|
incoherent posted:Never deploy LTSB unless you're the MSP for an airport. They're designed for Long term deployments (3-5+ years). I haven't had any major issues with LTSB as of yet. It's my main Windows 10 Enterprise image for the entire org. Is there any reason to stay away from it other than missing out on features?
|
# ¿ Nov 28, 2017 20:32 |
|
|
# ¿ Apr 24, 2024 07:01 |
|
Internet Explorer posted:Is it possible you are changing your password twice in one day? Some places have a minimum password age requirement to stop people from resetting them a bunch of times in a row to bypass the "not used in the last 12 passwords" requirement to go back to an old password. Any idea why that is the default in AD? I feel like it's not a very useful strategy...
|
# ¿ Feb 26, 2018 22:20 |
|
Internet Explorer posted:For exactly the reason I said. To stop people from changing their passwords enough times to get around the password history requirement.
|
# ¿ Feb 27, 2018 17:42 |
|
stevewm posted:No... This has been mentioned, but it sounds like something like PaperCut will work well for you. It has find me printing, so you could just have one virtual queue, and release it at the printer you want.
|
# ¿ Feb 28, 2018 20:29 |
|
Zaepho posted:LTSC means no Office Pro Plus support as of 1803 or something like that. So many people are licensing Office through O365 and MS doesn't want anyone on LTSC so they added this as a big fat LTSC Tax. Just to confirm, you mean LTSB right? Unless LTSC is something I haven't heard of...
|
# ¿ Mar 7, 2018 14:09 |
|
Moey posted:Does anyone use Knox for MDM? I'm curious about it. I just setup the Knox Mobile Enrollment program for our Galaxy tablets. Basically it skips the setup and forwards the device to whatever MDM you have (kind of like Apple DEP). Works pretty well. I haven't used the full blown Knox MDM though.
|
# ¿ Apr 9, 2018 13:26 |
|
Thanks Ants posted:Absolutely gently caress trying to do any sort of actual endpoint management using Intune. 99% of the "hey this would be neat" features involve doing it yourself in PowerShell. They also claim that new features are going to Intune before System Center. But I would appreciate feature parity for alot more System Center features within Intune before they start working on new features again...
|
# ¿ May 3, 2018 18:19 |
|
Thanks Ants posted:It just seems like a completely half-baked product. Their vision is that we can use AutoPilot, Azure AD Premium and Intune to have users take a new device out the box, login, and then run as a standard user but have the machine managed by Intune. But I've just had it confirmed that there's no way of deploying software that needs the installer to run as an administrator, which is what Group Policy from a decade ago could manage without difficulty. So in the best case scenario I still need to have a full AD infrastructure in place and if the endpoints are mobile I need to deploy Enterprise Windows to run DirectAccess to keep some sort of management in place when people aren't in an office. If you pay for EM+S, and have the infrastructure to spare, i would look into System Center with Intune. It makes Intune much more usable.
|
# ¿ May 3, 2018 20:40 |
|
Still seems like a function that was SHOVED into VLSC without grace. But I am happy none the less.
|
# ¿ Jun 6, 2018 13:07 |
|
lol internet. posted:For sccm. I made a available install to desktos for a application. This may not be the answer... Did you deploy it to all users instead of all computers? If the deployment is all users, and you the user told it to install, it may be installing for your user wherever you go. This is a guess...
|
# ¿ Jun 28, 2018 16:57 |
|
skipdogg posted:Try not to. Especially since Azure AD can do alot of what MIM does, and sometimes more. Save yourself the hassle and just get Azure AD Premium.
