If you’re crazy like me, you go all out when running a homelab. Multiple domain controllers, role-based access, separate servers per role (for the most
Author: Anthony J. Fontanez
Windows Sysadmin, focused on ConfigMgr, Intune, PowerShell, AD/AAD, & Security. Admin team member for the WinAdmins Discord community - https://winadmins.io/
2025-02-27 Update: This entire post is now irrelevant, see https://techcommunity.microsoft.com/blog/intunecustomersuccess/microsoft-intune-connector-for-active-directory-security-update/4386898 for more information. Disclaimer: I recommend utilizing pure-AAD join in 99% of use Autopilot use
UPDATE: 2024-12-11 This issue was resolved in the 2024-11 CU for Server 2022 (https://support.microsoft.com/en-us/topic/november-12-2024-kb5046616-os-build-20348-2849-817737a3-4027-485e-ba0d-e97ad4378047). If you made the change below in the past, you will
Kiosks can present an interesting challenge: how to keep the account credentials at least somewhat secure. In the past, we’ve typically utilized group policy to
So, you’ve got your ConfigMgr site using HTTPS-only now (check out Migrating ConfigMgr to HTTPS-Only if you don’t!). All of your site system servers that
It’s 2021, why am I writing a post about Group Policy? Everyone has retired their AD infrastructure and is using Intune for everything now, right?
I’ve had an idea for a while now to write a series of posts covering configuration of the Windows Firewall, including topics such as: Basic
phew… If you made it here, congratulations. This series ended up being much longer and more detailed than I initially anticipated. It turns out that
At this point, it’s now possible to make any/all services available from anywhere utilizing certificate authentication to Domain Controllers, obtaining computer and user Kerberos tickets,
Part 5 of this series will go over how to utilize certificate authentication to make services available from anywhere, without the need of a traditional