Windows 10 1703 Creators Update: First impressions

Windows 10 creators update is out and I wanted to create a quick blog of the initial experience installing and enrolling it into one of my Azure Active Directory (AAD) test tenants. The initial installation is more or less the same as before, but we know for a while that Microsoft will improve the OoBE (Out of Box Experience) where it now has a new nicer flow and UI. It’s very interesting to see how Microsoft is investing in these types of features and it tells us (in my opinion) how Microsoft looks at the future of Device/Windows deployment and [...]

A couple of nice little OSD tweaks in ConfigMgr 1702

ConfigMgr 1702 have a wealth of new features and client management improvements. This one might not be the reason you upgrade, but it’s still nice and worth a blog post. With 1702 you can customize your task sequence information and control what’s being displayed to the end-user. in this example you should notice a few changed in software center. Looking at my Upgrade task sequence, I now have information about download time/size and restart. when I start the task sequence, I have interesting information from my IT department telling me why the company is upgrading to Windows 10 All of [...]

Send Email for SCSM 2016 – Service Request

System Center Service Manager 2016 have been released for quite a while now and more and more are starting the upgrade process. As you probably know, the .NET framework has also been bumped to 4.5.1, which effectively means that all solutions made in the old .NET 3.5 Framework also needs to be upgraded. Microsoft have done their part, but all custom solutions needs to be upgraded as well as community solutions. One of those solutions is the popular Send Email  made my Travis Wright for Incident (codeplex project uploaded by Christian Booth)and later adopted to Service Requests by Patrick Sundqvist. [...]

By | 2017-03-27T23:08:18+00:00 March 27th, 2017|Service Manager (SCSM)|4 Comments

Android for Work in Configuration Manager 1702

Android for Work support was introduced in Intune standalone in late 2016. With the latest release of Configuration Manager current branch we also have AFW support in hybrid environments. In order to configure AFW a few things to you need to ensure first: Have a couple of Android devices with Android 5.0 or higher Create a Google account to be used as the Android for work admin account Configure Android for Work In the ConfigMgr console navigate to Administration workspace / Overview / Cloud Services / Microsoft Intune Subscriptions and click Configure Platforms / Android For Work. Notice the dialog [...]

By | 2017-03-27T08:38:21+00:00 March 27th, 2017|Configuration Manager (SCCM)|1 Comment

Cloud Management Gateway with Sub CA

The new Cloud Management Gateway is going to make a big difference in the way we manage endpoints away from home in the future. The feature is a System Center Configuration Manager 1610 pre-release feature. Being a pre-release typically means = a little troubleshooting is required to get the feature working in different environments. In my previous blog post I described an issue with software update scan failing. The troubleshooting steps used in this blog post, are similar what I have described there. In this environment we have a PKI with a Sub CA, and as part of the certificate [...]

By | 2017-03-15T10:54:35+00:00 March 15th, 2017|Configuration Manager (SCCM), General info|8 Comments

Software Update scan error using Cloud Management Gateway

First, I need to say….the new Cloud Management Gateway feature in Configuration Manager 1610 is awesome. There are a couple of gotchas you need to know about, when creating the service, but once you have overcome those hurdles - you will look like a hero at work, and be known as the person who finally enabled client management on internet based endpoints like road-warriors and colleagues working from home. In the wuahandler.log on the client you might run into Scan failed with error = 0x80240439. If that happens, first step in your troubleshooting should be checking he configuration manager agent [...]

By | 2017-03-14T08:13:09+00:00 March 14th, 2017|Configuration Manager (SCCM), General info|5 Comments

Watch out when using $PSModuleAutoLoadingPreference = “none” in a PS Remote Session in Windows Server 2016

Recently I discovered a change in the default behavior of PSRemoting Sessions in Windows Server 2012 R2 vs. Server 2016. I was migrating a script from 2012R2 to 2016 and surprisingly, I got this error:   The term 'Get-Date' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included , verify that the path is correct and try again. + CategoryInfo : ObjectNotFound: (Get-Date:String) [], CommandNotFoundException + FullyQualifiedErrorId : CommandNotFoundException + PSComputerName : ctaa01   When I vestigated the issue I found that [...]

Q&A from the Flexera & Coretech webinar

Could you please tell me how many days can I use the trial version of Dashboard? Looks very useful for my SCCM infra. Also please let me know how to opt for dashboard after the trial period.First a huge thanks for all attending the webinar, as promised he are a list of the questions that we didn’t have time to answer during the webinar. Q: We already use Flexera for compliance. Is "Patching" included in it OR is it a separate module? A: Patching is integrated in the standard CSI solution. You can either patch using WSUS or integrate with [...]

By | 2017-01-26T12:17:24+00:00 January 26th, 2017|Configuration Manager (SCCM), General info|0 Comments

Default Site-Boundary-Group and boundaries

The purpose of the Default Site-Boundary-Group is to service clients that are not served by any other boundary group (that being local boundary group or neighbor boundary group). However in ConfigMgr 1610 there has been some confusement around the fact that you can add boundaries to the Default Site-Boundary-Group . I’ve been asked a couple of times if we should add all boundaries to the Default Site-Boundary-Group since the group is automatically configured for Site assignment. My take on that is NO, don’t use the Default Site-Boundary-Group as you don’t really control it. You will also notice that you can’t [...]

