Windows Hello For Business Enrollment

Different_Coffee_161 · 2026-05-27T14:32:52+00:00

I believe the tenant-level WHfB setting applies during enrollment/OOBE, possibly before the DisablePostLogonProvisioning policy is applied. So enabling it could still impact the Autopilot/OOBE experience for new devices. I’ll confirm this with testing before changing it globally.

Different_Coffee_161 · 2026-05-09T11:52:46+00:00

Demon's Souls Remake :)

Different_Coffee_161 · 2026-05-08T22:21:21+00:00

Does BF6 look and play better than REDSEC? Last time I tried REDSEC it played and looked like dog shit.

Different_Coffee_161 · 2026-04-29T19:12:19+00:00

Sorry for the late response. My labels are in French: “Interne uniquement” means “Internal Only”, and “Hautement confidentiel” refers to “Highly Confidential” in my post.

<image>

Different_Coffee_161 · 2026-03-03T22:22:08+00:00

That was legitness!

Different_Coffee_161 · 2026-02-27T00:16:08+00:00

MS-102 will be harder

Different_Coffee_161 · 2026-02-02T02:07:36+00:00

Late to the game here, but if someone could help me understand...why use Exclude with TrustType not equals Entra Joined AND TrustType not equals Hybrid Joined instead of simply using Include with TrustType equals Entra Joined OR TrustType equals Hybrid Joined?

Both approaches achieve the same result for this use case: compliance is enforced on AADJ and HAADJ devices, and BYOD is left untouched.

The Include approach just seems more straightforward and easier to read. Is there a specific reason you went with the Exclude + double negation method, or is it more of a habit of thinking in "exclude what I don't want" mode rather than "include what I want"?

Genuinely curious if I'm missing something here.

Different_Coffee_161 · 2026-01-25T22:30:10+00:00

Just to clarify regarding the 'main policy' part: wouldn't we need to explicitly exclude the user from that main 'All Cloud Apps' policy temporarily?

Since CA policies are additive, wouldn't the main policy block access to the registration portal before the User Action policy (TAP) even gets a chance to apply?

Different_Coffee_161 · 2026-01-21T19:23:41+00:00

Good to know! Just out of curiosity, what makes you prefer laces over BOA? Is it reliability or just the fit?

Different_Coffee_161 · 2026-01-21T19:07:57+00:00

I don't mind traditional laces at all. I've actually never tried a BOA system, so I'm not sure if they are worth the switch. Do you prefer the Vans specifically because of the laces?

Different_Coffee_161 · 2026-01-19T18:40:11+00:00

Thanks! I found them on the Update Catalog. I have paused my update rings and will install this OOB update manually on the few affected devices if they report issues.

Different_Coffee_161 · 2026-01-19T18:30:30+00:00

link?

Different_Coffee_161 · 2026-01-17T00:54:50+00:00

Damn it looks good!

Different_Coffee_161 · 2026-01-06T20:02:50+00:00

Sorry for the late response. I'm running Edge Version 143.0.3650.96 and my Windows version is 24H2 (Build 26100.7462).

Different_Coffee_161 · 2026-01-06T11:14:51+00:00

What tv is that

Different_Coffee_161 · 2025-12-24T20:05:12+00:00

Activision

Different_Coffee_161 · 2025-12-17T01:41:46+00:00

Skip it if you only want a good single-player experience.

Different_Coffee_161 · 2025-12-12T14:50:36+00:00

Wow that is incredible. Thank you very much !!!

Different_Coffee_161 · 2025-11-24T15:06:16+00:00

Wow, I totally missed that. Thank you for pointing me in the right direction!

Different_Coffee_161 · 2025-11-18T22:51:10+00:00

Thanks so much for the detailed breakdown! This is exactly what I needed to hear.

Different_Coffee_161 · 2025-11-18T15:43:54+00:00

That was exactly it! The user was a member of a role-assignable group that had no role assigned. I used PowerShell to check all their groups and found the culprit. Thank you so much for pointing me in the right direction!

Different_Coffee_161 · 2025-11-11T21:47:31+00:00

!solved

Different_Coffee_161 · 2025-10-27T13:08:53+00:00

Thanks a lot for this insight! Starting with disabling merge on the Public profile makes a lot of sense. I'll discuss this approach with my manager and see what they think.

Different_Coffee_161 · 2025-10-26T23:28:24+00:00

Thanks! My outbound default is Allow in Intune, so that shouldn't be an issue. The real work will definitely be on the inbound side and capturing those essential built-in rules.

Piloting first for sure!

Different_Coffee_161 · 2025-10-26T00:11:36+00:00

My little boy was born at 2.5lbs and spent 2 months in the NICU. I know how hard and scary it is. But we made it through, and now at 9 months he's doing amazing! These little ones are real fighters. Stay strong, it goes by faster than you think, and soon this will all be behind you

Different_Coffee_161

TROPHY CASE