Do XDR Alerts cover the same alerts available in Alert Policies?
The alerts in question are the 'User requested to release a quarantined message', 'User clicked a malicious link', etc. About 8 of these we send to 'email address removed for privacy reasons'. That administrator account has an EOM license, so Outlook rules can be set. We set rules to forward those 8 alerts to our 'email address removed for privacy reasons' address. This is, very specifically, so the alert passes through the @tenant.com address, and our ticketing endpoint knows what tenant sent it. But this ISN'T ideal because it requires an EOP license (or similar - this actually hasn't been an issue until now just because of our customer environments). I've looked at the following alternatives: - Setting email address removed for privacy reasons as the recipient directly on the Alert Policies in question. This results in the mail going directly from microsoft to our Ticketing Portal - so it ends up sorted into Microsoft tickets. and the right team doesn't get it. SMTP Forwarding via either Exchange AC User controls or Mail Flow Rules. But these aren't traditional forwarding, and they have the same issue as above. Making administrator @tenant.com a SHARED mailbox that we can also login to (for administration purposes). But this doesn't allow you to set Outlook rules (or even login to Outlook). I've checked out the newer alerts under Defender's Settings panel - XDR alerts, I think they're called. Wondering if these can be leveraged at all for this? Essentially, trying to get these Alerts to come to our external ticketing address, from the tenants domain (instead of Microsoft). I could probably update Autotask's rules to check for a header, and set that header via Mail Flow rules, but.. just hoping I don't have to do that for everyone.Impersonation Protection: Users to Protect should also be Trusted Senders
Hey all, sort of a weird question here. Teaching my staff about Impersonation Protection, and it's kind of occurred to me that any external sender added to 'Senders to Protect' sort of implicitly should also be a 'Trusted Sender'. Example - we're an MSP, and we want our Help Desk (email address removed for privacy reasons) to be protected from impersonation. Specifically, we want to protect the 'Help Desk' name. So we add email address removed for privacy reasons to Senders to protect. However, we ALSO want to make sure our emails come thru. So we've ALSO had to add email address removed for privacy reasons to Trusted Senders on other tenants. Chats with Copilot have sort of given me an understanding that this is essentially a 'which is more usefuI' scenario. But CoPilot makes things up, and I want some human input. In theory, ANYONE we add to 'trusted senders' we ALSO want protected from Impersonation. Anyone we protect from Impersonation we ALSO want to trust. Copilot says you SHOULDN'T do both. Which is better / more practical?Something happened and your PIN isn’t available. Click to set up your pin again.
Firstly I am sure this problem has been addressed many times before, so my apologies in advance. Win 11 Home Premium – Safe Mode I recently acquired a Dell Vostro 15 3000 Core i5 10th Gen. Prior to accessing the www for the first time I went to sys.config & clicked on safe mode. After the standard re-start I had this message "Something happened and your PIN isn’t available. Click to set up your pin again." However, after clicking the onscreen link nothing happened, this was repeated in a number of occasions with the same result. I did a restart using F2 to get to the BIOS setup but was unsure of the options available to remedy the problem, has anyone had a similar problem which they managed to resolve? Any help would be appreciated. Regards.
Always on VPN Device Tunnel with IPv6 ikev2
Hi everyone, i have a huge Problem with always on VPN and IPv6. We have a working configuration, with RAS Server and Windows 11 Clients using always on VPN with IPv4 and computer certificates (IKEv2) from internal CA. External Clients connect over Internet to Firewall -> RAS -> VPN CONNECT (with certificate) -> Access to internal. Works. But now we are facing some problems with IPv6. Many Internet providers are working with IPv6 only Addresses for private internet connection. When users are trying to connect over IPv6 with their Certificate, it is not working. So, we tried to rebuild the configuration. I configured a second RAS Server for testing. I recreated the config and VPN settings but tried to connect from internal network, just to test connection for VPN with IPv6 without any routing problems or anything like that. Even if i try to connect to the RAS Server directly from the same Network (IPv6) it is not connecting. Server is reachable, configuration for IPV6 is set, certificate is installed, PKI is reachable... anything seems fine. But, as soon as i try to connect to RAS with IPv6 AND IKEv2 Certificate, it wont connect. It seems, that the client doesnt even really trying. I hit "connect" and in less than a second the error appears that it cannot connect. There is no real error message in eventlog or anywhere else. It's just saying... no, not working. So, my question is: Doese anyone ever had a working IPv6 Always on VPN Device Tunnel with Computer Certificates and IKEv2? Because i dont have any more ideas what could be the Problem! Thanks!
