2.5 Admins 2.5 Admins 290: Tired of Tracking
9 snips
Mar 12, 2026 They debate Microsoft Authenticator deleting Entra credentials on rooted and jailbroken phones and whether that should be a policy or an admin choice. A harrowing multi-week MFA recovery story highlights support and social engineering risks. Tire pressure monitors are explored as a surprising vehicle-tracking vector. Practical ZFS topics cover using a mirror disk elsewhere and syncing cold storage snapshots.
AI Snips
Chapters
Transcript
Episode notes
Microsoft Nixes Entra On Rooted Phones
- Microsoft is enforcing jailbreak/root detection by deleting Entra credentials on non-stock phones, signaling a push toward sanctioned-device-only access.
- Allan and Jim argue this continues a decades-long Microsoft tendency to lock devices to company-approved configurations, limiting user choice.
Client Locked Out After Phone Break Broke MFA Access
- Jim recounts a client's admin account getting locked out when the phone broke, leaving email inaccessible and exposing broken MFA support workflows.
- He describes long waits, robo-support, and having to escalate via Accounts Receivable to reach a human who still used subcontractors for callbacks.
Keep Extra Admin Accounts And Test MFA Backups
- Do maintain multiple admin accounts and tested recovery methods so an admin losing their phone doesn't lock out the whole organization.
- Jim and Allan emphasize backups like scratch codes, secondary admins, and testing fallback mechanisms regularly.
