N
Natsukireiz
Hey all
So i was installing adobe acrobat DC reader, and my screen went black accept for my browser and a few other opened windows which still functioned with a black screen, then my screen came back and i am not sure why.
then i saw these event logs, is my security compromised? how could these happen? one suggests that im joining an active directory domain when im at home on my PC.
i disabled windows business hello via GPEDIT, but i still would like to know what the hell happened
Event ID 360
Windows Hello for Business provisioning will not be launched.
Device is AAD joined ( AADJ or DJ++ ): No
User has logged on with AAD credentials: No
Windows Hello for Business policy is enabled: No
Windows Hello for Business post-logon provisioning is enabled: Yes
Local computer meets Windows hello for business hardware requirements: Yes
User is not connected to the machine via Remote Desktop: Yes
User certificate for on premise auth policy is enabled: No
Machine is governed by none policy.
See What's new in Active Directory Federation Services for Windows Server 2016 for more details.
event ID 10006
Application or service 'Windows Explorer' could not be shut down.
Some cmdline checks
C:\Windows\system32>dsregcmd /status
+----------------------------------------------------------------------+
| Device State |
+----------------------------------------------------------------------+
AzureAdJoined : NO
EnterpriseJoined : NO
DomainJoined : NO
Device Name : DESKTOP-0BRDH7T
+----------------------------------------------------------------------+
| User State |
+----------------------------------------------------------------------+
NgcSet : NO
WorkplaceJoined : NO
WamDefaultSet : YES
WamDefaultAuthority : consumers
WamDefaultId : Sign in to your account
WamDefaultGUID : {D7F9888F-E3FC-49B0-9EA6-A85B5F392A4F} (MicrosoftAccount)
+----------------------------------------------------------------------+
| SSO State |
+----------------------------------------------------------------------+
AzureAdPrt : NO
AzureAdPrtAuthority : NO
EnterprisePrt : NO
EnterprisePrtAuthority : NO
+----------------------------------------------------------------------+
| IE Proxy Config for Current User |
+----------------------------------------------------------------------+
Auto Detect Settings : YES
Auto-Configuration URL :
Proxy Server List :
Proxy Bypass List :
+----------------------------------------------------------------------+
| WinHttp Default Proxy Config |
+----------------------------------------------------------------------+
Access Type : DIRECT
+----------------------------------------------------------------------+
| Ngc Prerequisite Check |
+----------------------------------------------------------------------+
IsDeviceJoined : NO
IsUserAzureAD : NO
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : YES
SessionIsNotRemote : YES
CertEnrollment : none
PreReqResult : WillNotProvision
For more information, please visit Troubleshooting hybrid Azure Active Directory joined devices
Continue reading...
So i was installing adobe acrobat DC reader, and my screen went black accept for my browser and a few other opened windows which still functioned with a black screen, then my screen came back and i am not sure why.
then i saw these event logs, is my security compromised? how could these happen? one suggests that im joining an active directory domain when im at home on my PC.
i disabled windows business hello via GPEDIT, but i still would like to know what the hell happened
Event ID 360
Windows Hello for Business provisioning will not be launched.
Device is AAD joined ( AADJ or DJ++ ): No
User has logged on with AAD credentials: No
Windows Hello for Business policy is enabled: No
Windows Hello for Business post-logon provisioning is enabled: Yes
Local computer meets Windows hello for business hardware requirements: Yes
User is not connected to the machine via Remote Desktop: Yes
User certificate for on premise auth policy is enabled: No
Machine is governed by none policy.
See What's new in Active Directory Federation Services for Windows Server 2016 for more details.
event ID 10006
Application or service 'Windows Explorer' could not be shut down.
Some cmdline checks
C:\Windows\system32>dsregcmd /status
+----------------------------------------------------------------------+
| Device State |
+----------------------------------------------------------------------+
AzureAdJoined : NO
EnterpriseJoined : NO
DomainJoined : NO
Device Name : DESKTOP-0BRDH7T
+----------------------------------------------------------------------+
| User State |
+----------------------------------------------------------------------+
NgcSet : NO
WorkplaceJoined : NO
WamDefaultSet : YES
WamDefaultAuthority : consumers
WamDefaultId : Sign in to your account
WamDefaultGUID : {D7F9888F-E3FC-49B0-9EA6-A85B5F392A4F} (MicrosoftAccount)
+----------------------------------------------------------------------+
| SSO State |
+----------------------------------------------------------------------+
AzureAdPrt : NO
AzureAdPrtAuthority : NO
EnterprisePrt : NO
EnterprisePrtAuthority : NO
+----------------------------------------------------------------------+
| IE Proxy Config for Current User |
+----------------------------------------------------------------------+
Auto Detect Settings : YES
Auto-Configuration URL :
Proxy Server List :
Proxy Bypass List :
+----------------------------------------------------------------------+
| WinHttp Default Proxy Config |
+----------------------------------------------------------------------+
Access Type : DIRECT
+----------------------------------------------------------------------+
| Ngc Prerequisite Check |
+----------------------------------------------------------------------+
IsDeviceJoined : NO
IsUserAzureAD : NO
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : YES
SessionIsNotRemote : YES
CertEnrollment : none
PreReqResult : WillNotProvision
For more information, please visit Troubleshooting hybrid Azure Active Directory joined devices
Continue reading...