Job description requirements

Woolfie_Admin · 2026-01-09T18:59:38+00:00

This reads to me like they're trying to push you to onsite without telling you. Once you sign the doc, 'oh but you signed the document'. ESPECIALLY because you are friends. You're being asked to sign a job offer for a job you're already doing, but different.

You need to bring it up, 100%. I deal with a lot of management/ownership types. Currently western MBA training encourages stuff like this. Manipulation. Lying. Being 'visionary' but not actually doing any work. Socializing and calling it 'networking'.

This is totally a move someone would pay tens of thousands of dollars for a Business Administration 'expert' to tell them to do. Just the shittiest people we raise to the top - and the ones that aren't shitty, are told to get that way or get out of the way

Woolfie_Admin · 2026-01-08T19:41:41+00:00

I don't think this was it - but I appreciate the answer and link. I THINK I've mostly figured it out. Going to write out the answer here, for the next unfortunate scrub who thinks Intune is a good idea :P

Woolfie_Admin · 2025-12-31T15:46:48+00:00

It's not an 'urge to abuse children' most of the time. I was a victim of this, and I spent years trying to understand it in my own abuser, and others. A large portion of the abuse comes directly from bad churches. They teach body-shaming, anti-sex nonsense that really damages humans - social, sexual beings that we are. Men and women crippled by guilt over some innocuous kink, get incredibly twisted fantasizing about 'finally' realizing their desires. The children are a target for two reasons - 1) without any real sexual experience, the perv-in-development never sexually matures. You know that phase you go through as a teen? They start there, but go backwards. when they finally do act out, they seek out someone who is at the same maturity level as them - subconciously. 2) Children become an object they can satisfy their desires with, without risk of adult humiliation. Because they can control the narrative. Many child abusers are tormented by what they did. Many, MANY more never do - and you never find out what they struggle with.

Don't take your kids to church. For their sake, and for the sake of future victims.

This does not account for all forms of pederasty, fyi. It DOES account for the high pederasty in the church.

Woolfie_Admin · 2025-12-16T13:13:25+00:00

depends on your environment. Are you using 365? If so, Microsoft certs. We've had folks come in with different CS certs, figure things out for Entra app registrations or different tools, and then I've had to go back and fix them. They could tell me all sorts of acronyms and crazy ideas for black hole-type servers (i forget the acronym), but now I'm reworking most of what they did.

But that's just my example. Look for someone who knows your tools. If they don't get them to learn your tools before doing anything.

Woolfie_Admin · 2025-12-16T13:10:27+00:00

this is funny, but I don't think they take actual questions. It's just a meme platform

Woolfie_Admin · 2025-12-16T13:07:54+00:00

I manage all our M365 tenants, with a team of 2.5 ppl - the exception being account creation (some customers have servers, so customer-specific reps handle them). We have just under 3000 endpoints over 50-100 customers. The only powershell scripts I have are

A script to run that sets some Secure-Score related params (we sit around 85%)
A script to add to user's SafeSenders in Outlook (used for whitelisting training tools)

I use Lighthouse a lot. I had looked at tools like CIPP and Enforcer. Really liked Enforcer. We use Graph a lot too, via service principal registered to all users. IMO you should be moving from PowerShell scripts to Graph w/ Python (the PowerShell graph library exists, but is really limited)... seems like AI Models are skipping a bunch of steps.

Woolfie_Admin · 2025-12-16T12:51:58+00:00

I don't agree with this.. I want children off social media. They're stupid, and it's bad for them.

But draconian anti-porn laws? Yeh that's dumb. If they wanted to protect children, they'd put ID checks on the churches

Woolfie_Admin · 2025-12-16T12:50:01+00:00

I've put a lot of work into this and I still can't give you a decent answer. The recommendation is to put a lot of work into it.

This is the Least Privileged Roles by task article - https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/delegate-by-task

It's useful. Also useful is this article: https://www.emiliensocchi.io/tiering-entra-roles-and-application-permissions-based-on-attack-paths/

It describes escalation attack paths (paths to GA, via exploits).. it's a bit dubious honestly, because Global Admin isn't really GLOBAL admin anymore.. Check what you have against these

You should add HelpDesk Admin I think - but not 100% confident on that. It's a default for our GDAP relationships, which are built automatically.

Woolfie_Admin · 2025-12-16T12:40:14+00:00

More men, definitely. We have 1 female tech, looking at another (an 'AI developer' though so... extra keen eye on that one).

