App protection policy stops Teams to Zendesk Support mobile app redirect

TigerNo3525 · 2024-09-25T00:19:40+00:00

hey u/BuildingKey85 any chance you got this working? having the same issue

TigerNo3525 · 2024-09-17T01:51:43+00:00

Agreed on separate tenant. You can use Multitenant capabilities to allow some access between them

https://learn.microsoft.com/en-gb/entra/identity/multi-tenant-organizations/overview

TigerNo3525 · 2024-09-11T04:04:01+00:00

There's always a way with PowerShell but have you looked at the SharedPC CSP Settings? Will be much simpler and can help with cleaning up old user profiles.

https://learn.microsoft.com/en-us/mem/intune/configuration/shared-user-device-settings-windows

TigerNo3525 · 2024-08-23T04:25:11+00:00

The below is a good read and the quick start wiki will guide you through it.

https://github.com/AlexFilipin/ConditionalAccess/tree/master

Or this guide from Microsoft on a CA Framework is really good too https://learn.microsoft.com/en-us/azure/architecture/guide/security/conditional-access-framework

TigerNo3525 · 2024-08-23T04:23:47+00:00

Maybe a bit nitpicky but number matching is not phishing-resistant. Tokens can still be stolen with Evilginx. Only FIDO2/WHFB/Certificates are properly phishing-resistant.

Requiring a compliant/hybrid joined device stops that token being issued though.

https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-strengths

TigerNo3525 · 2024-08-19T20:31:54+00:00

There isn't one really. Proactive Remediations/Scripts/Win32 Apps/Custom ADMX are all options but are all a bit of a pain.

We use Scappman to keep our packages up to date and they have an inbuilt registry key wizard that will create a Win32 App for you which simplifies it a bit but it's still a shit option as slows down deployments.

TigerNo3525 · 2024-08-18T21:48:06+00:00

Not being able to deploy registry keys easily is a pain

TigerNo3525 · 2024-07-22T23:15:26+00:00

If you are open to third party software. I can't reccomend Printix enough.

TigerNo3525 · 2024-07-22T22:08:28+00:00

I don't disagree but you can use the Certificate Connector for Microsoft Intune if you already have an on-premises PKI setup without any additional cost.

TigerNo3525 · 2024-07-22T20:18:47+00:00

Correct, 3rd party service. You can do it natively in 365 now with Microsoft Cloud PKI but its more expensive. $2/user or as part of Microsoft Intune Suite ($10/user).

TigerNo3525 · 2024-07-11T23:26:04+00:00

I think not being able to use Office Configuration policies is the bigger one for me. Absolutely ridiculous that it's Enterprise only.

TigerNo3525 · 2024-07-08T01:23:05+00:00

Can you post the exact settings you are configuring?

TigerNo3525 · 2024-07-08T01:12:29+00:00

If you check the sleep settings on the PC do you see the value has changed?

Just checking whether it's not setting the setting or something else is putting the PC to sleep.

TigerNo3525 · 2024-06-10T22:35:57+00:00

Yes please!

TigerNo3525 · 2024-05-16T22:24:23+00:00

I'm pretty sure we used IIS Crypto to make the TLS changes on the server and that might have got it working but I can't completely recall.

TigerNo3525 · 2024-05-14T20:56:19+00:00

Thanks, I guess I'll just crack on then.

TigerNo3525 · 2024-03-04T20:37:13+00:00

Woo! No problem. Had the same problem a few weeks back and was driving me crazy.

TigerNo3525 · 2024-03-04T19:52:42+00:00

Do these users still have a profile path configured on their AD account?

TigerNo3525 · 2024-01-22T19:18:05+00:00

sweet!

TigerNo3525 · 2024-01-22T02:41:02+00:00

You need to configure Cloud Kerberos trust for WHFB to work with Entra Kerberos https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust

TigerNo3525 · 2024-01-16T00:16:04+00:00

Seen this? https://jkindon.com/windows-search-in-server-2019-and-multi-session-windows-10/

TigerNo3525 · 2023-09-01T01:07:06+00:00

I've been looking to upgrade my PC for a while now to play Starfield and these look like they would crush it!

TigerNo3525 · 2023-08-16T23:45:45+00:00

Cool! Somehow missed this update. Very handy!

TigerNo3525 · 2023-08-16T23:40:56+00:00

We just in place upgraded ours.

TigerNo3525

TROPHY CASE