|
# ¿ Jun 29, 2018 12:51 |
|
Fruit Smoothies posted:Couple of questions If you are using static credentials, and not a certificate, or user based credentials, then why use RADIUS at all? Just have a WPA2 key that is static on all of the iPads. If you want to use RADIUS, and have static credentials programmed on all of the devices, you are using RADIUS wrong IMHO. EDIT: Someone pointed out to me that you might not have a choice to use RADIUS. From what I remember, you can accomplish setting this key with Intune. Beefstorm fucked around with this message at 21:05 on Oct 12, 2018 |
# ¿ Oct 12, 2018 20:40 |
|
Fruit Smoothies posted:The RADIUS does use AD user based credentials, because the majority of non-ipad devices using the WiFi will authenticate with their AD credentials. The iPads are for very young kids who just need filtered internet. We don't need to confuse them with shared ipads. We just want a way of setting the relevant AD username / password in Intune so they don't have to worry about it. Apple Server's Profile manager allows for this very scenario. Ah. Then what you want is a Device Enrollment Manager. This should get you started. https://docs.microsoft.com/en-us/intune/device-enrollment-manager-enroll EDIT: Hmmmm. Maybe this isn't the solution you want. Microsoft posted:(iOS only) If you use DEM to enroll iOS devices, you can't use the Apple Configurator, Apple Device Enrollment Program (DEP), or Apple School Manager (ASM) to enroll devices. This means that you can't put the device in supervised mode and thus won't have access to some configuration options. That seems like a really important component to the whole thing... Beefstorm fucked around with this message at 22:55 on Oct 12, 2018 |
# ¿ Oct 12, 2018 22:53 |
|
Potato Salad posted:Has anyone looked into instructing Bitlocker not to use the opal/tcg eDrive features of an SSD? I am unsure, but I am curious as to why this is needed.
|
# ¿ Nov 6, 2018 15:52 |
|
The Fool posted:tweet Oh good... Time to revisit my Bitlocker strategy.
|
# ¿ Nov 6, 2018 16:01 |
|
The Fool posted:SSO was pushed quite a bit yesterday and this bullshit makes me very angry. Well isn't this list interesting. Glad to see someone, somewhere is calling out this bs.
|
# ¿ Nov 7, 2019 20:29 |
|
wyoak posted:I have an existing O365 setup, and I'd like to bring in a new domain that has an existing on-prem Exchange installation as a hybrid configuration. My issue is that if I add the domain to Azure AD / Office 365, any mail coming from users already on O365 tries to route internally and bounces because those users don't exist within Azure yet - is there a way to add the domain to Azure/O365 without having O365 try to route mail to it? I can't setup AAD sync without adding the domain, but I don't want to bounce mail in the window between adding the domain and getting Hybrid mode going. You're looking for instructions like this... https://docs.microsoft.com/en-us/exchange/mailbox-migration/mailbox-migration Also, to more directly answer your question, you add the domain, add the verification records to DNS, and have Azure verify it. That will not start routing email to O365 until you change the MX records. Office 365 might complain that the MX, SRV, etc records aren't correct. But that won't stop you from using the domain to do AAD sync. As long as you only add the TXT records for verification, you shouldn't break your email routing.
|
# ¿ Apr 22, 2020 20:27 |
|
Zaepho posted:As soon as you get AD Connect up and synced that won't be an issue as O365 will see that they exist in the On-Prem Exchange and will route them properly. There will be a short mail flow outage to get everything complete but if you get your DNS TTLs nice and short and carefully go through each step it should be pretty quick. The longest thing to deal with will be the ADConnect full sync time. Just enabling Azure AD Connect isn't enough to get mail flowing between the environments. You also need to setup the connectors between on-prem exchange and O365. You can use the Exchange Hybrid Configuration Wizard to set that up. https://docs.microsoft.com/en-us/exchange/hybrid-configuration-wizard
|
# ¿ Apr 23, 2020 17:23 |
|
|
# ¿ Apr 24, 2024 07:01 |
|
wyoak posted:I'm thinking add domain and immediately setup hybrid, that way email will continue to flow, then do AAD sync You can add the domain before setting up hybrid. The mail just wont flow correctly until you setup the hybrid Exchange environment. But, it is the right thing to do it in that order. You want to have your domain setup and able to authenticate properly before you start setting up Exchange Online.
|
# ¿ Apr 23, 2020 18:12 |