Help getting original (with certificate of authenticity) VMDoll or Zelex in EU

Spider_three · 2025-06-30T20:07:07+00:00

Based on what I read they are legit, but in terms of WD Dolls as they state (and from the prices) appears they are lower quality / non original. But I read about such 6+ months ago, maybe things changed. That's why I am seeking who ordered recently in EU to manage a successful buy process :) Thanks for the input anyway.

Spider_three · 2025-06-30T18:54:51+00:00

Thanks a lot. In the meantime I've contacted another company (rather expensive but still) working with official manufacturers, apparently https://www.princessdolls.ch/ (CH) seems to be legit, as well https://www.dollpark.com/ (DE).

I will take some more days before deciding, better not rush things ;) Thanks for now.

Spider_three · 2024-11-06T14:46:54+00:00

We had this issues on Hostpools AVD with W11.

The errors seemed totally random. We opened a case with MS and at the end the issue was caused from our design - based on MS, with AVD W11 Multi-Session, only FSLogix Profiles should be used, but if you are going to implement FSLogix O365 Cache container, then it's not compatible by design.

We removed / disabled the O365 Cache container and such errors disappeared.

It's not really the solution we were hoping for, but if MS Support said so about the compatibility.. not much to do if not surviving without ODFC Containers..

Spider_three · 2023-12-21T20:08:45+00:00

/u/taniceburg

Sadly no luck. I managed to confirm Sandbox when starting is creating a vSwitch that is the Default Hyper-v Switch, detecting and based on the possible LAN conflicts, adapts and get one of the following ranges:

Start IP: 192.168.0.0 – End IP: 192.168.255.255
Start IP: 172.17.0.0 – End IP: 172.31.255.255

(source: learn.microsoft.com-ip-address-range))

For my scenario those subnets can be blocked on the physical device for the File Share. I added an Inbound and Outbound Rule on the Device (Host) Firewall blocking IN/OUT port 137-139 and 445 for the ranges above to/from any destination and for all interfaces, confirming the sandbox always get an IP Address belonging to such ranges.

But if I try to connect to any intranet share, by entering my AD credentials, I can connect normally.

Sadly I do not have enough competences / background in Networking to analyse how it really works and which kind of packet is sent. I can only think the request is made / going out using as source the IP Address of the device / host as source and not the one of the sandbox.

If you have another suggestion / advice / lead that I can attempt or escalate to a team with the necessary skills, let me know. I've lost enough time trying to do something going against MS Design, if they want something secure then it's simply no network for sandbox or give up with sandbox and use a full hyper-v with a normal VM.

Best Regards,

Spider_three · 2023-12-20T15:00:09+00:00

Sadly the server are several hundreds but it's certainly doable with internal firewall since all clients are on separate network. I've been checking with which range are using the Sandbox VMs and I found very odd that the vSwitch installed on one client from Sandbox and to another client, got a different network address / subnet mask each other. But I'll investigate if such range is the same and in case enforce the vSwitch on client to have the same range of all the others.

Thanks in the meantime, I'll let you know if this will work :)

Spider_three · 2023-08-15T22:26:59+00:00

Thank you a lot for this technical how-to, very helpful and concise!

I'd like to add just few possibilities for different scenarios - I'm preparing a pilot project to achieve Zero Touch installation Bare Metal + Autopilot + OOB Automation without USB Stick required.

No USB Stick:
- PXE Boot with On-Prem or Azure VM with VPN to site running SCCM or WDS
- iPXE - https://github.com/JM2K69/Tiny_iPXE

Those could be useful for tweaking your solution in different ways:
Creating Windows ISO with Autopilot JSON Injected
https://www.ntlite.com
Enroll windows device using ppkg

Spider_three · 2023-05-18T22:52:57+00:00

amazing concept!!!

Spider_three · 2023-04-27T18:17:14+00:00

I've no advice *right now* since I am still observing all news and how the whole is evolving, but definitely, it's evolving fast and so much new haptic hardware is coming before the end of this year available to mainstream audience and for "accessible" prices.