By | 2017-01-23T13:34:33+00:00 January 23rd, 2017|Configuration Manager (SCCM), General info|3 Comments

2017 SCUG Dates are planned

We are ready to kickoff Season 9, with at least 4 full day events in the Copenhagen area. If you haven’t signed up yet, please visit our meetup site - https://www.meetup.com/SCUGDK/ Dates and facilities are booked. We are still planning speakers, so far we do have Greg Ramsey, Jason Sandys, Ronni Pedersen and Kent Agerlund signed up but many more will follow. Let us know who you would like as guest speaker and also what topics – make you voice heard on our meetup site. Book the dates: March 24 May 5 August 21 October 13 Our sponsors in 2017 [...]

By | 2017-08-22T10:30:00+00:00 January 19th, 2017|Events|0 Comments

Error installing WSUS using a remote SQL and non-standard SQL port

Ran into this error earlier today while trying to install WSUS using a remote SQL 2014 SP2 server with non-standard SQL ports. 2016-11-22 20:30:13  Stopping service WSUSService 2016-11-22 20:30:13  Stopping service W3SVC 2016-11-22 20:30:13  Configuring database... 2016-11-22 20:30:13  Configuring the database... 2016-11-22 20:30:13  Establishing DB connection... 2016-11-22 20:31:14  System.Data.SqlClient.SqlException (0x80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a [...]

By | 2017-08-22T10:29:40+00:00 November 22nd, 2016|Configuration Manager (SCCM), SQL|0 Comments

VIP Users Part 2 or how to synchronize group membership from AD to SCSM

Dealing with VIP users is a common practice within Service Management. This old blogpost explains a very good approach to mark VIP users in SCSM as VIP users. We simply extend the User class with an extra boolean property (true/false) and we then expose that property on the Incident right under the Affected User. That way Analysts can quickly see if the person is VIP and you can also make various workflows or notifications based on this property.   What is missing in the above post is how we figure out who is VIP or not. For many, this relationship [...]

By | 2017-08-30T11:48:15+00:00 November 15th, 2016|Automation, Powershell, Service Manager (SCSM)|2 Comments

Ready to Upgrade to SCOM 2016?

  Weehau - we got the new version of SCOM – and many companies are already thinking about the upgrade, when how and why? – First the last – A couple of new features are available like: Maintenance from the SCOM Agent Scheduled Maintenance Mode Agent for Nano Server New Agent for Linus/UNIX – Faster more robust and able to run shell scripts by itself LAMP Stack monitoring on Linux Good performance in mornitoring Network Devices Storage Spaces monitoring by Microsoft Native MP MP Tuning, Updates and Recommended MP in the Console A MP for AWS which are able to [...]

By | 2016-11-03T09:16:15+00:00 November 3rd, 2016|Operations Manager (SCOM)|1 Comment

Unlock BitLocker Encrypted Drive From WinPE the Secure Way!

I have seen several blog posts on how to unlock a BitLocker encrypted drive from Windows PE, using the recovery password stored in the Microsoft Bitlocker Administration and Monitoring (MBAM) SQL Server database. What's the problem with these solutions? All of these have one thing in common: they query the SQL database directly, requires changing SQL Server configuration and granting access to the database directly. Why is this a problem? Well, in my opinion this is a bad design approach, as the core purpose of implementing BitLocker volume encryption and MBAM is to secure our data from being compromised. By [...]

By | 2016-10-12T08:49:13+00:00 October 12th, 2016|Configuration Manager (SCCM), OS Deployment, Security|7 Comments

Notes from the Top 10 Enterprise client management frustrations and how to avoid them session @ ITDevconnections in Las Vegas, October 2016

Thanks to all who attended Peter Daalmans and my session earlier today @ITDevconnections in Vegas. 10 – Dealing with ConfigMgr clients http://blog.configmgrftw.com/configmgr-client-startup-script/ – Jason Sandys Startup script 9 – User friendly OS deployments http://blog.configmgrftw.com/uiplusplus/ – Jasons Sandys UI++ OSD Frontend 8 - Stay current Get a test environment to test SCCM upgrades. For SQL 2016 check this deck from Brian Mason ttps://www.mnscug.org/images/stories/MNSCUGSQL2016.zip 7 – The beginning Think about what you include in your queries and collections - http://mrbodean.net/2016/10/06/why-you-should-not-like-like/ https://stevethompsonmvp.wordpress.com/ – Steve Thompson blog on SQL and Performance issues -- WITH ROLLUP SELECT             CASE RefreshType                         WHEN 1 THEN 'No [...]

By | 2016-10-11T19:45:28+00:00 October 11th, 2016|Events|0 Comments

Azure Automation + Slack + Service Manager

In this post I will demonstrate an example on how to use the popular team collaboration tool Slack together with Azure Automation to retrieve data from your on-premise SCSM environment. The data in this example are Incidents retrieved via an Azure Powershell runbook. The setup is very simple and does not require any development skills (only a little powershell ). The scope could easily be extended to more useful scenarious such as sending reviewal messages to your managers or perhaps a Change Advisory Board (CAB) to accept or decline Review Activities in their small team meeting room. This is just [...]