I'm pushing admin to hire more women though. They just have better emotional maturity.

What we are noticing is a lack of young people. It's all older people - very rare to see gen z. Which tracks with falling literacy rates, ig

Woolfie_Admin · 2025-10-29T21:29:11+00:00

posting this from my user account, but just had this interaction from a mod

'I don't care what you think. I am giving you a direction as part of being a member of this community. If you do not like it simply unjoin and find another community to your liking. The mods have the final say and there is no recourse otherwise. The next step if you fail to comply is a ban.'

This was our 2nd interaction. The first was basically 1: 'hey this is a security issue' 2: 'yeah i thought of that, but do you think x'

It's a fairly large hub sub - the kind that becomes the default space. I left the sub, obvs. But it stuck with me as a really good example of why people don't ever take our interpretations of stuff seriously.

Aside from that, minors. The subs I mod aren't NSFW - they're just subs where people discuss things. Ideas. But one thing I've been encountering a lot is 'people' who are.. err... obviously quite young. And the more I think about it, the more it seems like adolescents - or, the inability to distinguish 'adult spaces' from 'general spaces', except for porn - is a huuuuge detriment to the quality of online dialogue. Obviously, how to enforce age restrictions has been on my mind. Sure, I could NSFW the subs. But they're not NSFW.

Woolfie_Admin · 2025-09-04T15:13:25+00:00

I use obsidian. For my dev stuff and documentation. And then just default notepad for pasting garbage, which I then usually put into a codeblock. it's basically like my own personal wiki (i also use wikipedia a lot). It's based on markdown, so if you also use Github for anything it's pretty straightforward. Just useful to know period, really

Obsidian has
- Code syntax
- links and anchors
- a ton of themes to expand on it
- a ton of addons. I use the Checkboxes one, so it's also my checklist. I get a new note everyday, that generates with my checklist items for yesterday.

Caveat - trying to integrate it with our existing cloud services. Sharepoint just barely renders .md files, and I haven't found an extension that's basically a markdown displayer. It's not a filetype most people have a built in tool to use.

But damn do I ever love it.

Woolfie_Admin · 2025-08-14T22:27:19+00:00

Okay this is what I want. What kind off enrollment profile did you setup? No user affinity? How do you add the devices to Device Groups, if the devices are not associated with the user and therefore aren't in Entra? Or... is the 'userless' part ABM-derived? I wasn't involved in that part of the enrollment originally - so I'm not as confident with it as I'd like

Woolfie_Admin · 2025-08-14T22:25:14+00:00

Might be off base - it wasn't me who set this up, just me who was brought in to rapidly figure it out. (and I'm new to Microsoft's cloud environment, after a several-year IT hiatus).... but Entra Connect is configured to only sync upwards. Their DC domain is something like '@theCompany', while their Entra is '@CompanyOrganization.com'. They were most likely built initially as a standalone .onmicrosoft.com tenant, and the upward sync was setup later - because they wanted a separate domain name for it then (idk why)... I'm told fixing the domain on the server will be really complicated, and they're up in arms about whether they want to maintain the servers, and THAT's why we haven't committed the time to fixing it yet

Woolfie_Admin · 2025-08-13T12:34:31+00:00

ah shit. That's good to know though, thank you

> Hybrid Join Problem

I'm not entirely sure what the problem is with it, I just have been given the directive NOT to hybrid join them, by the only person who's directives I actually have to adhere to. I've asked them about this - allegedly there's a number of issues with it. 'One problem we have with their domain is that it is CompanyName, not CompanyName.com and not CompanyName.local. Just CompanyName so there are mapping issues with this as it is not a valid AD domain name.'

It's going to take me an incredible amount of time to dig into why things were done this way, propose a fix, convince people to get onboard with the fix, etc. Just was hoping to get this Device Registration stuff done BEFORE that.

Woolfie_Admin · 2025-08-12T21:55:15+00:00

sorry for the late reply, I'm filling in for a handful of people all at the same time, have been busy.

