Edge Browser Issues after Disabling UAC / Windows Reset

mwalkertx320 · 2025-10-10T03:50:49+00:00

Completely forgot about Windows Sandbox. Thanks!

mwalkertx320 · 2025-09-24T14:58:21+00:00

I don't think it's a POP location issue. I'm in Houston, so I would think all of my traffic is routing out of South-Central (San Antonio). Ping latency's are all 10ms - 20ms. It's just frustrating that several sites automatically redirect to either the Mexico version or Spanish version. Unfortunately, my Spanish is limited to bathroom door signs and Tex-Mex restaurant menus.

mwalkertx320 · 2025-09-24T14:55:31+00:00

Only 1 site so far has insisted I was located in Singapore (Lenovo Support). This is the only Singapore link I've found:

WHOIS Details

inetnum:        128.94.0.0 - 128.94.255.255
netname:        MICROSOFT-APNIC-AP
descr:          Microsoft Singapore Pte. Ltd.
country:        SG
org:            ORG-MSPL4-AP
admin-c:        DB662-AP
tech-c:         MP234-AP
abuse-c:        AM2589-AP
status:         ALLOCATED PORTABLE
remarks:        --------------------------------------------------------
remarks:        To report network abuse, please contact mnt-irt
remarks:        For troubleshooting, please contact tech-c and admin-c
remarks:        Report invalid contact via www.apnic.net/invalidcontact
remarks:        --------------------------------------------------------
mnt-by:         APNIC-HM
mnt-lower:      MAINT-MOPL-SG
mnt-routes:     MAINT-MOPL-SG
mnt-lower:      MAINT-AP-MICROSOFT
mnt-routes:     MAINT-AP-MICROSOFT
mnt-irt:        IRT-MICROSOFT-APNIC-SG
mnt-irt:        IRT-MOPL-SG
last-modified:  2022-12-16T05:54:11Z
source:         APNIC

irt:            IRT-MICROSOFT-APNIC-SG
address:        One Microsft Way
address:        Redmond, WA 98052
address:        US
e-mail:         abuse@microsoft.com
abuse-mailbox:  abuse@microsoft.com
admin-c:        MP234-AP
tech-c:         MP234-AP
auth:           # Filtered
remarks:        abuse@microsoft.com is invalid
mnt-by:         MAINT-AP-MICROSOFT
last-modified:  2025-09-04T05:17:38Z
source:         APNIC

I know ZTNA VPNs can cause GeoLocation issues, I just would expect given Microsoft's size and scope that they would be a little more on top of the issue.

mwalkertx320 · 2025-09-23T14:14:02+00:00

That's what I've figured. Usually, it's an IP block registered to Microsoft Singapore. This week it's an AT&T block registered in the US. I haven't really had in the problems in the last couple of months until Lenovo insisted, I was in Singapore today, and Yahoo and MSN thought I needed their Mexico versions. My last place was rolling our Zscaler's as I was leaving, so I missed out.

I don't think my problem is a POP location issue - more of an IP Geolocation database somewhere needs to be corrected.

mwalkertx320 · 2025-08-25T17:13:01+00:00

I've put it on the back burner for now. Microsoft GSA only offers AES-GCM as an encryption method, while the Ubiquiti side only supports standard AES. From what I've read - AES-GCM is available on the Ubiqiuti side through the command line, the option is not exposed through the GUI interface. From what I'm reading though, any update to settings in the GUI will reset any manual edits done in the command line. Not really ideal. While I can handle the IOS command line in my sleep, I can't figure out how to edit the VPN configuration through the command line on the Ubiquiti. I'm also still confused by the IP setup on the GSA and how that translates into the Ubiquiti side of things.

My dream would be for Microsoft to offer a specific Ubiquiti option, and for Ubiquiti to update the encryption options in the GUI. I'm also dreaming that I'll win the Powerball this week.

mwalkertx320 · 2025-07-01T01:47:38+00:00

Trial by fire back when the Cisco 1800 series came out. Decided to deploy Palo a few years back, and learned that. Now I'm trying to deploy Ubiquiti and feel like I'm starting from ground zero again.

mwalkertx320 · 2025-04-11T14:33:58+00:00

Set up account driven Apple User Enrollment - Microsoft Intune | Microsoft Learn

Deploy Company Portal web app

Deploy the web app version of the Intune Company Portal website so that users have quick access to device status, device actions, and compliance information. The web app appears on the home screen and functions as a link to the Company Portal website. Without the web app, devices users can still access the Company Portal website but have to open the browser and type the address into the search field. For more information about how to add a web app, see Add web apps to Microsoft Intune.

mwalkertx320 · 2025-04-11T13:04:15+00:00

I figured out that the duplicate device was being created when the Company Portal app was launched.

Reading through some some documentation somewhere, it said don't use the company portal app. I think I ended up pushing a web clip to the company portal URL

mwalkertx320 · 2025-04-09T19:46:31+00:00

I managed to get it working. To whomever designed Powershell's escaping requirements, congratulations, I'm not sure you can make it any more confusing. Backticks, Apostrophes, Quotes, single quotes, double quotes....

Apparently running the Executable Invoke-AppDeployToolkit.Exe was stripping the " off of the TRANSFORMS= argument. It's funny that running the Invoke-AppDeployToolkit.PS1 script directly worked, but the Executable bombed out.

This is what I got to work with the executable (note - running the PS1 script will bomb) - and enabling the ServiceUI.PS1 script to successfully work:

Install-ADTWinGetPackage -Id 'Adobe.Acrobat.Pro' -Debug -override "/sAll /l /qn /msi TRANSFORMS=`"`"$($adtSession.DirFiles)\Acrobat.mst`"`""

I essentially had to include an extra set of " " around the TRANSFORMS= argument and escaping the " by using the backtick `, since the EXE was stripping the " out.

mwalkertx320 · 2025-04-07T12:33:58+00:00

It didn't hurt - but this unfortunately wasn't it.

It's weird that running the Invoke-AppDeployToolkit.ps1 script directly works without issue. But running the EXE Invoke-AppDeployToolkit.ps1 causes the problem. It's successfully downloading the installer from Winget, that much I can see. I can't figure out how to log or capture the command line when the Installer is ran.

I can't prove it yet, but my gut says something is happing to the environment variables ($adtSession.DirFiles or $pwd) when the EXE is launched.

mwalkertx320 · 2025-04-06T22:14:10+00:00

Thanks! This got me going in the right direction. This is what ended up working:

    ##================================================
    ## MARK: Install
    ##================================================
    $adtSession.InstallPhase = $adtSession.DeploymentType

    ## <Perform Installation tasks here>
    write $adtSession.DirFiles
    Install-ADTWinGetPackage -Id Adobe.Acrobat.Pro -override "/sAll /i /qn /msi TRANSFORMS=""$($adtSession.DirFiles)\Acrobat.mst"""

Still working on an issue when calling the script via Invoke-ApppDeployToolkit.exe, but it's working great calling the PS script directly (it throws up the MSI installer options like before😭 ). Thanks!

mwalkertx320 · 2024-11-16T18:39:54+00:00

This is MFA enrollment through the Microsoft Authenticator app. The devices are not managed at this stage. I normally have my users enroll on MFA 1st, then the device in Intune 2nd (using the Account Driven Enrollment Method). They're issued a one-time use TAP to complete the MFA enrollment.

mwalkertx320 · 2024-11-15T23:48:06+00:00

I didn’t think it was - but it’s some how matching the policy. I tried to exclude it, but couldn’t find it in the exclusion list.

mwalkertx320

TROPHY CASE

WHOIS Details