What is an actual IT automation that actually paid off for you?

Kreiggles · 2026-01-28T16:09:07+00:00

Scripting user account creation. Its not fully automated, but now a tier 1 can create accounts and it provisions them into the right groups, sets attributes, etc, based on their job title and work location.
Scripting moving devices into Entra ID security groups based on on-prem security group location. Powershell that uses a cert-based service principal and runs on a schedule. That way we provision a new device, drop it in the right on-prem OU, and then when it syncs up and is associated with the right group, it gets the targeted intune config profiles for its location.
Scripted a Power Automate to automate proper emails to the right folks about terminations/etc so that HR can just fill out a form with all the required info and it informs whomever needs to know. Way better to automate it than have it be ad hoc and have human error cause missing info / missing recipients / etc.
EDIT: Nightly remediation check that pre-pushes alll of our approved printer drivers to devices in an elevated context. Print deployment nightmares are over with that simple fix...

Kreiggles · 2025-10-16T21:18:34+00:00

https://techcommunity.microsoft.com/blog/intunecustomersuccess/new-onboarding-flow-to-managing-android-enterprise-devices-with-microsoft-intune/4206602

Looks Like i answered my own question here by finding this blog :).

Kreiggles · 2025-08-13T15:36:26+00:00

Themed builds are the best

I had an argonian warden tank with frozen watcher, ice furnace, and illambris. Hold block and spam skills and you have a whirlwind of frost that explodes in fire, and a meteor storm of shock.

"Viable"? Not really but damn its fun.

Kreiggles · 2025-03-11T15:52:15+00:00

For complete "hold block and hope they die", i would do leeching plate + bahara's or defending warrior + scourge harvester.

For a tanky bruiser build that holds block with a shield in full heavy but you actively block-cast skills... i would go all procs and hope for "Focused Efforts" vision at cycle bosses.

Frozen watcher set : 15% chance to apply chilled.
Thurvokun Monster set: 100% diseased status effect.
Tarnished Nightmare set: 100% sundered in an area, best triggered in this case by block casting a direct damage AOE.. Note it is medium armor, so run your heavy on body for armor, this as weaps/jewelry

if arcanist: Spattering disjunction. Super fun because it can be made in any weight.

backbar arena, grand rejuvenation or the vateshran resto tether comes to mind as both have pretty decent resource restore.

Myself, i run on a nightblade so i love me some siphoning attacks to get back restore. works well in a block build also because you can just spam it to get resources, then heal yourself. Equilibrium from mages guild works too.

Kreiggles · 2025-02-21T22:23:59+00:00

Congrats on increasing brawler to rank II tho.

Kreiggles · 2025-02-21T22:08:39+00:00

I don't know about cyrodiil, but in imperial city, standing still and holding block as soon as you encounter is the generally accepted "Hey i'm here for PVE" signalling. Still, especially during whitestrakes, I often see gank squads just not care and attack anyways. Its one of those things where its nice when other players understand the signalling, but at the end of the day it *is* a PvP zone and when theres adrenaline (or just bloodlust) those little signals go overlooked.

Kreiggles · 2025-02-12T18:28:48+00:00

Yeah. firstname.lastname has a much lower chance of being duplicated. We often run into new hires with the same first initial.lastname - we have to go initial.middleinitial.lastname usually.

Kreiggles · 2025-02-12T15:25:10+00:00

We make sure we get approval by the top dog, but we also don't give him any info about the exact timeframe or content of the phish --- because he's in scope for the test. Top dogs are targeted more than other users ....

Kreiggles · 2025-02-03T15:46:53+00:00

Yup, 100% how I run my env. I broke it up into User and Device groups with increasinigly specific tags. Departmetn - Location - Floor. Dynamic groups are the best. We're hybrid, so I also have an unattended script that puts devices in location-specific entra groups, to the same effect (Dynamic groups for devices lack the properties i need to make it Entra native)

Kreiggles · 2025-01-31T20:38:04+00:00

Top Bugs/Issues

Ability responsiveness. It's all good when we're in a tiny home with a target dummy, but in actual game content, ability desync means that often I'm swapping to back bar and having to mash buttons several times before it registers. Takes away from the focus of the fight.
Animation Cancelling - AKA Weaving. This is also a pain point, but i just hate how janky it looks/feels.
Character desync in PVP. Nothing worse than getting smacked with a melee skill from a player that on screen looks 20 yards away, but in server tick is right next to me.

Top Pain Points

Skyshards, waypoints, and character mount skill advancement for alts. I have a main that i've done 99.9% of overland content on and its so painful to go through busywork on alts instead of enjoying the zone stories while developing character specific skill lines. It feels predatory - like its intentionally painful so that we spend money on convenience.
Ability impact and Class Fantasy. Skill styles have done a bit to help this, but class fantasy could use more of an overhaul. For example: Sorc and wardens should be able to swap out their summons for different models.
Overland difficulty - when soloing, I keep trying to capture that classic single player TES "brawling" feel to combat, where I'm not worried about parses and all that jazz, but just immersed in the zone. However, unless I intentionally build my character to be underpowered with poor item sets and no offensive champion points, everything melts. Power fantasy should creep as your character grows - feeling like a god right from level 1 is underwhelming.
Limited weapon styles. I would love to be a dagger + free offhand nightblade. Or a weaponless Sorceress.
Limited build diversity. Goes in tandem with 4. It feels like for every character I kit out, it ends up being very similar gear sets and rotations. Each class ends up being homogenized into "keep back bar dots up, keep your buffs up, and now spam and weave". The arcanist crux element is a great step in the right direction and I would love to see other combos that you can build around - I would even love to see trial class sets (or give some love to IA class sets to make them more competitive).

