Robert Marshall's Blog
Home for my ConfigMgr and Industry related ramblings
Owner of SMSMarshall Ltd, active Enterprise Management MVP
Following on from Part 1 of this quick and easy walkthrough of Intune AutoPilot.
Login to the VM, unlock or whatever, and visit Settings.
Visit Updates & Security:
Click Get Started for Reset this PC:
Choose the Remove everything option:
Choose the Just remove my files option:
Wheels will turn:
This will take a while, keeping an eye on it will bind you to the screen depending on how fast your VM…
If you’re starting out from scratch with Intune’s Autopilot, this run through should help get the key elements established so that you get a build result to look over, and a platform rigged for further exploration.
Some things needed:
Go get an EMS E5 evaluation\trial, and get your tenant up and running, handle the DNS (CName), and if you want, use AD Connect to join it to an…
While using super cool Intune Standalone recently, I had some head-scratching for a while over settings still being applied to enrolled devices when they shouldn’t be. It didn’t take long to figure out, and is easily worked around.
Let’s look at the default properties of an iOS device compliance policy:
The System Security setting is not being applied, and note that the greyed out properties are all defaults.
One of my Intune SA customers wants to allow BYO devices without a device PIN, but enabled managed apps used to access corporate data to be secured with a pin, while enforcing a device PIN on corporate (CORP) devices.
A pretty simple ask, but they were caught up in an underlying issue with Intune SA showing a setting as Not configured, while still enforcing any custom values entered in the setting before it was set to…
Patching servers or ‘managing Windows assets’ in a DMZ has always been a challenge.
Trying to manage assets with one systems management solution in two domains, the DMZ (external network) and the intranet (Internal network) broadens the challenge further.
All designs put forward to manage assets in a DMZ using the internal networks systems management solution, essentially depend on spinning services, or in ConfigMgr…
I’ve created a repository on GitHub for PatchMaster here.
The entire Visual Studio 2015 authored C# code base seems to be published AOK:
I reserve no rights on this code, feel free to use however you see fit. Obviously a release of an out and out clone with no enhancements will be frowned upon.
I’ll continue to maintain this code branch,which is actually the source code for the…
Technical Preview 1810.2 introduced the first cut for converting MSI’s to the new application installation technology MSIX, direct from the ConfigMgr console, and in this post I’m going to kick the features tyre’s and try to get an end to end test out of the way.
Head over to the TP documentation here.
We have some funky technologies to install:
Sub-titled “ConfigMgr High Availability feature and making the Content Library highly available”.
In this article I’m going to focus specifically on considerations on placement of the Content Library for High Availability purposes.
The Content Library, an under-the-radar-for-most ‘layer’ residing on the Primary in ConfigMgr, now has to be moved away from a Primary before High Availability can be enabled.
It cannot be…
I’ve been very much interested in the High Availability feature since it inception.
I’ve followed its evolution in technical preview, kicking its tyres, discussing it with the product group and MVP peers, and seeing the feature come out of the development dock, technical preview, to sail around the sea in the form of current branch, is exciting.
Exciting because the High Availability feature is a high-value design element…
Current Branch Build 1806 released on the 17th,
Check out the Build 1806 What’s New page for more info:
One of the things I’ve noticed over a couple of decades as a contractor who eventually turned into a roaming consultant, is that my customers, their engineers, ranging from complete novices to experts, a troubling percentage have no idea the documentation library exists, or they know it exists, but it is out of sight and thus out of mind (most fall into this grouping), for a few it’d be easier to visit Mars than that…
Slow in blogging, tweet is my primary source for announcements.
So PatchMaster 1.5 landed, and in time for Patch Tuesday for some of you!
The updates to the tool, I hope they help, let me know on twitter @robmvp or comments on this blog if you have any feature requests or issues.
Download from the TechNet Gallery here and let me know how you get on with it. I wrote it for you For us
I’m at the tail-end of the development of PatchMaster to bring it up to version 1.5.
