|
Toshimo posted:Funny story: This came to a head because we aren't using PSAppDeployToolkit, but I had decided I was going to do up one of my next apps with it so we could try it out and when I announced it at our morning meeting, MSI guy got riled up because of all things I picked to try it with, it was VLC, which came to us as an MSI. MSI guy is a curmudgeon. I bet if you open up space for other people, they'll do a good job modernizing stuff. Our installers for stuff like VLC was literally a Powershell script that ran "choco install vlc". We never had to touch it again. And at your scale, I'd look into running private repos and packaging anything specific to your company. It'll be worth the effort.
|
# ¿ Sep 12, 2022 16:51 |
|
|
# ¿ May 15, 2024 00:27 |
|
Potato Salad posted:poo poo, look for what's really being hired right now in endpoint management type tools: CD/CI engineers. Site reliability engineering skillsets. These things to do not point to msi as the way forward, or even the way of the present. Yup. Get your team trained up on Microsoft's modern desktop stuff or you'll be fighting technical debt forever.
|
# ¿ Sep 12, 2022 16:52 |
|
I read that! It raised my blood pressure! I have no experience at that scale, but I think getting together folks who want to make improvements and showing off how much easier/better stuff is with new tools and having them be champions for that change is the way to go. Not always easy to make that call of cleaning up old poo poo or just migrating to something new, but I think at least in some of these cases migrating to something new might be the way to go. Just gotta put that team together. Easier said than done. Internet Explorer fucked around with this message at 18:18 on Sep 12, 2022 |
# ¿ Sep 12, 2022 17:15 |
|
What you're describing is possible. Just know that it's not 100% bulletproof. You're just stopping people from doing something that they don't realize is risky, not so much locking down Fort Knox. You want to look at MAM policies. https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policy
|
# ¿ Nov 1, 2022 17:41 |
|
Yikes, those disks. I'm not a big Hyper-V user, but double check to make sure there's no a setting that is forcing those VMs to use virtual memory on the host instead of real memory, because that would explain a lot. VMware would call it Memory Limit, but no idea in Hyper-V.
|
# ¿ Dec 19, 2022 18:50 |
|
There is also a small shop thread here that might be more helpful for your scenario. Folks around here might ask you for a trigger warning on that situation. https://forums.somethingawful.com/showthread.php?threadid=3723832
|
# ¿ Dec 19, 2022 21:51 |
|
H2SO4 posted:Microsoft has been lazy with quality-of-life improvements for AVD and such because if customers want the easy button then they just bring in Citrix to back up the truck and sprinkle their bits on top. It literally makes them more money that way. Pretty funny, because you could have said the same exact thing 20 years ago.
|
# ¿ Mar 18, 2023 03:36 |
|
You can do custom installs that just run a script. In fact, I'd say it's probably the most common way for any decent sized InTune deployment. You can literally just take your psappdeploytoolkit deploys from SSCM and move them to InTune.
|
# ¿ May 31, 2023 19:36 |
|
I think it's very reasonable to be frustrated that you weren't in the loop if you manage SCCM. That points to a larger issue that I would definitely want to get straightened out before moving forward with any sort of migration. You can keep doing what you're doing. And I'll actually disagree slightly with Thanks Ants in that in the migrations I have helped with, we moved over existing packages and just used the custom detection method to detect that they were already installed via SCCM. If you Google "PSAppDeployToolkit Intune," you'll see it's a fairly common thing that has been documented pretty well. In my experience, the things that trips up most SCCM->InTune migrations are actually ancillary to SCCM.
|
# ¿ May 31, 2023 21:36 |
|
well that sounds like a loving nightmare condolences
|
# ¿ May 31, 2023 22:33 |
|
If you're Azure AD hybrid, why are people saying no to Azure Files? Does Azure AD Kerberos for hybrid identities not fix this? I have been out of that world since that was released. But as far as I know that means no VPN or visibility to a domain controller needed for end users to use a file share with NTFS permissions. https://learn.microsoft.com/en-us/azure/storage/files/storage-files-active-directory-overview
|
# ¿ Aug 25, 2023 06:19 |
|
Interesting, thanks for the responses. Wild that "put all your files in SharePoint" is the advice over hosted SMB3. I mean it only took 20 years, but I guess CIO magazine won in the end.
|
# ¿ Aug 25, 2023 15:16 |
|
Are you doing Pooled or Personal? If Personal, the recommendation to use Intune or whatever else you use for your normal hardware is the way to go. If you're using Pooled, it's a lot more tricky. I've done some variation of Pooled VDI for... a really long time now, and I'm convinced it isn't worth it for the vast majority of use cases. Too much added complexity, overhead, and know-how required for anyone maintaining it or helpdesk supporting it.
|
# ¿ Sep 26, 2023 00:52 |
|
You should get a new Exchange contact, because you can easily add aliases to distribution lists. https://learn.microsoft.com/en-us/exchange/recipients-in-exchange-online/manage-distribution-groups/manage-distribution-groups
|
# ¿ Jan 8, 2024 03:22 |
|
This might be a place to start - https://doitpsway.com/get-a-better-intune-policy-report-part-3-final
|
# ¿ Feb 28, 2024 04:48 |
|
Yup yup. Also I do vaguely remember there is an upper limit of hardware MFA tokens EntraID will allow for your tenant. Maybe that's out of date knowledge, but I think it was talked about here or maybe the InfoSec thread fairly recently. Doesn't sound like it will be a problem for you, but something to be aware of.
|
# ¿ Mar 27, 2024 15:20 |
|
Thanks Ants posted:The limit was to do with tokens on a Yubikey IIRC and not how many hardware tokens an Entra tenant can support. And yes, they are £30 or something along those lines, you might have a handful of employees who request a token, just treat it as disposable. Huh. Maybe I misunderstood on more than one occasion because after briefly looking now I don't see any mention of it online.
|
# ¿ Mar 27, 2024 22:42 |
|
Haha, thank you for that. Maybe we're both going crazy.
|
# ¿ Mar 29, 2024 16:55 |
|
|
# ¿ May 15, 2024 00:27 |
|
You love to see it. Thank you goon!
|
# ¿ Mar 29, 2024 17:30 |