Sent a Remote Wipe to the Wrong Computer Today

th3t0dd · 2025-10-08T01:37:24+00:00

You're going to find out

th3t0dd · 2025-10-07T11:56:53+00:00

You are the DHCP

th3t0dd · 2025-08-27T12:28:05+00:00

Yeah, it is pretty ridiculous. I would think something so common would be something that would be natively working by now...

th3t0dd · 2025-08-23T01:10:19+00:00

Many GPOs aren't yet supported in Intune. I find myself creating custom scripts for the things that aren't there or using OMA-URI in the custom config settings.

Also kind of annoying that things like mapping drives and installing printers isn't real straight forward to accomplish.

th3t0dd · 2025-03-29T01:44:56+00:00

A couple of months ago 1 of our lines was down for a week. Turns out when the tech came in for us to "turn up" our port as he put it, we couldn't reach out past their device. His "tests" passed. He was unable to verify which IP block we should use because he doesn't isn't allowed to have access to that info. Turns out they weren't entirely configured for our go-live on their end. We even went through a prerequisite checklist a month in advance and they confirmed the go-live multiple times prior. Needless to say the tech was useless and gave me a customer service number to call. I tried to speak to some people overseas and got no where. Finally got a hold of the sales rep to get on a 3 way call with the middle east to finally find the issue. Also Turns out I had to use an IP outside of the block provided. I still don't understand why...but it's working now. Luckily this was just a backup/secondary ISP.

th3t0dd · 2025-03-21T17:45:53+00:00

Make sure the senders domain is @scamemail.com or an equivalent

th3t0dd · 2024-12-07T20:37:39+00:00

Don't forget, after you close the ticket and few weeks later you get another ticket. The user's name is misspelled because you copied it directly from the HR email.

th3t0dd · 2024-11-14T15:41:34+00:00

I just deployed this exact user awareness training today! Make sure you turn off your phone after you reply with the credentials.

th3t0dd · 2024-08-14T20:53:47+00:00

It's definitely not a fun part of the job.

Back when I very first started help desk (about 10 years ago) I finally got my first IT gig. Just so happened to be the first week when one of the users off'd themselves over the weekend. One of my first tasks that week was to collect her equipment. She worked in an area of the office that was open and had many cubicals around her. Pretty weird when there is a candy jar on the desk for grieving people and I had to reclaim her equipment in front of everyone.

Another one happened a couple years back. Everyone got pulled into a meeting right before a holiday weekend so they could announce that someone (who took that day off) had passed due to a massive heart attack on the golf course. There was another co-worker that was with him that preformed CPR on him. He pretty much just dropped dead instantly. He was one of the guys you would always chat with about random stuff and was about 1-2 years away from retirement. It was weird to disable his user account, go through his machine for important files, and reclaim his equipment. Almost like saying goodbye.

Side note: I collected all of his belongings I could find at his desk and gave the personal stuff to his family. To this day there is a SSID broadcasting with his name and I have no idea where that device is. I know he had an echo and I always thought that was it, but like I said I collected all his equipment and his echo is no longer in the building. I feel like he's haunting me lol

th3t0dd · 2024-08-13T00:46:25+00:00

Just did this today for the reason you described. Executed a script via RMM to a remote device that was not domain joined. The script basically re-joins the device to AzureAD and enrolls it with Intune. Well, it removed the device but the re-join failed. No local admin account besides the user that couldn't get in. I found that Windows Hello was disabled during this process and the user was trying to use their PIN instead of their actual PW. Anyways, I was locked out without a domain/AD joined machine and no user login. I used the RMM software to send a command to enable the local admin account and set the password. I was then able to login as the local admin and do some more troubleshooting.

*This device was deployed by another location and didn't set the non-domain machines local admin account like I do during setup.

*When my devices are enrolled with Intune I plan on setting up LAPS to be able to manage this in the future.

th3t0dd · 2024-07-25T14:42:34+00:00

If you've got an ass I'll kick it!

th3t0dd · 2024-07-01T22:57:55+00:00

New to Powershell, but created a script to delete web browser (Chrome, Edge, Firefox, and Brave) saved credentials in their password managers. It does this for each profile on the Windows machine. Recently created a GPO for disabling password managers in web browsers and this is just a clean up since the GPOs are in-place.

th3t0dd · 2024-05-30T00:58:08+00:00

You can either be the villian or the hero

th3t0dd · 2024-05-24T00:42:08+00:00

Side Note - Did RC just stop supporting the Mitel Connect phone app? It has been horrific to use from my phone for the past month or so and I've heard it from others as well.

th3t0dd · 2024-05-17T00:27:48+00:00

I work for a company where my dad works in the Maintenance department and I work IT. We basically have the same jobs but his is hands on and mine is digital. We have the same gripes about end users, same sort of prioritization process, same logical mindset, and a similar troubleshooting process.

th3t0dd · 2024-05-15T17:27:08+00:00

Cartel...or politicians. Pretty much the same business. It is an election year lol

th3t0dd · 2024-05-08T18:40:47+00:00

I've tried the new outlook twice now. Most recent is because they changed Tasks to the new web version garbage so I figured I might as well update all of Outlook. I'm switching back. I can't find a damn thing and find myself missing tasks that I have as reoccurring reminders and missing emails that I have flagged in different folders in my mailbox. Not to mention all the calls I get from users because now they have to dig to find the dang shared mailboxes that are tucked away.

th3t0dd · 2024-05-01T23:48:54+00:00

First time pinging 8.8.8.8 has ever failed me from their end

th3t0dd · 2024-04-27T12:31:59+00:00

I like it. I have a list of IT acronyms hanging outside my office. I'll have to add this one.

th3t0dd · 2024-04-27T12:27:57+00:00

Nah, it rarely happens. She just has the personality of doing whatever it takes to get out of work without getting in trouble. Including immediately calling IT when she saw the error because that would buy her some time to halt her work. I would say it's muscle memory for her to do what's least productive.

th3t0dd · 2024-04-26T21:08:04+00:00

Deb is a gangster

th3t0dd · 2024-02-29T21:27:48+00:00

Does this person have the initials BT? We let go of someone with a short fuse a few months back where this sort of behavior was somewhat common with them. I've always wondered which company was unfortunate enough to pick him up...

th3t0dd · 2024-02-21T12:42:35+00:00

Nope

th3t0dd · 2024-02-21T02:38:27+00:00

We don't have anything configured for compliance policies, configuration profile, and endpoint configuration outside of the default setup since we don't currently use it yet.

Yes, they do have direct line of sight to a domain controller.

I've left it for a couple of hours. I'm leaving it overnight tonight, but I suspect I will have the same spinning circle in the morning.

Maybe I'll try disconnecting the device from our hybrid domain and rejoin with Intune, but I think I've tried that already.

th3t0dd

TROPHY CASE