Simplified Installation of a Cloud Management Gateway

The CMG is a role introduced in ConfigMgr Current Branch 1610. The purpose of the Cloud Management Gateway is to simplify installation and strengthen security of managing clients over the Internet. This is achieved by hosting the necessary services in Azure. To date however many customers have been hesitant to deploy a CMG due to the perceived complexity of the certificate requirements that the solution has required. Using ConfigMgr 1804 tech preview and working along-side the Microsoft product team I have been able to reduce the certificates required down to 1 single certificate. My certificate is issued by a public [...]

By | 2018-05-26T23:38:18+00:00 May 23rd, 2018|Configuration Manager (SCCM)|2 Comments

DeviceMap and Device Inventory Failures in Win7 to Win10 1709 In-Place Upgrades

I recently ran into a challenge while working at a client's site where my Windows 7 to Windows 10 1709 In-Place Upgrade (IPU) would effectively stall out shortly after setup.exe was initiated by the Task Sequence (TS).  I banged my head on this for 24 hours before I finally found what appears to be the root cause of the challenge and ultimately, the resolution! Getting right to the point, in looking at my setupact.log while it was in $WINDOWS~BT\Sources\Panther I saw that it had halted amongst a sea of RED errors referencing DeviceInventory and the device map. Info CSI 00000002 [...]

Win7 to Win10 In-Place Upgrade Failures w/ DownLevel 0xC1900208 Error Codes

This will be short and sweet as I am not fond of typing nor do I wish to waste your time with wordy explanations. If you require more details, simply reply to this blog and I will do my best to assist. ENVIRONMENT/SCENARIO: The environment is ConfigMgr (CM) 1710 with a slew of Win7 Lenovo models in dire need of Win10 1709 in-place upgrades. Delivery of Win10 1709 is by way of a CM Task Sequence (TS) with no out of ythe ordinary configurations that would be noteworthy. CHALLENGE: I recently ran into a frustrating challenge where my Win7 to [...]

ASP.NET Core 2.0 MVC: editing complex viewmodels with child models and dynamically retrieve properties from the model in the view or just a REALLY long title…

For the past couple of months I've been doing ASP.NET Core coding projects – building the backend and frontend of various websites for our customers. This has been a fun experience, but at times also very frustrating when things aren’t really working out. One thing is to follow examples and tutorials based on “perfect world” scenarios, another is to deal with real-world data and requirements. So this will be my first post in hopefully a series of ASP.NET Core posts to share some tips and tricks when things get a little more complicated. I assume you have some knowledge of [...]

By | 2018-01-31T15:10:59+00:00 January 31st, 2018|.NET, Scripting, Scripting & Development|2 Comments

Automating SSRS favorites with REST API

This information applies to SQL Server Reporting Services 2017 and later. As more and more organizations rely on visualization and reporting to get the information they need, more and more reports come into play. With Configuration Manager 1710 you get almost 500 reports where only a subset are relevant to you and your team. This blog post will show you how you can automate the use of favorites in SQL Reporting Services 2017. Prior to SSRS 2017 you had to find the report and mark it as a favorite. Beginning from SSRS 2017 we can now use a combination of [...]

Sometimes I think there is not enough fear in the World!

Kind of a catchy title and perhaps a bit scary but nevertheless this is often what I think when looking at the number of legacy Windows operating systems and Management systems “out there”. Let’s get it straight, Windows 7 is end of extended support in 2020 or a little more than 400 working days. For many organizations that is simply not enough time to migrate all clients to Windows 10 unless the project is already begun.Client operating systems Latest update or service pack End of mainstream support End of extended supportWindows Vista  Service Pack 210-Apr-1211-Apr-17Windows 7 * Service Pack 113-Jan-15January [...]

By | 2017-12-22T11:18:47+00:00 December 22nd, 2017|Uncategorized|1 Comment

Q&A from the We Speak Geek webinar

First a huge thanks to the many that tuned in to our 3 webinars on ConfigMgr Challenges in 2017. As promised here are answers to the many questions we had. For more questions, please reach out to Jason Sandys @JasonSandys or Kent Agerlund @Agerlund. For those who didn’t have a chance to attend, recordings are available here: https://info.flexerasoftware.com/SVM-WBNR-We-Speak-Geek-SCCM-Admin-PrioritiesQ &A From the North America webinarWith Windows 10 Servicing - how have you found keeping these up to date? I have 10k workstations, and with resources i can't keep up with 6 monthly releases. With the products i have to get updated/tested/confirmed [...]

By | 2017-12-21T18:57:27+00:00 December 21st, 2017|Configuration Manager (SCCM)|0 Comments

Managing and deploying Web links in Android the modern way, a quick tip

Last year I wrote a blog about how the experience of deploying web clips or web links on Android devices looked like and how you were able to force them to be opened in the Intune Managed Browser. If we look back at this experience with the Company Portal Widget and the links, this is not a really nice solution and we don’t want to talk about updating or removing a web link in this scenario. (which is not possible) Yesterday I was at a customer in Denmark discussing this solution, and while discussing this I remembered the new options [...]

