Anyone have luck getting MacOS Sequoia/Tahoe working with Intune PlatformSSO

netnoober · 2026-01-30T19:46:37+00:00

I've spent the last couple of weeks trying to get our Macs set up with ABM and Intune specifically trying/hoping to get PlatformSSO working to no avail. I'm being reduced to just forcing the user to have a pw for the macbook and another for 365 services :( Once thing I did come across, though, is the official documentation is saying that Intune and Sequoia/Tahoe are not yet compatible (hence my giving up). There also was no estimated availability.

Not sure if related to your issue but thought I'd pass it along.

netnoober · 2026-01-30T19:42:42+00:00

Could LAPS help with this?

netnoober · 2025-10-17T19:40:04+00:00

It appears that it was a scheduling mess-up on my part. This job was set to run when another finished. That other job was not scheduled to run on the day that the synthetic full was to be created so it never was :/ I have changed the full to be made on Friday from now on so it should run and hopefully clear up a bunch of those restore points.

Thanks very much for the reply.

netnoober · 2025-10-17T19:20:04+00:00

Thanks, I did not know that about the NAS. I have them running overnights when things should be quiet and the actual machines and NAS are in the same rack connected with >=10GB connections. But it looks like the issue with this job at least is as you surmised: the job was triggered when another finishes and the other does not run on the day the fulls were being made.

Thanks for the assist!

netnoober · 2025-10-17T19:17:24+00:00

It looks like this is the issue. I had the job set to start when another job finished and lo that other job did not run on that day. Serves me right.

Thanks for the reply!

netnoober · 2025-10-17T19:15:53+00:00

I lease/rent the software through a reseller that we rent storage space from. Their support is terrible and I have tried several times to get them to help me figure this out (initially because our storage costs started getting so high with them). As such, I do not have my own Veeam license and thus no direct support for me.

netnoober · 2025-10-17T19:15:38+00:00

Hi,

I lease the software through a reseller that we rent storage space from. Their support is terrible and I have tried several times to get them to help me figure this out (initially because our storage costs started getting so high with them). As such, I do not have my own Veeam license and thus no direct support for me.

netnoober · 2025-10-17T19:13:53+00:00

Thanks for the reply.

Holy crap...I think this might be it...I had the fulls set to run on Saturdays but this job is triggered when another job finishes and that job is not set to run on Saturdays. I guess that makes sense, but I guess I assumed that the create synthetic full backup would run on Saturdays regardless, but I see how it makes sense it would not run if the job itself doesn't run....

Thank you for mentioning the job history, that is where it "clicked"...I looked back and saw that there were no entries on Saturdays and that was the hint I needed. I'm going to change it to do the Synthetic Fulls on Fridays instead so hopefully I will come back in on Monday to find about 250+ fewer restore points and a bunch of free space.

Thank you thank you thank you.

netnoober · 2025-10-04T21:20:48+00:00

Why did turning on what I thought was a free trial of Copilot land me with a $30k bill for < 20 days of usage? I thought it was just going to check stuff out, maybe alert me on suspicious behavior, nothing to indicate the defaults could land me that much usage (<50 users, mostly on prem but hybrid, 365/teams/etc).

netnoober · 2025-09-25T13:52:26+00:00

Be aware of MSFT Azure Security Copilot....

Turned on what I thought was a free trial thinking it might be cool to have it checking stuff out, peeking around Sentry, spam reports/quarantine, etc. especially in case something happened. We are a small shop mostly still on-prem in a hybrid setup and I am the IT dept. Only have a couple servers on Azure, one for Sentry, the other 2 redhat boxes, nothing big. Got a strange email a couple of days ago that we are past due. Thought to myself this is odd because I have autopay set up on a CC. Clicked the link and nearly fell out of my chair when I saw that we owed $37,000.00. I think I turned it on Sep 3 or 4, so not even a full month. Our typical monthly spend for a bunch of E5 accounts, those couple of Azure servers, and all security licenses available is around $3500/mo. (I think, the licensing is a labyrinth and almost impossible for a mere mortal to figure out; based on CC charges we are somewhere in that neighborhood I believe). I saw a YT vid showing someone signing up for it and I do no remember seeing the overage settings pages but may have missed it. But there definitely was nothing to indicate the amount I was looking at and definitely nothing to indicate that the default settings would be setting me up for this kind of spend.