By | 2016-09-21T16:37:43+00:00 September 21st, 2016|Azure, Service Manager (SCSM)|1 Comment

The Impact of introducing the Microsoft Enterprise Mobility + Security in the organization

The Impact of introducing the Microsoft Enterprise Mobility + Security in the organization In my work as an advisor and consultant I see organizations adapting to the emerging IT landscape, where user behavior is changing and security risks are increasing. In the midst of this change, I encounter frustrated IT professionals trying to keep up with everything and not having enough time to do so. I encourage my customers to be on top of changes and make sure they stay on top. That message goes beyond IT pros and extends to business owners and managers who can no longer afford [...]

Azure Function to enable Microsoft Graph API webhook subscriptions to Azure Automation webhooks

Azure Functions is a great new, cheap and easy way to publish simple web services. Functions can be written in multiple languages such as C#, PowerShell or even Batch! You can read more about them here: https://azure.microsoft.com/en-us/services/functions/ This Azure Function is based on PowerShell and I have used it in multiple session on conferences such as MMS 2016 (was in a C# version though) and System Center Universe Europe 2016 About the function: When using subscriptions in Microsoft Graph API, you have to Validate your webhook by returning a verification code which Graph API sends to the webhook. Unfortunately Azure [...]

By | 2016-08-24T16:00:48+00:00 August 24th, 2016|Azure|0 Comments

Notes from the field: Deploying Windows 7

I never thought that I would write a blog post about deploying Windows 7 x64 in UEFI mode and TPM 2.0 in 2016. However, I understand that bigger enterprises aren’t 100% ready to deploy Windows 10 but you should definitely have a plan for that. In this blog post I will point out some of the key things regarding Windows 7 SP1 x64, UEFI and TPM 2.0 and maybe this will be helpful for others as well. My experience is with HP models, like the EliteBook 820 G3 / 840 G3 and HP Probook 640 G3 / 650 G3.   [...]

By | 2017-08-22T10:29:05+00:00 August 15th, 2016|OS Deployment, Windows Client|3 Comments

Unknown error creating the Intune connector in Configuration Manager CB

Recently ran into an unknown error while trying to create the Intune connector in ConfigMgr 1602 (and 1606). The error occurred in the “Create Microsoft Intune Subscription Wizard” when trying to Sign in using a Global Admin Azure account. For those of you who do not understand Danish (yet), the error message is something like “An Unexpected error occurred”. The GA Azure account is a “service account” and not used to enroll mobile devices. For that reason the account wasn’t assigned an Enterprise Mobility Suite (EMS) license.  The solution: Assign an EMS license in Azure Active Directory to the Global [...]

Cireson Portal – Getting started with customization and general tips & tricks

  This post is made to help you get started with customizing the Cireson self-service Portal, but also includes a collection of customization code examples and tips you perhaps didn’t know about. The blogpost will mainly focus on customization done in CSS and Javascript/jQuery and not the customization you can do via the Cireson administration GUI or JSON files. If you are new to the Cireson Portal I would recommend you to read up on some of the good knowledge articles Cireson has on the topic. I’ve gathered a list here which also include some external ressources from the community. [...]

By | 2017-08-30T12:31:18+00:00 July 12th, 2016|Service Manager (SCSM)|0 Comments

OMS Automation: How to handle OMS Alert result data in a runbook

Currently we are doing Demos upon demos, POC upon POC of OMS. Everybody seems keen to get into to it! One of the function of OMS Log Search is Alerts. These alerts can be setup to trigger a runbook in Automation when the alerts trigger. Here is a simple template to use for getting the content of the data sent from OMS: [crayon-5a1521c447508225435870/] Thats it !  

By | 2016-06-29T16:18:35+00:00 June 29th, 2016|Azure|1 Comment

Error enrolling devices into Intune & Configuration Manager 1602

Enrolling devices into Intune and & ConfigMgr is normally straight forward until you run into issues. Below is an example where I received an enrollment error (picture 1), clicking Continue leads me to picture 2. As you can see in picture two the Enrollment Update turns from Warning to Checkmark, but only for about 5 seconds then it goes back to a warning.     Troubleshooting mobile devices is slightly different than traditional desktop troubleshooting. The troubleshooting options depends on the device (Android, iOS or Windows). In this example my device was an Android. You can email the log files [...]

Create ConfigMgr Servicing Plans with Excel and PowerShell

Last week I posted one example how to create ConfigMgr Servicing Plans with PowerShell. In this post I will show you how to create Servicin Plans using Excel. Step 1 is to create a table like this If you have that table with necessary information or if needed you can add more data, then simply save it as a CSV file and import the data to PowerShell.   Here is one quick and simple example how to create these Servicing Plans based on a CSV file and if needed create the Device Collections as well. This example also assumes that [...]

By | 2016-05-31T21:32:16+00:00 May 31st, 2016|Configuration Manager (SCCM)|0 Comments