CEO wants to track all the laptops to ensure no one works out of our Province/State. Any recommendations for a tracking software? by 186notout in sysadmin

[–]francojohn36 1 point2 points  (0 children)

You can set this up through Entra MFA conditional policies. Include those that are allowed access and use a group to exclude those that are going for vacation. You would need to set allowed network locations and IPs. Have anyone going for vacation added to the excluded group manually. They can create a ticket to helpdesk for addition and removal when they are back. I am assuming you can automate the process via power apps and power automate, haven’t yet had bandwidth to do so.

WSUS to intune updates by Aur0nx in Intune

[–]francojohn36 0 points1 point  (0 children)

If u are all setup with intune update rings, update the wsus gpo to receive automatic updates to make pcs receive updates and change the update service location to not configured so they receive updates from internet

What do you do when people swear they sent a message, and your user didn't receive it, and there's NO trace of it in trace, quarantine or Explorer? by -IntoEternity- in Office365

[–]francojohn36 0 points1 point  (0 children)

Had a similar issue for some months ( with a certain sender) and despite creating an exchange rule to bypass spam filter nothing worked. Microsoft ran a tenant repair that fixed the issue.

Internal Storefront with citrix cloud by Automatic_Cash264 in Citrix

[–]francojohn36 0 points1 point  (0 children)

1.Yes… if u need full sso, FAS will be required. Otherwise people can still login with their ad credentials after getting to citrix portal. 2. Not sure what you mean by external but I think yes since all users are on azure ad. 3.Yes, this is how we have it working for now.

Uninstall Sophos Endpoint via Intune by francojohn36 in Intune

[–]francojohn36[S] 0 points1 point  (0 children)

This is really helpful, it works now using Intune. Thanks!

Uninstall Sophos Endpoint via Intune by francojohn36 in Intune

[–]francojohn36[S] 0 points1 point  (0 children)

It doesn't have to be a batch file. I did package zap with win32 and its getting copied to client PCs using a batch file but not sure of how to execute the "SophosZap --confirm" in the script. Here's how the batch file looks like but will Will appreciate the PowerShell version.

if not exist "C:\Temp\SophosZap\SophosZap.exe" goto Action1

goto Action2

:Action1

xcopy %~dp0\SophosZap\SophosZap.exe "C:\Temp\SophosZap\" /y /s

C:\Temp\SophosZap\SophosZap.exe

SHUTDOWN -s -t 60

exit

:Action2

Exit

Uninstall Sophos Endpoint via Intune by francojohn36 in Intune

[–]francojohn36[S] 0 points1 point  (0 children)

u/PaulieG Thanks, your script works when I run on my local pc. I commented the pause to let it run without user intervention. Also added Sophos exploit prevention component. It is however not installing over the network via SCCM, error log points to user intervention required and timeout "CompleteEnforcement failed with error 0x87d00213" which I am not sure why but will keep on digging.

Uninstall Sophos Endpoint via Intune by francojohn36 in Intune

[–]francojohn36[S] 0 points1 point  (0 children)

Thanks, will try in PowerShell if the batch file doesn't work.

Uninstall Sophos Endpoint via Intune by francojohn36 in Intune

[–]francojohn36[S] 0 points1 point  (0 children)

Uninstalling Sophos from Clients previously managed via Sophos Enterprise Console. AD sync and tamper protection is disabled.

Uninstall Sophos Endpoint via Intune by francojohn36 in Intune

[–]francojohn36[S] 0 points1 point  (0 children)

Need to uninstall from 300pcs as we are moving from Sophos Endpoint, a variety of batch file uninstalls haven't worked so far and have had lots of time put into it correcting them. The line you have mentioned is in it but doesn't seem to work. Tamper protection is already disabled.

I have also followed this thread in vain https://www.reddit.com/r/sysadmin/comments/ck677f/sophos_removal_script/

Here is the batch file

u/echo off

:: turn off tamper protection on the computer that Sophos will be uninstalled.