Windows freezing gradually after wake up
I'm fairly new to Windows 11 but this problem started with Windows 10 about a month ago. Since then I've tried just about everything I read, including replacing the graphics card (and drivers of course). Event Viewer seems to come up with something different every time I address a problem and Reliability History much the same. The last "Ahaa" moment was with a Samsung app about 10 years old which I uninstalled, but nothing doing. Everything I've read seems to have various solutions but I'm at my wits end. Fundamentally the PC wakes up normally after about an hour, but any longer and "bits" start to fail. Outlook seems to be the first (probably because that's my first "goto") followed but any apps that I click on some seconds later, followed by the mouse freezing and a hard reset. It often starts straight away but sometimes a few attempts are needed but it always attempts to start W11 and freezes just before completing. If it gets to recovery mode it always starts. My sanity is in your hands..One folder not opening immediately and fields not populating
One folder of mp3 files (26) was not opening immediately, created a new folder with a different name, then it opened ok, but when i changed the name as originally and it once again took ages to open. also the fields are not fully populating, some tracks are but most remain blank, checked in mp3tag and all ok, what could be wrong to cause this single folder to misbehave thanksComputer sync damage
I got a new computer. When I signed it into Microsoft a lot programs file were downloaded, which I did not need on that computer. When I put them into the recycling bin in the new computer, they were deleted from another computer, where I need them. I had to reinstall some programs. How do I prevent network computers from "syncing". I still want to have the ability to move files from one computer to the other. There also are recurrent problems with all the computers appearing on the network....they come and go. Peter
7 General suggestions to Windows and its Apps
During my experience on Windows I’ve been thinking about how it could improve, especially around Fluent Design. I wrote down seven ideas that I’d love to hear opinions on. I will be sharing them here: #1: Two branches for Windows and content updates; Trying to please everyone with a single version of Windows is difficult, so Microsoft could maintain two official branches of the system: a “Vintage Windows” (like Windows 10), for those who prefer the classic interface and a more traditional look, with extended support indefinitely and security updates. And a “Modern Windows” (Windows 11), consistent with Fluent Design, constantly updated, and focused on introducing new features. Both would use the same kernel and APIs for developer compatibility. This approach would offer users greater freedom of choice and demonstrate that a trillion-dollar company is dedicating teams to simultaneously deliver traditional features and modernity. I’ve seen many people complain about the lack of consistency and lack of content. Additionally, I miss feature updates for Windows and hope that Microsoft brings more flexibility, apps, and Fluent 2-style fixes in future updates. And, yes, this would increase the efforts and costs, but it's a cost that a trillion-dollar company could take. #2: Modern Flyouts and Windows' limitation with volume mixer; In Windows 11, the multimedia controls displayed by apps like Fluent Flyouts are very limited; they only allow you to pause or skip tracks, with no option to adjust the volume or use repeat or shuffle buttons. This makes the experience less convenient compared to Android, where users can control the app’s volume or the music’s volume separately, and the operating system allows third-party apps to do so. My suggestion is that Microsoft should be more flexible and give apps like Modern Flyout the ability to adjust the volume, so you could turn the music up or down without affecting the overall system volume. Honestly, it’s surprising that something as basic as this hasn’t been implemented yet in the most widely used operating system. #3: Lack of flexibility in the Windows 11 search bar; Windows 11 still limits users and developers to a rigid and impractical search bar. Apps like Fluent Search, Flow Search, and Everything Toolbar are much faster and more powerful, but they’re confined to taskbar icons or floating search bars, while the native search bar takes up space without offering the same efficiency. Microsoft needs to be more flexible and release an API that allows third-party apps to appear as a search bar directly on the taskbar. This isn’t a complex feature; it’s something simple and obvious that should already exist. If the official search bar itself isn’t improved, the least they could do is give other apps the freedom to offer a superior experience. It’s frustrating to see Windows remain limited in such basic aspects, while other systems offer more modern and practical solutions. Microsoft needs to listen to users and stop holding Windows back with an outdated model. #4: Windows Task Scheduler and other menus and tools need to be updated The native Windows Task Scheduler is completely outdated and inconsistent with the Fluent 2 style. Independent projects like the Fluent Task Scheduler show that it’s possible to have a modern, organized, and much more user-friendly interface. It’s frustrating that these apps have to coexist with outdated system tools, without being able to replace them or integrate with the system. Microsoft, as a trillion-dollar company, should invest in modernizing its own utilities or hire independent developers who have already proven capable of creating superior solutions, such as the Fluent Task Scheduler. The lack of visual and functional consistency in Windows is glaring and needs to be addressed #5: Lack of flexibility in naming user folders Compared to the Android system; Windows