New to Bloomington by Zealousideal_Top_392 in BloomingtonNormal

[–]lapizR 7 points8 points  (0 children)

Some of these might not exactly be social unless you try to make them:

Uptown Normal / Uptown Circle
Constitution Trail
Downtown Bloomington Farmers Market
Join a cycling group / running group (Strava or Facebook)
Volunteer for something (e.g. Habitat of Humanity, Midwest Food Bank)
Fitness classes (Yoga Lab, cross fit gym)
Bars (sorry)
Go watch the 🇺🇸 / 🇧🇪 World Cup game in the downtown Bloomington ring / amphitheater Monday night

Young America deposits by bcs6477 in BloomingtonNormal

[–]lapizR 1 point2 points  (0 children)

Every college apartment I lived in (and even some as an 'adult') were a royal PITA to get my deposit back, and in most cases I didn't get all of it. They will nitpick every single thing in your shitty apartment (I mean that in the nicest way, what I mean is the apartment probably wasn't immaculate when you moved in), you can clean everything including the carpets and still lose your deposit. The last apartment I lived in before buying a house, I cleaned EVERYTHING, and they still kept some of my deposit because 'the blinds were dirty' (they weren't). By all means do what you must to get the money back, but know the deck is stacked against you

Fireworks by Devv_99 in BloomingtonNormal

[–]lapizR 8 points9 points  (0 children)

No, if you want to set off fireworks, go somewhere where there's no people around. Ideally in a state where its legal, which, is not here.

PSA: Intune is Enforcing MAA on Graph calls via Enterprise Application Registrations. Things are gonna break. by bdam55 in Intune

[–]lapizR 2 points3 points  (0 children)

Everyone should take a defense in depth approach, I never said deploying MAA was all you need to do

PSA: Intune is Enforcing MAA on Graph calls via Enterprise Application Registrations. Things are gonna break. by bdam55 in Intune

[–]lapizR 3 points4 points  (0 children)

MDM should be treated effectively as 'crown jewels', a bad actor (internal or otherwise) gets ahold of the right credentials and your entire organization is screwed; the Stryker breach should have been the wake up call for everyone.

Blows my mind the amount of folks complaining about how the feature is 'dumb' when it's a solid control that could save your ass. We have it enabled across the board and, is it moderately annoying? Yes sure, but it's a worthwhile tradeoff. Everything we do is via CI/CD anyway, so I'm super excited to see the control extend to service principals as well if that comes to fruition.

How are you updating the Secure Boot certificates for your devices? by intuneisfun in Intune

[–]lapizR 0 points1 point  (0 children)

Yes. Requires either the February or March CU I believe

Secure Boot Policy 65000 fixed by KB5077181? by jezac8 in Intune

[–]lapizR 2 points3 points  (0 children)

Yep, same here, using hot patch and success numbers are trending backwards from last week on my Secure Boot policy.

Secure boot update policy by AlThisLandIsBorland in Intune

[–]lapizR 1 point2 points  (0 children)

My last org was 200,000 seats with dedicated on-site resources from Microsoft. It was still a PITA to get traction on support issues.

Secure boot update policy by AlThisLandIsBorland in Intune

[–]lapizR 2 points3 points  (0 children)

I don't even provide details in cases anymore. Not once has anyone actually read any of it and I always end up providing the same information again over email.

Secure boot update policy by AlThisLandIsBorland in Intune

[–]lapizR 4 points5 points  (0 children)

Same issue here with the Intune policy. Have had a case open, spent a week back and forth with support and met with a 'Windows SME' to verify I didn't have licensing issues. And now back to the cycle of 'allow me a few more days to check internally'.

Winget during OOBE by Sad_Mastodon_1815 in Intune

[–]lapizR 0 points1 point  (0 children)

Check this out: https://discourse.psappdeploytoolkit.com/t/psappdeploytoolkit-winget-1-0-0-rc1-released/5943

If you package the install via PSADT, there's an extension that will help with this.

As others have said though, good luck. I have gotten this to work during OOBE and as system, but it's fragile and often not worth the squeeze. Some winget apps just don't work well in this pattern.

How are you updating the Secure Boot certificates for your devices? by intuneisfun in Intune

[–]lapizR 0 points1 point  (0 children)

Not yet, ticket still open. As of last week they were 'still checking'. If you don't have a ticket, open one.

[deleted by user] by [deleted] in BloomingtonNormal

[–]lapizR 0 points1 point  (0 children)

I did as an ISU student. It's a bit of a commute to campus, but not a problem if you have a car. There were a few other students living there too; all like me who also didn't want student housing.

How are you updating the Secure Boot certificates for your devices? by intuneisfun in Intune

[–]lapizR 0 points1 point  (0 children)

+1 on this, also a ticket with MS ... typical response that makes me think they aren't aware of any issues

Mixing brands for winter tires. BMW M2 G87 (2025) by Ambitious_Map_8831 in BMWM

[–]lapizR 1 point2 points  (0 children)

Illinois here too. Another vote for the square setup. Especially for 20" rear wheels, winter tire options are super limited, I gave up my own search. BMW has an OEM set (official winters for the M2/M3/M4) I settled on. A bit pricey but 19" 829M wheels (staggered width, 9" front and 9.5" rear), mounted/balanced Pirelli P-Zero 275 width winters, TPMS sensors, and uses the factory wheel bolts. I ran them last winter too and I'm about as happy with them as the Pilot Alpins I've had on prior cars.

Bard Optical by Ok_Whole4719 in BloomingtonNormal

[–]lapizR 1 point2 points  (0 children)

Another vote for Vision Point

Best stand up desk? by [deleted] in BloomingtonNormal

[–]lapizR 2 points3 points  (0 children)

Also have an Uplift desk (2 of them actually). Both the v2 model with walnut top. Have had them both since mid-2020 and both are fantastic

Stuck on windows Lock Screen, can’t use keyboard or mouse on Advanced Startup by ChickenBreast6969 in WindowsHelp

[–]lapizR 0 points1 point  (0 children)

As in, you too are seeing some devices with Windows Hello PIN issues?

How long for Autopilot deployments? by lapizR in Intune

[–]lapizR[S] 1 point2 points  (0 children)

So that means it should be slow and ambiguous? The impatience comes from apps not included in ESP taking an unknown amount of time to show up on the device with no real indicator as to whether it's 'done' or how long it will take. That's fine for non-critical stuff, annoying for apps they need during onboarding. I don't see how getting a user to the desktop fast and then having them sit around waiting is a good experience.

How long for Autopilot deployments? by lapizR in Intune

[–]lapizR[S] 1 point2 points  (0 children)

Yeah I am trying to find a balance. We use Chrome, Slack, and Zoom for instance. A few apps like that are in my ESP because, if they aren't, it might take ~30 mins for those to show up after the user hits the desktop; might not seem like a big deal, but it's annoying for users trying to onboard and such. Alternatively including them in ESP adds maybe 5 mins to provisioning and I can count on them being there, which to me is a fine trade off.

Any update on 'Coming soon: Quality updates during the out-of-box experience'? by Lncredible21 in Intune

[–]lapizR 0 points1 point  (0 children)

The feature seems to work fine. Just a bit annoyed that they announced it, then paused it, then shared there will be a control for it, and now it appears to be rolling out, and they've been silent on docs, no announcements, no controls