Petya Ransomware – The Attack method and Preventing it

Todays News is all about Petya - but the way it gets onto PCs and spreads across the network is actually old news. In short, Petya does 3 things: Encrypt your files, Steal credentials, spread to other machines. It takes advantage of the "Shadow Broker Vulnerability" MS17-010. If you have patched your machine, you will not be hit with the SMB exploit. How ever it also use Mimikatz like capabilities to steal credentials from the local machine and copy it self to other machines $Admin share. A kill-switch has been described as simple as creating a file called C:\Windows\perfc (without [...]

Set Desktop and Lock Screen wallpaper with Intune in Windows 10

This is a quick blog post to show you can set this fairly easily using Intune. Intune requires you to point to a URL for the wallpaper which at first seems a bit odd, but it actually makes a lot of sense when you have solutions like OneDrive. What am I talking about? Well, find a suitable wallpaper and place it on your Sharepoint OneDrive or Personal OneDrive. Then share the wallpaper and create a public viewing link like so   Next, test the link by pasting the URL into your browser and take a look at the result. It [...]

How to manage Bitlocker on a Azure AD Joined Windows 10 Device managed by Intune.

When joining a computer to AAD either manually or by using a provisioning package, Bitlocker will be enabled automatically if your device has the necessary prerequisites. However in the case that Bitlocker is disabled this is how you enable Bitlocker, save the Bitlocker Key Protector to ADD (also known as the recovery key) and recover the key in the case you need it. So this blog post is both for the end-user and IT-pro I guess. In this scenario we have configured a Device Compliance Policy in Intune where we require Encryption of data storage on devices and sent the [...]

Windows 10: Upgrade the edition with Intune in the new Azure Portal

Most professional PC’s delivered today is delivered with Windows 10 Pro (out of the box) which is a really good Operating System, covering most use-cases. However in the world of BYOD and CYOD (Bring your Own / Choose your Own Device) companies, enterprises, goverments, schools etc. often want to upgrade to either Enterprise or Education since these editions of Windows 10 are more feature rich and has a couple of enhancements compared to Pro. Luckly, changeing the SKU does not involve a reinstallation or an major upgrade of the OS. And from Windows 10 1607 (Anniversary Update) you could go [...]

Windows 10 1703 Creators Update: First impressions

Windows 10 creators update is out and I wanted to create a quick blog of the initial experience installing and enrolling it into one of my Azure Active Directory (AAD) test tenants. The initial installation is more or less the same as before, but we know for a while that Microsoft will improve the OoBE (Out of Box Experience) where it now has a new nicer flow and UI. It’s very interesting to see how Microsoft is investing in these types of features and it tells us (in my opinion) how Microsoft looks at the future of Device/Windows deployment and [...]

Notes from the field: Deploying Windows 7

I never thought that I would write a blog post about deploying Windows 7 x64 in UEFI mode and TPM 2.0 in 2016. However, I understand that bigger enterprises aren’t 100% ready to deploy Windows 10 but you should definitely have a plan for that. In this blog post I will point out some of the key things regarding Windows 7 SP1 x64, UEFI and TPM 2.0 and maybe this will be helpful for others as well. My experience is with HP models, like the EliteBook 820 G3 / 840 G3 and HP Probook 640 G3 / 650 G3.   [...]

By | 2017-08-22T10:29:05+00:00 August 15th, 2016|OS Deployment, Windows Client|3 Comments

December 11: Microsoft Enterprise Mobility Suite (EMS) Resources at your fingertips

I know it's a pompous title, but that still the idea behind what I want to show next. As an IT-Pro I am used to staying up to date on the latest technology that I am working with. And with On-premises solutions like traditional ConfigMgr implementations, staying up to date is not too hard with a little bit of effort since new features and updates are not added daily as opposed to what is going on in the Cloud. Now for some time now I have been working with Cloud services like Microsoft Intune and eventually EMS after the suite [...]

