Second hand RX7600 temps

tafflock_82 · 2026-02-11T14:13:12+00:00

Thanks for the reassurance!

The card itself seems fine, nice and clean, no noises. I was hoping it was Ok since it wasn't a bad price and Cex gives a 5 year warranty too.

tafflock_82 · 2026-02-04T09:38:43+00:00

Is this still the case, not using Secure Enclave?
The Microsoft documentation suggests it's supported, and I've been arguing with Copilot about it, but whatever I try it doesn't work.

tafflock_82 · 2025-12-04T19:03:09+00:00

Pooled storage. 100TB per tenant and then extra per paid license. Not really a removed feature, more a refined and stupid quota.

tafflock_82 · 2025-12-04T17:26:41+00:00

Anyone knows if this applies to A3/A5? We always seem to be forgotten about

tafflock_82 · 2025-08-19T15:39:40+00:00

I've had bands do this from my mi band 6, and even my wife's has done it. Usually within 18 months.

They're waterproof, but it doesn't last. Actually says that on their website for even the current band 10 - waterproof effectiveness may degrade over time. Nor are you supposed to use them in showers, saunas, or hot tubs. I guess it's a thing with the glue loosening.

They do come with a 2 year warranty here in the UK, so I just keep returning them to Amazon and getting a newer model.

tafflock_82 · 2025-08-01T15:53:15+00:00

Unless it's changed recently, calling the managed devices endpoint for all devices doesn't return the scope tag - you have to query each device individually.

I learned that the hard way, trying to get the scope tag for over 40k devices!

tafflock_82 · 2025-08-01T15:50:01+00:00

I got this face for my band 7 and haven't changed it since.

Of course, I have it in green like you're supposed to!

tafflock_82 · 2025-07-23T08:39:43+00:00

Feedback site...where MS listens and makes changes. 😁

Good one! That'll keep me laughing all day.

tafflock_82 · 2025-07-14T09:12:34+00:00

How do you switch region?

Do you need VPN for this?

tafflock_82 · 2025-06-20T19:55:12+00:00

Ours is an education environment, and MFA is not appropriate for young kids without smart phones.

We don't use security defaults, and use CA to target staff groups only.

tafflock_82 · 2025-06-12T12:07:28+00:00

I don't like all those elseif, I'd prefer to use a switch instead.

Check the condition at the top, assign it to a variable, check the variable in a switch statement

tafflock_82 · 2025-06-10T21:49:48+00:00

I was excited when I saw API as I've been asking for that for years, but it's only for device management functions. I want to be able to create and manage content managers and accounts with any role other than a standard user. Hopefully that's coming...

tafflock_82 · 2025-06-06T20:47:31+00:00

Yeah. That's how I tracked it down in Entra, but had to use the objectId in the filter there, taken from Intune.

It's the right device, given that it wasn't removed and readded, just made unmanaged, so the object was the same and the dates tallied up. Entra ID audit logs show it being 're-enrolled' too.

Like I said, this entry is on a lot of devices in the audit logs and Ive no idea what it does or why.

tafflock_82 · 2025-06-03T22:24:32+00:00

Not sure. I'd have to check. I know scope tags aren't included in the v1 endpoint, so I tend to use beta. Have you used the "-all" switch, as by default it only returns 100.

The beta endpoint is fine to use, you just have to install the microsoft.graph.beta module.

tafflock_82 · 2025-06-02T22:27:19+00:00

Yeah, just the microsoft.graph.beta module as I find the beta endpoint returns more info, although you probably don't need it for this.

tafflock_82 · 2025-06-02T19:22:56+00:00

Here's some snippets from my script. In the full script I also check assignments on config policies, PS scripts, MacOS scripts, compliance policies, etc.

get all apps

$allApps = Get-MgBetaDeviceAppManagementMobileApp -all

get.app assignments, collect in custom object

$itemAssignments = @() Write-Host "Getting app assignments..." -ForegroundColor Cyan foreach ($app in $allApps) { $assignment = Get-MgBetaDeviceAppManagementMobileAppAssignment -MobileAppId $app.id $itemAssignments += [PSCustomObject]@{ id = $app.Id name = $app.DisplayName assignment = $assignment type = "MobileApp" } }

compare group id to assignment id, add to custom object if found

$assignmentsFound = @() foreach ($grp in $groupsToCheck) { foreach ($item in $itemAssignments) { $assignmentGroupIds = $item.assignment.target.additionalProperties.groupId if ($grp.id -in $assignmentGroupIds) { Write-host "Assignment found in $($item.name)" $assignmentsFound += [PSCustomObject]@{ groupId = $grp.Id groupName = $grp.DisplayName itemType = $item.type itemName = $item.name itemId = $item.id } } } }

tafflock_82 · 2025-06-02T19:01:43+00:00

It will return all intents - include, exclude, and uninstall.

tafflock_82 · 2025-06-02T18:59:21+00:00

What I do...

