User Profile
ArtSofM365
Copper Contributor
Joined Sep 28, 2018
User Widgets
Recent Discussions
Re: Blocking domain for group of users/or devices
you can do that easily with GSA and you control the ‘who’ by Conditional Access you can also do that by MCAS and/or indicators of compromise (url) - basically Smart Screen - but that is extremely cumbersome, you have to select devices (and that weird concept that device can only belong to single device group) and not users, and slow to apply - minutes to hours, sometimes applies inconsistently - thats your second optionRe: Scope Profile - Device Group Creation - Help please
berryblack001 unless something has changed recently for some strange reason you are not given an option to create device groups with Business Premium. This device groups concept is so unnatural in the modern device management and from my experience also not very reliable - multiple reasons. As to those scope profiles not showing up - another pain with MCAS - everything is soo slooow, they will show up ultimately (if there are no other issues of course eg licensing). MCAS (MDA or whatever it is called today) feels like a neglected product compared to all other areas of M365 security suite - which is strange and pitty.Re: Unsanctioned to all, exclude to some
That is indeed very unnatural and convoluted. The single device group membership is also strange concept unique to MCAS compared to other M365 products. Moreover you do not easily see what exceptions a SaaS app has applied. Then there is that include/exclude concept, tags, etc. Some alignment with other M365 products - Intune, AAD … would be welcome.OneDrive Sync app health - questions
hi, (all my https://learn.microsoft.com/en-us/sharepoint/sync-health?tabs=windows#requirements are met for the OneDrive Sync app health) as stated in the title - I have some questions that accumulated as I work with OneDrive: 1. Intune policy - I am assuming OneDrive policy, 'Sync Admin Report' specifically, will make all necessary configuration on devices for this telemetry to work? 2. Intune - no need to add registry key, despite what's described here (which does not mention Intune): https://learn.microsoft.com/en-us/sharepoint/sync-health?tabs=windows#set-up-the-onedrive-sync-health-dashboard 3. None of my (co-man'ed) machines has that registry key and they seem to report just with the aforementioned Intune policy (and correct Tenant Association Key ) - so i am assuming that reg key is not needed(?) 4. When the OneDrive agents upgrades does it generate new OD device ID? (I can find that out myself) When new ID is created? I have many duplicated devices which makes the dashboard useless. 5. Other are not questions but more requests - but maybe some are on the roadmap, if so for when? - access via API (!!!) - clean duplicated records on-demand, leave only the latest check-in - so that the dashboard starts to make sense - select / export / take an action eg. initiate an upgrade - I do it by Proactive Remediation now as I do not find the built in scheduled tasks very reliable (why they have no run history?) - always install the latest version from: https://go.microsoft.com/fwlink/?linkid=860984 which btw is almost always out of date (the text version on that https://support.microsoft.com/en-us/office/onedrive-release-notes-845dcf18-f921-435e-bf28-4e24b95e5fc0) and which I hope won't change in future Any answers or thoughts welcome.Re: Migrate Folder Redirection via OneDrive KFM creates duplicates
My conclusion - MS Doc regarding this process is screwed and misleading. In the first line it say such a shift is unsuported, then it says how to do it - which btw is wrong and causes these issues as described here. That is what works for me: First - copy your user data in the backend using Migration Manager - the one with web console or SPMT (for those who have not tried they both do the same thing, SPMT is slightly eaiser to appraoch programmatically with PS1, but MM has nicer web console) Second - redirect home folders to OneDrive folders on local PC Then - KFM them via GPO or Intune (optionally, eg to get rid of GPO) Otherwise data will duplicate There is nice YT vids - 2 parts of how this can be done: https://www.youtube.com/watch?v=KJRMr6O3PQU https://www.youtube.com/watch?v=CgYkWcRZhEYRe: Migrate Folder Redirection via OneDrive KFM creates duplicates
Same problem here. I tried GPO, Intune, with and without disabling Offline Files, etc., "Leave the folder in the new location..." and "Redirect the folder.." I use Silent KFM with communication to user after it is done, and I also use Pormtp for KFM (if silent fails). Nothing helps - duplicates are created. What gives?