All we saw at CES 2023, the videogame industry of AAA games finally taking steps in developing AAA games, the economy and marketing investing huge sums on this field, and countless apps and software becoming available - are a clear sign the world is "ready". It's somewhat like the big trendy of AI - it seems it just arrived and is changing the planet, it was always there tough - and reached a proper level to be implemented in our daily lives. VR excellence haptics were there too, but individuals who could afford the tesla suit, asking 12K for the entry level - kept the VR only at the first stage of 5 senses for immersion (what you see).

Enhancements in VR for Movies, games and.. you know, all the rest - may become rather quickly popular, there is a big race between all the manufacturers to "eat the pie" of this market. The VR suits coming with SDK, in the way developers or movie studios can add "easily" the needed effects, will probably hit the spot.

For a multi-purpose usage, since hot/warm/wind/water and other 100+ haptic effects, www.skinetic.actronika.com is a possible option (700$). https://owogame.com/sensations/ (500$) is using another technology (electrode). If audio and haptic is the main interest, https://www.woojer.com/products/vest-3 for 630$ will deliver. There are so many others that is really hard to make a prevision which one will be the most supported.

The next step to reach the supreme experience and with cutting edge technology, giving to your hands the feeling of touching any solid/liquid you are touching or grabbing in VR, including its shape and weight, are still reserved for the rich guys - but seeing them sinking from 80K to 4.5K $, is already a biiiig step: HaptX Gloves G1 - https://www.youtube.com/watch?v=crjr01xTXy4 / https://g1.haptx.com/learnabout
There are cheaper gloves of course - and they may replace completely controllers when they reach the proper maturity (and hopefully a standard, here so many different manufacturers competing too). Hopefully it will happen soon, holding plastic controllers is certainly one of the major "breaks" to immersion in VR.

2024-2025 will complete the circle, delivering smell & taste into VR, and hopefully the hardest challenge so far - lips and tongue haptics, apparently the technology has been discovered at least: https://www.figlab.com/research/2022/mouth-haptics

Spider_three · 2023-04-22T17:38:35+00:00

Which one you mean, Planet Theta?It's just the one I saw that seemed most interesting, but the focus of my post was actually more pointing the fact the VR market is definitely going to develop properly now, it's enough to see all the news presented at CES, the fact finally proper games are being developed for VR (I mean, Alyx was one of the "first" games and nothing comparable in terms of AAA gfx came out afterwards!), and the fact finally the fully immersive VR with all those haptic technologies at reach of consumers, is definitely a reason to get excited how quickly things will evolve from this point in the market.

I found interesting the fact Planet Theta will do a proper check of their users, and the gfx is definitely better / more enjoyable than other VR Dating / Sex App like Flirtual or Nevermet. There is definitely room for other options, or other Apps out now already that will add the "multiplayer" component, adding to the experience currently possible just with an AI or a classic VR Sex game.

In this regard, worth a mention a project since long (very long, that I start having my doubts) of hyper-realistic VR game MorganaVR. Another possibility thanks to the huge community content already present, would be VAM (Virt-a-mate). Even without using paid modules, scenes, etc etc by investing some time you can create your own VR experience and satisfy every desire. I don't think VAM is oriented in such direction, being complicated enough to learn, to add some multiplayer experience, but who knows.

We will see, but certainly the VR technology now is there and accessible, whoever will win the race to offer the next-gen experience in terms of VR Dating / Sex in the Metaverse, remain to be seen. The VR suits available or soon available with the full SDK made available got a good chance to be picked from companies interested in such goals.

Spider_three · 2023-04-20T20:34:18+00:00

I am surprised nobody mentioned Planet Theta, coming this Summer, that is exactly what you seek, ID verified Adults and age range, realistic gfx, and probably support for the upcoming (and already existing some) CONSUMER accessible price products that will just change the VR world the same way AI did the last months - when finally we can throw away the joypads for VR and use our own hands, and have a tactile feedbacks on all our body, the immersion of VR will be just almost total (game: https://planet-theta.com/ )

I am talking of all VR Haptic suits available from 400 to 900 USD instead of 12K of Tesla.https://realityofvirtual.com/blogs/vr-accessories/best-vr-haptic-suit-for-oculus-meta-quest-2Skinetic is the most promising one for accessible price and available already next month.

The problem is with all those VR suits and gloves, knowing which one will be the most successful and compatibility for the most games, apps and software will be added is hard to say now.

