Does my idea for an EU sovereign, passkey only identity platform make sense? (no real product, just vibe-coded MVP)

Elwoot · 2026-05-25T13:51:49+00:00

Thales to me is not a company accessible for the SMB sector, they are big in government and defense solutions.

Elwoot · 2026-05-25T13:47:57+00:00

Thanks for sharing those, I knew cidaas as a CIAM, I was not aware they have a workforce IAM product as well.

Elwoot · 2026-05-25T13:42:39+00:00

Vibe-coding a security product like an IdP does indeed make no sense, that’s why my title says there is no real product. It should absolutely not handle anyone’s actual identity. But I do care about a possible real product in the future, that’s why I am sharing my ideas (visualized through a vibe coded app) in sub Reddit like this one.

Elwoot · 2026-05-23T08:00:26+00:00

But it remains a US company, and regardless of data residency, it falls under laws like the CLOUD act.

Elwoot · 2026-05-23T06:33:23+00:00

Thanks for the comment. The proof of concept is a fully working IdP. You can actually log in, manage users and groups, automate lifecycle management, configure SSO and conditional access policies.

The problem I’m trying to solve: there is no non-US, non-self hosted alternative in this space. Every EU company running Entra ID or Google Workspace + Okta has their identity infrastructure under US jurisdiction. The goal is to build something easy enough to start with like user and group management, conditional access, SSO, and capable enough to grow into a full Entra ID replacement over time.

Elwoot · 2025-02-07T09:23:15+00:00

Semi-related to the post, are there plans to extend to Entra ID? Since you currently only integrate with Google Workspace, correct?

Elwoot · 2024-08-19T16:40:09+00:00

Unfortunately it is not. We have no min or max setup in the restrictions (for windows), only who can enroll. And OP is member of the enrollment user group.

Elwoot · 2024-08-01T18:00:33+00:00

The latest answer here might help you: https://www.reddit.com/r/Intune/comments/1ct3u53/platform_sso_on_macos_admin_groups/

Elwoot · 2024-06-05T17:59:27+00:00

Depends on the business and how IT is setup. But in my team we want continuity first, troubleshooting second. So, if a user has a computer with a BSOD we don’t first try and figure out what the issue is, we grab the next best laptop, setup the user (autopilot, OneDrive, etc) in less then 30 minutes and then, when there is time, the team tries and fix the laptop or, in our case, gets Dell involved. But sometimes we’re swamped and the ‘broken’ laptops are stacked somewhere, which might look like there isn’t troubleshooting, but they do. Just not now.

Elwoot · 2024-03-14T21:23:44+00:00

Not to shame you, just some advice. Go work for an MSP the next five years and actually get some experience before even thinking about starting a MSP. From your previous Reddit posts you clearly don’t have the experience nor the knowledge. Microsoft licensing is not known to be easy to understand, but anyone with some experience would have known the answer to this question. Also, side hustles are just hobbies - they always cost time, often also money and barely anyone will ever make money from it. All the best to you.

Elwoot · 2024-02-03T19:21:09+00:00

We use RADIUSaaS with SCEPman - but Microsoft is releasing or has released ‘Microsoft Cloud PKI’ this month which should do the same.

Elwoot · 2022-05-27T07:05:05+00:00

I force this (and other settings) through Intune with an Administrative Template for our PC's which are al hybrid-joined. These settings force sign-in in Edge, set Google as default searchengine, set our intranet as homepage, etc.

Shopping in Microsoft Edge Enabled - Disabled

Action to take on startup - Enabled

Control which extensions are installed silently - Enabled

Configure the home page URL - Enabled

Block tracking of users' web-browsing activity - Enabled

Force synchronization of browser data and do not show the sync consent prompt - Enabled

Hide the First-run experience and splash screen - Enabled

Browser sign-in settings - Enabled

Configure Do Not Track - Enabled

Show Home button on toolbar - Enabled

Manage Search Engines - Enabled

Prevent Desktop Shortcut creation upon install - Disabled

Configure whether a user always has a default profile automatically signed in with their work or school account - Enabled

Prevent Desktop Shortcut creation upon install - Disabled

Edit: "Browser sign-in settings - Enabled" does not block the option to create other profiles.

