Q&A from the Flexera & Coretech webinar

Could you please tell me how many days can I use the trial version of Dashboard? Looks very useful for my SCCM infra. Also please let me know how to opt for dashboard after the trial period.First a huge thanks for all attending the webinar, as promised he are a list of the questions that we didn’t have time to answer during the webinar. Q: We already use Flexera for compliance. Is "Patching" included in it OR is it a separate module? A: Patching is integrated in the standard CSI solution. You can either patch using WSUS or integrate with [...]

By | 2017-01-26T12:17:24+00:00 January 26th, 2017|Configuration Manager (SCCM), General info|0 Comments

Default Site-Boundary-Group and boundaries

The purpose of the Default Site-Boundary-Group is to service clients that are not served by any other boundary group (that being local boundary group or neighbor boundary group). However in ConfigMgr 1610 there has been some confusement around the fact that you can add boundaries to the Default Site-Boundary-Group . I’ve been asked a couple of times if we should add all boundaries to the Default Site-Boundary-Group since the group is automatically configured for Site assignment. My take on that is NO, don’t use the Default Site-Boundary-Group as you don’t really control it. You will also notice that you can’t [...]

By | 2017-01-23T13:34:33+00:00 January 23rd, 2017|Configuration Manager (SCCM), General info|3 Comments

2017 SCUG Dates are planned

We are ready to kickoff Season 9, with at least 4 full day events in the Copenhagen area. If you haven’t signed up yet, please visit our meetup site - https://www.meetup.com/SCUGDK/ Dates and facilities are booked. We are still planning speakers, so far we do have Greg Ramsey, Jason Sandys, Ronni Pedersen and Kent Agerlund signed up but many more will follow. Let us know who you would like as guest speaker and also what topics – make you voice heard on our meetup site. Book the dates: March 24 May 5 August 21 October 13 Our sponsors in 2017 [...]

By | 2017-08-22T10:30:00+00:00 January 19th, 2017|Events|0 Comments

Error installing WSUS using a remote SQL and non-standard SQL port

Ran into this error earlier today while trying to install WSUS using a remote SQL 2014 SP2 server with non-standard SQL ports. 2016-11-22 20:30:13  Stopping service WSUSService 2016-11-22 20:30:13  Stopping service W3SVC 2016-11-22 20:30:13  Configuring database... 2016-11-22 20:30:13  Configuring the database... 2016-11-22 20:30:13  Establishing DB connection... 2016-11-22 20:31:14  System.Data.SqlClient.SqlException (0x80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a [...]

By | 2017-08-22T10:29:40+00:00 November 22nd, 2016|Configuration Manager (SCCM), SQL|0 Comments

VIP Users Part 2 or how to synchronize group membership from AD to SCSM

Dealing with VIP users is a common practice within Service Management. This old blogpost explains a very good approach to mark VIP users in SCSM as VIP users. We simply extend the User class with an extra boolean property (true/false) and we then expose that property on the Incident right under the Affected User. That way Analysts can quickly see if the person is VIP and you can also make various workflows or notifications based on this property.   What is missing in the above post is how we figure out who is VIP or not. For many, this relationship [...]

By | 2017-08-30T11:48:15+00:00 November 15th, 2016|Automation, Powershell, Service Manager (SCSM)|2 Comments

Ready to Upgrade to SCOM 2016?

  Weehau - we got the new version of SCOM – and many companies are already thinking about the upgrade, when how and why? – First the last – A couple of new features are available like: Maintenance from the SCOM Agent Scheduled Maintenance Mode Agent for Nano Server New Agent for Linus/UNIX – Faster more robust and able to run shell scripts by itself LAMP Stack monitoring on Linux Good performance in mornitoring Network Devices Storage Spaces monitoring by Microsoft Native MP MP Tuning, Updates and Recommended MP in the Console A MP for AWS which are able to [...]

By | 2016-11-03T09:16:15+00:00 November 3rd, 2016|Operations Manager (SCOM)|1 Comment

Unlock BitLocker Encrypted Drive From WinPE the Secure Way!

