Member: tylermontney_acc | Microsoft Community Hub

Recent Discussions

Re: Server 2025 Core ADDS DC, Network Profile Showing as "Public" and not as "DomainAuthenticated"
I appreciate a functional workaround, but this issue has been present (particularly for single DCs) for many years now. Previously, the solution was restarting the "Network Location Awareness" service. One of Microsoft's biggest and oldest server features should not be broken out of the box for this long!
Mar 10, 2025 Place Windows Server Insiders
1.4KViews
0likes
0Comments
Applying the fix for KB5025885 (CVE-2023-24932)
In reference to this article: https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d In late August, I created a series of scripts that perform the steps described in the article. This worked fine for 30 to 40 PCs over the next few weeks. I stopped as I had other tasks to attend to. Today, I decided to resume. A Surface Go 2 and a Lenovo E590 both fail to apply it. Both machines have the latest 2024-10 Cumulative Update (newer than is required). Both machines are Secure Boot enabled. Both machines are rebooted twice before proceeding to the next step (e.g. making a registry change). Both machines return "false" to both Get-SecureBootUEFI commands (which verify whether applying the fix was successful), for a total of 8 reboots. Machines in which my scripts were successful still return "true" for both Get-SecureBootUEFI commands. Has something changed?
Oct 24, 2024 Place Windows security
KB5025885
Secure Boot
2.5KViews
0likes
0Comments
What objects are required to sync for Azure AD Connect?
Trying to clean up our environment of unnecessarily synced objects. Of course, I want to sync users with e-mail, security groups, contacts, and so forth. However, the following top-level domain OUs I'm not sure about... Infrastructure: Even with "Advanced Features" ticked, I can't see this OU in ADUC Microsoft Exchange Security Groups Microsoft Exchange System Objects Program Data RegisteredDevices: This seems tied to Azure/Intune so I figure it's safer to keep it. System Users We used to have an Exchange server merely for schema, not hosting any mailboxes on-premise. However, I decommissioned it a couple months ago per this article: https://learn.microsoft.com/en-us/exchange/manage-hybrid-exchange-recipients-with-management-tools There's also the "Exchange hybrid deployment" checkbox under "Optional features" that I'm unsure if I need anymore.
Jan 05, 2024 Place Microsoft Entra
Active Directory (AD)
Azure AD Connect
2.1KViews
0likes
1Comment
Feedback for Microsoft Docs team
Normally, at the bottom of any docs page, there's a way to open an issue. Example: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/get-content?view=powershell-7.3 This article doesn't have that. How would I open an issue with the team who manages this? https://learn.microsoft.com/en-us/exchange/manage-hybrid-exchange-recipients-with-management-tools#prepare-the-exchange-environment
Nov 10, 2023 Place Exchange
Exchange Server
534Views
0likes
1Comment
How do remediation scripts handle missed schedules?
For instance, let's say I have one configured for Sunday at 8 AM and the machine receives the remediation script (mid-week) successfully. Friday afternoon, the machine is powered off and is powered back on Monday morning. When does the remediation script run? Immediately, or next Sunday?
Oct 04, 2023 Place Microsoft Intune
Intune
889Views
0likes
1Comment
Re: Storage location of quarantine message
Unfortunately, it's empty. The article also says that the user won't have access to these folders. If no one has access to them, I'm not sure what the point of moving their location and telling anyone about it was.
Sep 20, 2023 Place Exchange
1.9KViews
0likes
0Comments
Storage location of quarantine message
https://m365admin.handsontek.net/microsoft-defender-for-office-365-quarantined-message-storage-in-hidden-system-folder-on-user-mailbox/ states that instead of quarantine messages being in a hosted repository, they will now be in a hidden system folder in the user mailbox. Neither the link to the roadmap, nor the roadmap's "More info" article make mention of this. However, the title seems to imply the above article is correct. Are quarantined messages in Exchange Online hosted in a repository, or the user's mailbox? I want to remove attachments from specific emails before delivery, and this is the only way to do it.
Sep 19, 2023 Place Exchange
exchange online
2.2KViews
0likes
3Comments