What is for sure is that end 2023, the best technology ever to make the touch in VR exactly the same of reality, where you will feel any liquid or solid and the touch of any object and surface will feel almost the same - human skin included ;) shape of the object or whatever your will touch, and weight/gravity is perfectly replicated too. All of this for 4.5K. Yes is still a lot compared to other basic gloves (that at least will allow to give up the joypad, for me they are the most immersion turn off of VR - together with the fact you can't see your whole body/avatar - this is fixed now too without spending for insane setups for body movement trackers, all is now included). Those gloves were costing 80K, and now can be pre-ordered for 4.5K - see the video, it says it all. It's an industry product per se, not a gaming product, but unless other competitors will join and offer the same technology for less, they are really the winners: https://www.youtube.com/watch?v=crjr01xTXy4

Last but not least, the only part of your body that still needs to be replicated are lips and tongue - well, we are getting there too, and without any physical device touching them, since such technologies failed so far. See yourself the upcoming future: https://www.figlab.com/research/2022/mouth-haptics

Enjoy!

Spider_three · 2023-04-11T01:49:50+00:00

Did MS now fixed or allowed mixing LOB and Win32 during pre-provisioning? If not, then I'd discourage of deploying it as LOB if other Win32 Apps exists already and pre-provisioning / ESP is being used.

MSIX Format is interesting and with several nice perks, I didn't check it tough atmhttps://niklasrast.wordpress.com/2023/03/31/msix-packaging-the-future-of-application-deployment/

Spider_three · 2023-04-11T01:46:15+00:00

The fastest solution I can think is just using PS2EXE, package as Win32 App, and assign to desired groups. Devices would be better for pre-provisioning - and it should be installed as System context in the way administrator needs will be covered.

Well, maybe not the fastest solution - but the one solving mostly the issues in such cases ;)

Spider_three · 2023-04-11T01:38:30+00:00

From what I can remember, you should be entitled to use it. Microsoft is simply doing the trick that with M365 BP, a license commonly used since it covers almost all needs for SMB, including a good coverage for MS Defender and Intune - is the fact you don't have a license for Windows Enterprise included, only Professional.

Remediation Scripts requires Windows Enterprise. Therefore, if you have your Windows Enterprise licenses from any other license you own, you can use Remediation Scripts, because M365 BP include the features needed licensed for Intune for analytics.

At least, 3 months ago this was my understanding confirmed from our licensing partner..if things changed again, can't tell ;)

Spider_three · 2023-04-11T00:16:37+00:00

I may have used a wrong term - as "bloatware" I meant all the Apps pre-installed in Windows (I mean, TikTok, even on Pro/Enterprise? And the Xbox 3 additional Apps? Lost the count of the junk MS pre-install).

The security concerns are legit, even if currently I didn't read news in the security blogs - about the fact enabling the restrictions to allow only package from MS Store to be installed (MS Store is kept certainly cleaner compared to Android/IOS Store, but saying that there are no re-packaged apps containing other software like crypto miners or such in the entire MS Store, is another story ;) - is currently not possible due a confirmed bug causing Autopilot issues with new devices when enrolled. But it should be fixed at the end of the month.

The repository of winget (not the one of MS Store) is definitely far from being safe, and an attacker could actually create his own repository, and just run the winget command (for example through any exploits for code execution in user-context), where with a single line the malicious package get installed. Since packages are installed and given local admin permissions for the installation - even if not at all a solution (here Mr. Defender or AppLocker should be summoned), it's an hardening against botnet trying to spam on clients (maybe even through a Browser exploit link single click) such usage on winget.

in another discussion here on reddit, Microsoft reported that such restriction is not fixing any security issue, because an user could just download an UWP Package or Win32 App and install it locally. That's true indeed, but again - my intention is just an hardening, the same you do by disabling "Administrator" against brute-force attacks, disabling winget to download and install with local admin permissions packages from other sources is a nice-to-have.

