Microsoft XDR (Defender) - How to export - Advanced Hunting - Custom Detection Rules
Hello everyone, Our team is trying to export the Custom Detection Rules. We have more than 50 rules, so we need an automated process that allows us to export and import the rules. Currently, we see that the API function that allows this is still in beta:…
BitLocker Drive Encryption: The data drive specified is not set to automatically unlock
Good morning, We are trying to configure BitLocker across our domain, and we are running into some issues. The issues only occur on about a quarter of our machines, the rest work as intended. The error message we receive states this: "The data…
SMS deprecation July 2023
So my understanding is that in July 2023, user accounts that have MFA enabled will no longer be able to use SMS for MFA. You will not be able to add users to an exemption group that will allow them to still use SMS after July 2023. Microsoft will no…
Troubleshooting Random Freezing on Windows 11 Laptops with LSA(SRV) Errors
As a technician, there's a recurring issue with customer laptops freezing, and the event viewer shows numerous LSA (lsasrv) warnings with random event IDs ranging from 6000 to 6155. The laptops often arrive in BIOS reset mode, powering on and off…
Firmware Protection grayed out and off
Hello, I enabled VBS in group policy. In the registry system guard says its on (enabled value set to 1), but in Msinfo32 I don't see secure launch as configured and in defender it says it's off and managed by an administrator. What can I do to enable…
mdatp growing /Library/SystemExtensions/.staging
We are currently experiencing an issue with mdatp growing the .staging file located in the following path: /Library/SystemExtensions/.staging So far we have had the issue with macOS from version 12.4 - 12.6.1. We did not deploy using script,…
Bitlocker with & without TPM - What's the Difference?
What does the TPM do (what are its functions) when you encrypt the system drive with Bitlocker? And what is the difference if I encrypt the system drive without the TPM?
BitLocker. Identifier differs from my pc identifier
When I printed the Bitlocker key to save in case I needed it in the future, I saw that the device identifier that appears there was different from the device identifier that is put on the computer. Faced with this contradiction, deactivate Bitlocker.…
Consulta sobre Privilegios Administrativos para Aplicación Específica
Estimados ingenieros de Microsoft, espero que se encuentren bien, actualmente, tenemos algunos usuarios estándar que necesitan utilizar (ejecutar) software que requiere privilegios administrativos cada vez que inician sesión. ¿Existe la posibilidad de…
How Do I Get Permission to Delete the Windows Folder?
I have a an external hard drive that I had previously used as the main drive on a scrap laptop that lacked an internal drive. Now, I am trying to use the same hard drive as an additional drive on my daily driver laptop. Windows will not let me delete…
Signing an audit App Control for Business (WDAC) Policy Doesn't Log Events?
Hello, We have several App Control for Business policies deployed on our fleet of machines, several of them are signed and enforced. We had one policy in audit mode (unsigned), and the Code Integrity logs for this policy came in just fine. No issues…
cant remove windows security with chrome password
HELLO I simply dont have the option Disable 'Use Windows Hello when filling passwords'. Its just not there on my chrome passwords parameters ! I want to disable this windows security asap
"Password incorrect" while opening cmd in recovery mode
When I am accessing command prompt in windows recovery mode (pre-installation mode) it ask to enter the password. I am providing correct password (Microsoft account password) still getting warning as incorrect password.
How can I customize the blocked website message in Edge to provide additional guidance?
I recently was asked by a customer if Edge has the capability to customize messaging that end users receive. This was specific around the messaging that appears for blocked websites. The verbiage simply reads "This website is blocked by your…
Message says "The Microsoft account doesn't exist. Enter a different account or get a new one."
I am trying to sign in to a new computer using my Microsoft account. I know the account is valid because it is the same one I am using in this forum. But, I get a message saying "The Microsoft account doesn't exist. Enter a different account or get…
problem in electronic signature under Windows 10 with an external magnetic card reader (HID)
problem in electronic signature under Windows 10 with an external magnetic card reader (HID), when signing, error message: Windows Security, Smart card, Select smart card device. Any idea to fix this problem?? on other PCs it's OK. THANKS
window 11 security and bitlocker
i have bitlocker recently and i lock my personal drive with bitlocker but exedently i have a virus and its remove my window securityCenter service ir bitlocker servies from services and my drive is still lock nut when i click on it to open there is no…
I forgot the pin number on my HP laptop what can I do to fix it
I opened my HP laptop and it asked for my PIN I forgot my pin and so I click on forgot my PIN and it takes me to Microsoft account I log in what do I do from there
what do you do when you get the change C:PROGRAM TO C:PROGRAM1 FILE NAME WARNING?
There is a folder on your computer called "C:\PROGRAM" which could cause certain application not function correctly. renaming to "C:\PROGRAM1" would solve this problem. Would you like to rename it now? I do see this file (not a…
my samsung galaxy S9-MODEL SM-G960W is Google Locked after updated Device now Im locked out
UNINSTALL GOOGLE ACCOUNT OR BYPASS SETTING ON MY SAMSUNG GALAXY S9