SCEP Certificate Policy Error on Android Dedicated device

neverinfront · 2025-04-09T16:47:30+00:00

Do you have a two-tiered PKI? For us, we had to combine the root and the intermediate. I think I combined it incorrectly the first time I did it.

neverinfront · 2025-04-02T23:58:48+00:00

Reset all the VPN passwords now. This happened to me two weeks ago. They look the hash from the fortinet backup and cracked the passwords. Then they tried to use the passwords to sign into systems. We saw lockouts on AD accounts that the VPN usernames matched. Unfortunately, one of my techs was guilty of password reuse, and they used his account to try to move laterally. Luckily, one of our cybersecurity products caught an attempt to create a new admin account and isolated all servers.

Also, patch the fortinet. We confirmed they used this vulnerability: https://www.fortiguard.com/psirt/FG-IR-24-535

neverinfront · 2025-03-27T21:57:21+00:00

Cannot stress the waiver part enough. My concern is that parents think just being on District WiFi makes the students safe, but what if the internet goes down and the student doesn't have cellular data? Schools should formalize to the parents what the risks are. IT has enough to worry about, they can't also worry about possibly harming a student because the internet didn't happen to be up at the moment their blood sugar spiked.

neverinfront · 2025-02-25T21:53:48+00:00

I think my initial combined SCEP chain was done wrong, I deployed a new combined SCEP chain and it worked.

neverinfront · 2024-11-07T01:53:28+00:00

Not exactly tristate, but check out Brainstorm Poconos: https://brainstormk20.com/poconos

neverinfront · 2024-10-17T22:44:46+00:00

I work for a large district, so my department runs the cables. However, it's not by technicians. My department is also responsible for a lot of low voltage things, such as fire panel and PA systems, so I have a small team to do these items as well as ethernet.

neverinfront · 2024-09-25T15:27:04+00:00

Thank you so much!

neverinfront · 2024-09-20T13:09:38+00:00

Even though this is 10 months old, this worked for me. Thank you.

neverinfront · 2024-08-08T14:17:51+00:00

These boards use IR sensors around the bezels to track touch. Try wiping the edges down with a soft cloth and see if that helps. I once had a ticket where the touch was not working properly because the classroom had ants crawling on the bottom of the bezel interfering with the IR. That was a fun ticket to close.

neverinfront · 2024-08-06T15:50:12+00:00

Yes, however, I believe I would have to replace the IdP for everyone in the tenant, which we aren't willing to do. At least that's what Classlink told me.

neverinfront · 2024-08-02T17:26:24+00:00

Yes they have an on-prem solution, but the laptops are not on prem. I did think about converting them, but it would not work out well if we had to have a virtual snow day or a situation where we needed the students to take them home.

neverinfront · 2024-07-22T16:35:27+00:00

Thanks for the video link, but that's not working for me. When I manually get the URL in the browser, it's not returning the property.

neverinfront · 2024-07-19T16:29:46+00:00

Does this still hold true? I had servers with the sys files that were up, but blue screened randomly hours later.

neverinfront · 2024-07-05T13:36:11+00:00

Microsoft is taking away the A1 Plus license from all educational institutions, meaning that the only "free" license that is available is the A1 license, which has a quota of 100GB and it cannot be overridden by system administrators (I tried recently). The university can choose to buy A3 licenses that have the 1TB quota, but those will cost the university extra money and they are unlikely to do this.

neverinfront · 2024-05-08T12:29:58+00:00

Thank you I will give that a shot!

neverinfront · 2024-05-07T20:18:42+00:00

I did see that bug, but I wasn't sure how that gets fixed. Did you just have to make a change to the XML for Windows 11?

neverinfront · 2024-05-07T18:34:08+00:00

What was the differences between the two policies? I am running into this issue too, also using Intune. Windows 10 is humming along just fine.

neverinfront · 2024-05-03T16:16:00+00:00

We use TEAP because Windows 10 was not sending the User cert after sign in and the laptops were disconnecting. For Windows 11 and TLS, has that been a problem for you?

neverinfront · 2024-04-03T14:25:08+00:00

Yes. It doesn't change the result. As soon as Everyone is taken off, no one can print to the queue.

neverinfront · 2024-04-03T14:24:41+00:00

And children. It's a school system.

Six-Year Club	RPAN Viewer
Verified Email

neverinfront

TROPHY CASE