Add the “Trigger Setup Rollback” Step in Windows vNext (Windows 10) Upgrade Task Sequence for proper status monitoring

With the announcement of Windows 10 Microsoft released a pre-created Task Sequence for an in-place-upgrade scenario with all the necessary steps it takes to upgrade from Windows 7, 8 or 8.1. For more information and the task sequence itself go to the System Center Team blog here: The task sequence after imported into SCCM: Now, the task sequence comes 100 % out-of-the-box, but if you want to monitor Roll Back Scenarios then you have to add a simple step at the end of the sequence named Trigger Rollback. To do this simply create create the step under the Rollback [...]

Windows Defender not getting definition updates on a Windows 10 client managed by ConfigMgr

With the announcement of Windows 10 Microsoft said that ConfigMgr 2012 would natively support Windows Defender in the latest Service pack ( That means, for those of you who are using Endpoint Protection as the Antivirus solutions on clients and servers, needs to start using the Windows Defender instead and stop deploying SCEP (to Windows 10). Now, this is great because old policies work great, however definition updates for Endpoint Protection do not so we have to make a little adjustment to our routines. First confirmation on the policies: SCEP with Policy from SCCM: Windows defender with policy from SCCM: [...]

By | 2015-10-13T00:24:25+00:00 October 13th, 2015|Configuration Manager (SCCM), Windows Client|0 Comments

Install and Configure on-prem mobile device management (MDM) with ConfigMgr vNext TP3

This guide is written by Panu Saukko and Kent Agerlund (both Microsoft Enterprise Client MVP’s). These are the steps we used in our demo environments to configure the new on-prem MDM feature in system Center Configuration Manager vNext Technical Preview 3. In the article you will notice that we used two different environments and you will see screenshots from both environments. Don’t let that confuse you, happy reading and enrolling. The environments we used are: Configuration Manager site: vn3, Site Server:, Domain:, PKI server: Configuration Manager site: C15, Domain: cmdemo.local, PKI server: cm-dc1.cmdemo.local System Center 2012 Configuration [...]

Managing Windows 10 using On-premises MDM in System Center Configuration Manager vNext

There is a new management agent in town…. the built-in Windows 10 management agent. With that agent you are able to deploy applications (with some limitations in TP3), gather inventory data and deploy configuration items.  in this post I will describe how to you can create configuration items to control various settings. If you want to play around with the complete list of Windows Defender settings you can download the full list of CI’s here (I didn’t have time to test all of them……just saying). The MDM requirements are a little tricky in the sense that you need the following [...]

By | 2015-09-06T20:58:34+00:00 September 6th, 2015|Configuration Manager (SCCM), Windows Client|0 Comments

Troubleshooting with Remote Desktop Connection – Solving the issues

Problems like: Cannot connect to the machine Not able to sign in on the machine / user / server Security is blocking my connection Quote: "To sign in remotely, you need the right to sign in through Remote Desktop Services. By default members of the Administrators group have this right. If the group you're in does not have the right, or  if the right has been removed from the Administrators group, you need to be granted the right manually." I will now help you with some troubleshooting. Basically there's no fast way of doing it, but every time you've done [...]

Create Windows 10 Enterprise ISO from Professional media

Microsoft has released build 10041 of Windows 10 Technical preview, but again there is only an ISO for the Professional edition.The workaroundwell lucky for us, there is a way around this. It is possible to utilize DISM to change editions of Windows, so by running a few commands we can upgrade the install.wim from Pro to Enterprise.To do this you need a computer with Windows 10 installed, as we need the latest version of DISM. Simply install Windows 10 Pro using the latest release on a physical or virtual computer.Mount the Windows 10 Pro ISO, and copy the content to [...]

