Anthony J. Fontanez
@ajf8729.com
Lead Customer Engineer (Intune/ConfigMgr)
Endpoint Management Enthusiast
Admin: WinAdmins Community (@winadmins.io)
About Me: https://ajf.one/me
Blog: https://ajf.one/blog
All views are my own.
Endpoint Management Enthusiast
Admin: WinAdmins Community (@winadmins.io)
About Me: https://ajf.one/me
Blog: https://ajf.one/blog
All views are my own.
There's a new boot image option available in #ConfigMgr 2509! #BlackLotus
November 14, 2025 at 2:53 PM
There's a new boot image option available in #ConfigMgr 2509! #BlackLotus
RIP Windows 10 tomorrow, can still remember running the initial insider builds!
October 13, 2025 at 10:21 PM
RIP Windows 10 tomorrow, can still remember running the initial insider builds!
Woohoo, #Autopatch can use a Win32 app instead of a platform script for the broker now! Go to intune.microsoft.com#view/Microso... and hit that Migrate button right meow! In case you missed the MC notification about this, it's here admin.cloud.microsoft#/MessageCent... #Intune
October 10, 2025 at 2:03 PM
Woohoo, #Autopatch can use a Win32 app instead of a platform script for the broker now! Go to intune.microsoft.com#view/Microso... and hit that Migrate button right meow! In case you missed the MC notification about this, it's here admin.cloud.microsoft#/MessageCent... #Intune
Aye, this new #Entra feature is pretty neat once you work out the missing bits! After you set isCloudManaged=true, add the group to the Cloud Sync Entra->AD config, trigger provisioning, and watch the group get relocated/renamed! SOA reversal with the SID maintained! See before and after images:
August 1, 2025 at 10:54 PM
Aye, this new #Entra feature is pretty neat once you work out the missing bits! After you set isCloudManaged=true, add the group to the Cloud Sync Entra->AD config, trigger provisioning, and watch the group get relocated/renamed! SOA reversal with the SID maintained! See before and after images:
So I shouldn't hybrid join my DCs and send the DSRM password to Entra?
April 30, 2025 at 2:21 AM
So I shouldn't hybrid join my DCs and send the DSRM password to Entra?
Did you know you can send LAPS passwords to Entra on Server OS? Neither did @adamgrosstx.bsky.social or I until yesterday! Just need to hybrid join the server(s) and set the GPO to backup to "AAD"! Neat!
April 30, 2025 at 12:33 AM
Did you know you can send LAPS passwords to Entra on Server OS? Neither did @adamgrosstx.bsky.social or I until yesterday! Just need to hybrid join the server(s) and set the GPO to backup to "AAD"! Neat!
PSA for Teams meetings organizers - you can end meetings for all participants when it's over.
March 11, 2025 at 5:07 PM
PSA for Teams meetings organizers - you can end meetings for all participants when it's over.
It's Strong Certificate Binding Enforcement day everyone! support.microsoft.com/en-us/topic/...
February 11, 2025 at 6:06 PM
It's Strong Certificate Binding Enforcement day everyone! support.microsoft.com/en-us/topic/...
Still got that test user hanging around!
January 21, 2025 at 8:12 PM
Still got that test user hanging around!
TIL that your trusted root/subCA cert profiles and your SCEP profiles need to be assigned to the same groups so certs actually get issued. Was banging my head against a wall because my root/sub were assigned to devices and the SCEP profile to users.
January 17, 2025 at 11:04 PM
TIL that your trusted root/subCA cert profiles and your SCEP profiles need to be assigned to the same groups so certs actually get issued. Was banging my head against a wall because my root/sub were assigned to devices and the SCEP profile to users.
FYI for those doing certificate authentication with NPS, there's an enforcement coming in 2025-02 for strong mapping support.microsoft.com/en-us/topic/... #Intune
January 14, 2025 at 4:38 PM
FYI for those doing certificate authentication with NPS, there's an enforcement coming in 2025-02 for strong mapping support.microsoft.com/en-us/topic/... #Intune
TIL Discord supports security keys/passkeys! That's awesome!
January 14, 2025 at 1:42 AM
TIL Discord supports security keys/passkeys! That's awesome!
I know Canary channel is bleeding edge, but I wasn't expecting THIS much...
January 8, 2025 at 2:39 AM
I know Canary channel is bleeding edge, but I wasn't expecting THIS much...
Make sure you click the correct "Resource Explorer" link if you're looking for #Intune Device Inventory data on a co-managed device! (hint, the top one is Intune, the lower is ConfigMgr) 😄
December 11, 2024 at 3:20 PM
Make sure you click the correct "Resource Explorer" link if you're looking for #Intune Device Inventory data on a co-managed device! (hint, the top one is Intune, the lower is ConfigMgr) 😄
Hmm, maybe I should update my root CRL this week...
December 9, 2024 at 1:25 AM
Hmm, maybe I should update my root CRL this week...
Weird hiccup with the CMG after enabling the new Enhanced Security feature. The CMG properties window no longer worked correctly, I found WMI errors in the console log, and ended up temp adding a second SMS provider, which fixed it up. My lab has seen some stuff though.
December 5, 2024 at 2:42 PM
Weird hiccup with the CMG after enabling the new Enhanced Security feature. The CMG properties window no longer worked correctly, I found WMI errors in the console log, and ended up temp adding a second SMS provider, which fixed it up. My lab has seen some stuff though.
Upgraded the lab! #ConfigMgr 2409, then site server upgrade from 2022 -> 2025!
December 4, 2024 at 11:31 PM
Upgraded the lab! #ConfigMgr 2409, then site server upgrade from 2022 -> 2025!
I just completed "Ceres Search" - Day 4 - Advent of Code 2024 #AdventOfCode adventofcode.com/2024/day/4 github.com/ajf8729/Adve... and @z-nerd.com noticed my part 1 code looked like half of a Christmas tree so I added a star to it!
December 4, 2024 at 6:30 PM
I just completed "Ceres Search" - Day 4 - Advent of Code 2024 #AdventOfCode adventofcode.com/2024/day/4 github.com/ajf8729/Adve... and @z-nerd.com noticed my part 1 code looked like half of a Christmas tree so I added a star to it!
