Archive
All posts
BitLocker recovery keys after Windows updates: Intune escrow to Entra ID, TPM/PCR failures, and a helpdesk runbook that survives audits
Blue-screen recovery after Patch Tuesday or BitLocker compliance flapping without escrow — this runbook covers TPM/PCR drift, Intune policies, Entra key retrieval, Graph RBAC edge cases, rotation, and how Nexma ties tickets to devices for audit-friendly ops.
Read →Outlook credential prompts after an Exchange datacenter move: Autodiscover, DNS, and the SCP trap
After a datacenter move, mail still flows but Outlook randomly throws credential prompts. This walkthrough maps the Autodiscover chain—DNS, TLS SNI, AD SCP, OAuth—and gives PowerShell you can run on affected laptops.
Read →
M365 licensing and dynamic groups — break loops and surprise costs
Dynamic groups and M365 licenses: split group roles, add technical exclusions, and document rules people can maintain.
Read →
SharePoint guest (B2B) sharing without oversharing
B2B guests and SharePoint: reduce oversharing via link policies, safer defaults, and short owner training.
Read →
Teams: Busy status and presence policies tenants should review
Teams shows Busy all day while externals see you as unavailable—review presence settings, integrations, and HR alignment.
Read →
BYOD: MAM vs full MDM — boundaries from the field
BYOD: when app protection (MAM) is enough versus full MDM—a decision framework for Microsoft 365 administrators.
Read →
Conditional Access vs Intune enrollment — avoid blocking onboarding
After tightening Conditional Access, Intune enrollment breaks? Diagnose the device-vs-policy conflict and fix it safely with Entra What If.
Read →
Remote diagnostics without TeamViewer — Nexma agent (NEXMA)
Browser-based remote sessions with audit trails—the Nexma agent alongside Microsoft 365.
Read →
Intune software catalog tied to user requests (NEXMA)
Intune software catalog with business approval—fewer install tickets and cost control.
Read →
Offboarding without chaos: HR + IT checklist (NEXMA)
HR + IT offboarding: one checklist and live status when employees leave.
Read →