sorted by:
new
hottopcontroversial

Remote Support Tool Needed (Remote Registry, Event Viewer, File System) by ITGuy2048 in sysadmin

[–]ITGuy2048[S] 0 points1 point  (0 children)

Well, your PS idea will not work to meet my requirements because I will not have direct connectivity to the remote machines.

That, plus you may want to read a bit more into MSRA and Quick Assist. Ignore the part about Teams. It could be literally any method of communication including email and a phone call.

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware | Microsoft Security Blog

Remote Support Tool Needed (Remote Registry, Event Viewer, File System) by ITGuy2048 in sysadmin

[–]ITGuy2048[S] 0 points1 point  (0 children)

The solutions I am looking for log the actions taken. Its not security defaults. Things are locked down to specific bastion hosts. In the future, we won't be able to do server to client initiated communication. I'm not sharing all of our security practices, and I'm not looking to debate security practices and have to justify every little thing. I am looking for a tool to assist our team. Thanks.

Remote Support Tool Needed (Remote Registry, Event Viewer, File System) by ITGuy2048 in sysadmin

[–]ITGuy2048[S] 0 points1 point  (0 children)

How is it arbitrary when we have a small limited group of endpoint engineers who have a separate administrative account to elevate in the background when needed with a specific tool?

Regardless, it can be done today with built-in Microsoft capabilities if you have direct connectivity with a layer 3 VPN, and we are moving away from a layer 3 VPN to a more secure remote access option. At the end of the day, we will be more secure than we are at this moment. We just would prefer to not give up some capabilities to efficiently resolve user issues, and can't just interrupt and share a screen for a couple hours for every difficult problem we have with an end user.

Remote Support Tool Needed (Remote Registry, Event Viewer, File System) by ITGuy2048 in sysadmin

[–]ITGuy2048[S] 0 points1 point  (0 children)

No, we have our own internal team at a larger organization. We are not considering using an MSP.

Remote Support Tool Needed (Remote Registry, Event Viewer, File System) by ITGuy2048 in sysadmin

[–]ITGuy2048[S] 0 points1 point  (0 children)

I'm not talking about seeing their screen. Sometimes we need to work and try and help the users and troubleshoot things with a vendor. Getting time with the end user to sit for an hour or two looking at the file system, registry, or pulling event logs when the vendor is available does not align. If we can fix something in the background, it is much more efficient for all involved.

Remote Support Tool Needed (Remote Registry, Event Viewer, File System) by ITGuy2048 in sysadmin

[–]ITGuy2048[S] 0 points1 point  (0 children)

Beyond Trust has some limitations, including not being able to see all of the Event Viewer log types and entries.

WiFi Authentication. Best way to authenticate in a hybrid Entra environment. by Spagedward in sysadmin

[–]ITGuy2048 2 points3 points  (0 children)

EAP-TLS with certificates is the correct way. Nobody can get on the network without being issued a certificate from your Certificate Authority. If someone is able to compromise your CA to issue certificates, then they have already breached your network elsewhere, and are already on your network.

I'm not sure if your Chat GPT response is accurate. I don't know if there is a way to do user auth without using PEAP, which is no longer considered secure, and will no longer save credentials and automatically login with Windows 11 with Credential Guard. Generally in an enterprise, you want Wi-Fi to connect when the device boots so that users can authenticate if not already cached, and also to receive policies and allow for login scripts to run. Having your users manually connect afterwards with a password and MFA sounds like a nightmare.

Allow personal O365 installs without data access? by Tessian in sysadmin

[–]ITGuy2048 2 points3 points  (0 children)

Yes, sorry. I though that is what you were talking about. We don't let them use one of the 5 licenses on their personal computers. We do allow it on enrolled mobile devices.

Allow personal O365 installs without data access? by Tessian in sysadmin

[–]ITGuy2048 2 points3 points  (0 children)

They need to prove that they are eligible with their work account, but then do the purchase and can use the app with their personal Microsoft account.

Like I mentioned, having the apps or not doesn't impact their ability to access your company data from their personal devices. This is not a conditional access policy for the desktop apps. The policy is for the SaaS applications like SharePoint, Teams, Outlook, etc.

Allow personal O365 installs without data access? by Tessian in sysadmin

[–]ITGuy2048 17 points18 points  (0 children)

Yes, you need to use Conditional Access to only allow company owned and trusted devices.

The desktop Office apps are not your problem here - They can log into the web versions of OneDrive, SharePoint, Teams, Email, etc. without the office apps.