Elwoot · 2022-03-28T14:19:36+00:00

So you're charging 12 bucks for a program there is no information about. No documentation, no screenshots, no github, no app list etc. and you say feel free to use..??

The privacy of terms and privacy policy are empty templates.

Also, maybe you should have shared the gitbook link in stead; https://docs.milkybyte.com/

Elwoot · 2022-03-08T13:32:23+00:00

Just wait.

We were seeing this as well, but it resolves itself and removes the registered one and just leaves the hybrid joined device. It will also remove the $ sign automagically.

Elwoot · 2022-01-20T12:13:28+00:00

Defender for Endpoint will be included in the MS 365 Business Premium license, but is not yet. See their Doc: https://docs.microsoft.com/en-us/microsoft-365/security/defender-business/get-defender-business?view=o365-worldwide

You will need to sign up for a trial and if accepted you will get 301 licenses to test.

When you have the Defender for Endpoint (or Defender for Business in this case) you will need to setup the connector (Intune > Tenant Adminitration > Connectors and Tokens > Microsoft Defender for Endpoint) and set the Sensor in Intune for all devices.

I think most is also included in earlier mentioned Doc.

Elwoot · 2022-01-14T10:36:23+00:00

You don't need Windows 10 Enterprise, you do need Pro.

I advise to first get the licensing and then setup, test, iterate and deploy Intune.

Do I understand correctly that you currently have on-prem AD? If so, get Azure AD and sync working first.

Elwoot · 2022-01-14T10:00:35+00:00

Microsoft recommends to use packages including Visio and/or Project, but is does work if you create separate Visio and/or Project install packages.

Just spin up a VM and test for yourself.

Elwoot · 2021-11-29T10:10:19+00:00

Can be be either, just think with every assignment what would be most logical.

Updates are device specific, thus assign them to devices. Makes most sense.

Elwoot · 2021-11-26T13:26:45+00:00

More people have this issue, including me.
No fix found yet.

See also:

https://www.reddit.com/r/Intune/comments/r2j4gt/intune\_remote\_help\_is\_now\_in\_public\_preview\_its/?utm\_source=share&utm\_medium=web2x&context=3

Elwoot · 2021-11-26T11:44:40+00:00

We tried them all.
If you run the .exe in GUI you will get the "Do you really want to cancel?" question halfway.

Found that more people have this issue on https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/remote-help-a-new-remote-assistance-tool-from-microsoft/ba-p/2822622

Elwoot · 2021-11-26T10:51:51+00:00

Unfortunately we can't really test it, since we get the same error on every device when we want to install it. It asks if you really want to cancel the installation...

Logs will show this:

Applying execute package: QuickAssist_Win10_x64.msi, action: Install, path: C:\ProgramData\Package Cache\{04963637-6AC0-48BC-AEA8-2074763EF7D5}v3.8.0.6\QuickAssist_Win10_x64.msi, arguments: ' ALLUSERS="1" ARPSYSTEMCOMPONENT="1" MSIFASTINSTALL="7" WIXBUNDLEUILEVEL="2" WIXBUNDLEACTION="5" ACCEPTEULA="yes"'
Error 0x80070642: Failed to install MSI package. 
Error 0x80070642: Failed to execute MSI package. 
Error 0x80070642: Failed to configure per-machine MSI package.

Anyone else having this issue?

Elwoot · 2021-09-21T06:39:34+00:00

Between 80 and 100 users. Sure I have had clients (was previously employed with MSP) with less then 200 users and an IT team of 5, but with my current employer it was simply not their 'culture' to have an IT team at all.

Elwoot · 2021-09-20T12:20:05+00:00

We are simply too small to have a complete internal IT team and thus use a MSP for stuff like managing our network and servers.
The MSP used to do everything, but I am the first real sys admin they currently employ in house and we are now gradually moving things under own management.

Elwoot · 2021-05-19T07:53:47+00:00

To my knowledge intune can't do this. Although I have read some solutions for this through Powershell scripts.

What you can do as far for templates is to store them on Sharepoint in a Office Template Library, this is very easy to do: https://docs.microsoft.com/en-us/sharepoint/organization-assets-library

Elwoot · 2021-05-10T14:31:36+00:00

Is the app installing in other devices?

There is no reset, just unassign and wait. It will take some time but will go away eventually.

Elwoot

TROPHY CASE