Roy Trenneman

822 posts

Roy Trenneman

@RoyTrizzle

TVM + Intune + PowerShell + uɐᴉlɐɹʇsn∀ #SanAntonioSpurs

Katılım Ekim 2024

304 Takip Edilen29 Takipçiler

Roy Trenneman retweetledi

René@SirConfigmgr·2d

Intune: Get Platform Script Output sirconfigmgr.de/intune-get-pla… #intune #powershell

English

1.4K

Roy Trenneman@RoyTrizzle·10h

@kaidja @marrrkkkuuu This is brilliant. Hoping my intune secure boot report really is accurate. Had so many vague replies from MS about whether Autopatch sets the managed policy for you…

English

Kaido Järvemets@kaidja·1d

Tracking Secure Boot certificate deployment across your fleet? Here is the TPM-WMI event ID cheat sheet you need. Four stages. Each stage has specific events that tell you exactly where the device is in the process. From certificates hitting the DB to SVN enforcement in firmware. Print it. Pin it. Share it with your team. Full breakdown at the workshop on April 8th. Register here: docs.kaidojarvemets.com/training/secur… #SecureBoot #UEFI #Windows #CyberSecurity #Intune #SCCM #Firmware #EventLog

English

4.2K

Roy Trenneman retweetledi

Rudy Ooms@Mister_MDM·18 Mar

Maintenance Window Settings for OS, Drivers, and Updates This new Settings Catalog policy lets you decide when update work is allowed to run for OS, drivers, and firmware, instead of only trying to avoid restarts during active hours. And even though the Settings Catalog entry is not there yet, you can already configure it with the Update CaSP. I had a look at what it does, how it works, and why it is more than just active hours. patchmypc.com/blog/windows-u… #Intune #WindowsUpdates #Windows11 #MSIntune

English

184

26.2K

Roy Trenneman@RoyTrizzle·16 Mar

@SkipToEndpoint “They are just computers, not core infrastructure ” 🤭

English

107

James Robinson | MVP@SkipToEndpoint·16 Mar

Security folk - You starting to realise that Device Management needs to be part of Security, yet?

EZ@IAMERICAbooted

Reduce your Intune Admins and use intune rbac and restricted admin units. Segregate device management into groups to decrease the blast radius. Treat Intune Admins like Global Admins. Require PIM with approvals. I've been saying this since before it was popular. As unpopular as this may sound right now, Microsoft is not to blame. They wrote about how to do all this in their documentation, but nobody does it. You have to keep in mind that it could have been a Global Admin too. In that case, the situation is even more dire. The vast majority of orgs are still hybrid. If the compromise was of the on-prem AD, not much you can do because you can pivot to an Intune Admin's device and use the APIs. This is why your EDR should be throwing high alerts when admin machines stop checking in and you should validate visibility on those machines. Managing admin machines is really really hard. Admins write code, run scripts, and look like they are compromised all the time when they're not.

English

Roy Trenneman@RoyTrizzle·15 Mar

@DrMarmadukeNBA @UnderdogNBA @NBAonPrime Knicks fan. Enough said…

English

Dr. Marmaduke, CPA@DrMarmadukeNBA·15 Mar

@UnderdogNBA @NBAonPrime How long are we gonna glorify a dude who is the size of a power forward playing against backups pgs? Its fucking pathetic

English

421

Underdog NBA@UnderdogNBA·15 Mar

Wemby on Stephon Castle, via @NBAonPrime: "He 100% deserved to be the No. 1 pick [in 2024], but I'm so glad he wasn't." Castle went 4th behind Zaccharie Risacher, Alex Sarr and Reed Sheppard.

English

377

8.9K

626.4K

Roy Trenneman@RoyTrizzle·12 Mar

@manelrodero @acjuelich @imog Delete all categories and use Autopatch. Define your Device groups dynamically by splitting device id GUID if you need too for other stuff.

English

Manel Rodero@manelrodero·12 Mar

@acjuelich @imog Because we haven't had time to look at it yet. We have just now succeeded in re-launching the Intune-managed workstation project.

English

Manel Rodero@manelrodero·11 Mar

How do you get users to select the "correct" category when using it to put their device in a Windows Update update ring?

English

1.1K

Roy Trenneman retweetledi

Nathan McNulty@NathanMcNulty·27 Şub

@xenappblog @HP @MSIntune I'm not 100% sure how they count Microsoft Defender Antimalware for compliance (like is passive mode OK?) I often do custom compliance scripts which might work better here using this: Get-CimInstance -Namespace "root\SecurityCenter2" -ClassName AntivirusProduct

English

714

Roy Trenneman@RoyTrizzle·26 Şub

@Bubblebathgirl @MarcoFoster_ De Niro is 80+ while his girlfriend is 40?

English

Paul A. Szypula 🇺🇸@Bubblebathgirl·25 Şub

@MarcoFoster_ Everything De Niro said here is a lie, unsurprisingly.

English

192

14K

Marco Foster@MarcoFoster_·25 Şub

Robert De Niro: “We all love our country. I choke on that phrase. Can you love a country where our neighbors are shot down in the streets by masked government thugs? Can you love a country that denies healthcare for tens of millions of our fellow citizens? Can you love a country that trashes our economy to give tax breaks to its billionaire cronies? Can you love a country that pardons violent criminals and protects pedophiles? I feel betrayed by my country. It doesn’t have to be perfect, but it does have to return to the values that gave us our strength and humanity”

English

1.4K

10.6K

42.1K

1.2M

Roy Trenneman@RoyTrizzle·26 Şub

@rnabmitra Still not accurate.

