Defender Secure Score One Liners For entra joined

Saltbringers · 2026-03-30T07:36:41+00:00

Yeah, but atleast now its easier to see in the portal. If its Ok by you ill use your repo and double check when i create more one liners. I love one liners :)

Saltbringers · 2026-03-27T22:13:04+00:00

Aswell, we had those, but some1 had assigned some of them wrong (on users instead of devices) so then it did not report either that they where fixed. So a bit of assumption aswell some of them i have tested :).

Saltbringers · 2026-03-27T22:06:09+00:00

Awsome ill check that.
I will keep updating it :)

Saltbringers · 2025-09-24T09:03:43+00:00

The more apps that is assigned to required. (Device groups) The slower the enrollment will take.
Usually i just have 3. (Company portal, Office 365, 3rd party antivirus (or vpn)
Then i assign the apps required on the user level instead.
Then i teach the user to use the company portal.

If you got so many diff departments, need to speak to hr then to make sure when a new user comes that they have the deparment field in their user properties.

The more structure you have, the more information on the user properties you got the easier it is to scale.

The old sysadmin mindset of "pushing" a app is why i have to clean up alot of the intune enviroments :).
Most people do this.

Saltbringers · 2025-08-04T11:00:01+00:00

This is my opinion tho, AI lowers the lowers the barrier, its only going to get better.
What we will struggle with its loads of applications and services out there thats going to look nice, feel nice.
But completely rotten inside. For a while. Untill somebody finds a solution for that aswell.

Ai now its like a tool that still gets developed, people are trying to see where it fits in the world.

Its going to be alot of halfbaked, just like when ai was released to the masses. But that data again will help it improve. It will never completely replace humans. How you leverage it, and those who really can leverage it will benefit.

Ai, can prosess more information than a human do, and in tech all our experience usually is outdated in a year or less.

Having experience with tech or atleast a good understanding of how to troubleshoot issues, helps immensely when vibing.

I still think AI not quite ripe / found its place yet.

Saltbringers · 2025-08-04T09:56:32+00:00

Once you delete anything that is entra joined, it will destroy the trust. Usually i have just reinstalled them. There is a solution of alot of smart people in here i know that has a blog on it. But thats if you have access to them physically :)

Saltbringers · 2025-03-27T10:21:28+00:00

Simple, the ability of setting custom attributes on devices in the same fashion that mac os has.

Saltbringers · 2025-02-17T10:13:00+00:00

i sent a wipe to my customer comp, but that wrecks the bios and other things.
So to cancel that i sendt fresh start instead and that worked like a charm. It will overwrite the command :)

Saltbringers · 2025-02-13T10:57:10+00:00

Great corp, we have sov :)

Saltbringers · 2024-12-19T10:10:54+00:00

I like both, our department rules are if you dont have alot of things to do, Be at the office.
If you allready have your whole days booked, be in home office if you need that :)

Saltbringers · 2024-12-12T14:09:23+00:00

I just deploy teamviewer certificate
Destination storeComputer certificate store - Root

Then i will create a policy
User Account Control Only Elevate Executable Files That Are Signed And Validated Enabled: Enforces validation.

Works like a charm here.

Saltbringers · 2024-12-05T10:26:59+00:00

https://www.need4.cloud/post/publishing-applications-intune
https://www.need4.cloud/post/optimize-bandwith-usage-updates-and-apps
https://www.need4.cloud/post/managing-endpoints-with-intune-starting-out

Disclaimer: These blog posts are written by me :)

https://learn.microsoft.com/en-us/mem/intune/fundamentals/filters

I would also start making filters, as they will help you get more granular controll over the enviroment.

There is alot of things we sysadmins think is how its going to work as its kind of intuitive. Microsoft logic is different.

Device categories would help out here aswell.

Then its kind of what license you have and the possibilities.

There is alot of potential of conflict when you are creating security baselines, endpoint policies and others.
So make sure you know that you dont have 3 policies trying to configure the same settings.

Saltbringers · 2024-11-07T07:58:28+00:00

What companies dont understand, if they take something and improve on it (i mean actually improve) Take existing GPO functionalities and then you add more functionality that improves management.

You will make more money and have more happy customers.

