This issue has been bugging me for awhile, at first I thought it was the 'Phone Link', which was wrong, till I grabbed the logs and eventually found it what was the cause of it. As I was viewing the logs for (52) Events Microsoft-Windows-AppLocker_Packaged_app-Execution Events.evtx, I found the issue. I updated the XML for the Kiosk Assigned Access profile, which I allowed <App DesktopAppPath="C:\Windows\SystemApps\MicrosoftWindows.Client.CBS\_cw5n1h2txyewy\CrossDeviceResume.

My colleague had some issues around this persona build for a customer, my colleauge reached out to me to have a look. I enrolled a physical device and all checked out, when clicking on 'Photos' and 'Paint' on the start menu - it would try to load but never worked. My colleague confirmed that he had whitelisted the XML to: <App AppUserModelId="Microsoft.Paint_8wekyb3d8bbwe!App" /> <App AppUserModelId="Microsoft.Windows.Photos_8wekyb3d8bbwe!App" /> Which didn't work, till I did

A customer reached out with wanting to set an initial start menu layout for their Windows 11 23H2 fleet, unfortunately for them if they were on Windows 11 24H2, we could use the .json and simply use the settings catalog option. In this case, I attempted with start2.bi n option as a win32 app which didn't give me the best success till I attempted using a remediation script. What you will need to do first is: Customise your start menu what you like to show up Run PowerShell ISE

Microsoft deprecated Wordpad as of 1st Sept 2023 https://learn.microsoft.com/en-us/windows/whats-new/deprecated-features#:~:text=WordPad,deprecated%20features which applies to Windows 11 24H2 and above. An education customer who requires Wordpad to be reinstated reach out to me to get it reinstalled as they were on Windows 11 25H2. What I needed to do is setup a VM with Windows 11 23H2, navigated to C:\Program Files\Windows NT\Accessories\ - copied the files over where the p

A customer reached out to me as they wanted to prevent shortcuts (*.lnk) from appearing on their student devices. Easiest I could think of is a detect and remediation script. Detect.ps 1 $Shortcuts2Remove = "Google Chrome.lnk", "VLC media player.lnk", "Audacity.lnk", "Firefox.lnk", "Google Chrome.lnk", "Microsoft Edge.lnk", "Vivi.lnk" $DesktopPath = "C:\Users\Public\Desktop" # Public and User Desktop: "C:\Users\*\Desktop\*", for Public Desktop shortcuts only: "C:\Users\Public

Late last year I posted about a 'Custom Power Plan (Win32 app)' , I decided to revisit this again. Create a Power Plan: Call whatever name you like, in this I have called it 'Devicie Power Plan' Then customize your power plan as you need. Start Command Prompt as Administrator, and run the following: This will list out your current plans: powercfg /L Then in the same command prompt, run: powercfg -export "C:\Temp\DeviciePowerPlan.pow" 9044f02c-182b-4a85-955c-567522ab795b wher

Last year I posted about using 'User Locale' with remediation scripts , and not too long ago I posted about setting English (Australia) as the default language . Of late I have noticed in Windows 11 25H2 when you have   English (Australia) as the default language in place, it somehow sets English (United Kingdom) showing up. What I did was re-look at my 'User Locale' with remediation scripts , which I know works. It will check to see if "en-GB" is there, if it does then it

I have been helping this customer who want to block all extensions on Firefox to be installed, except allowing 'Lastpass' to be installed. You can view the relevant settings that Mozilla Firefox has https://mozilla.github.io/policy-templates/#extensions , mainly what you are looking for is: https://mozilla.github.io/policy-templates/#extensionsettings . Generally you can use the ADMX/ADML templates to import into Intune, this customer already has an existing policy that ties

One of our customers listed me a detail list of Dell vulernable apps within their tenant. I tried to re-invent the wheel by using my HP Bloatware removal remediation script which did partial removing these bloatware apps. I ended up using Andrew Taylor's script with some modifications in place by removing all the unwanted bloatware lines he has added, and only focusing on Dell bloatware and Dell installed apps. Install.ps 1 #################################################

I have this customer where strangly enough Company Portal and Notepad fail to install properly on their Windows 11 devices, even from the logs I was seeing these: [Win32App][WinGetApp][WinGetAppDetectionExecutor] Starting detection of app with id: 0a74d8d1-42e1-414a-ade0-5cfec8545c94 and context: SystemContext. [Win32App][WinGetApp][WinGetOperation] Starting Detection for app with id: 0a74d8d1-42e1-414a-ade0-5cfec8545c94 and package id: 9WZDNCRFJ3PZ. [Win32App][ReportingManag

As I prepping this yesterday for a customer, which does work https://soeintunedevice.wixsite.com/home/post/181-microsoft-intune-prompt-for-hostname-change if you want to have a read. Install.ps 1 is as follows, to explain what it does is the "Prefix" is generally what you see in Since there is no way to do this via Intune, the only way would be via PowerShell. It will start off with applying WIN11-3D-001 as the hostname $Prefix = 'WIN11-3D-' $regPath = "HKLM:\SOFTWARE\MrBSOE

A customer who wanted a way for end users to get prompted to change hostname for their devices, and I remember I did something like this a few years ago (simple but easy to do). You need to prep for the following: RenameComputer.ps 1 Install.ps 1 Detect.ps 1 ServiceUI.exe (which you can grab easily from any MDT installer) RenameComputer.ps 1 - is a form that will appear to prompt the end user to change their hostname. Add-Type -AssemblyName System.Windows.Forms # Create the

A few months ago before I went on annual leave, a customer wanted to deploy Company Portal as a shortctut on the desktop for end users. The easiest way I could figure out looks like this: Install.ps 1 will do the following: [CmdletBinding()] Param ( [Parameter(Mandatory=$false)] [String]$ShortcutTargetPath, [Parameter(Mandatory=$false)] [String]$ShortcutDisplayName, [Parameter(Mandatory=$false)] [Switch]$PinToStart=$false, [Parameter(Mandatory=$false)] [String]$IconFile=$n

A customer only wanted to setup 'Fingerprint recongition' to be applied to their HP devices only, just required prerequisites must be...

From 3 years ago, I did a blog around https://soeintunedevice.wixsite.com/home/post/34-backup-restore-win32-app using batch files from a...

Had this issue with a customer who reported having issues with ASP.Net Core 8.0.11 showing up in Tenable, where the current installed is...

I have this customer who I have been helping over a period of time with setting up their 'Shared PCs' with some customisations, one of...

We recently onboarded this customer, which currently are on a pilot phase. I discovered this prompt message just after kicking off the...

Have a customer who is on track with Essential 8 ML1, they are wanting to secure the following settings to prevent their end users from...

Had a customer who difficult getting these ports to never sleep, originally I used this policy which worked for applications but not for...

This issue has been daunting on for quite some time now, I was thinking this post I mentioned would work: https://soeintunedevice.wixsite...

A customer reached out to us about a few weeks ago, as their students had alternative ways to run Roblox on the shared devices and were...

Late early last year in 2024 I posted about setting the task bar to the left using a PowerShell script wrapped around with a win32 app:...

It all started last week late Tuesday afternoon for me, first thing I noticed was that my 'Windows' key wasn't working, then eventually...