is very inflexible and lacks practicality in many ways. For example, if my folder is C:\Users\eagl, I cannot simply correct it to eagle without creating an entirely new user profile. This lack of flexibility is a major hurdle for personalization on what could be a basic and simple fix. On Android, I was already so used to the system’s practicality that when I switched to Windows—which was supposed to be a more robust and powerful system—I was surprised to find it lacks even such a basic feature. #6: Differences in user experience between home and business users, and inconsistencies in Fluent 2; Microsoft seems to be focusing more and more on businesses, consistently applying Fluent 2 to apps like Teams, Outlook, and Office, while everyday users are left with a Windows full of outdated and inconsistent menus. This contradicts the marketing that promotes Fluent 2 as the standard, yet is frequently violated by the official apps themselves. It’s frustrating to see that Microsoft can’t deliver on its promises. If it really wants to preserve old elements for the sake of businesses, then it should separate the systems, as in point #1: a legacy one for compatibility and a modern one for home users. Or, at the very least, adhere to the Fluent 2 style across all of Windows. I love Fluent 2 and really want to see significant progress in this area, but seeing that Microsoft itself hasn’t made much effort in this regard has been a disappointment. The trillion-dollar company that talks so much about innovation shouldn’t be delivering a fragmented and outdated system. #7: Digital Wellness and productivity; Microsoft should make a native app with fluent style to help users watch their screen/app time. In 2026 there hasn't been an app that's free, solid and that feels native in Windows 11, because there aren't any API for that. Apps like Activity Watch for some reason don't work in my PC and apps like SolidTime are paid and not really fluent. Naturally, something like this should be made by Microsoft itself. Android has it since the beginning, why Windows doesn't have it yet? I believe that these suggestions, even though difficult, could contribute for a more consistent user experience, improved productivity and easier accesibility.Win 11 OEM Activation problems on Laptop w/ Win 10 S Mode
I purchased an HP laptop model 15-dw3033dx from Best Buy a few years ago. These had Windows 10 in S-Mode preinstalled. First thing I did after OOBE and initial activation was to go to the Windows Store and switch the laptop out of S-Mode, then I did a clean install of Windows 10 Home. I run it with a local account only. When I did a clean install from a fresh Win 11 Home 25H2 download with a local account, the system activated as expected. However, when I did a Win 11 Home 25H2 install with a customized autounattend.xml file and local account, I get an activation error with code 0xC004C003. I installed from the SAME media to the SAME laptop, the only difference being having the custom autounattend.xml file or not. I then did a clean install of Win11 Home 25H2 WITHOUT the custom autounattend.xml file and logged in with a Microsoft account. The Activation was normal. On the same laptop and same media, I reinstalled Win 11 25H2 Home using the custom autounattend.xml file and logged in with a Microsoft Account. This time, I get an activation error with code 0x8004FE94. This time I am given an option to activate by phone, but the countries listed goes from Afghanistan to Palau, and nothing past Palau. There was an option to say I changed hardware on the device so I gave that a try. I get a "Unable to activate Windows" message. Bottom Line - on the same laptop (sold w/ Win10 S Mode and switched out) and same install media, clean install of Windows 11 Home activates normally, customized autounattend.xml install gives activation error. I have some other similar devices at a local nonprofit to migrate to Win11 so all suggestions and insights are welcome!
Windows 11 24H2/25H2 System Freeze After January 2026 Updates – Lenovo ThinkPad G2
Dear Microsoft Support Team, We would like to raise a high-priority technical support case regarding a stability issue observed after installing the January 2026 cumulative updates on our Windows 11 devices. Environment Details: Device Model: Lenovo ThinkPad G2 (multiple units) OS Versions: Windows 11 24H2 and 25H2 Update Installed: January 2026 Patch Tuesday cumulative update (KB number can be provided) Deployment Method: WSUS / Intune / Windows Update (specify accordingly) BIOS Version: (Installed Latest available from Lenovo) Issue Description: After installing the January 2026 cumulative updates, devices intermittently experience a complete system freeze. The system becomes fully unresponsive: Mouse and keyboard input stop responding No BSOD is displayed Task Manager cannot be opened System recovery is only possible via hard reboot (power button) Frequency: The issue occurs randomly, both during active use and idle state. Multiple users across our environment are impacted. Troubleshooting Performed: Reinstalled OEM-certified Lenovo display drivers Disabled Fast Startup Ran SFC and DISM health checks (no integrity violations) Updated BIOS to latest version Setting power idle mode, then work normally Request: - Please confirm whether this is a known global issue under investigation. - Advise if any hotfix, Known Issue Rollback (KIR), or registry-based mitigation is available. - Provide guidance on additional diagnostic logging required at kernel or driver level. - Confirm whether crash dump analysis is recommended for this scenario. We are prepared to provide additional diagnostic logs, memory dumps, or reproduction steps upon request. Kindly treat this as a priority case due to multi-user impact in a production environment. Thank you for your support. #Windows11, #Windows 11 24H2, Windows Update, Cumulative Update, System Freeze, Lenovo ThinkPad, Display Driver, Enterprise
