After posting the blog about Administrator Protection, one question kept coming up: What are the key differences between Administrator Protection vs EPM (Endpoint Privilege Management)? Some even wondered if EPM is being replaced now that Administrator Protection is here. Let’s clear things up!
Strengthening Local Admin Security in Windows 11 with Administrator Protection
This blog will focus on a new Windows 11 insider build feature, Administrator Protection, announced in the latest Windows Insider Canary build (27718).
This feature is designed to eliminate always-on admin rights. Instead, it uses a hidden elevation mechanism to provide just-in-time privileges when needed, keeping admin rights in the shadows until required. “I am the Shadow Admin, always present but never seen.”
Troubleshooting Intune Enrollment: Solving the 0x80180031 MDM Not Configured Error
In this blog, we’ll dive into the common headache of enrolling existing devices to Intune and hitting the 0x80180031 error, often caused by the fact that Mobile Device Management is […]
SecureChannelFailure Errors, and the Curious Case of the Failing IME
Have you ever struggled with Lenovo T480 or HP Elitedesk 800 G4 devices that refused to cooperate with Intune? In this blog, we unravel the saga of SecureChannelFailure errors, elusive SSL/TLS handshake issues, and a troublesome TPM. Armed with Fiddler and Wireshark, we uncovered a cryptographic glitch causing the chaos. The result? Apps wouldn’t install, and no PowerShell scripts could be deployed during Windows Autopilot.
The Subscription Activation Journey: Stuck on Pro
The May update broke Windows Subscription Activation, causing devices to drop from Enterprise to Pro. The primary culprit was a breakdown in Multi-Factor Authentication (MFA). Microsoft addressed this issue with […]
Cloud PCs? Where we’re going we don’t need Device Query and Support Approved?
Are you using a nice Windows 365 Cloud PC and want to use kickass Intune Suite features like Device Query or EPM Support Approved? If you’re going to use them, […]
Mrs. Resource Performance, you’re trying to seduce me with your CPU Spike. Aren’t you?
Two powerful features have been introduced in the latest update to Microsoft Intune Advanced Analytics: CPU Spike and Memory Spike monitoring. We can spot them when we take a look […]
The Lakehouse of EPM: Easily Create EPM Elevation Rules based on the Elevation Requests
Create EPM Elevation Rules in just a few seconds. It sounds like a dream, right? As IT professionals, we’re always on the lookout for ways to streamline our processes while […]
FooUser@ meets the Cosmic Autopilot@ user
This blog will be about me wrecking a Windows device during Autopilot Pre-Provisioning to see what is happening underneath. While doing so, I stumbled upon the funny /fake Foouser@ and […]
Evolving Subscription Activation: From Workarounds to a Robust Solution
Microsoft has continuously refined how Windows handles Subscription Activation, particularly in environments with strict Conditional Access policies. These changes are key to providing a smoother user experience and enhanced security. […]