How to get "premier" support for Azure AD (Entra)
I have a particular issue regarding Azure AD and I opened a ticket through the Azure portal. After some discussion, they determined if I wanted to analyze it further I need Unified/Premier support. I contacted them and they refused to sell me anything as we're not a big enough company. What are my options to get a root-cause analysis for a one-time incident?
Aug 16, 2023 Place Microsoft Entra
Azure Active Directory (AAD)
440Views
0likes
0Comments
Re: ADMX Syntax Questions
Also, is it possible to set binary values (REG_BINARY)?
Jun 23, 2023 Place Windows management
638Views
0likes
0Comments
ADMX Syntax Questions
Is this the latest ADMX Syntax: https://www.microsoft.com/en-us/download/details.aspx?id=7101 (It's from 2007.) Additionally, I'd like to configure a policy in this way: Enabled: Takes a string from a textbox Disabled: Sets a specific value Not Configured: Default GPO behavior (leave value as-is) The only way I've gotten it to work, without MMC complaining, is this but it doesn't work. Additionally, the changes don't take effect. Once the window is re-opened, it's back to "Not Configured". <policies> <policy name="Policy_OverwriteSettings" class="Machine" displayName="$(string.Policy_OverwriteSettings)" explainText="$(string.Explain_OverwriteSettings)" presentation="$(presentation.presentation_OverwriteSettings)" key="SOFTWARE\Policies\Example" valueName="mydword"> <parentCategory ref="abc:Category" /> <supportedOn ref="SUPPORTED_Platform_Since" /> <disabledValue> <string>3</string> </disabledValue> <elements> <text id="policy_OverwriteSettingsValue" key="SOFTWARE\Policies\Example" valueName="mydword" required="true" /> </elements> </policy> </policies>
Jun 23, 2023 Place Windows management
ADMX
gpo
703Views
0likes
1Comment
Controlling of Start Menu "treatments"
https://blogs.windows.com/windows-insider/2023/04/14/announcing-windows-11-insider-preview-build-23435/#:~:text=in%20Build%2023435-,Gallery%20in%20File%20Explorer,-We%20are%20introducing I understand this is insider; however, it's been in testing since November. I want to get ahead of this and determine a couple things: Will these treatments be included for Enterprise? How can we control/disable, such as via Intune? These treatments are inappropriate for a corporate environment, and I don't need my users getting confused.
Apr 19, 2023 Place Windows 11
Features
436Views
0likes
0Comments
Some users cannot use Authenticator OTP
After restricting insecure MFA methods a month ago, we sporadically get users complaining about the authenticator app. In the most recent case, the user only has the option to receive a push notification. This is a problem for users where the Internet is temporarily unavailable. These users used to have the option, and we allow OTP in Azure. We're targeting all users, so there's no reason specific users be affected. The usual fix is re-registering their authenticator app.
Feb 08, 2023 Place Azure
869Views
0likes
1Comment
Re: Set MFA default sign-in method organizational-wide
As in, it's on the roadmap? Where do you see this?
Jan 04, 2023 Place Microsoft Entra
1.5KViews
0likes
0Comments
Set MFA default sign-in method organizational-wide
Follow-up to Setting Microsoft Authenticator as default - Microsoft Community Hub I want to set this to push notification for all users. Any way to do this?
Dec 19, 2022 Place Microsoft Entra
Azure Active Directory (AAD)
Microsoft Authenticator
1.7KViews
1like
3Comments
Re: Export to PST via Powershell
jordan Honestly, I think converting to a Shared Mailbox and avoiding PSTs all together is the best idea. However, in the event you can't, the Outlook Interop seems the best alternative for now... function Add-PSOutlookStore([string]$StoreFilePath) { [void]($comOutlookNS.AddStore($StoreFilePath)) } function Remove-PSOutlookStore([string]$StoreFilePath) { [void]($comOutlookNS.RemoveStore($StoreFilePath)) } function Export-PSOutlookInbox([string]$EmailAddress, [string]$DestinationFilePath) { Add-PSOutlookStore($DestinationFilePath) $comOutlookRcpt = $null try { $comOutlookRcpt = $Script:comOutlookNS.CreateRecipient($EmailAddress) [void]($comOutlookRcpt.Resolve()) } catch { Write-PSFMessage -Level Critical -Message "Failed to resolve recipient $EmailAddress" Write-PSFMessage -Level Verbose -Message $Error[0] } if ($comOutlookRcpt) { for ($i = 0; $i -lt $comOutlookFolderTypes.Length; $i++) { $comOutlookFolderType = $comOutlookFolderTypes[$i] Write-PSFMessage -Level VeryVerbose -Message "Iterating through shared folder type $comOutlookFolderType" try { $comOutlookRctpFolder = $Script:comOutlookNS.GetSharedDefaultFolder($comOutlookRcpt, $comOutlookFolderType) if ($comOutlookRctpFolder.DefaultItemType -eq [Microsoft.Office.Interop.Outlook.OlItemType]::olMailItem) { Write-PSFMessage -Level Host -Message "Successfully copied shared folder" } else { Write-PSFMessage -Level Verbose -Message "Skipping shared folder as it is non-mail" } } catch { Write-PSFMessage -Level Warning -Message "Failed to get shared folder $comOutlookFolderType" Write-PSFMessage -Level Verbose -Message $Error[0] } } } Remove-PSOutlookStore($DestinationFilePath) } This is just a partial from my PS module.