I have seen several blog posts on how to unlock a BitLocker encrypted drive from Windows PE, using the recovery password stored in the Microsoft Bitlocker Administration and Monitoring (MBAM) SQL Server database. What's the problem with these solutions? All of these have one thing in common: they query the SQL database directly, requires changing SQL Server configuration and granting access to the database directly. Why is this a problem? Well, in my opinion this is a bad design approach, as the core purpose of implementing BitLocker volume encryption and MBAM is to secure our data from being compromised. By [...]

By | 2016-10-12T08:49:13+00:00 October 12th, 2016|Configuration Manager (SCCM), OS Deployment, Security|7 Comments

Notes from the Top 10 Enterprise client management frustrations and how to avoid them session @ ITDevconnections in Las Vegas, October 2016

Thanks to all who attended Peter Daalmans and my session earlier today @ITDevconnections in Vegas. 10 – Dealing with ConfigMgr clients http://blog.configmgrftw.com/configmgr-client-startup-script/ – Jason Sandys Startup script 9 – User friendly OS deployments http://blog.configmgrftw.com/uiplusplus/ – Jasons Sandys UI++ OSD Frontend 8 - Stay current Get a test environment to test SCCM upgrades. For SQL 2016 check this deck from Brian Mason ttps://www.mnscug.org/images/stories/MNSCUGSQL2016.zip 7 – The beginning Think about what you include in your queries and collections - http://mrbodean.net/2016/10/06/why-you-should-not-like-like/ https://stevethompsonmvp.wordpress.com/ – Steve Thompson blog on SQL and Performance issues -- WITH ROLLUP SELECT             CASE RefreshType                         WHEN 1 THEN 'No [...]

By | 2016-10-11T19:45:28+00:00 October 11th, 2016|Events|0 Comments

Azure Automation + Slack + Service Manager

In this post I will demonstrate an example on how to use the popular team collaboration tool Slack together with Azure Automation to retrieve data from your on-premise SCSM environment. The data in this example are Incidents retrieved via an Azure Powershell runbook. The setup is very simple and does not require any development skills (only a little powershell ). The scope could easily be extended to more useful scenarious such as sending reviewal messages to your managers or perhaps a Change Advisory Board (CAB) to accept or decline Review Activities in their small team meeting room. This is just [...]

By | 2016-09-21T16:37:43+00:00 September 21st, 2016|Azure, Service Manager (SCSM)|1 Comment

The Impact of introducing the Microsoft Enterprise Mobility + Security in the organization

The Impact of introducing the Microsoft Enterprise Mobility + Security in the organization In my work as an advisor and consultant I see organizations adapting to the emerging IT landscape, where user behavior is changing and security risks are increasing. In the midst of this change, I encounter frustrated IT professionals trying to keep up with everything and not having enough time to do so. I encourage my customers to be on top of changes and make sure they stay on top. That message goes beyond IT pros and extends to business owners and managers who can no longer afford [...]

Azure Function to enable Microsoft Graph API webhook subscriptions to Azure Automation webhooks

Azure Functions is a great new, cheap and easy way to publish simple web services. Functions can be written in multiple languages such as C#, PowerShell or even Batch! You can read more about them here: https://azure.microsoft.com/en-us/services/functions/ This Azure Function is based on PowerShell and I have used it in multiple session on conferences such as MMS 2016 (was in a C# version though) and System Center Universe Europe 2016 About the function: When using subscriptions in Microsoft Graph API, you have to Validate your webhook by returning a verification code which Graph API sends to the webhook. Unfortunately Azure [...]

By | 2016-08-24T16:00:48+00:00 August 24th, 2016|Azure|0 Comments

Notes from the field: Deploying Windows 7

I never thought that I would write a blog post about deploying Windows 7 x64 in UEFI mode and TPM 2.0 in 2016. However, I understand that bigger enterprises aren’t 100% ready to deploy Windows 10 but you should definitely have a plan for that. In this blog post I will point out some of the key things regarding Windows 7 SP1 x64, UEFI and TPM 2.0 and maybe this will be helpful for others as well. My experience is with HP models, like the EliteBook 820 G3 / 840 G3 and HP Probook 640 G3 / 650 G3.   [...]

