life saviors i work a at school i we haven triying to figureout how to disable the "add printer scanner option" wich can be disable but in the current user registry key, since their account are limited intune uses a system account not afecting the student logged on. thanks to this we finally solve our problem
Haha glad I'm not the only one in Aus doing this 😀😀😀 i made something similar with additional features like user type targeting based on their sid eg azuread users only, loading offline user hives, csv of keys to change and defaults if i need to rollback later. I went down the path of changing the defult registry rather then active setup also went with win32 so rollback or changing somthing later leveraging uninstall , having the ability to change the csv not having to rewhitelist or sign a script for every change is also nice anyway love the content keep up the good work! Also where in Aus are you guys based?
@@IntuneTraining guess not a good question. I have one though. I’ve made a fist script as a remediation. It has a function that checks a couple registry paths for a specific app name. It loops through these paths, and if the path doesn’t actually exist, I use write output to note that. I call the function in an if statement that will write output if it exists or if it doesn’t, exiting with error codes. It seems only my “exists” or “doesn’t exist” output is logged in the remediation script successfully output. Why don’t any of the other write-outputs get logged?
Always happy to have a topic suggested, on here works, we make no commitment that it will be covered as some things like wifi profiles that need a whole heap of prep work just isn't feasible as I'm sure you can understand
@@IntuneTraining firstly, thanks for the response. I have a problem at the moment, where our cloud native windows 10 devices have varied encryption levels, in order to make them all aes xts 256 I need to decrypt , then re-encrypt. Ive made a basic script (its not very good) that basically does an if on teh encyption lelve then does a sleep then tried to reencypt then uplaod the key to enpoint manager. But sometimes it stalls, falls foul to poilcy and doesnt provide much help. I'm scared to send it to 200 devices :). Is there a better way to manage it. Also, I cant roll the keys in endpoint manager and end up with lots of stale keys i cant get rid off.
I love when stuff is used well in a way it's not intended. Great video, folks.
life saviors i work a at school i we haven triying to figureout how to disable the "add printer scanner option" wich can be disable but in the current user registry key, since their account are limited intune uses a system account not afecting the student logged on. thanks to this we finally solve our problem
Whoa! Nice! Why is this just not the officially recommended way PS scripts are deployed?
It is... Well... One of the officially supported ways..
-- Ben
Haha glad I'm not the only one in Aus doing this 😀😀😀 i made something similar with additional features like user type targeting based on their sid eg azuread users only, loading offline user hives, csv of keys to change and defaults if i need to rollback later. I went down the path of changing the defult registry rather then active setup also went with win32 so rollback or changing somthing later leveraging uninstall , having the ability to change the csv not having to rewhitelist or sign a script for every change is also nice anyway love the content keep up the good work!
Also where in Aus are you guys based?
Steve and guest Nick are in NSW
Ben is in VIC
Hey, i know this video is old but I have a quick question.
Ok
Troubleshooting script deployment in Intune. I went to the log files but did have any idea what I was looking at or looking for.@@IntuneTraining
@@IntuneTraining guess not a good question. I have one though.
I’ve made a fist script as a remediation. It has a function that checks a couple registry paths for a specific app name. It loops through these paths, and if the path doesn’t actually exist, I use write output to note that. I call the function in an if statement that will write output if it exists or if it doesn’t, exiting with error codes.
It seems only my “exists” or “doesn’t exist” output is logged in the remediation script successfully output. Why don’t any of the other write-outputs get logged?
Awesome! :) Super helpful and well explained.
Can I submit a topic Id like help with please? Can I post it here or do you have an email? Cheers chaps!
Always happy to have a topic suggested, on here works, we make no commitment that it will be covered as some things like wifi profiles that need a whole heap of prep work just isn't feasible as I'm sure you can understand
@@IntuneTraining firstly, thanks for the response. I have a problem at the moment, where our cloud native windows 10 devices have varied encryption levels, in order to make them all aes xts 256 I need to decrypt , then re-encrypt. Ive made a basic script (its not very good) that basically does an if on teh encyption lelve then does a sleep then tried to reencypt then uplaod the key to enpoint manager. But sometimes it stalls, falls foul to poilcy and doesnt provide much help. I'm scared to send it to 200 devices :). Is there a better way to manage it. Also, I cant roll the keys in endpoint manager and end up with lots of stale keys i cant get rid off.