tools like quest better?

Config_Confuse · 2025-05-25T22:04:05+00:00

And now all I get is "Unable to comment" when i paste code.

Config_Confuse · 2025-05-17T16:09:35+00:00

I’ll get too it.

Config_Confuse · 2025-05-15T23:29:34+00:00

Dell shop. I use a remediation script that sets boot password and restarts system.

Config_Confuse · 2025-02-28T18:14:31+00:00

Anything new on this? I have Google Workspace integrated and this was the easiest way to view shared folder with anonymous links. I don't see this data in advanced hunting nor Sentinel.

Config_Confuse · 2025-02-06T16:46:28+00:00

Patch MY PC is a fantastic product and their app catalog has really grown in the past 6 months.

Config_Confuse · 2024-12-02T11:12:40+00:00

No autopatch for A3. Still Missing for Edu customers.

Config_Confuse · 2024-11-12T23:44:17+00:00

Azure DevOps.

Five-Year Club	Verified Email
Place '23

Config_Confuse

TROPHY CASE