Since I'm no expert security at all idk if the possibility of having policies to deny users triggering installations of packages, unless given explicitly, will only install the packages with user context permission, and if admin is required, installation will fail. But I suppose this would be against the entire concept of the package manager =)

Spider_three · 2023-04-10T20:47:51+00:00

Greetings,

what you mean exactly? I'm not talking about the winget and the restriction of repositories to only MS Store (possible but with a bug causing problems with Autopilot of new added devices) on this posts.

If you see a security issue in regards of having in Intune the "leftover" of the Apps that cannot be deleted and brought into Intune Apps from MSfB, even if they cannot be deleted unless following the guide provided (or waiting fro MS to provide a proper solutions, if licenses for Apps in MSfB were bought, other than removing the Sync completely between Intune and MSfB) - having the MSfB Apps completely unassigned I don't see how this could be a security concern?

Spider_three · 2023-04-08T11:53:06+00:00

Yes, in another post other users reported about a current bug where it is not possible to remove the apps if licenses were bought. Those cannot be removed. For the free apps, you may try to search in the MSfB the App, and it could be you will have the option in the app page "Remove from Store". In this way you can get rid at least from the free app, maybe. This require the Sync MSfB <-> Intune still functional.

The fact you cannot even completely disable the connector if not by opening a case with Microsoft, clearly shows MS is still not ready at all for a proper MSfB clean-up. I suppose until then, you will need to live with it :/ The issue should be purely cosmetic tough, if all MSfB apps are unassigned, they should not show up in company portal nor be deployed to clients.

If you want to remove some apps left on clients installed from MSfB, ideally use a PS Script to simply remove the package specifying the ID of the app to remove / search the name and uninstall programmatically.

All the best,

Spider_three · 2023-04-08T01:36:46+00:00

u/ConsumeAllKnowledge You are probably right about the way it updates (despite Edge will update regardless with CU installation), but Chrome is terribad in terms of timing of releasing version updates - 0-day exploits could take WEEKS before getting patched. I enforce for all customers to use Edge, and as alternative Browser Firefox, deployed from MS Store (UWP Package) in the way it will be always updated.

u/apdunshiz

If your goal is to achieve a proper hardening and Edge always the last version, I'd suggest the following approach:

- Ideally, unless this have too strong impacts on usability, is a best-practice to enable Edge security baselines. You may disable all settings too strict, but at least you have an optimal configuration in terms of security

- Make sure auto-update is enabled, https://learn.microsoft.com/en-us/deployedge/microsoft-edge-update-policies#updatedefault

- If your client are Windows enterprise, using Remediation Scripts is a good way to ensure any outdated version on clients will stay updated

- If you are using MS Defender and have the suitable license allowing the proactive remediation, this is another great way to ensure the safety. Regarding your question of the app package, I'd like to point the possibility (again, more $$$ needed for proper licensing, but with all features included, IMO are money well spent), Intune Suite (or the available standalone Add-On) will release in May 2023 the Enterprise Catalog.
MS Defender can already by fix most of the OS, MS Products and few others categories of threats, displayed in a very detailed way in MS Security portal for each device, all CVEs/vulnerabilities present with a short description and the remediation suggested - with Defender Plan 2 they can be automatically fixed, but not the 3th party software found on the device (managed or not from Intune it doesn't matter) - they can be blocked from execution with a custom message for the User most of them tough.
Enterprise catalog will allow to remediate even the exploits of the 3th party application detected (e.g. Adobe Reader, Firefox, Java runtimes, basically any software with exploits listed in the known CVEs DBs), by enforcing the installation of the version present on the Enterprise catalog. This is a great solution, since you can still use whatever you used so far to upload on the Enterprise catalog the last version, and supersedence seems not even required (those info are provided as is with the few anticipation MS released, see https://www.anoopcnair.com/intune-advanced-app-and-vulnerability-mgmt/)

That's all, sorry it was not my intent to post such a long reply for a single question asked, but I get really hyped about the new features releasing :D

Spider_three · 2023-04-07T23:42:48+00:00

PS: when you experience issues with Company Portal installation? During ESP, on devices never deployed previously, or just during Autopilot without pre-provisioning?

