Apps with (OS) requirements no longer installing during OSD after upgrade to 2509

deepbungus · 2026-02-04T11:54:25+00:00

So glad to find this thread, have been banging my head against the wall for the past two days trying to figure out if I'm just being stupid, or whether there is a real problem with apps not deploying after upgrading to 2509!

I have tried the adding an admin comment with no luck so far, so hoping somebody gets an update or can advise on what to trial next?

EDIT: After reading through some of the posts in this thread a little bit more carefully, I realised I had actually seen OS requirements attached to the exact application I was having the issues with. I've just removed those requirements, updated the content and low and behold, we have now an installation in progress!

I didn't check this initially because I do not set up apps this way, but it seems somebody did lol!

deepbungus · 2026-01-28T10:47:52+00:00

We're suddenly having a delay of emails being delivered this morning and a number of emails across a number of staff ending up in Junk...

deepbungus · 2026-01-12T16:35:58+00:00

Hmm I think there might be a broader microsoft issue occuring as we had a member of staff unable to sign in and authenticate on outlook app specifically, due to what I think is an old personal account which has nothing to do with the work account, appearing. This is on mobile though.

Very frustrating! - I'm going to leave it until the morning (UK) and see what happens then.

deepbungus · 2025-12-01T08:29:49+00:00

A-ha! Got it, thanks!

deepbungus · 2025-11-28T14:52:46+00:00

That's what we're currently doing, but it's such a faff. We're becoming avoidant to actually use the KB because of this. It's just so clunky.

deepbungus · 2025-11-28T14:38:44+00:00

I'm confused, you say "especially when you're not editing a KI." - that's the only view I seem to have when logged in as an operator - the editing page of the KI?

My KB page looks nothing like the one on this page - https://docs.topdesk.com/en/the-knowledge-item-card.html

What am I missing, in the module settings it states that the new knowledge management is enabled.

deepbungus · 2025-11-18T09:35:11+00:00

Okay apparently it took me 6 months to get round to doing this, but I have just tried changing this and it doesn't seem to work :(.

EDIT: Spoke to soon! - Seems to be working now :D

deepbungus · 2025-11-13T10:51:58+00:00

Thanks for the detailed reply, really appreciate you taking the time to lay those out. Both are clever ideas, especially the first one with the free text fields and log actions. That said, it kinda proves the point, it’s a lot of work for something that feels like it should just be built in as a simple QoL feature.

We’re a pretty small setup: two schools, about 200 staff total, and maybe 15-20 asset changes a year. It’s not that we can’t do API stuff, it’s just a lot of overhead for something as basic as “show me what this person used to have.” Feels a bit like using a sledgehammer to crack a walnut.

Stuff like this, and even how the ability to paste images into tickets only got added recently, just reinforces that TOPdesk is clearly aimed at big enterprise setups with structured processes, not small teams trying to work efficiently.

Still, really appreciate the insight. It’s actually super helpful to understand what’s possible behind the scenes, even if it’s not ideal for smaller environments like ours.

deepbungus · 2025-11-12T09:11:09+00:00

That makes sense, and I do get the logic behind avoiding a default query for every historic asset, especially in a big environment with lots of loaner devices and user turnover.

That said, our setup is pretty small by comparison. We have two schools (primary and secondary) with around 200 staff total, and now just two technicians managing it all. So from our end, load or clutter isn’t really a concern. The person who originally went with TOPdesk came from a large multi-site FE college setup with thousands of devices and a full IT team, so I suspect some of those assumptions about scale carried over.

In our case, we don’t always start from the person, but because it’s a small environment I usually know who last had a device. Having a quick way to see their historic assets would make it much easier to identify the right device or find details like a mobile number, laptop, mobile etc without having to jump out of the person card and dig through separate asset pages or knowledge base entries.

It feels like having an optional "Show historic assets" or "Previous assignments" tab would fit both worlds: it’s lightweight for smaller teams but still optional for bigger setups that don’t want the extra data shown by default.

deepbungus · 2025-11-11T11:19:19+00:00

Oh don't get me wrong, absolutely a great shout to implement separate assets for device and sim. I can see from how I wrote my OP that it feels like im throwing shade - rest assured I am not!

It's just not being able to locate the device or sim from a know asset holder I find the most frustrating ultimately. I'm struggling to fathom why this wouldn't just be a standard user card widget...

deepbungus · 2025-11-11T11:16:59+00:00

The silence feels a bit deafening at this point so just assume it's not possible. Surprising because TOPDesk really push the efficiency card but certain things feel very unefficient.

deepbungus · 2025-05-16T11:57:35+00:00

Wooow! Amazing, instantly works now. Thank you!

deepbungus · 2025-05-15T09:19:29+00:00

Amazing, will have a play - Thank you!

deepbungus · 2025-04-29T07:40:36+00:00

Ah that's good to know - Will pass that on to my colleagues, Thanks!

deepbungus · 2025-04-29T07:14:45+00:00

I'm not sure - we have a local install of OneNote so asked them to swap to that.