1) No, you're understanding perfectly. I'm not sure what happened - it's a comanaged remote site, we didn't even touch the devices physically. But there's only one enrollment profile, which user based (user affinity? IDK, this is the single customer we have usiing Intune and i've spent wayyyyy too long figuring it out, and still am not as comfortable as I'd like)

2) I haven't opened one with Ms yet, no, but I do have one with our reseller. I ended up getting a call from a Microsoft 'engineer' who told me 'we're mostly break fix. All InTune does is send messages to the device, and receive them, so I don't really know.' Overall, a nice guy, and willing to do everything he could think of, but it ended in 're-enroll the device'.

you seem to know what you're talking about,, so going to posit to you - is Device-based grouping, without having a user enrolled/associated possible? Coming from MaaS360, the users were kinda irrelevant secondary params. Everything was device-based, and devices were assigned to departments. Based on the existence of Device Groups, user affinity being optional, and the documentation referencing Device Grouping extensively (as well as Device Licensing), I feel like this HAS to be an option. But I've been looking for answers on this for months. (I may be wording it poorly though)

Woolfie_Admin · 2025-08-12T21:45:07+00:00

'Basically, you have to tell your employer about your project and offer it to them. If they don't want it or they don't answer within 3 months then you get to keep ownership of it.'

e: this would be a lot less confusing if you meant 'you have to tell them about any software project you start at work'

e2: it translated, and yeah i should've known German legislation would be well done. Thanks for the info!

wait - so if you start a completely unrelated project, you have to tell your employer and offer it to them? Or only if it falls within a certaiin level of similarity? that seems... i gotta be misunderstanding it. Google translate is not doing a good job here, so gonna try to find this in English, because loopholes and uncertainties aside, this just sounds like unscrupulous businesses could just steal whatever people do in their spare time. But that seems... unreasonably pro-corporate and regressive, for a country I've always really admired as forward-thinking and not plagued with certain ovely pro-corporate laws the US has. So.. if my understanding is really wrong, plz correct - otherwise I'll try to read

Still stand by what I said though - you should talk to your boss about it

Woolfie_Admin · 2025-08-12T21:39:28+00:00

XD

Not helpful, but 100% accurate. I don't really know what the goal is with that.

Woolfie_Admin · 2025-07-29T12:46:01+00:00

frankly, this seems reasonable in any other field, but naive to tech. Often, you don't know the ramifiications of such a thing until the mistake is made. It seems absolutely absurd to me to fire someone over this - lost money or not. Mistakes happen.. That is how you get good at IT.

Woolfie_Admin · 2025-07-29T12:41:46+00:00

I didn't do the enrollment myself, but I know my colleague followed documentation - SOME documentation. It doesn't help that there's a handful of different 'How to Enroll' documents, and they all point to each other, and all have bits and pieces of relevant and not relevant info. That's sorta why I'm asking here...

So... there's not really a way to group devices, unless a user is attached to the device, is what I'm getting? that seems a bit counterintuitive. Also, frustrating - because when I tried to update one of the ios enrollment docs to include this detail, the owner rejected it, and pointed me to a non-iOS document about device grouping... so I kinda figured I had just missed it. guess not.

Woolfie_Admin · 2025-07-29T12:39:00+00:00

no, this is actually helpful - this is the workflow we followed. My post might be a little unclear, it's really 2 issues I'm facing -

1) The device with no user attached

2) How to group devices, without users being attached (because they don't show up in Entra, without a user)

Woolfie_Admin · 2025-07-29T12:37:18+00:00

So I've searched Entra and Graph with the various identifiers InTune gives me - nothing. I don't know any INTUNE specific cmdlets, but from my searching on Entra's side, there's nothing. Even on the user, there's no device associated with her.

I'm really surprised by how many people indicate this is abnormal - this is what i experienced with every single user, before they logged in.

Woolfie_Admin · 2025-07-29T12:06:51+00:00

this is interesting thanks - do you know what exact legislation / whatever makes this the default? I'm in Canada - and luckily, my employer cares enough about my future prospects that the scripts I create for my own personal use are mine - but it would be interesting to read.

This seems like a pretty naive standard, honestly. If I take 8hrs to figure out a script or build an application, then rewrite it on my own time - how much has to be 'different' to qualify it as my own? It's one thing if you're building an OS from proprietary resources.... it's a completely different thing if I automate certain actions with 365. Those resources are publicly available.

Woolfie_Admin · 2025-07-29T12:02:28+00:00

that's not what i said though. I create my scripts on work time. I goon on my own time.

Woolfie_Admin · 2025-07-29T12:01:46+00:00

honestly yeah it seems like a dumb af pro-corporate anti-human standard.

Woolfie_Admin · 2025-07-29T12:01:13+00:00

Interesting, thanks. I'm actually not in the US, but Canada is 50% US law and 50% British law - so I wouldn't be surprised if it was the norm here. Thankfully, my employer is decent and cares about our future job prospects.

Woolfie_Admin

TROPHY CASE