By | 2017-08-22T10:29:05+00:00 August 15th, 2016|OS Deployment, Windows Client|3 Comments

Unknown error creating the Intune connector in Configuration Manager CB

Recently ran into an unknown error while trying to create the Intune connector in ConfigMgr 1602 (and 1606). The error occurred in the “Create Microsoft Intune Subscription Wizard” when trying to Sign in using a Global Admin Azure account. For those of you who do not understand Danish (yet), the error message is something like “An Unexpected error occurred”. The GA Azure account is a “service account” and not used to enroll mobile devices. For that reason the account wasn’t assigned an Enterprise Mobility Suite (EMS) license.  The solution: Assign an EMS license in Azure Active Directory to the Global [...]

Cireson Portal – Getting started with customization and general tips & tricks

  This post is made to help you get started with customizing the Cireson self-service Portal, but also includes a collection of customization code examples and tips you perhaps didn’t know about. The blogpost will mainly focus on customization done in CSS and Javascript/jQuery and not the customization you can do via the Cireson administration GUI or JSON files. If you are new to the Cireson Portal I would recommend you to read up on some of the good knowledge articles Cireson has on the topic. I’ve gathered a list here which also include some external ressources from the community. [...]

By | 2017-08-30T12:31:18+00:00 July 12th, 2016|Service Manager (SCSM)|0 Comments

OMS Automation: How to handle OMS Alert result data in a runbook

Currently we are doing Demos upon demos, POC upon POC of OMS. Everybody seems keen to get into to it! One of the function of OMS Log Search is Alerts. These alerts can be setup to trigger a runbook in Automation when the alerts trigger. Here is a simple template to use for getting the content of the data sent from OMS: [crayon-59c47e535f371721690573/] Thats it !  

By | 2016-06-29T16:18:35+00:00 June 29th, 2016|Azure|1 Comment

Error enrolling devices into Intune & Configuration Manager 1602

Enrolling devices into Intune and & ConfigMgr is normally straight forward until you run into issues. Below is an example where I received an enrollment error (picture 1), clicking Continue leads me to picture 2. As you can see in picture two the Enrollment Update turns from Warning to Checkmark, but only for about 5 seconds then it goes back to a warning.     Troubleshooting mobile devices is slightly different than traditional desktop troubleshooting. The troubleshooting options depends on the device (Android, iOS or Windows). In this example my device was an Android. You can email the log files [...]

Create ConfigMgr Servicing Plans with Excel and PowerShell

Last week I posted one example how to create ConfigMgr Servicing Plans with PowerShell. In this post I will show you how to create Servicin Plans using Excel. Step 1 is to create a table like this If you have that table with necessary information or if needed you can add more data, then simply save it as a CSV file and import the data to PowerShell.   Here is one quick and simple example how to create these Servicing Plans based on a CSV file and if needed create the Device Collections as well. This example also assumes that [...]

By | 2016-05-31T21:32:16+00:00 May 31st, 2016|Configuration Manager (SCCM)|0 Comments

ConfigMgr cmdlets and Lazy properties

If you have worked with Configuration Manager before, then most probably you know that some of the WMI classes contain lazy properties. Microsoft cmdlets for ConfigMgr queries by default these lazy properties, for example If you query the same Device Collection directly through WMI, then you don’t see RefreshSchedule property value. If you need to query lazy properties, then you can use the .GET() method or [WMI] accelerator. Starting from 1604 cmdlets we have a new parameter called -FAST. Parameter FAST allows us to skip Lazy properties and this should make the queries much faster and should also lower the [...]

By | 2016-05-26T17:43:26+00:00 May 26th, 2016|Configuration Manager (SCCM)|0 Comments

ConfigMgr Move-CMObject issue and one possible workaround

If you have been following me in twitter, then most likely you already know that the Move-CMObject cmdlet is broken in 1604 release. Here is one quick examples that shows the error message. Microsoft already knows this issue and hopefully they can fix it quickly but meanwhile we need to find a workaround or do something else: 1. Uninstall 1604 cmdlets and go back to older version 2. Replace Move-CMObject with your own custom function - http://cm12sdk.net/?p=1006 3. NEW! Use Invoke-CMWmiMethod   In this blog post I will show one example how to use Invoke-CMWmiMethod cmdlet. In this example Im [...]