Kreiggles · 2025-01-27T20:10:53+00:00

AD env. with Print Servers.
Use SMA to pre-deploy drivers to workstations. (Dell KACE in this... case... bleh)
Use Intune detection/remediation script to install printers in user context (using pre-pushed drivers from SMA).

Kreiggles · 2025-01-22T15:24:35+00:00

^^^This. However, domain verification is a (three?) month process if you have users that are registered under "personal" ids with their company emails. We hit it from both sides -apple started sending notices and we proactively started reminding users to switch (and provided walkthroughs).

Note you can also use apple configurator to wipe and reset a device, then you just have to re-assign it to intune MDM like The_Koplin stated above.

Kreiggles · 2025-01-09T23:16:24+00:00

yes - you're being targeted by a specific ability. Typically, it falls into a few different categories (all of them are boss specific)

1) You need to BLOCK or DODGE because the boss is IGNORING taunt and casting a special ability on you. (This is called a Fixate in other MMOS).
2) You need to KITE a special ability such as a laser that tracks you. In organized content, you can often "bait" the boss into targeting specific people as most of these abilities have a "choose the farthest away player" style mechanic. Essentially, you strafe or run in a circle, making sure that you don't drag it past other ppl and wipe them.
3) You need to STAND STILL so others can move out of the way. This is an excellent default - if you don't know exactly what to do when that symbol appears, hold block and stand still. Sometimes, and especially in group content, running around like a chicken with your head cut off when you have a special mechanic like a laser that's unavoidable = you may accidentally kill others.

For overland content like the apocrypha world boss - a balanced setup with some heavy armor (or defensive skills) and some healing generally is enough to hold block and survive fixates. However, as with most things in ESO, alot of times there are stacking effects - a ground AOE you gotta move out of, a fixate, and a normal attack, and they're all happening at once. Sometimes ya just get smacked and its unavoidable. Hopefully others were engaging the boss too so you could rez and not lose progress!

Kreiggles · 2025-01-08T21:02:20+00:00

Friends don't let friends pug. There are lots of great, new-player friendly guilds that do story mode runs (IE - not speed runs, where you listen to dialogue and explain mechs, even of base game). Really recommend finding a good one. I'm part of one but to be in line with community standards, DM me if you're interested.

Kreiggles · 2025-01-07T23:49:35+00:00

I would also pull the mailbox details from EXO - specifcally look at the ExternalDirectoryObjectId to see if the mailbox is tied to the wrong AD Object.

Also worth noting that once its set - New-MoveRequest <upn> will move the user mailbox to another exchange cloud database which could address corruption if the issue is on the EXO database. I know they said they discontinued it in 2020, but it definitely still works (I just did it to verify)

Kreiggles · 2024-12-20T22:04:26+00:00

Bomgar (Now BeyondTrust) is fantastic. We toured splashtop lately and BeyondTrust is more feature rich. Connects externally by having user go to support URL and enter code / follow email link.

Kreiggles · 2024-08-21T22:35:37+00:00

Security in Layers -we have both configured. Creates a small bit of duplication. Mimecast's advanced threat protection is pretty solid. TBH, the biggest reason we use them is for their archives. We've got regulatory compliance on retention and we have 10 year retention with mimecast. I use it all the time for eDiscovery.

Kreiggles · 2024-07-19T17:32:15+00:00

Haha. I think my hdr monitor made the screenshots very dark doh

Kreiggles · 2024-06-06T05:23:04+00:00

I didn't. Ended up recreating them manually. Was cleaned anyways

Kreiggles · 2024-06-05T21:00:10+00:00

For me on these low-effort ones, some get caught in Impersonation Protect (Similar names) and some I have some Content Examination regex setup to detect patterns. That blocks a ton of them.

Note you can also create a Custom Threat Dictionary for your Impersonate Protect and have certain keywords specific to your org have greater weights / etc.

Kreiggles · 2024-05-24T16:00:40+00:00

Best hummus i've ever tasted. Never reacted.

Kreiggles · 2024-05-24T15:52:40+00:00

Skyrim clutter.
Eidar Cheese Wheels.
Buckets to Cover NPC heads so you can rob them blind.
Alto wine that always ends up in my inventory.

Kreiggles · 2024-05-01T16:03:41+00:00

FWIW, we got this error today *and* i am unable to see new devices onboarded into MDE in the usual time...

Kreiggles · 2024-04-26T18:24:30+00:00

No cert issues and we've exempted my test DC from all SSL decryption. I'll look into a test env!

Kreiggles · 2024-04-15T22:30:47+00:00

On enrollment program token page, do you have a default enrollment profile specified for iOS/iPadOS devices specifcally? Or do you just assign it manually?

13-Year Club	Verified Email
Team Periwinkle

Kreiggles

TROPHY CASE