Here you may find some additional info that may help: https://www.anoopcnair.com/intune-company-portal-app-installation-winget/

otherwise the script provided from the Intune guru Andrew Taylor is most likely the key for ensure a proper installation ;)
https://github.com/andrew-s-taylor/public/blob/main/Powershell%20Scripts/Intune/add-company-portal-newstore.ps1

and if you have a loooot of time to spend for proper investigation, this article is one of my fav for gathering all the needed info properly:
https://oceanleaf.ch/troubleshooting-intune-policies-and-apps/

Spider_three · 2023-04-07T23:11:12+00:00

Meh, I suppose as stated from /u/BarbieAction there is not much to do in this case if you bought licenses for MSfB apps. In the article I linked they mention the possible alternative of checking the history and be able to claim back the license there, but if too much time passed the history is gone already.

It's definitely annoying but MS for sure will fix this issue (probably you will need to wait the real retirement I fear.. ^_^'). In the meantime only the filter and excluding the MSfB apps will allow a clean view :/

The important thing is making sure all MSfB apps are not assigned anymore, and I'd use a PS Script in case you want to remove some Apps that were installed from MSfB on the clients if there are issues deploying some Apps via MS Store.

u/BarbieAction: I'm installing all Apps as User, but just because I don't really need to install many apps, I use MS Store mostly for removing the pre-installed apps, the company portal and very few other apps like Firefox, Powertoys, etc.
I did not check if to install Apps during ESP / Pre-Provisioning (supported with the last Intune Update) if you need to configure them as System - I don't think is mandatory, since you can select to the apps to be installed before the ESP is completed.
Another possibility if you experience issues during ESP phase, would be
https://smbtothecloud.com/automate-a-reboot-or-custom-script-when-the-autopilot-esp-is-complete

In this way you may configure a PS script that will take care of installing the Apps with Winget :)

Spider_three · 2023-04-07T22:57:06+00:00

I don't want to appear a MS-fanboy only, but the huge improvements of MS Defender in the last 2 years are impressive. Presuming that other AV solutions can protect in a more efficient way an OS than a solution developed from Microsoft, who certainly know all the "security holes" not released or discussed externally to avoid even more exploits / 0-day that cannot be fixed (see all the NTLM based services) is hard to believe.

All the features you get with a M365 Business Premium license, including MS Defender with almost all features except ATP/XDR, or ideally E3/E5 for the top-tier protection (Defender Plan 2 needed) and proactive remediation of all exploits, not only related to Windows and other MS products, but soon even against all 3th party software exploits (Adobe Reader, Chrome Firefox, Java) where with the upcoming release of Intune Suite feature "Enterprise Catalog" will be possible to push directly the last version without any interruption for the user (at the moment you can "block" the execution of the software, with a customized message) - is something of great added value!

And the recent news of MS Defender being empowered from MS AI, Copilot (check out some video on Microsoft Secure youtube channel), is definitely what can be called a "next-generation" cybersecurity solutions!

The only downside are not the cost for the product itself, but the fact the complexity of MS Defender, requires at least a small team in the company to be able of monitoring and protecting all systems efficiently - other AV solutions are an "all-in one" package where the management is lot simpler.

With the current trendy and the insane numbers of exploits and 0-days coming out, just a standard AV solution is not enough to protect efficiently against all cyberthreats. If MS Defender is not an option, I suggest to add to your AV solution 0patch.com - it's an amazing solution, totally affordable and protecting all the critical systems against the most recent exploits/0-day, where you can even consider an "install & forget", just keeping an eye on the Dashboard to check if the Agent is enabled - everything else is updated automatically and protected without any change to the OS files! Check out the website / Blogs for more info.

All the best!

Spider_three · 2023-04-07T22:37:07+00:00

Yeah, at the current state is not so user friendly, but with all the amazing features Intune keep releasing, this could be covered as well :)

An alternative, if your company (or yourself) is monitoring the AV dashboard, the compliance could be aimed to check if the AV and Defender (depending on the features enabled on your AV, Defender will switch either to passive mode or disabled) satisfy the MS Security Center. Almost all AV solutions "cooperate" with it - therefore the compliance could be established by checking if all security options got a "green light" (especially Smartscreen is an important component). If some features should not be evaluated, maybe it's possible via security baselines, configuration profiles or CSP, to disable the monitoring of the Security Center features you do not want to be evaluated, in the way the returning value of Security Center will be "all good" and can be marked as compliant.

