Patch My PC Blog
Get expert insights, how-to guides, product updates, and best practices for streamlining patch management, improving endpoint security, and optimizing IT operations.
Local Autopilot Reset looks simple until a baseline blocks it. The credential provider validates admin creds using LsaLogonUser with LogonType 3, so “Deny network logon” stops the reset before it starts.
This article explains where that policy is rejected by licensing is made and why documentation is not always the final authority
A device kept failing Entra Join in the strangest way: type UPN, press Enter, brief loading animation, and suddenly back to the username box with zero errors. No logs. No password page. The fix came from the last place anyone would look, the User Realm response.
This blog explains why Remote Sync is not an instant action, but a push signal that Windows records through WNF before deviceenroller decides when the real OMA DM policy sync starts revealing why delays occur even when the process is working exactly as designed.
Local Network Access Allowed For Urls suddenly appeared as a managed policy. This explains what triggered it and what OneDrive was protecting.
Intune Sync: Win32Apps vs Policies. This blog explains how IME handles Win32 Apps and PowerShell, while OMA-DM delivers policies.
PowerShell Script Installers for Intune Win32 Apps allow you to update the installer script without reuploading the .intunewin package. The installer logic is handled separately from the app content and executed by the Intune Management Extension.
Windows now lets admins disable MDM enrollment during account setup, removing the confusing “Allow my organization to manage my device” prompt and preventing accidental enrollments.