Category: Research
Research Undertaken
Proactive Remediation to Disable all Local Admins on a PC that’s not the LAPS user for Azure AD devices
See Detection here https://pariswells.com/blog/research/powershell-script-to-get-all-active-local-administrators-on-the-pc/
Intune AutoPilot
Powershell Script for AutoPilot Setup AutopilotBranding/AutopilotBranding/AutopilotBranding.ps1 at main · mtniehaus/AutopilotBranding · GitHub Create AutoPilot Group (device.devicePhysicalIDs -any (_ -contains “[ZTDID]”)) Profile Join Devices to Group when Enrolling […]
User Account Control: Behavior of the elevation prompt for standard users – Automatically deny elevation requests
If this is enabled the only way you can run stuff as Administrator is by logging in to the Machine As An Administrator ( Local Admin I […]
Screen Connect Control \ Labtech “Waiting for your Guest” on Logout
We had a customer that when a user logged out or restarted we would loose access to the machine until they logged back in Issue was the […]
WAF Contact your hosting provider letting them know your web server is not completing requests.
After enabling Proxy mode of Cloudflare for an Azure App Service , we were getting the following Error in Cloudflare What can I do? If you’re a […]
Viewing exposed entities requires Microsoft defender for identity permissions
I logged in with an account that was already Security Administrator , per this guide Role groups – Microsoft Defender for Identity | Microsoft Learn This made […]
Winget Error – Deploy Winget Upgrade via Intune
A new build windows 11 and winget wasn’t working with error message below We will need to “Package Up Winget” and deploy over the top if the […]
