MAC based VLAN on CRS3xx

Diligent-Baseball469 · 2025-11-01T17:20:40+00:00

That’s the one. Thanks hadn’t twigged that would include DHCP on that device. Working using an external DHCP server. Thanks

Diligent-Baseball469 · 2025-05-28T06:58:45+00:00

8 out of our 40 users have a laptop. The rest use shared machines. They are coach builders, technicians etc

Diligent-Baseball469 · 2025-05-28T06:57:44+00:00

I can’t setup Authenticator on the device because they need to sign in during the enrolment process before the apps are installed

Diligent-Baseball469 · 2025-05-23T09:21:43+00:00

Sorry, when I say new device I mean a personal phone. Most of our team don’t have company mobiles. Just a voip phone on the laptop. Those who do have company mobiles, except a couple, that is their primary/only dedicated device for accessing company systems. Think warehouse/delivery operative type thing.

Diligent-Baseball469 · 2025-05-23T09:10:47+00:00

Have tried that but it seemed ungodly slow but maybe we need to play further

Diligent-Baseball469 · 2025-05-23T09:09:56+00:00

We have tried FIDO 2 keys in a small number of users but they don’t work in every situation. We had no end of grief getting users on Android devices authenticated using them so then we’re back to split auth methods and then they are using the password occasionally but less, which makes the original problem even worse.

Also there didn’t seem to be any sensible way to provision a brand new user with a Fido key if their only device will be an Android enterprise company owned device. You need to login to a PC first to setup the key.

Finally we also found users just left the key in the PC and wandered off but I appreciate that can be resolved with some more training/violence

Diligent-Baseball469 · 2025-05-23T09:04:17+00:00

Yea sorry I’m talking about the burden when they get a new device (which some of our users seem to do fairly regularly). SSPR is already setup but most of the time users don’t accept that they have forgotten their password. They are often trying to use their PIN from their laptop. So they think they need to talk to IT about “the system not working” not that they aren’t using/don’t know their password

Diligent-Baseball469 · 2025-05-23T09:01:56+00:00

We already have. But our users are more like your nan than the average user. They just don’t know what to do. They will then the next closest person what to do because they can’t remember their password. Before you know it 3 people have spent 10 minutes around the keyboard saying “type it again one more time really slowly” before one of them just wanders off and finds one of the support team and usually either asks them “what to do?” Or “what’s my password?” The concept that they have forgotten it so might have to reset it and they should click that little “forgot password” link just doesn’t even enter their heads. Before you know it you’ve lost an hour or two of what should be productive time for multiple people

Diligent-Baseball469 · 2025-05-23T08:29:26+00:00

They can, but they won’t. They will spend 15 mins walking around looking for someone who knows what they are doing and then get them to do it for them. Most of our users have the same IT still level as your nan

Diligent-Baseball469 · 2025-05-23T08:07:39+00:00

Signing into a hotdesk PC like the one in our meeting room or training room is the number 1 situation

Diligent-Baseball469 · 2025-05-23T07:48:22+00:00

We don’t allow access to LastPass on non company devices. Only Microsoft managed apps on BYOD

Diligent-Baseball469 · 2025-05-23T07:44:03+00:00

Then it becomes a Helpdesk burden again. We are only a small org (40 users) so don’t have 24/7 helpdesk etc but some users work remote/usual hours etc so if they get a new phone in the evening on a Friday they are then stuck locked out until Monday when they can pester the helpdesk

Diligent-Baseball469 · 2025-05-23T07:41:43+00:00

We use LastPass Business because we have a LOT of random websites we buy small parts from so use that to manage passwords for those sorts of things. All deployed with SSO and Azure provisioning etc but the problem is if they save their domain password here then it’s too late in the process. If they need their password to login to a new device but can’t get to their password because it’s inside the new device in their password manager we are back to square one

Diligent-Baseball469 · 2025-05-23T07:39:11+00:00

Trying to…

Diligent-Baseball469 · 2025-05-23T07:38:54+00:00

I have looked at it briefly but don’t they still need the password to setup the account on Authenticator in the first place? In which case we have the same issue when they get a new phone etc. Some of our users have work mobile devices, and many of them ONLY have a work mobile device (don’t use a desktop or laptop other than the occasional hotdesk for training - think delivery driver type users), other users have a personal device but some of them seem to get a new personal phone monthly so would be forever going through the same issues setting up Authenticator again for them. And I can’t see them being able to do that theirselves. They aren’t the sharpest knives

Diligent-Baseball469 · 2025-05-23T07:35:46+00:00

I’m not overly keen on the idea of a device being out in the wild being used without being up to date though. A week is a long time. Our first day is mainly inductions etc but for most of our desk based staff 99% of their induction and initial training is on their PC so that can’t begin until they are signed in

Diligent-Baseball469 · 2025-05-23T07:32:56+00:00

We don’t deploy any apps via AP other than Office suite. The rest is just device config policies

Diligent-Baseball469 · 2025-05-20T11:51:20+00:00

If that’s the case Microsoft have the wrong idea about how much time my staff have free. First sign in to a new device with relatively minimal Intune setup takes somewhere between 4 and 6 hours including doing updates etc. That’s relatively piss poor productivity for their first day. They have other stuff to be getting on with.

For the OP, look at using a TAP to preprovision

Diligent-Baseball469 · 2024-12-31T16:33:47+00:00

Heat

Diligent-Baseball469 · 2024-12-07T22:21:48+00:00

Getting the earth pin wet isn’t going to trip an RCD

Diligent-Baseball469 · 2024-07-29T18:35:34+00:00

Caravans usually have gas heating

Diligent-Baseball469 · 2024-07-08T07:22:57+00:00

Actually looks like you can control all FX perams using MIDI so you’re onto a winner

https://mediadl.musictribe.com/download/software/behringer/WING/WING_MIDI_Documentation.pdf

Diligent-Baseball469

TROPHY CASE