The driver for this code release was silent running mode, headless mode. And instead of releasing once done, I kept the project back longer than I normally do, several weeks in fact, so that I can return to the code here and there to tweak, finesse and add in more features. It has worked out quite well, things I would have tutted over…
July 1st 2018 brought some exciting news, I am the grateful recipient of a renewal in the MVP programme for Enterprise Mobility, SCCM and Intune.
This marks my 10th year, a whole decade of being involved in something truly wonderful and extremely appealing to the likes of me.
I would like to thank the global community first, you’re the reason I do this, I get endorphin hits helping you all where I can. When I see things…
Customer asked me to hobble together a solution, that would allow them to VNC into a WINPE session as soon as WINPE has finished starting up, and before the ConfigMgr pre-execution hook kicked in. Someone still needs to boot WINPE and look for the IP, but once the IP lease is issued, it’ll be reused by the VM if WINPE is rebooted, making a reconnection reasonably reliable.
If you try this approach using ConfigMgr’s pre…
We have a new tracing tool in town, OneTrace, which comes in the latest Technical Preview Build 1804.
You’ll also find the Log Viewer that comes with Support Center:
Above its opened several logs and merged them together as default behaviour.
For CMTrace users, highlighting is located in Advanced Filters > Add > Highlight, a few extra clicks than before, but doable, especially what with the flexibility of the advanced…
One of my customers is currently waiting for the results to come back, from a deployment of a Configuration Baseline which was pushed out to detect the Microsoft Compatibility Appraiser DLL problem.
The problem itself can cause chaos on the networks, due to excessive WSUS communications, and should be read up on here.
The problem seems to be due to specific versions of the Compatibility Appraiser, which version-wise…
Managed to get a new version of PatchMaster ready for shipping, as version 1.4.
You can download it here on TechNet Gallery.
This one has several enhancements, that should make it more universally adoptable.
I realise that it will be nigh-on-difficult, to make PatchMaster an all-singing-all-dancing highly configurable tool that’ll meet everyone’s requirements; But I can get PatchMaster to meet most requirements, while…
Finally have the time to sit down and work out a guide to explain what PatchMaster is, and why you want it to do what it does.
PatchMaster automates the entire SUM experience. With a one time configuration, each Patch Cycle can be initiated with full automation end-to-end, from searching for patches, to downloading and deploying them.
If you are use to rolling your own each month, burning time on the task, this turns…
Currently working for a customer who is transitioning their Patch workload from WSUS Standalone to ConfigMgr, and I’ve introduced PatchMaster to automate the middle part, the actual monthly work, leaving them to keep an eye on Reporting, and reacting to Out of Cycle patches if needs be.
They asked me for a unique scenario:
In this series:
Intune Standalone–Part 1
In Part 1 of this series, I enrolled a device that in an post-OOBE state, had it in workgroup mode and finished the setup.
Here’s a brief run through on what it looks like to manually enrol a device that is sitting at the first prompt of Windows OOBE .
I’m enrolling a Windows 10 Build 1709 Operating System, with unmodified media.
We will at some point in the series modify the…
A new build release has arrived for System Center Configuration Manager Current Branch, Build 1802.
Just look at the crazy treasure in this release, some of which was coded from ideas and work done at the SCCM MVP Hackathon, that took place in Seattle last November and which I attended. Was a amazing experience working so closely with the product group, to realise some of the stuff that landed in this release, there…
Welcome to my guides on using Intune Standalone and ConfigMgr, to service Windows 10 devices. They will be aimed towards initiates, basically anyone that hasn’t yet dug their spurs into Intune and Azure.
Intune and Azure are an ever shifting landscape, so if you are visiting, the guide was written in March 2018 and some options or call outs may have been renamed or deprecated.
The scope of these guides will be limited…
As the author I can see that PatchMaster wasn’t ‘there’ yet, worked, but needed much more coding loving before it could become a universally usable tool.
Version 1.1 worked well enough, but much of the Deployment Properties were defaulted and unavailable.
Version 1.2 nails this down with full deployment property control.
And I took it a bit further, which took a few days of keyboard hammering, but now you can define the…