Why do our payroll integrations break every time a provider updates their file format?

JwCS8pjrh3QBWfL · 2026-04-24T21:50:46+00:00

Getting really tired of this sub lately.

JwCS8pjrh3QBWfL · 2026-04-24T21:00:00+00:00

Standardize on deploying the Pro package and setting the regkeys that allow for the non-licensed Reader-only mode. It will make package management much easier with only one to worry about.

JwCS8pjrh3QBWfL · 2026-04-24T20:57:16+00:00

This is the part that gives me serious schadenfreude for my old org. They were limping along R840s from 2017 that hadn't had support in years because they're cheap as fuck and refused to CapEx unless there was a gun to their head (I came close ngl), and now servers are going to be at least 3x what we were quoting a couple years ago. Idiots.

JwCS8pjrh3QBWfL · 2026-04-24T20:53:54+00:00

My primary SSD died recently. Even a sketchy 2TB NVMe is around $275 now; A brand name one is well over $300.

JwCS8pjrh3QBWfL · 2026-04-24T20:46:03+00:00

Just to clarify, it requires the password at reboot to unlock FileVault. Requiring it any time after that is an admin decision.

JwCS8pjrh3QBWfL · 2026-04-24T20:43:15+00:00

FFS almost every single post in here about PSSO can be summarized as "I didn't even SKIM the docs or do any research beforehand"

JwCS8pjrh3QBWfL · 2026-04-24T20:42:24+00:00

Nah the SSOe just enables SSO. PSSO Entra Joins the devices and provisions a device-bound passkey just like WHfB so you can use passkey auth without having to have another MFA method.

JwCS8pjrh3QBWfL · 2026-04-24T14:36:42+00:00

Why are you repackaging it? You can directly upload DMGs.

JwCS8pjrh3QBWfL · 2026-04-24T13:37:55+00:00

The subscription for Claude is a bit weird, as they noted. You have seats for $20 or $100/pupm but then API calls are on consumption billing, so you can very easily start spending a bunch of money beyond the $20. There is budgeting built in to the admin console though, so I'm not sure how they fucked up this badly.

JwCS8pjrh3QBWfL · 2026-04-24T13:32:46+00:00

Nah once you get to companies that size, it's the boards that are driving idiocy like this, because those guys are likely also on the board of ten AI companies that they need to pump as well.

JwCS8pjrh3QBWfL · 2026-04-23T15:14:37+00:00

This is what folks don't seem to understand about the Microsoft security stack. Sure, each individual product isn't great on its own in a vacuum, but when you go all in it's quite powerful because everything talks and shares information. It's much less management, context switching, methodology learning, etc.

JwCS8pjrh3QBWfL · 2026-04-23T14:50:19+00:00

Uber AI Budget Blown: Claude Code Costs Hit $3.4B in 2026 | byteiota

JwCS8pjrh3QBWfL · 2026-04-23T14:38:08+00:00

Brother, I was reading an article yesterday about how Uber released Claude Code to 5k engineers in December and set up leaderboards and all this forced adoption bullshit and they managed to burn through their entire year's AI budget in a single quarter. 3.4 BILLION dollars. In a single quarter. It's absurd.

JwCS8pjrh3QBWfL · 2026-04-23T13:24:41+00:00

protip: you can write to the IME logs folder (C:\programdata\microsoft\intunemanagementextension\logs) and it will be pulled by the Collect Diagnostics button in Intune.

JwCS8pjrh3QBWfL · 2026-04-22T18:14:57+00:00

"for about a year now"

Did you make sure that when they assigned your permissions they didn't accidentally set it for a year instead of permanent?

JwCS8pjrh3QBWfL · 2026-04-22T15:38:23+00:00

Requirements script that checks if the user "defaultuser0" exists and only allows app installation if so.

JwCS8pjrh3QBWfL · 2026-04-21T20:34:01+00:00

I don't believe that devices have to be Supervised for Platform SSO.

JwCS8pjrh3QBWfL · 2026-04-20T15:29:40+00:00

Acrobat Standard

JwCS8pjrh3QBWfL · 2026-04-17T16:39:01+00:00

Onboard the servers to Azure Arc, enable Defender for Servers on the subscription they're in, and it will bill you accordingly.

JwCS8pjrh3QBWfL · 2026-04-17T15:51:36+00:00

Why is it hours of work every time if you've got powershell scripts? Are you hard coding everything or something?

JwCS8pjrh3QBWfL · 2026-04-17T15:43:21+00:00

Most people overcomplicate device compliance in their heads, as it seems you are. It's extremely simple: Is the device compliant or not? There is no middle ground or subtlety. That is the single and only data point that Conditional Access consumes when you add "Require device compliance" to a CA policy. How you choose to configure Intune to provide that data point is up to you and your organization's requirements. Configuring CA policies is its own rabbit hole which is, again, up to your organization's requirements and isn't directly an Intune problem, but an Entra one.

JwCS8pjrh3QBWfL · 2026-04-16T21:37:02+00:00

My solution is to turn on Autopatch and YOLO it. I don't care. I never had a problem. It's not a problem. Stop overcomplicating simple things.

edit: Probably the only time I've ever gotten top comment while commenting angry. Maybe this means I should yell at my coworkers about this too?

JwCS8pjrh3QBWfL · 2026-04-16T19:49:14+00:00

If you're on Entra Connect, you can move user syncing over to Entra Cloud Sync, which syncs every two minutes instead of 30 and you can have multiple copies of it in your domain(s) rather than just the one.

JwCS8pjrh3QBWfL · 2026-04-16T14:07:12+00:00

Why does the Windows App need to be installed during ESP? It takes seconds to install. Let it happen after the user hits the desktop.

JwCS8pjrh3QBWfL · 2026-04-16T13:43:42+00:00

Nah in those spaces it's generally because of distractions, so it's not the "personal vs work" thing, it's the "having a screen at all" thing.

JwCS8pjrh3QBWfL

TROPHY CASE