English

@rnabmitra@rnabmitra·25 Şub

#Autopatch #SecureBoot Report is back! Check the status of devices in your tenant in #MSIntune console

English

2.2K

Roy Trenneman@RoyTrizzle·25 Şub

@Mister_MDM When I say export I mean the csv

English

Roy Trenneman@RoyTrizzle·25 Şub

@Mister_MDM Got a nice way to report in the dates? I visual it in powerbi by exporting the devices list as it contains the date but using the api it seems the date is missing.

English

Rudy Ooms@Mister_MDM·6 Nis

We all know the pain of expired Intune MDM certificates. Devices stop syncing with Intune and eventually fall out of management. But there’s a fix.... and the best part? It’s built right into Windows. The AllowRecovery CSP quietly handles certificate recovery in the background. – No more expired Intune certificates – No more missing private keys Curious how it works and what’s really happening behind the scenes? patchmypc.com/recovery-csp-i… #Intune #MSIntune #Windows #TPM #Microsoft #Windows11 #Certificate #Security

English

165

11.2K

Roy Trenneman retweetledi

Rudy Ooms@Mister_MDM·16 Şub

@alkhacnar @inthecloud_247 Yep for example :)

English

194

Roy Trenneman@RoyTrizzle·12 Şub

@hymnduncan 💯

QME

hymn duncan@hymnduncan·12 Şub

Another game we simply don’t win without the obvious 6MOTY Keldon Johnson. I think about this video from the dark days of 2023 frequently. “I’m gonna keep being myself…We’re gonna start winning - it’s just a matter of time.” Heart and soul of the Spurs BIG BODY

English

192

2.4K

41.2K

Roy Trenneman@RoyTrizzle·12 Şub

@TheHoopCentral @ShamsCharania @DetroitPistons since they just lost Stewart? Hoping @JeremySochan gets some time. One of my favourite players 😢

English

Hoop Central@TheHoopCentral·12 Şub

BREAKING: Jeremy Sochan and the Spurs are parting ways & Sochan is now a free agent, per @ShamsCharania. Which team should sign him?

English

219

120

3.2K

417.3K

Roy Trenneman retweetledi

MSEndpointMgr@MSEndpointMgr·11 Şub

Blog post: Location Services is grayed out? msendpointmgr.com/2026/02/10/loc…

English

2.5K

Roy Trenneman retweetledi

Co11ateral@co11ateral·7 Şub

For those of you starting in Windows Registry forensics, we created a guide focusing on understanding core hives and acquiring registry data safely for evidence analysis hackers-arise.com/digital-forens… @three_cube @DI0256 @_aircorridor #DFIR #blueteam

English

329

18K

Roy Trenneman retweetledi

Tom Degreef@TomDegreef·6 Şub

New blog post just dropped — perfect timing for a Friday deep dive! Demystifying how Managed Installers are configured … In Part 3 we break down how ConfigMgr and Intune actually implement it under the hood. If you like practical, real-world details (and fewer surprises in your policies), this one’s for you 👇 appcontrol.ai/post/appcontro… Grab a coffee (or something stronger), enjoy the Friday read, and let me know what you think!

English

870

Roy Trenneman@RoyTrizzle·5 Şub

@BleacherReport Everyone sleeping on Max Christie too. Dude is talented.

English

Bleacher Report@BleacherReport·4 Şub

The Mavs turned Luka into: ➖Max Christie ➖Khris Middleton ➖AJ Johnson ➖Malaki Branham ➖Marvin Bagley III ➖Lakers 2029 1st-RD pick ➖Thunder 2026 1st-RD pick ➖Warriors 2030 protected 1st-RD pick ➖Suns 2026 2nd-RD pick ➖Bulls 2027 2nd-RD pick ➖Rockets 2029 2nd-RD pick Do you think Dallas got a good return? 🤔👀

English

1.4K

402

10.4K

3.5M

Roy Trenneman@RoyTrizzle·5 Şub

@ClutchPoints They scared.

English

ClutchPoints@ClutchPoints·4 Şub

The OKC Thunder will be without the following players for tonight's matchup against Wemby and the Spurs: - Shai Gilgeous-Alexander (abdominal) - Chet Holmgren (back) - Lu Dort (knee) - Alex Caruso (adductor) - Isaiah Hartenstein (eye) - Ajay Mitchell (abdominal) - Ousmane Dieng (not with team)

English

1.7K

314.2K

Roy Trenneman@RoyTrizzle·3 Şub

@Mister_MDM Thanks for the comms. Watching mine this week for a status change.

English

131

Rudy Ooms@Mister_MDM·2 Şub

Did you notice that the Secure Boot policy that was previously showing the 65000 error suddenly started applying? The Secure Boot policy that was rejected by licensing was not fixed by a Windows update. Microsoft fixed the licensing logic service side. When a device refreshes its license by contacting licensing.mp.microsoft.com, typically every 30 days, the same policy can start working without any configuration changes. patchmypc.com/blog/intune-po… #Intune #MSIntune #Windows #Windows11

English

11.4K

Keşfet

@kaidja @marrrkkkuuu @SkipToEndpoint @DrMarmadukeNBA @UnderdogNBA @NBAonPrime @manelrodero @acjuelich