@scottalanmiller said in MDM for Windows and Mobile Devices | Mobile Device Management?:

I've got a customer that needs MDM that is able to lock down devices to the point of controlling what websites that they can visit. It's a small user pool, just two corporate devices that will be off network, but we'd like a lot of control on these devices. They are for singular purpose, essentially.

The company has a number of mobile devices that are less important but they'd like MDM for them as well.

Ideally a single solution that allows us to manage everything off network in a single pane of glass is ideal. What options do people know and/or recommend for something like this?

Any idea about the devices? Those are some pretty strict lockdown requirements and may require more than just MDM (MDM + excess custom work) for those devices.

If single purpose devices, maybe a kiosk type of deployment would make more sense, limiting use to only a few single apps?
Any other info?

• OS?
• Device / hardware type?
• Account type used on the device (Windows login): local user account vs personal email vs corporate AAD account
• Is it local AD joined, AAD Joined, AAD registered?
• Is any of it having to do with Windows/MS?

You typically don't get deep level compliance and controls in a simple single pane of glass.

For the devices that are less important, same questions for those.

If the Linux ecosystem, there's also some options.
Some solutions may be great for some devices, but terrible for others. More info is needed.

@scottalanmiller said in What Are You Doing Right Now:

KVM is made by IBM at about $63bn USD. VMware is made by Broadcom at about $21bn USD.

If IBM and Broadcom are $63bn and $21bn respectively, Microsoft is $200bn, wouldn't that (Hyper-V) be the one to use then?

@BraswellJay said in Can the target of a One Drive link be changed ?:

@Obsolesce said in Can the target of a One Drive link be changed ?:

@scottalanmiller said in Can the target of a One Drive link be changed ?:

I don't know any platform like that that has built in editors to modify the files that are in the storage

OneDrive does let you edit files directly, in the storage.

How were you able to bring up the editor? Did you just click on file name? When I do that on a url link file it just takes me to the file that the link is pointing to. I can then edit that target file. In my case it brings up an image editor since the target is a .png file. I can't seem to find a way to edit the text of the url link file itself without downloading it first.

I just clicked on the file.

However, if you really think about it, you want exactly the behavior you are seeing. Imagine if clicking on the .url file it brought up the editor for users instead of taking them to the pointer file?

That said, can you right-click on it in the browser and open it in text editor? If not, then I guess you'll just have to do it on your computer.

@scottalanmiller said in Can the target of a One Drive link be changed ?:

I don't know any platform like that that has built in editors to modify the files that are in the storage

OneDrive does let you edit files directly, in the storage.

@Obsolesce said in Marketing - Video Editing Storage:

@Jimmy9008 said in Marketing - Video Editing Storage:

Originally, I was looking at proposing a 20 - 30 TB NAS populated with SSDs in the local office, with 10 Gbps NIC. This would provide high speed local access over the LAN to 6 marketing users.

If their PCs accessing a NAS at 1-10Gbps isn't good enough because their primary concern is speed, why would they push for way slower cloud storage, assuming no on-prem cache?

I archive my video in the cloud, but I would not want to work from it without a local cache.

@Jimmy9008 said in Marketing - Video Editing Storage:

Originally, I was looking at proposing a 20 - 30 TB NAS populated with SSDs in the local office, with 10 Gbps NIC. This would provide high speed local access over the LAN to 6 marketing users.

If their PCs accessing a NAS at 1-10Gbps isn't good enough because their primary concern is speed, why would they push for way slower cloud storage, assuming no on-prem cache?

@travisdh1 said in Resume work:

@IRJ said in Resume work:

@travisdh1 said in Resume work:

@CCWTech said in Resume work:

@travisdh1 What is 'better paying' what range?

And how do you know Spillman?

Pay range depends a LOT on location of the job offering. A couple examples from my life.

1. Cleveland, OH ~$40,000/year. Basically poverty wage.
2. Wooster, OH ~$40,000/year. Living well.
3. Fairlawn, OH ~$60,000/year. Around the same as Wooster at 40k
   Those values get to be hugely different depending on the area of the country, and I'd expect them to be around the lowest in the country because of the cost of living in Ohio compared to most of the rest of the U.S.

I have my CJIS cert and supported Spillman for multiple police departments and a county sheriff at my previous job.

Ii don't know where you are getting this info from, but a quick search on LinkedIn for Cleveland, Ohio Jobs shows this is not the case.

Also, I get contacted for remote jobs on daily basis for well over $100k

I hear that from a much larger amount of people here than any other groups I've ever interacted with. Good for you, but that's far from the norm.

Jimbo's Corner Manufacturing or Pat's Consulting isn't going to pay anyone in IT more than $45k-$85k base a year. Ignore all of those jobs, and search for remote jobs and jobs in cities. Tailor your resume for those and push for remote. Look for more specialized roles and sys admin/eng or product owner types. Those are the ones paying $120k-$220k base.

@scottalanmiller

You can transfer via TeamViewer.

@scottalanmiller said in What Are You Doing Right Now:

@Obsolesce said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

So here is a funny technical situation... we have a GDPR require to delete someone's identity. However, there's nothing identifiable in the account. We have zero idea who the person is. The GDPR requires that we have proof that the request is coming from the person in question and not just someone who guessed their password or whatever. But we don't know the name, country, gender, age, password, email, employer, or anything of the person in question. It's completely anonymous.

