How to manage Bitlocker on a Azure AD Joined Windows 10 Device managed by Intune.

When joining a computer to AAD either manually or by using a provisioning package, Bitlocker will be enabled automatically if your device has the necessary prerequisites. However in the case that Bitlocker is disabled this is how you enable Bitlocker, save the Bitlocker Key Protector to ADD (also known as the recovery key) and recover the key in the case you need it. So this blog post is both for the end-user and IT-pro I guess. In this scenario we have configured a Device Compliance Policy in Intune where we require Encryption of data storage on devices and sent the [...]

Disable Onedrive Updates from a Task Sequence

In order to fully control OneDrive updates I was tasked to find a method to disable OneDrive from doing updates on its own. Given that there is no registry setting or GPO that allow you to disable automatic updates from happening I was forced to look for other methods. The update check is performed by a Scheduled Task that runs once every day If you look in the Scheduled Task manager you will find one or two tasks related to OneDrive. So in order to prevent OneDrive from doing any updates I first tried to delete any tasks related to [...]

By |2017-08-22T10:30:37+01:00april 18th, 2017|Configuration Manager (SCCM)|Kommentarer lukket til Disable Onedrive Updates from a Task Sequence

Getting WSUS sync errors in ConfigMgr 1702

Got a lot of these today on my ConfigMgr 1702 site server. STATMSG: ID=6704 SEV=I LEV=M SOURCE="SMS Server" COMP="SMS_WSUS_SYNC_MANAGER" SYS=CTSCCM01.CORETECH.INTRA SITE=CT1 PID=10584 TID=18504 GMTDATE=ti apr 11 20:00:03.729 2017 ISTR0="" ISTR1="" ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0    SMS_WSUS_SYNC_MANAGER    11-04-2017 22:00:03    18504 (0x4848) Synchronizing WSUS server ctsccm01.coretech.intra ...    SMS_WSUS_SYNC_MANAGER    11-04-2017 22:00:04    29196 (0x720C) sync: Starting WSUS synchronization    SMS_WSUS_SYNC_MANAGER    11-04-2017 22:00:04    29196 (0x720C) sync: WSUS synchronizing categories    SMS_WSUS_SYNC_MANAGER    11-04-2017 22:00:12    29196 (0x720C) sync: WSUS synchronizing categories, processed 2 out of 2 items (100%)    SMS_WSUS_SYNC_MANAGER    11-04-2017 22:00:13    29196 (0x720C) Sync failed: UssInternalError: SoapException: Fault occurred~~at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, [...]

By |2017-04-11T22:23:14+01:00april 11th, 2017|Configuration Manager (SCCM)|4 Comments

Windows 10: Upgrade the edition with Intune in the new Azure Portal

Most professional PC’s delivered today is delivered with Windows 10 Pro (out of the box) which is a really good Operating System, covering most use-cases. However in the world of BYOD and CYOD (Bring your Own / Choose your Own Device) companies, enterprises, goverments, schools etc. often want to upgrade to either Enterprise or Education since these editions of Windows 10 are more feature rich and has a couple of enhancements compared to Pro. Luckly, changeing the SKU does not involve a reinstallation or an major upgrade of the OS. And from Windows 10 1607 (Anniversary Update) you could go [...]

Windows 10 1703 Creators Update: First impressions

Windows 10 creators update is out and I wanted to create a quick blog of the initial experience installing and enrolling it into one of my Azure Active Directory (AAD) test tenants. The initial installation is more or less the same as before, but we know for a while that Microsoft will improve the OoBE (Out of Box Experience) where it now has a new nicer flow and UI. It’s very interesting to see how Microsoft is investing in these types of features and it tells us (in my opinion) how Microsoft looks at the future of Device/Windows deployment and [...]

By |2017-04-06T11:47:03+01:00april 6th, 2017|Configuration Manager (SCCM), Enterprise Mobility Suite (EMS), Windows Client|Kommentarer lukket til Windows 10 1703 Creators Update: First impressions