Vladimír machv
| Policy Path | Name | Value | Note |
|---|---|---|---|
| User Configuration\AT\Microsoft Office 2016\First Run\ | Disable Office First Run on application boot | Enabled | |
| User Configuration\AT\Microsoft Office 2016\First Run\ | Disable First Run Movie | Enabled | |
| User Configuration\AT\Microsoft Office 2016\Subscription Activation\ | Automatically activate Office with federated organization credentials | Enabled | Needed when AD FS is used |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| • Name AppLocker | |
| • Destination log Forwarded Events | |
| • Type Source computer initiated | |
| • Computer Groups “Domain Computers” (or custom group containing the computer accounts to accept events from). | |
| • Events to collect: | |
| o Logged Any time | |
| o Event level Error, Warning, Information | |
| o Event logs Microsoft-Windows-AppLocker/EXE and DLL | |
| Microsoft-Windows-AppLocker/MSI and Script | |
| Microsoft-Windows-AppLocker/Packaged app-Deployment |
In this scenario I am using two proxy servers:
- User proxy - with authentication required for users
- System proxy - for machine context without any authentication
Sample squid configuration is below together with PowerShell script to configure prerequisities (https://docs.microsoft.com/cs-cz/azure/active-directory/hybrid/how-to-connect-install-prerequisites#connectivity).
Do not make any changes to miiserver.exe.config. This file is overwritten on every upgrade so even if it works during initial install, the system stops working on first upgrade. For that reason, the recommendation is to update machine.config instead.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "is_default":true, | |
| "name": "Google", | |
| "keyword": "google.com", | |
| "search_url": "{google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:iOSSearchLanguage}{google:searchClient}{google:sourceId}{google:contextualSearchVersion}ie={inputEncoding}", | |
| "suggest_url": "{google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:omniboxFocusType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}" | |
| }, | |
| { | |
| "name": "Bing", |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# Added by Michael Pietroforte #> | |
| Param( | |
| [Parameter(Mandatory=$True)][string]$regPath, | |
| [Parameter(Mandatory=$True)][string]$xmlPath | |
| ) | |
| <# | |
| Orginal script by Malcolm McCaffery | |
| More info at the http://chentiangemalc.wordpress.com/2014/07/02/importing-reg-files-into-group-policy-preferences/ | |
| #> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://support.microsoft.com/en-us/help/4561494/microsoft-edge-application-creation-fails-in-configuration-manager |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $vmRootDir = "D:\Virtual Machines" | |
| $LibraryPath = "C:\Data\Parent Disks" | |
| $vSwitchName = "VM" | |
| $MountDir = "C:\Data\MountDir" #cannot be CSV | |
| $ServerName = ""hv01 | |
| $VMs = @() | |
| $VMs += @{ | |
| VMName = "VM01" | |
| MemoryStartupBytes = 512MB |
machv
/ 00_Setup.ps1
Last active
August 4, 2020 12:14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #region create AAD app | |
| # based on https://docs.microsoft.com/en-us/powershell/partnercenter/secure-app-model?view=partnercenterps-1.5 | |
| $DisplayName = "MFA Status Ingester" | |
| Connect-AzureAD | |
| $adAppAccess = [Microsoft.Open.AzureAD.Model.RequiredResourceAccess]@{ | |
| ResourceAppId = "00000002-0000-0000-c000-000000000000"; | |
| ResourceAccess = | |
| [Microsoft.Open.AzureAD.Model.ResourceAccess]@{ |