While there's no PI to take down, it's an interesting situation that there is no means of making the request for data that is already anonymous by the nature of it being anonymous.

If there is nothing, not even IP or network or computer info to link to a person, it doesn't seem like GDPR then.

It's not, it's just GDPR-like. And we are coming up with a compromise as best as we can. It's just an interesting situation to have something like a GDPR, for anonymous data, because while the data might not seem anonymous, to the system it actually is. If it was posted recently, we might have something like an IP log, but it's not current, and the logs aren't kept. So there isn't even that!

Sounds 100% not GDPR or even related

@scottalanmiller said in What Are You Doing Right Now:

So here is a funny technical situation... we have a GDPR require to delete someone's identity. However, there's nothing identifiable in the account. We have zero idea who the person is. The GDPR requires that we have proof that the request is coming from the person in question and not just someone who guessed their password or whatever. But we don't know the name, country, gender, age, password, email, employer, or anything of the person in question. It's completely anonymous.

While there's no PI to take down, it's an interesting situation that there is no means of making the request for data that is already anonymous by the nature of it being anonymous.

If there is nothing, not even IP or network or computer info to link to a person, it doesn't seem like GDPR then.

I use the same popup blocker in every web browser, even Edge, and it blocks everything. I've not come across any weird issues like that otherwise.

Have you tried this one?
https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak

@scottalanmiller said in What Are You Doing Right Now:

@Obsolesce said in What Are You Doing Right Now:

Lots and lots of KQL the past week. Good stuff actually.

King's Quest Live?

No idea what KQL is.

Close, https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/

Lots and lots of KQL the past week. Good stuff actually.

@dafyre said in What Are You Doing Right Now:

@Obsolesce said in What Are You Doing Right Now:

@siringo said in What Are You Doing Right Now:

@Obsolesce said in What Are You Doing Right Now:

Just got home from the Anza-Borrego Desert State Park. Definitely recommend!

got any photos? I'd love to see it. What state is in ??

Got a lot of 'em, but it's late and time to get to bed. Here's one awhile of the nice desert scenery and mountains in the background we found on the way home:

Am I the only one that suddenly turns into a 5 year old when I see this picture?

Oh I just noticed the cactus in the picture now!

@siringo said in What Are You Doing Right Now:

@Obsolesce said in What Are You Doing Right Now:

@siringo said in What Are You Doing Right Now:

@Obsolesce said in What Are You Doing Right Now:

Just got home from the Anza-Borrego Desert State Park. Definitely recommend!

got any photos? I'd love to see it. What state is in ??

Got a lot of 'em, but it's late and time to get to bed. Here's one awhile of the nice desert scenery and mountains in the background we found on the way home:

You're a bloody idiot

Arizona I'm guessing.

Oh it's in Southern California, about 1.5 hour drive from us.

@siringo said in What Are You Doing Right Now:

@Obsolesce said in What Are You Doing Right Now:

Just got home from the Anza-Borrego Desert State Park. Definitely recommend!

got any photos? I'd love to see it. What state is in ??

Got a lot of 'em, but it's late and time to get to bed. Here's one awhile of the nice desert scenery and mountains in the background we found on the way home:

Just got home from the Anza-Borrego Desert State Park. Definitely recommend!

@Pete-S said in DISM /Remove-ProvisionedAppxpackage vs Remove-AppxPackage?:

@Obsolesce said in DISM /Remove-ProvisionedAppxpackage vs Remove-AppxPackage?:

To save you some time looking through that crAppy code, it basically comes down to two lines, 626 and 640.

I ended up doing something like this:

# apps to remove
$apps = 
   '*549981C3F5F10_*',
   '*GetHelp_*',
   '*Getstarted_*',
   '*Microsoft3DViewer_*',
   '*MicrosoftOfficeHub_*',
   '*MicrosoftSolitaireCollection_*',
   '*MixedReality.Portal_*',
   '*Office.OneNote_*',
   '*People_*',
   '*SkypeApp_*',
   '*Wallet_*',
   '*windowscommunicationsapps_*',
   '*WindowsFeedbackHub_*',
   '*WindowsMaps_*',
   '*Xbox*',
   '*YourPhone_*',
   '*Zune*';

foreach ($app in $apps) {
   Get-AppxProvisionedPackage -Online | where {$_.PackageName -like $app} | Remove-AppxProvisionedPackage -Online 
   Get-AppxPackage -Name $app | Remove-AppxPackage -AllUsers
}

Code needs to run as Administrator.
Removes packages for new users as well as users already on the system.
Windows shouldn't re-install them when you get updates.

Looks good.

That said, if the devices are managed with MDM for example, it's typically best practice to Uninstall all that kind of apps for the user through a user assigned script or required app... instead of at the image or predeployment level.

@Dashrender said in PS to download latest microsip version:

@JaredBusch said in PS to download latest microsip version:

@Dashrender said in PS to download latest microsip version:

I just installed it on a test machine with chocolatey - it installed it into the local admin profile - so any normal non admin user can't use it.

You can run chocolatey without admin rights just fine.

It warns you, but that is because most software is designed to be installed with admin rights in the windows world.

It seems that Microsip does not require that, so run chocolatey as the user itself.

interesting - something else to test then.

will the choco update scripts catch both admin and non admin installed items?

It depends on whether or not it was installed with elevated privileges and whether or not a given software is installed to a location that requires elevated privileges to modify.