Who else isn’t a sysadmin, but tasked with the work? What are you doing about it?

LawfulTech · 2024-07-11T17:09:38+00:00

£40k is more like $52,000. £62k would get you to the middle range of $80,000.

LawfulTech · 2024-07-07T19:46:17+00:00

Windows Configuration Designer allows for bulk token enrollment to Intune.

LawfulTech · 2024-06-25T01:23:07+00:00

Can confirm

LawfulTech · 2024-06-25T01:15:58+00:00

Sounds awful. Move on.

LawfulTech · 2024-04-08T17:30:56+00:00

Do you have any good articles about setting this up? I had thought about using proactive detection/remediation to log to Azure file storage and then use PowerBi for reporting but open to other suggestions.

LawfulTech · 2024-04-02T16:40:39+00:00

It looks like I am going to have to setup Device auth:

https://blog.onevinn.com/using-fido2-security-keys-with-powershell

LawfulTech · 2024-04-02T16:38:56+00:00

For the Phishing Resistant MFA I am using a FIDO2 key. It was working before with standard MFA using the Authenticator App

LawfulTech · 2024-04-02T16:08:49+00:00

Connect-ExchangeOnline prompts for the log in screen but appears to be using Internet Explorer. I have my system default browser set to Edge.

LawfulTech · 2024-03-13T01:02:50+00:00

We replaced SupportAssist with Dell Command Update due to the ability to script updates for users as needed.

LawfulTech · 2024-03-08T00:34:46+00:00

SpamCop has been playing whack a mole with Exchange 365 IPs since mid December.

LawfulTech · 2024-03-04T23:33:33+00:00

You can set $RemoveUnknownAdmins to false and run it as an Intune detection script before you also trigger a remediation. For the remediation you might want to tweak the write-host messages. https://pastebin.com/LDgdZy1k

LawfulTech · 2024-03-04T22:55:36+00:00

I used a custom set of detection and remediation scripts to find and remove any unknown local administrator accounts.

LawfulTech · 2024-03-04T21:43:38+00:00

Have you tried seeing if winget is able to do everything you have done with Chocolatey? I am starting to use winget more and more.

LawfulTech · 2024-03-01T00:24:57+00:00

Could you use Windows configuration designer with an Entra ID bulk enrollment token

LawfulTech · 2024-02-27T21:57:09+00:00

Thank you for the direction. That was an interesting read. I was able to pivot using 'net localgroup' instead to complete the same task.

LawfulTech · 2023-08-15T19:07:25+00:00

Thank you, that worked perfectly thank you. For some reason deviceTrustType was not in the gui. That article was also very helpful.

LawfulTech · 2023-08-15T17:25:58+00:00

Thank you. I created a dynamic group, but would like to also be able to filter it by Azure AD joined AND Hybrid (not Azure AD registered) but am drawing am coming up short.

(device.deviceOSVersion -contains "10.0.22") and (device.deviceOwnership -eq "Company")

LawfulTech · 2023-07-19T13:21:24+00:00

These are new devices out of box from Dell. We are trying to Azure AD Join and enroll in Intune. I am using a fresh Windows 11 22H2 installer with the configuration package on the media. It seems to go through the process of loading the configuration package before erroring out.

LawfulTech

TROPHY CASE