u/Economy_Passenger296

Genuinely losing my mind here

entra conditional access is set to require trusted location (corporate network) for anything sensitive. fine. but the VPN client authenticates through entra before the tunnel is up so CA fires before the user is on the corporate network. CA fails. VPN won't connect. user can't get on the corporate network. CA can't be satisfied.

we inherited this setup. previous admin apparently just excluded VPN auth from CA entirely which is... not great. i put that exclusion back because security team flagged it in a review and now i have 40 tickets.

i've been reading about always-on VPN with device compliance as the signal instead of network location but that's a full MDM project and i don't have 3 months for that right now.

is there a middle ground here that doesn't require either gutting CA or a 3 month rollout. running GlobalProtect + entra ID, about 200 users, hybrid joined devices mostly win11 but a handful of older stuff

Over the past 6 months I have dumped around money into every cream reddit and tiktok swore would end my dry skin saga. Most gave me that fake dewy vibe for an hour then my face went full desert mode again, or they just pooled on top like sad frosting no one asked for, finally narrowed it to 4 that stuck around longer than my dignity after reading reviews

Eucerin UreaRepair Face Cream (5% Urea)
Avene Hydrance Aqua-Gel
First Aid Beauty Hydrating Dewy Gel Cream Moisturizer with Hyaluronic Acid + Ceramides
Estee Lauder Revitalizing Supreme+ Moisturizer

Biggest plot twist those thick tub creams everyone raves about ?? Overrated af !!
The lighter gel ones kept me hydrated way longer without feeling like I slathered on spackle. Who knew science over hype might work.

Just googled KP after noticing these bumpy patches on my arms and some redness, im like 19 and kinda freaked out by all the info. does anyone actually get completely smooth skin or is it always just kinda better? specifically the texture and redness, whats realistic long term, thanks.