By | 2016-05-24T15:23:08+00:00 May 24th, 2016|Configuration Manager (SCCM)|0 Comments

SQL Error in SCOM 2016 TP5

I did a pretty clean installation and stumbled on the following Alert in SCOM 2016 TP5: Database connectivity is lost, with details: The EXECUTE permission was denied on the object ‘sp_help_jobactivity, database ‘msdn’, schema ‘dbo’ The following SQL did the fix: (Data Writer Account) use msdb go Grant Execute ON OBJECT::[dbo].[sp_help_jobactivity] To [HQ\OMDWWrite] See you

By | 2016-05-23T20:33:58+00:00 May 23rd, 2016|Operations Manager (SCOM)|3 Comments

Creating ConfigMgr Servicing Plans with PowerShell

Last week we got a new set of cmdlets for Configuration Manager and now we have the ability to create Servicing Plans with PowerShell. I put together end-to-end example and with this script you can: Create a folder called Software Updates (cant move Device Collections into a folder because Move-CMObject is broken in latest release) Create 5 Device Collections Create Software Updates Deployment Package Download the necessary upgrade package Distribute the package to a Distribution Point Create 5 different Servicing Plans   ############ WINDOWS 10 SERVICING ###############################     Get-CMWindowsServicingPlan     New-CMWindowsServicingPlan #These cmdlets require Configuration Manager 1511 or newer. $DeploymentPackageName [...]

By | 2016-05-23T16:18:15+00:00 May 23rd, 2016|Configuration Manager (SCCM)|0 Comments

ConfigMgr 1604 new cmdlets

Microsoft released a new set of command-lets for Configuration Manager and all these new cmdlets are also included in the ConfigMgr 1605 TP release. Here are all the new cmdlets: cmdlet Category Notes Get-CMWindowsServicingPlan Software Updates Windows 10 Servicing New-CMWindowsServicingPlan Software Updates Windows 10 Servicing Add-CMServiceConnectionPoint Infrastructure Set-CMServiceConnectionPoint Infrastructure Remove-CMServiceConnectionPoint Infrastructure Get-CMServiceConnectionPoint Infrastructure Remove-CMCertificateRegistrationPoint Infrastructure Set-CMCertificateRegistrationPoint Infrastructure Add-CMCertificateRegistrationPoint Infrastructure Get-CMCertificateRegistrationPoint Infrastructure Invoke-CMDeviceAction Resource Management Get-CMDeviceActionState Resource Management Add-CMIntuneSubscription MDM / Hybrid Set-CMIntuneSubscription MDM / Hybrid Get-CMIntuneSubscription MDM / Hybrid Remove-CMIntuneSubscription MDM / Hybrid Add-CMMdmEnrollmentManager MDM / Hybrid Remove-CMMdmEnrollmentManager MDM / Hybrid Get-CMMdmEnrollmentManager MDM / Hybrid New-CMApnsCertificateRequest MDM / Hybrid New-CMDepTokenRequest [...]

Links from our MMS ConfigMgr precon session

Thanks for all the questions and tweets during the opening session yesterday. Jason, Anne and I really enjoyed the afternoon. As promised here are the links from the session. Update 1605 for Configuration Manager Technical Preview: https://blogs.technet.microsoft.com/configmgrteam/2016/05/16/update-1605-for-configuration-manager-technical-preview-available-now/ winpe peer caching: http://blog.ctglobalservices.com/kea/win-pe-peer-caching-in-configmgr-current-branch/ Client install failing on management point: http://blog.ctglobalservices.com/kea/configmgr-client-failing-to-install-on-management-point/ Startup script: http://blog.configmgrftw.com/configmgr-client-startup-script/ SQL XL sheet: https://t.co/XUXuUfxuaq Cache management example: https://blogs.msdn.microsoft.com/helaw/2014/01/07/configuration-manager-cache-management/ SQL best practice: https://stevethompsonmvp.wordpress.com/2016/02/05/proper-tempdb-creation-for-configuration-manager/ & https://stevethompsonmvp.wordpress.com/2014/05/19/powershell-sql-audit-script/  

By | 2017-08-22T10:28:42+00:00 May 17th, 2016|Configuration Manager (SCCM), Events, SQL|0 Comments