2026-06-03T00:00:00Z https://breakwellsbaseline.net/ 2026-06-03T00:00:00Z https://breakwellsbaseline.net/cases/teamviewer-intune-msi-assumptions/

A TeamViewer Host packaging project exposed hidden assumptions in an MSI transform about stale domain infrastructure, leading to implementation of an Intune-ready package and detection model that restored visibility across multiple cloud native tenants.

2026-06-03T00:00:00Z https://breakwellsbaseline.net/writing/autopilot-state-orchestration/

A practical model for thinking about Intune and Autopilot in hybrid environments: not as a step-by-step script runner, but as an asynchronous system that needs readiness gates where strict sequencing is non-negotiable.

2026-05-12T00:00:00Z https://breakwellsbaseline.net/sandbox/building-a-file-server-by-subtraction/

A rough record of reducing a default Ubuntu server into a more limited machine for file serving and log collection, guided by security-brutalist ideas about purpose, subtraction, and survivability.

2026-04-23T00:00:00Z https://breakwellsbaseline.net/cases/secure-boot-ca2023-bitlocker-recovery/

A planned Secure Boot CA 2023 rollout expanded cleanly at first, then surfaced repeated BitLocker recovery prompts on a narrow hardware subset after KB5083769. This case records the operational handling, root-cause investigation, and field remediation path.

2026-04-13T00:00:00Z https://breakwellsbaseline.net/cases/false-bitlocker-deployment-intune/

A case record on a BitLocker deployment that appeared compliant but had not established meaningful OS-drive encryption.

2026-04-08T00:00:00Z https://breakwellsbaseline.net/cases/policy-scope-drift-device-controls/

Device-oriented security controls had been attached to a broad dynamic user group, creating conflict state and unreliable testing. This record traces the scope problem and the low-risk migration path used to correct it.