However, I kept getting an invalid manifest 0x80080204 error when trying to save the manifest after adding the extension section while creating an MSIX for Visual Studio Code (which needs a specific font or icons won’t show).
I then noticed there was no xmlns link at the top of the package for uap4 π
AlphaFS is my go-to library when working with Long Paths, since PowerShell’s built in functions do not support long paths and error out.
As I couldn’t find good PowerShell examples using GetAccessControl and SetAccessControl with the AlphaFS library, I wanted to post my script here for those googling an example π
If you’re trying to use the Windows Defender Advanced Threat Protection through the API or through PowerBI and get an AADSTS50131 error, you’ll probably check your sign in logs to see if you’re being blocked by conditional access. If there’s nothing there, as I had the joy of discovering (tsk Microsoft, you really should log this) then check your classic policies and disable if present (old anyway):
Getting local Azure AD / Intune device compliance state with a PowerShell Oneliner
The Graph API and Intune portal(s) give insight into device compliance status, but what about a local equivalent? How can we locally detect from e.g. a script on a Windows 10 laptop if the device is compliant or not?
The good old Group Policy “Configuration\Policies\Administrative Templates\System\User Profiles\Delete User Profiles Older than a Specified Number of Days on System Restart ” isn’t part of Intune yet.
If you use shared devices in your environment, you can use below script to set the number of days after which a user profile is cleaned up on Windows 10 MDM / Intune managed.
It has to run under SYSTEM context or it won’t be allowed to write the right key.