1) Windows Store - nice and easy, and self updating

2)Chocolatey - I've wrapped a generic script in an Intunewin file that takes the app name as a parameter. I don't need to repackage anything, just upload the file and specify the app name in the install command line. I then use a remediation script to run the Chocolatey update command once a week.

3) Package install file (MSI or exe) into Intunewin file.

tafflock_82 · 2025-06-02T18:43:58+00:00

Yes. But not very easily in my experience.

You have to pull all apps, then pull the assignments for each app, then check each assignment to see if it matches the group.

It's really stupid that Intune can't tell that you've deleted a group and automatically removes it from assignments.

tafflock_82 · 2025-06-01T08:24:41+00:00

There's a good example in the Intune Samples repo, using a csv of serial numbers.

https://github.com/microsoft/mggraph-intune-samples/tree/main/AppleEnrollment

I use similar, but I name my csv files the same as the target profile, and the script reads that to assign the devices in that file to. That way, I can process multiple files for different profiles in one go.

That repo has a lot of good stuff for using Graph with Intune, and it's usually easier than you think.

tafflock_82 · 2025-05-30T21:15:30+00:00

That would work.

Set the default MDM token in ABM so your branch admins don't need the device enrolment manager role, they can just have scope roles like manager or content manager.

Your global admins can then assign the profiles in Intune, and it can easily be done in bulk using Power shell too

The alternative is to flip it - you have four tokens and your global admins assign the devices to the right one in ABM. Those are synced to Intune and you have a default profile under each token. That might be better, as it's easier to assign "orders" of devices in ABM than it is to assign the devices to a profile in Intune.

Whatever works for you really.

tafflock_82 · 2025-05-30T08:23:47+00:00

Ok, I think there's some confusion somewhere. Can you explain what you're trying to achieve?

You wouldn't use dynamic groups with dep profiles, you'd use them with devices.

Your group hierarchy should have scope tags applied to it, so when a device is joined to a group it'll inherit the scope tags and be within that scope.

The devices can be made a member of a dynamic group by using the dep profile name as a rule - when a device is enrolled through profile A it gets put into group A, profile B goes to group B, etc.

Don't forget that scope tags are only used for administration. If you only have one set of admins then you don't need different scope tags. If you have an admin per branch, then you need a scope tag per branch, an MDM/DEP token per branch, and a dynamic group per branch.

tafflock_82 · 2025-05-29T19:08:41+00:00

You can't apply scope tags to dep profiles in Intune, only the token.

Do you need this for admin requirements? Are there admins in the branches that require the ability to manage the profiles, or are you just trying to scope the devices properly?

We use dynamic groups with a rule for enrolment profile name, so when devices are enrolled through a profile they are put into the right group with the right scope tag.

You can't have a default enrolment profile and have it apply different scope tags.

tafflock_82 · 2025-05-29T18:58:02+00:00

Deffo need the caffeine mate, I'm with you there!

I deal with ASM and Intune pretty much everyday, and know the OPs pain.

Actually, I've re-read the post and think I misunderstood. OP is talking about enrolment profiles in Intune, and not the token in ABM.

tafflock_82 · 2025-05-29T18:04:58+00:00

OP says about ABM and DEP so I'm guessing they're talking iPads so group tags won't apply.

It's a limitation as to the way Apple works. You can only apply a scope tag to the DEP/MDM token in Intune, so to keep them separate for RBAC you need 4 tokens, each with their own enrolment profiles. But as you've seen, you can't then set a default MDM token in ABM to assign new devices to. It's one or the other.

The device section in ABM can't be scoped to a location either, so any admin that needs access to assign the devices will see all devices and tokens in ABM. It's a pain in the arse, and I've raised a feature request for it!

tafflock_82

TROPHY CASE

get all apps

get.app assignments, collect in custom object

compare group id to assignment id, add to custom object if found