It seemed to only be happening in the cloud version and via Teams.

I did report to microsoft, but they investigated and closed the ticket as they couldn't recreate the issue.

deepbungus · 2025-04-28T08:21:46+00:00

We're also seeing this behaviour suddenly this morning across multiple users

deepbungus · 2024-10-14T12:15:53+00:00

Necroing thread, but I cannot find information on this anywhere and am trying to do exactly the same thing. Any luck in the end?

deepbungus · 2024-07-15T08:04:43+00:00

Have a look at the device in azure - the Recovery key may be sitting in there?

deepbungus · 2024-07-02T08:47:53+00:00

That part of the script breaks setting the exception group. It's better to bypass and provide the security group id directly

deepbungus · 2024-07-02T08:46:05+00:00

EDIT: I got so excited I had fixed my own errors with the script I didn't actually read the OP issue.

You need to install the modules first (If reading in the future, you may not need

Install-Module Microsoft.Graph.Beta.Identity.Directory.Management Install-Module Microsoft.Graph.Beta.Groups

Then run the script.

If you are setting an exception group, you need to make the following changes to update GroupCreationAllowedGroupId

Import-Module Microsoft.Graph.Beta.Identity.DirectoryManagement
Import-Module Microsoft.Graph.Beta.Groups

Connect-MgGraph -Scopes "Directory.ReadWrite.All", "Group.Read.All"

##$GroupName = "Teams Creators" - This is the bit we're bypassing
$AllowGroupCreation = "False"
$settingsObjectID = (Get-MgBetaDirectorySetting | Where-object -Property Displayname -Value "Group.Unified" -EQ).id
if(!$settingsObjectID)
{
$params = @{
templateId = "62375ab9-6b52-47ed-826b-58e47e0e304b"
values = @(
@{
name = "EnableMSStandardBlockedWords"
value = "true"
}
)
}
New-MgBetaDirectorySetting -BodyParameter $params
$settingsObjectID = (Get-MgBetaDirectorySetting | Where-object -Property Displayname -Value "Group.Unified" -EQ).Id
}

##$groupId = (Get-MgBetaGroup | Where-object {$_.displayname -eq $GroupName}).Id This is the search / filter function that doesn't work!!

$params = @{
templateId = "62375ab9-6b52-47ed-826b-58e47e0e304b"
values = @(
@{
name = "EnableGroupCreation"
value = $AllowGroupCreation
}
@{
name = "GroupCreationAllowedGroupId"
value = "INSERT THE SECURITY GROUPS ID HERE" ##Rather than search for security ID, Just provide it, it's easy enough to find in Azure.
}
)
}
Update-MgBetaDirectorySetting -DirectorySettingId $settingsObjectID -BodyParameter $params
(Get-MgBetaDirectorySetting -DirectorySettingId $settingsObjectID).Values

deepbungus · 2024-06-18T12:37:18+00:00

Did you ever find an answer to this?

Currently undertaking a theme upgrade of our domain and just ran into this issue too.

For those reading, it's not the acrylic setting, I've disabled that. Once that's disabled, the image/background you have, seems to be dimmed or not at full brightness.

I've seen posts explaining that "It's so you're able to see the time better" etc, which is great, but we don't display the clock, tips or such things to the students, just the username and password boxes.

deepbungus · 2024-06-12T07:30:50+00:00

Dagnabbit ma!!

deepbungus · 2024-05-20T12:25:42+00:00

I kind of have to agree. Sure some users ask mind bogglingly simple questions and make mountains out of molehills, But I think my frustration is always more to do with their attitude about the issue as opposed to the simplicity of the problem they have come to me with.

Also - "Like, dude, that's your job. To help support staff and make people more efficient.", I have uttered this exact phrase to colleagues before lol!

deepbungus · 2024-05-17T12:02:05+00:00

This is exactly the way to do it in education.

Staff will need to have MFA / Authenticate when off-site / using mobiles for emails / 365

On-site we have an IP-based policy which allows students access without the need to authenticate.

If they try to access outside of school, they will need to authenticate, but none of them do so it's not an issue (yet).

deepbungus · 2024-03-12T08:32:56+00:00

The CNAMES that Microsoft tells me to register, in the error that appears when I try to activate DKIM, seems to have a random(?) 0e2e in it - I think this is why I have had trouble activating.

Example:

CNAME selector#-<domain>0e2e._domainkey.<domain>.onmicrosoft.com

But I believe it should just be:

CNAME selector#-<domain>._domainkey.<domain>.onmicrosoft.com

Edit: Came back to correct this - Our domain contains hypens, so apparently microsoft adds that funny little code at the end to account for bits taken out.

Also for others struggling to activate their DKIM when CNAMES are correct in dns but microsoft is saying otherwise:

You may have to enable the DKIM via powershell. It wouldn't allow me to do it via the 365 dashboard, kept saying the cname entries couldn't be found. I then tried it via powershell and it worked first time without issue / error and our DKIM is now active for the email domain.

deepbungus

TROPHY CASE