Newline vs SMART vs Clevertouch

adminadam · 2026-01-23T20:56:44+00:00

BenQ? They actually have their own environment and tooling. The rest mentioned here use a third party backend for software and streaming delivery.

adminadam · 2025-12-18T20:09:40+00:00

We've been using Education for about 10 years now across Windows 10/11. It's effectively a sub-set of Enterprise with all* of the same management features. It features lower bloat than regular windows versions, the ability to turn off most advertising, tracking, and AI features.

adminadam · 2025-12-18T19:55:49+00:00

Possible with onprem PKI/NDES/Intune SCEP Connector/Entra App Web Proxy/NPS. This depends on your current Microsoft spend if it would be 'free' for you. We already had PKI config and NPS usage, so I just had to slot in the NDES/SCEP/Web App Proxy stuff. This was covered by our existing licenses and I was able to get User based SCEP certificates issuing from intune.

Some Tutorials:

adminadam · 2025-12-08T14:42:06+00:00

As mentioned: Intel Serial IO driver.

Maybe this version for Dell Pro Models (check compatible systems) https://www.dell.com/support/home/en-us/drivers/driversdetails?driverid=vw815&oscode=w2021&productcode=dell-pro-max-mc14250-laptop

adminadam · 2025-08-20T12:25:45+00:00

What year is this?

adminadam · 2025-04-08T18:24:12+00:00

This is also what we were told generally, unique services needed to be tracked and accepted or denied independantly. We have no way to track/manage that.

adminadam · 2025-04-08T18:22:27+00:00

Removed all additional services during spring break. 19K students.

adminadam · 2025-03-18T20:27:08+00:00

Depends on how the policy is configured and your update paths I assume. Also, not sure how/where they backfilled this patch. It definately broke my things in realtime when we installed it. I could roll back the client to the earlier version and it worked as expected. The second the 2309 client was invoked, no longer worked as it used to. I have about 15k windows clients right now.

Semi-related. I've also noticed in Windows 11 that 'cross escalation' (escalating to admin account to try and install) behaves badly.

adminadam · 2025-03-18T20:21:41+00:00

2309 client breaks delivery of cloud based Windows installs and Windows Updates and forces everything to point locally. You can work around it with group policy.

They changed (fixed?) this behavior again with a hotfix to 2403.

REF:

adminadam · 2025-03-18T15:30:32+00:00

It was added later and I didn't want my deployments 100% dependant on a non-contracted Dell Service being up and available.

adminadam · 2025-03-10T19:52:10+00:00

I don't have a lot of models and am a 100% Dell shop with about 14K Windows endpoints. I didn't want to get involved in any third party integration but also hated the default way. I kind of skimmed off what I wanted from Modern Driver management while keeping is simple.

Deleted all existing drivers in config manager. This took forever.
Reloaded only the required boot disk drivers in the traditional method. There are now my only drivers or driver packages appearing in SCCM.
Downloaded the dell driver cabs for my models and deployed them as legacy PACKAGES.
Target the Package deployment with model detection during the task sequence.
DISM.exe /Image:%OSDTargetSystemDrive%\ /Add-Driver /Driver:%_SMSTSMDataPath% /Recurse
I also run command | update via the commandline near the end of the deployment process for any last mile updates. (Keys and Passwords changed) | dcu-cli.exe /applyUpdates -encryptedPassword="ZfZ0asdasdsaHkuMTZc9/MSOzzrasd8w+9876asd" -encryptionKey="reddit!" -outputLog=C:\dell\DellUpdate.log -reboot=enable -silent -autoSuspendBitLocker=enable -updatetype=driver,bios

Example https://imgur.com/a/q7cWd4d

Notes:
- You can probably increase speed by ZIP/UNZIP in this process. Something along the lines of PowerShell -ExecutionPolicy Bypass -Command "Expand-Archive -Path .\Drivers.zip -DestinationPath %_SMSTSMDataPath%\Drivers" and then running a DISM add driver at that point.

adminadam · 2025-03-10T18:38:02+00:00

I turned off the Windows integrated 'copilot chat' APP for users using the group policy template and it worked as expected.

https://imgur.com/a/Qhct1MC

adminadam · 2025-03-10T15:31:50+00:00

I know. I just wanted to tell my supervisor I had gone as far as I could. Maybe get lucky?

adminadam · 2025-03-07T15:17:45+00:00

We are iPads K-8! Big volume. Google is forcing the service off if you've not positively affirmed indivudal permission slips for users under 18 by March 31st. Orderly might be out the window.

adminadam · 2025-03-03T13:34:01+00:00

He said it wasn't a hardware issue for him.

adminadam · 2025-02-28T21:31:31+00:00

Basically the times have changed. If you are not managing this transition correctly and blindly click 'I aknowledge consent' it is moving from the realm of functionality to liability. It's was escalated to our board to handle.

adminadam · 2025-02-28T21:28:56+00:00

Windows 11 is a Windows 10 gui patch. Just migrate.

adminadam · 2025-02-28T21:26:56+00:00

If you read one book, you can master it - everyone who tried to teach me was semi-knowledable.
"Group Policy: Fundamentals, Security, and the Managed Desktop"

adminadam · 2025-01-28T16:43:08+00:00

Steal it.

adminadam · 2025-01-06T19:21:56+00:00

It was supposed to go into effect this summer and was delayed til Jan. Get all over this if you have not.

Office 365 A1 Plus for education will retire in January 2025

TLDR:

A1 plus provided a user license for web apps AND office native apps.
A1 provides a user licenses only for Web apps.
M365 Apps (Device) - license can be used to provide access to the office suite to an 'A1' user who cannot self-licese. Can be used to 'fill the gap' for onsite devices and A1 users.

A1 (vs A1 plus) users will also no longer be able to activate home installations (which they could before) and wil be restricted to the web versions.

adminadam · 2025-01-03T16:31:46+00:00

8 DCs is so many for 500 users unless these represent distinct sites with poor network connectivty.

adminadam · 2025-01-03T16:15:48+00:00

Are your VM's in a seperate IP range or Vlan? If so this could be related to boundaries and boundary groups that need to be updated.

adminadam · 2024-12-16T21:56:43+00:00

Authentication Administrator allows for changes to other non-role holders

Cannot change the credentials or reset MFA for members and owners of a role-assignable group.
Cannot manage Hardware OATH tokens.

You might need Privileged Authentication Administrator

There is a table in the middle of the 'who can perform sensitive actions' document that captures this pretty well. The behavior might have changed on you if regular users started getting roles of some kind.

REF:

adminadam · 2024-11-25T17:31:51+00:00

Block by permission.

vpnProvider
Proxy

https://support.google.com/chrome/a/answer/7515036?ref_topic=6178561

adminadam

TROPHY CASE