By | 2015-04-21T10:14:14+00:00 April 21st, 2015|General info, Windows Client|0 Comments

Lenovo Laptop Bugs – System Update & Not Waking Up From Sleep Mode

Before we begin, I would like you to download this System Updater from Lenovo - you will have to use it later on: For Windows 7, Windows 8,  Windows 8.1 -   For Windows 2000, XP and Vista -  If you recently bought a Lenovo computer or laptop, you might as well know some of these problems. Problem: Lenovo laptop won't wake up from sleep, there are driver problems & the Fn and CTRL are not working correctly. Let's start with the Fn & CTRL button. Most of you may have noticed that there is a problem with the [...]

Windows 10 Preview Start Menu not working in build 9926

A quick fix to the StartMenu issue in Windows 10 Technical Preview Build 9926 During deployment of your Windows 10 image, you can fix this issue by prepping the default user profile, so that all users logging on to the device will benefit from the fix. In the registry key HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced Create a REG_DWORD with the name EnableXamlStartMenu Set the value to 0 (zero) Or simply use this command to do it during a Task Sequence reg.exe add hku\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v EnableXamlStartMenu /t REG_DWORD /d 0 /f

Using Group Policy to Disable Proxy Settings in Chrome

Here is the download link for the Google Chrome Policy Template. You can save it where you want, just remember to save it where you can find it When it's downloaded, follow the guide because you will need it later on. Problem: Error 130 (net::ERR_PROXY_CONNECTION_FAILED) Proxy server connection failed or Unable to connect to the proxy server I am aware of the problem that Google Chrome is enabling the use of Proxy in some versions of Windows. Through this guide, you will be able to change the settings of the use of Proxy in Google Chrome for all users, [...]

Deploying Windows 8 with MBAM Used-Space-Only Encryption

Windows 8 comes with the option to pre-provision the disk for use with BitLocker, allowing only the used-space to be encrypted, thus reducing the encryption time a lot. Problem occur when enterprises want to use the Microsoft Bitlocker Administration and Monitoring (MBAM) toolkit from the Microsoft Desktop Optimization Pack (MDOP) to store BitLocker recovery keys, and track compliance. MBAM 2.0 sp1 does not support used-space encryption as per the release notes, forcing enterprises to either drop MBAM or perform full encryption of the disk, which can be a time consuming task depending on disk size and CPU performance. After spending [...]

By | 2014-03-11T15:35:38+00:00 March 11th, 2014|OS Deployment, Security, Windows Client|14 Comments

Dealing with Network Printers in Configuration Manager 2012

There are multiple ways how you can add a network printer to a PC and of course you can do that also with Compliance Settings in Configuration Manager. In PowerShell we can use Add-Printer cmdlet and if you don’t have the latest PowerShell version, then you can use Win32_Printer WMI class to add the Printer. If you don’t want to depend on a specific PowerShell version, then maybe the easiest way is to use Win32_Printer WMI Class. Here are the scripts/cmdlets that you can use Discovery Scripts Option 1 Win32_Printer WMI Class query Get-WmiObject -Class Win32_Printer -Filter "Name='\\\\CTTERM\\CTColorPrint01'" | Measure-Object [...]

No cable connection when running Hyper-V on a Windows 8 workstation

  For quite some time I haven’t been able to use a cable connection, but never had the time to investigate why. Today it got too much (and also, I couldn’t to the wireless). The network adapter was enabled and I didn’t have any Hyper-V virtual switches to interfere with the connection. Turns out the Hyper-V Extensible Virtual Switch was enabled on the NIC.     Once disabling this I could the cable connection on my laptop.

By | 2013-08-27T21:25:24+00:00 August 27th, 2013|Virtualization, Windows Client|0 Comments

Deploy Windows 8 Enterprise x86 on a UEFI x86 device using SCCM 2012 SP1

New Toys For The Boys Don’t we all love new toys, especially the ones that require an occasional recharge. The latest thing I got my hands on is the Lenovo Tablet 2, a very nice 10” tablet thing, with a couple of nice add-ons, like a docking  station, Bluetooth keyboard and a pen like stylus. But what I really like about it is that it runs a full version of Windows 8 x86, which means that I can deploy its OS over and over again   So I fired up my SCCM Console to do exactly that … The Drivers [...]