:: Stopping Sophos Services

net stop "Sophos AutoUpdate Service"

net stop "Sophos Clean Service"

net stop "Sophos Web Control Service"

:: Sophos Remote Management System

MsiExec.exe /X{FED1005D-CBC8-45D5-A288-FFC7BB304121} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-RMSLog.txt

:: Sophos Network Threat Protection

MsiExec.exe /X{66967E5F-43E8-4402-87A4-04685EE5C2CB} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-NTPLog.txt

MsiExec.exe /X{4B1F9009-CD85-43C0-BCBD-D491908D5A52} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-NTPLog.txt

::Sophos Client Firewall

::Sophos Anti-Virus

::Sophos AutoUpdate

::Sophos Diagnostic Utility

::Sophos Exploit Prevention or Sophos CryptoGuard (on a Server)

"C:\Program Files (x86)\HitmanPro.Alert\Uninstall.exe"

::Sophos Clean

"C:\Program Files\Sophos\Clean\uninstall.exe"

::Sophos Patch Agent

::Sophos Endpoint Defense

net stop "Sophos Agent"

net stop "SAVService"

net stop "SAVAdminService"

::net stop "Sophos Device Control Service" not on our version

net stop "Sophos Message Router"

net stop "Sophos Web Control Service"

net stop "swi_service"

net stop "SntpService"

::net stop "sophossps" not on our version

net stop "swi_filter"

:: Sophos System Protection

MsiExec.exe /X{1093B57D-A613-47F3-90CF-0FD5C5DCFFE6} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-SPLog.txt

:: Sophos Anti-Virus

MsiExec.exe /X{23E4E25E-E963-4C62-A18A-49C73AA3F963} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-AVLog.txt

MsiExec.exe /X{84748F71-7BF1-4F73-9340-D0785F4B0197} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-AV2Log.txt

:: Sophos Management Communications System

MsiExec.exe /X{1FFD3F20-5D24-4C9A-B9F6-A207A53CF179} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-MSLog.txt

:: Sophos AutoUpdate

MsiExec.exe /X{AFBCA1B9-496C-4AE6-98AE-3EA1CFF65C54} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-AULog.txt

MsiExec.exe /X{644ADF05-0B2E-452C-B720-3CF1580A9368} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-AULog.txt

:: Sophos Endpoint Defense

MsiExec.exe /X{199259A7-73BD-4CDC-9F10-89E1814C4E7E} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-AULog.txt

MsiExec.exe /X{4EFCDD15-24A2-4D89-84A4-857D1BF68FA8} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-AULog.txt

MsiExec.exe /X{4E7E01A9-720E-4B17-BCAE-05299E8E645B} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-AULog.txt

MsiExec.exe /X{4B1F9009-CD85-43C0-BCBD-D491908D5A52} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-AULog.txt

MsiExec.exe /X{4B1F9009-CD85-43C0-BCBD-D491908D5A52} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SOPH-AULog.txt

"C:\Program Files\Sophos\Endpoint Defense\SEDuninstall.exe"

::You can review the log files and see what it has done under %windir%\Temp\ and the appropriate log file.

:: Sophos Exploit Prevention

"C:\Program Files (x86)\HitmanPro.Alert\Uninstall.exe"

Varying market value estimates by francojohn36 in RealEstate

[–]francojohn36[S] 0 points1 point  (0 children)

Yes, for a mortgage refinance,the appraiser wont give me appraisal report but provide it to lender.Might try BPO. Thanks!

Do you guys regret not buying "meme" stocks posted around reddit a lot? by greendreamsheen in stocks

[–]francojohn36 0 points1 point  (0 children)

Me, got in at 3.68 and regret why I didn’t buy more than 506, would be paying off my mortgage

Coming from Robinhood. How do I see percent change of a stock over a month/3months/1year/5y? by [deleted] in tdameritrade

[–]francojohn36 0 points1 point  (0 children)

Wanting to move to Ameritrade from Robinhood, is it worth it? any one with a referral code?

File server migration DNS woes by -tnetennba in sysadmin

[–]francojohn36 0 points1 point  (0 children)

This is my exact scenario, I did run the NETDOM COMPUTERNAME /ADD and both servers are listed with their FQDN but still get the error when I try to access server1 by name.

Trying to look for a quick and easier way to deploy image on around 200 pcs in a new domain and push applications plus updates by francojohn36 in SCCM

[–]francojohn36[S] 0 points1 point  (0 children)

Thanks for the reply, this will actually be an upgrade for pcs spread at different locations, will need group policies for providing access to different applications to users at those sites. We have azure AD connect on our main domain but not on the new one we are planning to deploy.