u/Important_Ad_3602

So this popped up in service menu after changing tyres and alignment , along with user messages 'camera's not available', and 'auto emergency braking not available'. I'm guessing the second message is collateral.

I've checked the right repeater camera, it has moisture in the led strip. Led still works. The repeater cables are well hidden behind the fender so i don't think the alignment was the cause. My wife powerwashed the car about a week ago but you guys no i can't put the blame there. :-)

Bad Tesla design? Anyone had this issue before? Is this fixable or does it require a new side repeater unit?

2019 M3 LR

We (SMB construction company) use Fortigates. Our networks are far from complex, but the rulebase is expanding fast. The Forti's manage intervlan traffic, switches just trunk everything.

I'm reading into zones to simplify our rulebase. If i'm correct i cannot select an interface indiviually once it's in a zone.

What i'm not getting is, how can i be more granular towards that interface, without losing security?

For example:
- vlan10 subnet 10.10.10.0/24 and vlan20 subnet 10.10.20.0/24 are in zone1
- policy1 src int. zone, dst int. wan, src all, dst all
- policy2 src int. zone, dst int. vlan30, src subnet 10.10.10.0/24, dst all

What's stopping someone in vlan20 from spoofing subnet 10.10.10.0/24 and gaining access to vlan30?

Deploying apps and updating them is costing me a lot of time.

I'm good at it, but it feels like a total waste of time. Looked into Microsoft Intune Enterprise Application Management, but the main apps we use aren't in there (Autocad, Bricscad, Bluebeam, Revit). All very large apps.

From a security perspective i don't want to install an extra managing client on our workstations. I want Intune to remain the only connection a device has, in terms of possibility to send/update apps, policies, etc.

Now i know PatchMyPc can integrate into Intune and create and update apps. But that means giving DeviceManagementApps.ReadWrite application permissions. This is a big supplychain risk. If someone we're to hack PatchMyPatch they could just create or update a package, deploy it, and watch the mayhem unfold. All coming from trusty Intune.

Is it possible to have PatchMyPc create the installer, but download and upload the intunewin files myself?

I edited the question, since being local admin, and logging into portals with administrative rights, are 2 different things.

Our IT department consists of 2 people. Myself being the sysadmin doing all sorts of tasks. Both of us logging into portals from our laptop. Ofcourse with MFA, preferably phishing resitant.

Is it normal for me to loging to a portal from my daily driver? If it isn't and i should hop to a VM, how do you guys manage the MFA requirements? 3 out of 5 days i'm 300km from my workplace, so i can't go touch a Yubikey.