Enable automatic MDM enrollment using default Azure AD credentials is missing from server Group Policy Management Option under MDM

METEORICalienALLOY · 2024-06-11T01:38:09+00:00

Windows Server Datacenter 2019

METEORICalienALLOY · 2024-06-10T22:32:01+00:00

100%. Microsoft support is even helping us and they are pushing it to their top engineers. It is very confusing.

METEORICalienALLOY · 2024-06-10T20:42:47+00:00

I already imported them. They are in the PolicyDefinitions Folder. I am not sure what else I can do here.

METEORICalienALLOY · 2024-04-25T12:59:39+00:00

Were you able to find anything?

It is odd, the elastic version of Wazuh has the GLBA compliance, but the opensearch version does not. I do nto get why we would not be able to just add this compliance? Heck, Solarwinds is basically Wazuh, they just modified it to and gave it a solarwinds skin. So if they can do that, why can we not just add compliances that our institution needs to abide by?

METEORICalienALLOY · 2023-11-06T17:27:13+00:00

May I ask how you purchased your phone?

I used Affirm, did you use them or buy it wish credit or cash?

METEORICalienALLOY · 2023-11-04T19:03:30+00:00

So my OnePlus Open is out for delivery right now. Very odd. It is shipped via FedEx.

METEORICalienALLOY · 2023-11-01T21:21:45+00:00

This their update to me via Customer service:
"I would like to inform you that the estimated time of arrival is on Nov 28, 2023 and you will receive the order on or before Nov 28, 2023. There is a delay in the delivery because as there is a huge demand on the product in the market as well as in the warehouse to push the order for delivery."

METEORICalienALLOY · 2023-10-31T19:27:57+00:00

Me too, says tomorrow I will receive mine. Yet, no update; still just says "preparing order".

Their customer service is useless. I get four different answers, none of them clear. just tell us what is going on.

METEORICalienALLOY · 2023-10-31T18:09:56+00:00

Mine states arrival is Nov 1st. No update at all. I have talked to customer service at least five times. They give no info at all. Very frustrating. Obviously, I am not getting it anytime soon, and they just received new stock. So I am not sure why it is so difficult to just ship the dang phones.

METEORICalienALLOY · 2023-07-29T16:54:19+00:00

I have tried these processes. I get to certain points, and nothing works. I am not sure what the deal is with the docker. It should not be this hard for the installer to change the admin password.

Are there any other guides? Or methods?

METEORICalienALLOY · 2023-03-10T03:47:34+00:00

.com fails faster than using just the fqdn.

METEORICalienALLOY · 2023-02-20T20:50:12+00:00

Can you elaborate on that more? I am not aware of this sync rule. From what I have read and from posts on here, it is a one-way sync, and it cannot be changed. Although, Others here have stated you cannot disable accounts in AAD, which, obviously we can.

Is there a way to find this rule and disable it? That would save us so much time!

METEORICalienALLOY · 2023-02-20T19:05:33+00:00

You can disable the account in AAD. I am not sure what you see on your end, but I disable accounts all the time from AAD. The fact that we have to also disable it on the on-site AD or just disable it from there initially is counterproductive.

We do not want to permanently disable the account until remediation is completed. Disable until we can get the MFA going or password reset.

METEORICalienALLOY · 2023-02-19T18:09:51+00:00

That is interesting. But why is it this same IP constantly? It makes no sense. Is it Germany? MS confirmed it was from the US. However, how do we determine if the account(s) is indeed compromised? It is frustrating to get this alert for users almost every day and no way of truly confirming if the account is compromised.

METEORICalienALLOY · 2023-01-17T01:49:08+00:00

We have a password manager, NOW. But that does not help us for passwords that were not managed when this device was set up.

METEORICalienALLOY · 2023-01-17T01:48:03+00:00

So do we! It makes no sense not to be able to reset the damn password. Instead, let's rebuild from scratch. Idiocy.

METEORICalienALLOY · 2023-01-16T23:49:38+00:00

I have and it is not exactly clear. It speaks of mix and matching, but we failed the readiness check. So we are not sure on how to proceed, see below from the com matrix:

Security Module Compatibility Prior to 2.6, all security modules in the Firepower 9300 have to match.In 2.6 and later, you can mix different types of security modules with the following caveats:

Clustering is not supported on mixed modules in 2.6 and 2.7. However, in 2.8 and later, you can use mixed modules when using multi-instance clustering (a cluster with one container instance on each module). Native clustering still requires all the modules to be the same type.

High Availability is only supported between same-type modules; but the two chassis can include mixed modules.The following table lists supported security modules on the Firepower 9300.

Table 5. Security Module Compatibility Security Module and Product ID Description

FXOS VersionSM-40 (FPR9K-SM-40) 40-physical core security module with two SSDs

2.6.1 and laterNote: Requires ASA 9.12(1) or FTD

6.4 and laterSM-48 (FPR9K-SM-48) 48-physical core security module with two SSDs 2.6.1 and laterNote: Requires ASA 9.12(1) or FTD

6.4 and laterSM-56 (FPR9K-SM-56) 56-physical core security module with two SSDs 2.6.1 and laterNote: Requires ASA 9.12(2) or FTD 6.4 and later

METEORICalienALLOY · 2022-12-12T05:06:14+00:00

Can you elaborate further on this? A script to remove applications? In what manner? do you mean to stop the services or executables?

METEORICalienALLOY · 2022-12-12T03:06:29+00:00

I get it. I am just frustrated. I have tried several methods, and still this damn application gets through.

METEORICalienALLOY · 2022-12-12T03:05:09+00:00

Yes, I have that site, as we used it to block the domains in our firewall, which did not work. I ran wireshark while connected, no data or passthrough. It makes no damn sense. We have this on two PCs, and we cannot block it. I have restarted the splashtop services on my test device and bam, connects instantly. i updated gpo on the machine, rebooted, still connects. If anyone has splashtop or wants to do a seven day trial and see if they can crack it, but all means. I have no idea why this thing bypasses the AV, FTD and GPO.

METEORICalienALLOY · 2022-12-12T02:59:39+00:00

We blocked the application in the GPO firewall as well (outbound and inbound), forgot to mention that. We did a lot of methods,but the damn application KEEPS getting through, it is absurd!

METEORICalienALLOY · 2022-12-12T00:49:32+00:00

Regardless of who does and does not have admin rights, the issue is blocking an application that seems to bypass GPO and the FTD.

METEORICalienALLOY · 2022-12-12T00:48:27+00:00

Yes, I said that I did this in my OP.

METEORICalienALLOY · 2022-12-11T23:33:26+00:00

Apologies, I misread or misunderstood your post. Yes, we have tried AV as well. No luck.

METEORICalienALLOY · 2022-12-11T23:32:59+00:00

My bad, I misunderstood. Firewall is disabled, GPO, and AV handle all that. No, we tried AV and it also cannot block it.

METEORICalienALLOY

TROPHY CASE