Sep 21, 2022 Place Microsoft 365
6.4KViews
1like
1Comment
Re: Edge Profile Sync won't work with Azure AD account - "Sync isn't available right now"
"Reset sync", under edge://settings/profiles/sync did it for me. This seems to be the "only Microsoft can delete things server-side" option. Initially, it was greyed out. After revoking all sign-ins for that user through Azure and signing into another computer, I could see it after turning sync on. Unfortunately, it deletes all your data, but luckily this account didn't have any.
Sep 16, 2022 Place Discussions
3.8KViews
0likes
0Comments
Re: Leaving the 'Test' device group
No, I changed it through AutoPatch (not directly through the group). It's been a while since I've looked at this. Checked just now and Edge is no longer in beta.
Sep 14, 2022 Place Windows Autopatch
654Views
0likes
0Comments
Re: Export to PST via Powershell
JChup If the application has already been installed, you'll get a misleading InvalidOperationException from AssertApplicationRequirements. This doc "suggests" to check GetManifestCompletedEventArgs before calling AssertApplicationRequirements. Register-ObjectEvent -InputObject $HostingManager -EventName GetManifestCompleted -Action { New-Event -SourceIdentifier "GetManifestCompleted" -EventArguments @($EventArgs.Error) } | Out-Null $HostingManagerEvent = Wait-Event -SourceIdentifier "GetManifestCompleted" -Timeout 15 if($HostingManager){ if ($HostingManagerEvent.SourceArgs[0]) { if($HostingManagerEvent.SourceArgs[0].Message.Contains("already installed")){ Write-Output "ClickOnce Application has already been downloaded" }else{ Write-Error -Message $HostingManagerEvent.SourceArgs[0].Message } } } Additionally, VSCode warned me $event is an automatic variable. Unless it was intentionally named that way, I renamed mine to something else.
Sep 06, 2022 Place Microsoft 365
27KViews
0likes
0Comments
Re: Export to PST via Powershell
Tom Aguero Edit: Never mind. I was calling C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation\Microsoft Office 365 eDiscovery Export Tool.appref-ms instead of C:\Users\USERNAME\AppData\Local\Apps\2.0\ABC123.456\ZZZZZ.789\micr..tool_123456789_abcdef_abcabcabc\microsoft.office.client.discovery.unifiedexporttool.exe. When running the discovery tool with those parameters, it complains that it can't determine the URI format. I'm leaning towards it being 'key', as this isn't a valid URI (PowerShell fails to parse it).
Sep 06, 2022 Place Microsoft 365
27KViews
0likes
0Comments
Re: Autopatch Telemetry Setting
What I get from the article is that I should probably allow for more telemetry to not break anything. However, I already assumed this before reading it. The article helps a bit, but it's not a definitive "do this or that happens".
Aug 02, 2022 Place Windows Autopatch
2.9KViews
0likes
0Comments

User Profile

tylermontney_acc

User Widgets

Recent Discussions

Re: Server 2025 Core ADDS DC, Network Profile Showing as "Public" and not as "DomainAuthenticated"

Applying the fix for KB5025885 (CVE-2023-24932)

What objects are required to sync for Azure AD Connect?

Feedback for Microsoft Docs team

How do remediation scripts handle missed schedules?

Re: Storage location of quarantine message

Storage location of quarantine message

How to get "premier" support for Azure AD (Entra)

Re: ADMX Syntax Questions

ADMX Syntax Questions

Controlling of Start Menu "treatments"

Some users cannot use Authenticator OTP

Re: Set MFA default sign-in method organizational-wide

Set MFA default sign-in method organizational-wide

Re: Export to PST via Powershell

Re: Edge Profile Sync won't work with Azure AD account - "Sync isn't available right now"

Re: Leaving the 'Test' device group

Re: Export to PST via Powershell

Re: Export to PST via Powershell

Re: Autopatch Telemetry Setting

Recent Blog Articles