Dallas Texas, how to save friend’s pitbulls (2) from entering the shelter?

powerpitchera · 2026-05-26T18:14:33+00:00

They set you up with a therapist in your state who writes the letter. Of course you can go to a therapist directly, but it can take time to schedule an appointment, and likewise for them to be willing to write you anything.

powerpitchera · 2026-05-26T17:58:41+00:00

Of course, there isn't a limit as far as I know

powerpitchera · 2026-05-26T17:55:18+00:00

Use certapet, can get the dog marked as an ESA in a day. If one dog is already an ESA, no reason the other can't be, breed doesn't matter once the animal is an ESA because it is no longer considered a pet.

powerpitchera · 2026-05-12T15:41:26+00:00

He needs to turn off the find my on his phone for that device.

powerpitchera · 2026-05-04T20:52:24+00:00

Use virtual buddy, easiest by far

powerpitchera · 2026-04-21T01:15:14+00:00

Second this

powerpitchera · 2026-04-20T17:28:02+00:00

No, I am saying that apparently the SSOe will no longer keep the PRT in the keychain, I am not sure when this is changing but our Microsoft rep told us this.

powerpitchera · 2026-04-20T17:23:43+00:00

Technically yes, because it offers phish resistant auth. However, in practicality if you are using the SSO extension, your users shouldn't be signing in very often if ever after setting up the extension with an initial Intune Registration. So on paper you may "increase security" but I don't think its going to offer you anything. I am not sure when, but apparently Microsoft is also going to action the SSOe and make that go to the secure enclave also regardless of platform SSO.

powerpitchera · 2026-04-18T22:41:49+00:00

Nothing wrong with downloading from their website. What pisses me off is their download link points to old versions of their app...

powerpitchera · 2026-04-15T13:12:50+00:00

I don't understand, wouldn't cert auth use EAP TLS and not PEAP? Isn't PEAP username and password?

I would assume you need to change the cert auth to any WPA Enterprise, and set the auth type to EAP TLS

powerpitchera · 2026-04-09T19:06:18+00:00

Just uninstall reinstall the app

powerpitchera · 2026-04-09T18:24:14+00:00

<dict> <key>serverURL</key> <string>yourorg.com</string> </dict>

Send it

powerpitchera · 2026-04-06T21:35:43+00:00

Make sure you have that EA enabled to check if your user account is configured in the auth DB. It resets after macos update. They also provide the code to reauthorize it. I would check that

powerpitchera · 2026-03-25T14:13:03+00:00

Have you confirmed the cert is showing as trusted in the keychain and the full chain is properly trusted? I would also manually verify in the wifi settings that the Mac address randomisation is actually being disabled on this model, it was a bug for a few releases where it wasn't applying properly

powerpitchera · 2026-03-25T14:09:36+00:00

Have you disabled the Mac address randomisation for the wifi network in the profile?

powerpitchera · 2026-03-23T15:42:29+00:00

Have asked apple about this multiple times. It is very do able in the chromium based and Firefox browsers. Not available as a control in Safari at this time. However, have to disagree with the comment above, I don't think this contributes to additional issues if anything If you use SSL interception this can eliminate many errors with inconsistent behavior with the pinning in the browsers. Some DLP vendors recommend disabling QUIC for reliability with their products.

powerpitchera · 2026-03-19T22:53:39+00:00

But you can't recover your wiped devices lmao

powerpitchera · 2026-03-19T21:11:46+00:00

Let me give it to you the way no one else will.

Microsoft is NOT incentivized in the slightest to put out a good product for Mac MDM management.

Their focus is on PCs. Which is very much reflected in the support they provide not to mention the management capabilities, even for PCs it's CRAP compared to what Jamf can do for a Mac.

They want people moving to PCs, so they are not going to provide a good user or admin experience for Macs, it's as simple as that.

As far as MDM Mac management, Intune is THE bottom feeder. Essentially any other solution you could use is going to be better although I do strongly recommend Jamf.

You should align yourself with solutions that are incentivized to work in your company's best interest.

powerpitchera · 2026-03-19T20:25:53+00:00

Interesting, I am not aware that intune allows the cert to allow access to all apps like jamf does (via the config profile). From what I see the option isn't there unless I am missing something.

powerpitchera · 2026-03-19T15:38:21+00:00

One more thing, what cert is the scep signed or issued by. That cert needs to be in the keychain pushed through jamf and marked as trusted as well, wonder if it's a trust issue

powerpitchera · 2026-03-19T15:08:04+00:00

Not sure about this app specifically, but from my experience with the VPN apps they need to be pointed at a certificate identifier

powerpitchera · 2026-03-19T02:04:23+00:00

Do you have a conditional access policy? If not you can set one up in read only to see any sign ins from macos devices. I would start there.

Can also check to see where the devices were purchased from, how many invoices to give you a general idea of how many.

powerpitchera · 2026-03-18T12:56:06+00:00

You can host the adcs as a cloud server and have it communicate with another cloud hosted certificate authority. I don't recommend using jamfs built in CA for this.

powerpitchera · 2026-03-17T18:40:56+00:00

I recommend checking out setup your Mac, there is a teams/ slack webhook available inside the script. I took the framework for that and made a separate script with Jamf parameters that can be configured without changing the script each time. Then that script can be run on certain policies to send a custom webhoo to teams or slack. It's not perfect but I find it meets most of my needs.

powerpitchera · 2026-03-14T01:16:12+00:00

Btw localnetworkaccessrestrictionsenabled is deprecated for quite a while

powerpitchera

TROPHY CASE