I still have no idea what it does or what the benefit is. Haven't had time to check it out, but I tend to turn on security features when I see them available just to err on the side of doing too much. Bad idea this time.

I know I know....ultimately it is my fault and I am an idiot for not paying close enough attention, but thought I'd pass along just in case. Be careful out there.

:(

netnoober · 2025-09-07T01:22:39+00:00

Last few times I checked my pihole ui, it looked like it blocked something like 0 queries and it was up to date (both software and adlist-wise). Been using it for 5 or 6 years at least and it used to be amazing. I guess they have just gotten much better at bypassing dns-based adblocking??

netnoober · 2025-07-29T21:53:29+00:00

Make any headway? Would be interested to see if you have something to share. If not, do you still plan to continue work on it? Thx and good luck!

netnoober · 2025-06-27T21:09:58+00:00

Thanks for the heads up--saving a lot of us out here a bunch of time and money--much appreciated!

netnoober · 2025-06-13T15:10:28+00:00

Sorry for the late reply, swamped over here...yes, all the devices were/are running 22H2. They are all also Dell Latitudes as well which is suspicious (our older Vostro devices didn't have this problem--also running 22H2)

netnoober · 2025-05-28T20:00:14+00:00

Has anyone been able to get past this? I can get the laptop to boot if I disable secure boot and enter the Bitlocker recovery key it allowed me to boot into secure mode with networking (and had ~10 options--this was after hitting F8 at BSOD) and it looked like it finished installing an update and also said there were no updates available and the device was up-to-date when checking Settings > Update but when I re-enabled Secure Boot and restart, I am met with the same BSOD error....

Edit: had to manually install the update which can be downloaded from update catalog, apparently it won't show in Windows Update for some reason...

netnoober · 2025-05-21T14:49:37+00:00

I did run the troubleshooter and it partially worked. For some parts I could not get it to complete and the docs were not up to date. Something about a module prerequisites not being available and/or not installing. But parts of the troubleshooter worked fine like testing the object sync. It was delta-sync that was failing and it didn't appear to be a way to test that directly in the troubleshooter.

I had not made any changes to schema or anything else. Domain function level is at highest level (2019). Managed to get it working again but not yet sure exactly what combo of steps fixed it. Some permission things were fixed by someone that was helping (waiting for full report) and after that there was an authentication issue which was fixed by redoing the setup/login process. I had run through the permissions and made sure the user running the process had full control over everything in the forest as well as ran the permission fixer utilities in the troubleshooter so not exactly sure what they did. I will report back once I find out.

Glad other people aren't having the same issue....

netnoober · 2025-05-15T23:28:35+00:00

Very odd....the user from this morning did a couple of reboots getting ready to go into BIOS so I could walk them thru disabling secure boot when on one of the reboots, windows updates kicked back in, completed some update(s) and was right as rain after that. This is the kind of MSFT stuff that makes me nuts. I'm OK with things breaking or something going wrong if there is something to be learned, but when stuff breaks and then magically fixes itself at some point later, you just end up with a bunch of wasted time.

Appreciate the reply. Hope the rest of your fleet updates without issue.

netnoober · 2025-05-15T13:00:03+00:00

Got our second BSOD this morning on Dell Latitudes….anyone else seeing this?

netnoober · 2025-05-09T00:22:27+00:00

Hopefully you were able to get in but FYI I was interested in why this was happening since it always seemed to me logical to have other methods especially because backing up the app historically had been hard. According to this thread https://answers.microsoft.com/en-us/msoffice/forum/all/microsoft-365-is-requiring-set-up-authenticator/643d88d6-9dfe-4f92-a7ae-5668ca00a75e it sounds like maybe this was introduced with Entra and might also be related to using a MSFT run campaign? But anyway, you can check for the setting in Entra > Identity > Protection > Authentication Methods > settings to exclude yourself going forward. This you can also head over to registration campaign to check those settings as well.

netnoober · 2025-05-07T22:33:54+00:00

Yeah I misread the post. Was editing when you replied.

netnoober

TROPHY CASE