By | 2017-12-20T21:12:18+00:00 December 21st, 2017|Enterprise Mobility Suite (EMS)|0 Comments

Taking advantage of Run Script in ConfigMgr 1710

As most of you already know, Microsoft has released a new function in ConfigMgr to run scripts directly on computers and/or servers in your environment. With this new function, scripts can be run in real time on a single computer or an entire collection. How cool is that? This was initially released in the 1706 Tech Preview, but since then Microsoft has put a lot of effort into the functionality of the latest builds and have really made it shine! If you’re like me, you might get stuck in the “this is awesome but how do I move forward with [...]

By | 2017-12-20T09:12:22+00:00 December 20th, 2017|Powershell|1 Comment

Androids in the Enterprise, a blessing or nightmare? – part 2

In my last blog we looked at managing the legacy Android devices, like mentioned Google is investing in making Android safer and more enterprise ready. Today Google announced the deprecation of the legacy management of Android devices as of Android Q, like explained here in the blog of Chris Baldwin. One of the ways in making Android enterprise ready is by using Android Enterprise AKA Android for Work. Android for Work is available since the beginning of 2015, in Android 5.0 (Lollipop) and higher. What is Android for Work? (Android Enterprise) With Android for Work you are able to completely [...]

By | 2017-12-19T20:53:17+00:00 December 19th, 2017|Enterprise Mobility Suite (EMS)|1 Comment

Create ConfigurationItems and Baselines without killing your mouse

This information applies to ConfigMgr version 1710 and later. One of the things I really love about working in IT is that you can learn new stuff all the time, and when new stuff turns into boring repetitive stuff you can apply automation and add yet another new piece of learning to your skillset. Over the last few releases of Configuration Manager, the product team has added some new cmdlets for managing Configuration Items and Baselines, and I started to look into these when I was given the task to create a lot of very similar CIs and Baselines for [...]

Create User collections based on AD department attribute with Powershell

If you are an organization who uses the Department attribute in Active directory and want to target users withing those departments for different deployments but you have a lot of departments and you don't know where to start, well then this post might be useful for you.   The script in this post retrieves all the departments that gets collected by the Users AD attribute by ConfigMgr (Not turned on by default needs to get added. See guide below) and from those departments it creates a user collection with a query that populates the collection with all users who are [...]

By | 2017-12-14T19:41:24+00:00 December 14th, 2017|Configuration Manager (SCCM), Powershell, Scripting|8 Comments

Continuous Delivery WebApps with ARM Templates, Part 2

Previous: Continuous Delivery WebApps with ARM Templates, Part 1 Cross-posting from personal blog https://cloudmechanic.net So it has been some busy months and therefor a bit delayed with this second post, but now I finally got a moment to finish it, so here we go! In the previous post we created and tested the continuous delivery pipeline for the Azure resources using a ARM template, and with the pipeline for deploying the Azure resources we are now ready to create the pipeline to deploy the application. First you should go and grab the latest version of the ARM template and the [...]

By | 2017-12-12T15:15:53+00:00 December 12th, 2017|Azure|0 Comments

Using Office 365 Portal Security Token for Authentication with custom website

When creating a lot of different web front-ends, it is always rather complex to get started with single sign-on or integrated login. The simple way to not maintain a credential database or passwords is to validate against a 3. party website. This is where the Office 365 Portal comes in handy, especially because many companies are already validating against or with it. I created this code as part of another solution, the example here has been cut down for demonstration purposes and easy integration. You will be able to validate against Portal.microsoftonline.com as long as the login is allowed for [...]

By | 2017-12-11T08:59:07+00:00 December 11th, 2017|Office 365, Scripting & Development, Security|1 Comment

ConfigMgr PowerShell and WMI Excel spreadsheet

I just posted on Github updated version of Excel spreadsheet where you can find all the ConfigMgr PowerShell cmdlets, Primary Site WMI namespace methods, ConfigMgr Client WMI methods and COM object methods as well. You can download the Excel spreadsheet from here - https://github.com/Kaidja/ConfigMgrSDK/blob/master/ConfigMgr_cmdlets.xlsx

By | 2017-12-08T09:48:01+00:00 December 7th, 2017|Configuration Manager (SCCM), Powershell, Scripting|0 Comments

Intune: Use PowerShell management extension to enable BitLocker on a modern managed Win10 device

I wrote a blog post back in April on "how to manage BitLocker on a Azure AD Joined Windows 10 Device managed by Intune", where I also wrote a PowerShell script to automate the encryption process for the day that we would get PowerShell support in Intune. Well Microsoft announced in September the Management extension for Intune which basically lets you deploy PowerShell scripts via. Intune to Windows 10 devices. My co-worker Peter Daalmans wrote a great blog post about it right after, where he explained in more detail about the extension. I have a link for that post at [...]

