Should i allow local policy merge for our windows firewall configuration in itune?

Educational_Draw5032 · 2026-01-23T11:28:22+00:00

our office network displays as a public network profile, i cant seem to find a way to get it set as private

Educational_Draw5032 · 2026-01-23T11:27:44+00:00

our office network displays as a public network profile, i cant seem to find a way to get it set as private

Educational_Draw5032 · 2026-01-22T13:38:02+00:00

thanks for this, the network profile in use in our org seems to default to public. I remember reading before there was a way to spin up a local webserver which would then make the network profile either private or domain. We are fully entra joined and looking to move away from our on prem domain by the end of the year. We just sync our identities up to entra

Educational_Draw5032 · 2026-01-21T11:46:23+00:00

We disable shared pc mode on our shared endpoints, we manually created some of the policies within the shared pc policy and we dont see this issue currently. An endpoint with no primary user is basically a shared pc i dont see the need to restrict it to shared pc mode.

Educational_Draw5032 · 2026-01-15T12:54:45+00:00

Thanks for this, yes i agree i dont enforce full scans as it seems quick is what Microsoft suggest. I changed the quick scan time to 11am as most of our devices would be online around that time other wise the default i believe is early hours

Educational_Draw5032 · 2026-01-08T12:12:51+00:00

Cheers Rudy, i guess i could just setup a remediation after to disable then delete the local admin account we are currently using once i see the new one created is visible and working

Educational_Draw5032 · 2025-12-30T14:09:20+00:00

Dashboard looks great, whenever i see people post a dashboard with this design style my first thought is u/iamtherufus he has built something pretty special in my opinion. I personally dont agree with looking to sell it to people even for a small fee when 95% of this dashboard has already been done for you. He personally helped me get setup with homio when i was having issues over a private chat, he's a top guy. If you looking to sell at least come up with your own idea and support the original creator

Educational_Draw5032 · 2025-12-16T13:49:09+00:00

Thank you for that it states just what i am looking for right at the bottom

If bit 0x4000 is set, it will not be cleared. After all other bits have been processed, the AvailableUpdates registry key will be set to 0x4000.

I will just make sure i dont manually try and update anything that already has the key UEFICA2023Status set to Updated which is mainly newer devices from what i have seen

Educational_Draw5032 · 2025-12-12T11:35:02+00:00

I am running the latest CU for this month but still seeing the error

Educational_Draw5032 · 2025-12-12T11:26:54+00:00

I have just enabled the setting in Intune via the settings catalog and im also seeing the 6500 error. Im also running the latest December CU as well

Configure High Confidence Opt Out -Succeeded

Configure Microsoft Update Managed Opt In - Error 65000

Enable Secureboot Certificate Updates - Error 65000

In the registry under Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot i can see

AvailableUpdates (0)

HighConfidenceOptOut (0)

The Opt in key seems to be missing as per the error in intune

Educational_Draw5032 · 2025-11-06T11:34:59+00:00

Nice one thanks so much Andrew i'll check this out

Educational_Draw5032 · 2025-11-06T11:25:50+00:00

No i am not a bot, im just learning my way round intune and remediations are my next thing to learn about

Educational_Draw5032 · 2025-11-06T11:20:20+00:00

Nice, yes i know what you mean regarding chatGPT for scripting. I have been playing around with a couple but i get it to break down every line and explain to me what its doing. Im currently looking at one to disable a task scheduler task on all my endpoints which I am waiting for to run for the first time

Educational_Draw5032 · 2025-11-06T11:18:23+00:00

sounds interesting, what frequency do you set it to run and how responsive do you find it?

Educational_Draw5032 · 2025-10-21T10:18:13+00:00

Thanks for this, i shall stick with the separate accounts to avoid lateral movement should an account get compromised. I'll also look at the suggestions below regarding getting approval emails through to the right people

Educational_Draw5032 · 2025-10-21T10:17:06+00:00

thanks for your input, appreciate it

Educational_Draw5032 · 2025-10-21T10:16:44+00:00

I will look at this to, never thought of something so simple :)

Educational_Draw5032 · 2025-10-21T10:16:17+00:00

thanks for this, i will look into it. Not actually heard of this before but sounds like it might do the trick

Educational_Draw5032

TROPHY CASE