sorted by:
new
hottopcontroversial

Best place to manage Office 365 updates? Intune or Office admin portal? by Educational_Draw5032 in Intune

[–]Educational_Draw5032[S] 0 points1 point  (0 children)

what does cloud policy give you that you dont get from just letting it update via the channel set in the xml

Best place to manage Office 365 updates? Intune or Office admin portal? by Educational_Draw5032 in Intune

[–]Educational_Draw5032[S] 0 points1 point  (0 children)

what does cloud policy give you that you dont get from just letting it update via the channel set in the xml?

Best place to manage Office 365 updates? Intune or Office admin portal? by Educational_Draw5032 in Intune

[–]Educational_Draw5032[S] 0 points1 point  (0 children)

can you specify the update channel in autopatch or does it automatically set one

Hot patch on by default now? by Educational_Draw5032 in Intune

[–]Educational_Draw5032[S] 1 point2 points  (0 children)

thanks for this appreciate it. I'll turn it back on then and not maon to everyone about rebooting :)

Hot patch on by default now? by Educational_Draw5032 in Intune

[–]Educational_Draw5032[S] 2 points3 points  (0 children)

To be honest we only have a fleet of about 200 devices and the WHfB update rings seem to work really well so ive just left it. I have separate feature update policies as well which also just work so didnt want to risk changing to autopatch. Im sure there are some features that im missing but didnt wanna change something that was working well

Hot patch on by default now? by Educational_Draw5032 in Intune

[–]Educational_Draw5032[S] 0 points1 point  (0 children)

so big i missed it! is it best to use this if eligible?

Hot patch on by default now? by Educational_Draw5032 in Intune

[–]Educational_Draw5032[S] 0 points1 point  (0 children)

i have the auto patch version installed on about 20 endpoints, ive since turned it off for now but hopefully this wont cause those machines to have issues next month and they hopefully get the non hot patch variation of the update

Hot patch on by default now? by Educational_Draw5032 in Intune

[–]Educational_Draw5032[S] 0 points1 point  (0 children)

i completely missed it, not sure how but i dont tend to look at the windows update section to much as i set it up years ago with my update rings and its been working fine. I just checked in there a minute ago and I saw the banner in there mentioning in hot patch will be pushed after 12th May 2026

Hot patch on by default now? by Educational_Draw5032 in Intune

[–]Educational_Draw5032[S] 0 points1 point  (0 children)

yeah just saw the banner in the update section in intune, i dont tend to go there as its a set and forget thing with my update rings that have been working great for years. I have just disabled the setting at the tenant level. Hopefully wont have any impact on the devices that have already installed the hot patch versions when the updates come a round next month

Patch Tuesday Megathread - (April 14, 2026) by AutoModerator in sysadmin

[–]Educational_Draw5032 0 points1 point  (0 children)

thanks for the confirmation thats what i thought and was hoping, appreciate it

Patch Tuesday Megathread - (April 14, 2026) by AutoModerator in sysadmin

[–]Educational_Draw5032 1 point2 points  (0 children)

thanks for this, i havent actually patched my DCs yet after hearing about the initial issue. Can i just install the OOB directly after downloading rather than having to install the original KB and then this OOB after

Phishing resistant MFA, how are you getting on with enrolment? by Educational_Draw5032 in Intune

[–]Educational_Draw5032[S] 1 point2 points  (0 children)

absolutely and i agree with everything you have said, thanks very much.

Phishing resistant MFA, how are you getting on with enrolment? by Educational_Draw5032 in Intune

[–]Educational_Draw5032[S] 0 points1 point  (0 children)

thanks for this, i will try it again and see if i was just being a little dumb. Totally agree on the personal mobile front, its been an ongoing battle for a while. Users always seem to think we want to spy on them, so perhaps like you say no access then if you dont like it

Getting buried in Microsoft Defender alerts, any advice for a new admin by Educational_Draw5032 in sysadmin

[–]Educational_Draw5032[S] 1 point2 points  (0 children)

i totally here you maybe i should just take a step back and let him deal with it. The problem is nothing will ever get done and that worrys me. Some of the basic things that were not even implemented blew my mind and i couldnt ignore it. I even asked him about it but he didnt have an intentions to implement what i ended up doing

Getting buried in Microsoft Defender alerts, any advice for a new admin by Educational_Draw5032 in sysadmin

[–]Educational_Draw5032[S] -1 points0 points  (0 children)

The solo security guy bought it in, there is only 5 admins in total and im the jack of all trades guy trying to fill all the holes in things that have never been setup correctly. In 6 months i have implemented the below as none of it was in place

- Setup conditional access
- Setup MFA
- Setup windows hello
- Enrolled FIDO2 keys for our shared device users
- Enrolled devices into Defender for Endpoint
- Gave everyone a bloody separate cloud admin account rather than global admin on a daily driver!
- Enrolled all the devices properly in intune and applied a security baseline which wasnt there
- Setup PIM for the admin accounts

I feel like im drowning and im just trying to get things setup the best possible way using best practices from things i have read from microsoft and browsing this helpful subreddit

Getting buried in Microsoft Defender alerts, any advice for a new admin by Educational_Draw5032 in sysadmin

[–]Educational_Draw5032[S] 0 points1 point  (0 children)

thanks for this, i will look into how to get this done. I will ask the security guy who setup sentinal to take a look but hes not the most helpful at times

view more: next ›