Tuesday, July 9, 2024

Microsoft Entra hybrid device pending

Failure to launch?  You can't unsee some things.  That Terry Bradshaw scene in the forementioned movie still haunts me.

This part is from Microsoft...

Resolve Microsoft Entra hybrid devices in pending state

During the initial phase of the hybrid join process, the device state is expected to be pending until the registration process is complete.

A device may remain in a pending state for the following reasons that an admin can address:

Microsoft Entra Connect device synchronization changes

Problems could occur if a change made in Microsoft Entra Connect caused the device ID to be out of sync with the machine. Validate Microsoft Entra Connect is functioning as expected and there was no recent configuration changes.

Required Microsoft endpoints may be blocked by network

Devices must be able to communicate successfully with the following Microsoft endpoints:

  • https://enterpriseregistration.windows.net
  • https://login.microsoftonline.com
  • https://device.login.microsoftonline.com
  • https://autologon.microsoftazuread-sso.com (If you use or plan to use seamless SSO)
  • Your organization's Security Token Service (STS) (For federated domains)

After confirming the above scenarios aren't contributing to the pending state, run the following command ”dsregcmd /leave” in an elevated command prompt and restart the device to attempt to rejoin the machine. Changes may take up to an hour to show in Microsoft Entra.

If the issue is persistent after following the steps above,  for further assistance.

at No comments:

Friday, May 3, 2024

Am I too old to view the software installed on a remote computater?

Yall, I couldn't remember how to stealthy, geeky, and command liney check to see what was on a remote computer.  I thought I had a post about it but I could not find it.  So, here's an easy way to get your geek on.

Get-CimInstance -Class Win32_Product -Computer YoReplaceWithRemoteComputerName | where vendor -eq 'YoReplaceWithVendorName' | select Name,Version

at No comments:

Monday, April 15, 2024

If Peter Parker were to manage the Googles - GAM

 

GAM is an open source command line tool for making changes to objects in the Google Admin console. It is thoroughly documented at the Github Wiki. The options available for use with GAM are displayed in specific sections on the right-hand side of the GAM Wiki.

I always quote Peter Parker's Uncle Ben when discussing a tool like this.  
"With great power comes great responsibility" 
GAM is a powerful tool, and it could be easy to break a lot of stuff rapidly.  Google support may not be super forgiving if you tell them you deleted all your user accounts while using GAM.

If you need help, this page should be your next click.

Directory Commands

In my case, I needed a way to suspend a little over 1700 accounts that had been improperly processed for a few years.  Below is the command I used to suspend all the user accounts in the Inactive Students organizational unit.  Please note suspend 0 will make accounts active and suspended 1 will suspend the account.

gam ou "/Inactive Students" update user suspended 1

I should say, I'm not really sure what GAM stands for.  I assume it is Google Admin Manage(r) or something like that.  I couldn't find it listed anywhere.  

at No comments:

Thursday, March 7, 2024

M365: I guess it's time to hybrid join

 Well, they finally pushed us to hybrid join all our clients to Microsoft Endpoint (otherwise known as intune).  It is actually really cool and made me excited about Microsoft again.  

You can do cool stuff like

  • Finally, ditch WSUS servers in favor of Windows Update Rings (WUR)😍
  • Deploy software packages and configuration profiles while the client is offsite

    Instructions to hybrid

at No comments:
Subscribe to: Posts (Atom)

.Net said .No so this says .Youbetterorelsebuddy

 I was having trouble with .net framework install on new computers.  I'm not sure why it didn't work repeatedly, but found that if y...