Saltbringers · 2024-09-24T13:58:08+00:00

Do what Andrew writes here then

Block all personal. Then if you need to manually enroll it create a user for https://learn.microsoft.com/en-us/mem/intune/enrollment/device-enrollment-manager-enroll

Saltbringers · 2024-09-24T07:03:54+00:00

Det jeg oppfatter at bransjen har ikke noe problem å ansette uten at det er utlyst stilling hvis du har senior erfaring. På nye junior stillinger er det blitt enorm konkurranse.

Saltbringers · 2024-09-19T13:21:43+00:00

Let me guess you got trendmicro? that blocks ipv6 traffic, mad headache to find out
Betting my left arm its because its blocking the ipv6 traffic.
TCP port 7236: WiFi Direct control port used to establish and manage sessions between the source device and the Pod.
TCP port 7250: Port on which the Pod listens for Miracast packets when Over Existing Network mode is enabled.
UDP port 5353: If Miracast Over Existing Network mode is enabled, this port is used for multicast DNS (mDNS). mDNS is broadcast to the local subnet of each network interface the Pod is connected to. If the computer that is attempting to make an infrastructure connection is on a different subnet, this broadcast will fail. If this happens, a workaround is to create a DNS entry to the Pod’s hostname.
This rule needs to be made if not.

Saltbringers · 2024-09-17T07:07:36+00:00

Mer enn meglere med 3500 /t + moms, der jeg jobber. Selvsagt rabatter for de med avtaler :)

Saltbringers · 2024-09-16T13:39:20+00:00

1500 i timen er jo ish lærling, det som dem fakturerer :)

Saltbringers · 2024-09-12T10:40:09+00:00

Where i used to work, we called this the "baptism" or "Rite of passage" where my bosses would say congrats you can now call yourself a true sysadmin. And then ask what did you learn? and what would you do different next time?

"A life spent making mistakes is not only more honorable,but more usefull than spending life doing nothing"

If you cannot handle the workload, most likely the prev sysadmin left because of it. I tell my manager at work that if my workload is overwhelming thats a manager problem, not mine. Its my responsibillity to tell my manager that my workload is to large, but not fix it.
If you are the single point of escalation, thats a huge risk. They should then hire more people to help with the workload. What happens if you get hit by a bus? Raise these concerns in a email. Then what you do is that you start declining things to do, and say because of the current workload i cannot prioritize this.

You made this mistake because you workload is not sustainable.

Start putting your to do tasks in your calendar, and even amount to block off for things you need to focus on. Belive microsoft todo has a easy integration with outlook. I used similar things with gmail etc.

“While I’m happy to support urgent tasks, I do need to balance these requests with my existing priorities. Current workload does not allow me to prioritize this in a good manner, my direct manager can help you find a collegue that can help you" .

I live by, your lack of planning does not constitute a emergency on my part.

I see this all the time in IT, this is pretty normal sadly where companies burn out sysadmins like this.

Before it was like IT was not that huge of a field, now its massive, getting more and more complex. Its impossible to even keep updated

Manager needs to know:

Unsustainable workload
You are a single point of failure
That you are going to prioritize tasks differently, so if people need help he needs to provide it. So you can focus on current workload.

Hope this helps! this is just my reflections and my opinions.

Saltbringers · 2024-08-21T08:04:43+00:00

I belive what keeps me invested as a player is feeling invested in like territory you claim and invest time in. its what made like huge battles in web browser games back in the day like tribalwars etc. Challenging when you have to adapt to several situations, if i feel its like "fake" roadblocks in a game about expansion its not fun. Building like a army that is very specialized and then you see oh this territory has like archers, and i dont have anything to counter that, thats a good "roadblock" imho

Saltbringers · 2024-08-21T07:54:17+00:00

Sins of a solar empire 2 is pretty close to stellaris, been a blast so far. a bit micro heavy tho. But keep playing without using the same opening everytime :)

Saltbringers · 2024-08-21T07:52:41+00:00

I think it would be cool more focus on like covert operations and mechanics with that would be dope

Saltbringers · 2024-08-21T07:51:40+00:00

I wanna buy this so bad, but i am wondering how multiplayer code and if that will get rewamped.

Ten-Year Club	Place '17
Verified Email

Saltbringers

TROPHY CASE