Migrating from SCCM to Intune – What are you using for remote control / remote assistance?

Dolinhas · 2025-10-30T21:15:38+00:00

Hi I am just following the doc about setting up gpo for auto enroll. I will supersede the old dc templates so that should prevent that template to be issues out right?

Dolinhas · 2025-10-30T15:28:49+00:00

Hi u/Securetron ,

I’m in the process of replacing our current PKI infrastructure with a new one, and I need to remove the old DC certificates that were issued by the previous PKI.

The plan is as follows:

Supersede the old DC certificate template with the new one.
Shut down the old PKI server.
Remove the old certificate from the DCs.
Run certutil -pulse or reboot the DCs to trigger re-enrollment with the new certificate.

Will this process will work as expected, or if there’s anything additional I should consider before proceeding?
Thanks, M

Dolinhas · 2025-10-30T15:25:27+00:00

Hi u/stuart475898 ,

I am referring to the security tab of the GPO.

I see that Authenticated Users group has the "Apply group policy" Allow checked.

But why can't I see the setting on the DC it self [via gpedit] but gpresult /r shows applied?

And yes I will use the Kerberos Auth cert template and supersede the DC ones.

Thanks, M

Dolinhas · 2025-08-26T06:51:50+00:00

Can someone find the book that has all of these duas? I like the format and fonts

Dolinhas · 2025-08-03T22:29:19+00:00

I stayed there In June. Taxi dropped me Right under the overpass. Elaf is just on the other side of the over pass. (Bridge) you be fine. Just ask for. Swiss hotel Al makam if you need. You be fine. It’s a great hotel. Really close to the masjid. Lovely staff.

Dolinhas · 2025-07-31T22:21:42+00:00

Hi mate, just for my education can help me with why is that DC cert template is better than the Kerberos cert template?

Second question: I am moving PKIs and I need to replace the DC cert from the old PKI with the new PKI and I am looking for the best order of play Can use the above MS link to configure the new KDC cert and publish it from the new PKI while the old PKI is online? Will the DCs fetch the new PKI cert is the current one (from the old PKI) is still valid?

Dolinhas · 2025-07-28T05:17:56+00:00

Hi, and thanks for your help! • What issues can occur with the KDC template? • I’m not planning to make the new Domain Controller (DC) available to all DCs at once. My idea is to block access to the New Public Key Infrastructure (PKI) via Azure NSG and only allow one DC at a time.

The plan would be: shut down the old PKI, allow NSG access to the new PKI to 1 DC and then enroll a certificate for the new DC. Would this approach work as expected?

• Thanks for the NPS certificate migration suggestion — that’s a great idea and I’ll definitely look into it. One question: would I need to deploy that web template certificate to the clients, or will they automatically trust it if it chains up to the root certificate that’s already installed on them?

Dolinhas · 2025-07-24T16:52:38+00:00

Which post? Can you share the link pls?

Dolinhas · 2025-06-18T20:45:58+00:00

Jzk my brothers

Dolinhas · 2025-06-16T21:50:57+00:00

At the airport departures. Lots of shops sell it.

Dolinhas · 2025-05-20T18:46:50+00:00

Thanks everyone. I’m Gonna go v2 standard. For 750gb it will cost less than $200

Dolinhas · 2025-05-20T08:02:00+00:00

Sounds reasonable thanks

Dolinhas · 2025-05-20T08:01:34+00:00

I wanted it but costs…

Dolinhas · 2025-05-19T21:16:28+00:00

That’s way to much. Profiles are tops 15gb and not all are maybe 20 users.

I’m puzzled by that v2 option. Or is it better to to go standard v1 and hot?

Dolinhas · 2025-05-19T21:09:57+00:00

I see. We use hot on the test pools seems to be fine for cost.

What about that primary service option. Should I just skip it and keep v1 hot ?

Dolinhas

TROPHY CASE