For some time, I have struggled to understand why Intune reports some computers as non-compliant with the "Require Bitlocker" setting, even though Bitlocker is enabled and working on the computer. In my searches for an explanation, I found the same question asked by many others, but never an answer. Until today.
I accidentally stumbled across this article from Microsoft's Rob Lane, which explains how the Require Bitlocker setting is evaluated and why it might seem to incorrectly report a non-compliant state. I encourage you to check out that article for full details. I'll just summarize here the part that suddenly made this bitlocker compliance issue make sense to me.
The "Require Bitlocker" setting in Intune relies on the Device Health Attestation (DHA) service in Windows 10 to report the state of Bitlocker encryption on the computer. If Bitlocker protection is disabled or suspended, DHA will report that the computer is non-compliant with this setting.T…
While troubleshooting an issue recently on a Windows Server 2016 system, I noticed errors on the System event log about the Data Sharing Service crashing.
Searching online for more information about this service and why it might be failing, I came across a lot of people describing similar problems, but the only explanation and solution I found came from this December blog post by Microsoft Japan. Google translate did a great job making the post understandable to me, but since the information doesn't seem to have been widely publicized I thought I'd share it here to help get the word out.
The Data Sharing Service fails due to a resource conflict with another service included in Server 2016, the User Access Logging Service. Either one of these services alone will run without issue, but if one is already running and you try to start the other, it will fail.
According to an update to the blog post, Microsoft plans to resolve the issue in a future update to Server 2016, but …
CarbonBlack recently released version 3.1 of the 'sensor' for their CB Defense product. This sensor is the client side agent installed on each PC. The CB Defense sensor does not self update, but installing the new version should be as simple as a few clicks in the CB Defense web console or downloading the install package and deploying it using your favorite method. Unfortunately, it's not always so simple.
In many cases, when the installer attempts to remove the old version of the sensor during the upgrade process, the uninstall does not completely remove the old sensor, and installation of the new sensor fails. This leaves the computer with no working version of the CB Defense sensor installed. The old version of the sensor no longer shows up under "Programs and Features", and all attempts to install the new version fail.