WDAC 3033 error workarounds
Andrew On a Windows Defender Application Control (WDAC) project one issue you may encounter is driver .dll or .sys files that are digitally signed, but the certificate has now expired. The…
Trigger an Intune sync on a device with PowerShell
Recently in doing a device remediation exercise it was necessary to run some PowerShell code on a device via Intune – this is easily done using the built in scripts…
Proxy authentication required for Intune scripts
I’ve been developing PowerShell scripts in Intune a lot recently for cleaning up various machine issues in an application control project and recently encountered an issue where a PowerShell script…
Office Cloud Policy priority of policies
Recently when deploying Microsoft Office Macro controls using the Office cloud policy service the deployment approach was to create two policies – the first blocking the use of macros, and…
Invoke-RestMethod response headers
In developing some scripts recently I discovered that the Invoke-RestMethod cmdlet (in PowerShell version 5 at least) doesn’t provide the values of the response headers. The workaround I had to…
useful Ubuntu firewall commands #TIL
I’ve started experimenting with Ubuntu again recently with a Raspberry Pi4 that I have on my home network (running Ubuntu Server 20.04 LTS). I’ve had it with a view of…
Mail sent to the wrong Office 365 region. ATTR35.
I encountered this error for a system relaying mail via Microsoft 365, sending mail to users within the organisation was working as expected however the sending system was getting the…
Confirm what WDAC policies are present on a device
Windows Defender Application Control (WDAC) is an application control system integrated into Windows 10/11 and is used within Enterprise to whitelist trusted applications, allowing them to run, and blocking either…
#TIL KQL parse_path() function
Working with Sentinel and Log Analytics is nearly a daily task for me of late, and working with WDAC of late interrogating file paths was something I was finding very…
Microsoft 365 dkim=fail (no key for signature)
Recently I was working on a migration project moving a number of domains from a 3rd party mail hygiene solution to Defender for Office 365 and as part of the…