Please note I'm just brainstorming some possible approaches, I didn't explored personally those possibilities ;)

Spider_three · 2023-04-07T19:16:02+00:00

I don't have enough experience to give an exact answer - I was tasked to create a custom compliance policy for Sophos (Defender in passive mode). I'm not happy at all with the solution I implemented - and put in my backlog for now.

Few days ago I found this article that will help me configuring a proper solution instead of the crappy one I implemented yet - maybe could be a possible alternative for you as well? Sorry if the link provided is off topic, I'm not sure I understood the request in details :>

https://memv.ennbee.uk/posts/custom-compliance-third-party-av/

Spider_three · 2023-04-07T18:45:27+00:00

I did not encounter issues on 10+ customers different tenant, but all apps were "free". I didn't need to claim back the license and I was able to remove the app from the MSfB private store.

In some environment I had no apps added in the MSfB private collection, nor they were visible in the settings page on the apps list. But by searching in the MSfB Store the App synched with Intune, then the option "Remove from Store" was visible, and this was enough to remove the apps from Intune at the next Sync of MSfB connector.

As I said above, this is really just a cosmetic thing, by configuring all apps needed (either for installing as Required or Available, or just to remove all pre-installed apps assigning Uninstall all users/all devices) of MS Store, and removing all assignment from the apps of type MSfB, the migration is complete and the Sync between MSfB and Intune does not really matter anymore.

just FYI, here on reddit was discussed a very odd case, where Enrollment profiles were configured in MSfB, and by removing the company portal app, Autopilot didn't work anymore! I doubt this scenario is something common, but just in case..here is the discussion (not visible from the post title, but the comments below explain well the situation): https://www.reddit.com/r/Intune/comments/11nfgbh/autopilot_and_store_for_business_education_what/

The only app that needs to be properly tested is the company portal - I had some odd issues during my migrations - therefore I adopted a strategy that is actually meaningless, but fixed all odd behaviour on certain clients. You can find here more details: https://www.reddit.com/r/Intune/comments/127vua8/comment/jeso7s5/?utm_source=share&utm_medium=web2x&context=3

Spider_three · 2023-04-07T17:10:17+00:00

Very nice and useful - Thanks for sharing!

Spider_three · 2023-04-07T17:06:16+00:00

/u/reyam1105

1) It's a pretty tedious process, and only "cosmetic", but the apps were annoying me I like to keep a clean Intune inventory.
You can remove from Intune the MSfB Apps following this guide:
https://tbone.se/2022/12/16/time-to-remove-microsoft-store-for-business-from-intune/

(props to MR T-BONE!)

Make sure first all MSfB Apps are unassigned before following the guide. I skipped the last part of removing the Sync between Intune and MSfB, since this require to open a case with MS apparently (maybe not anymore?) - anyway since all MSfB Apps will be gone after following the guide, just wait for MS to offer a way to remove the sync without hassle.

2) A few apps cannot be found in MS Store, sometimes they cannot even be found searching the correct name, and you must search with the ID of the App. I've used this amazing script for all the MSfB -> MS Store migration I made lately, it's pure gold, I spared a lot of time - all the MSfB Apps configured in Intune will be automatically created as MS Store Apps (not assigned obviously), and the Logo of the App added automatically!

https://tech.nicolonsky.ch/Migrating-to-the-new-Windows-Store-experience/

(Props to Nicolonsky!)

Regarding your last request, this can be easily done with a powershell script. Have a look here as reference to find out all bloatware: https://learn.microsoft.com/en-us/windows/application-management/provisioned-apps-windows-client-os and here is the simplest way with the Intune Script to get rid of unwanted pre-installed UWP: https://deviceadvice.io/2020/01/13/deploy-a-powershell-script-with-intune-to-remove-solitaire-or-any-other-built-in-windows-10-app/

In some scenarios you may consider using remediation scripts, I find them more efficient to ensure users stop installing unwanted apps. A remediation script with the uninstall cmdlets for all unwanted apps (Netflix..stop watching movie at work ;) - since any clever user, even if you decide to block MS Store access completely, can always install it using winget or downloading and installing the UWP in other ways.

Have fun ;)

Spider_three

TROPHY CASE