PowerShell Script for updating Runbook Steps in a Task Sequence!

The MDT Toolkit is great! One very useful feature is the “Execute Runbook” Step, which can execute a runbook in Orchestrator. Unfortunately Orchestrator has a little quirk, when moving to new environment, such as moving from Test to Prod. All runbooks get a new GUID, and runbook parameters might get a new GUID.  Besides this, the Server names usually needs to be changed too! This can be a trivial task, which an automation guy like me hate to do! Everytime Server name is updated, all parameters has to be setup again. This also makes the task prone to errors! So [...]

Androids in the Enterprise, a blessing or nightmare? – part 1

Many people who know me know that I am not the fan boy of Android devices. It can be a nightmare when managing those devices, but is that still a valid statement or is it getting better? In this series of blogs, I want to try to get a clear view if Android devices in an Enterprise are a blessing or a nightmare. That there are Android devices connecting to most environments to get access to corporate data is a fact. When looking at Microsoft Intune we can block the ability that Android devices can be enrolled into Intune, but [...]

By | 2017-12-01T15:57:46+00:00 December 4th, 2017|Enterprise Mobility Suite (EMS), Security|3 Comments

Adjust Your Mirrors to Avoid Blind Spots

…and why the Enterprise needs IT visualization Two months ago, we launched the latest version of our cloud based visualization service CTGlobal Insight & Analytics and looking back at the last two years where we have been working with customers visualizing various IT KPI’s this post will answer the question I get from all customers “How do other companies avoid big blind spots in their enterprise IT?” We all know the depressing facts about the damage caused by Wanacry, Patya and Adylkuzz ransomware and we also know that the impact of these attacks could have been avoided if only security [...]

By | 2017-12-01T16:16:23+00:00 December 1st, 2017|Uncategorized|0 Comments

How to use SCCM SDK in C# with a WQL Query that contains joins

Sometimes you just stop and wonder: how DO you make a WQL query with joins and use it with the SCCM SDK in C#? It's that gnawing thought we all have right? So after spending an hour reading through people saying: "It's NOT supported!" and some people who said it was (without any examples whatsoever), I managed to get a small sample working. So if any of you should come across this challenge (which is of course the most of the world), then here is a code-example on how to do it: It's a small console application that output all [...]

The Big Bang and how it changed my life as an IT Pro

Maybe a misleading headline for my blog post, as it’s really the opposite message I’m trying to deliver. The Big Bang I’m referring to in the title is the change to a Cloud world from our “good old” on-premises infrastructure. For many organizations the Big Bang still hasn’t happened, not that organizations are not embracing new Cloud opportunities, most just can’t change everything overnight. Starting 5-6 years ago, I heard and read many stories that the “Cloud era” would be the end of life as we know it for IT Pros. Personally, I claim this statement to be false.For this [...]

By | 2017-11-14T16:10:52+00:00 November 14th, 2017|Configuration Manager (SCCM), Security, Windows Client|1 Comment

Windows 10: Modern Management – Automate OSD with a USB drive and a Provisioning Package

First of all this is not a blog post on how you create an provisioning package or how that works. However I will link a few other post from Microsoft to get you started if that is something you are looking for. So jump to the end of this post for a select few great posts on the topic. If you are using Autopilot, then you are using Autopilot, good for you! :) There may be situations where you want to combine provisioning packages and Autopilot. I will explain this further in an upcoming blogpost about Autopilot. Now, in this [...]

By | 2017-11-15T15:30:53+00:00 November 12th, 2017|Uncategorized|0 Comments

Intune: Reporting Part 1 – create basic inventory report directly from Intune Console

I am a ConfigMgr consultant by heart where I have spent most of my IT-career designing and building ConfigMgr Solutions for customers. And everyone that has worked with ConfigMgr knows that you can report on basically anything from the clients managed by ConfigMgr. If you don't see the data, the reason is probable that the the Agent is not configured to harvest it. Well for the past 3-4 years I have also been working with Intune where the reporting capabilities has been a bit limited, especially devices managed through mdm, however the reporting has capabilities been greatly improved over the [...]

By | 2017-11-13T00:23:52+00:00 October 31st, 2017|Azure, Enterprise Mobility Suite (EMS)|2 Comments

ConfigMgr: Issues setting up new MP’s? Check your SPN’s!

An old topic, revisited; This is just a quick blog post to inform any in the same situation as myself where a customer had some issues setting up 5 MP's at a customer. Now we all know that when setting up an new MP, or over time we may get some errors returned to us in one of the many log files monitoring the Management Point service in ConfigMgr. This is because MPs has quite a few prerequisites that either needs to be in place before it functions properly or needs TLC over time. The other day I was at [...]

By | 2017-11-13T00:22:16+00:00 October 30th, 2017|Configuration Manager (SCCM)|1 Comment