Troubleshooting Certificate deployment on iOS devices with ConfigMgr & Intune

Last week I had an issue trying to enroll certificates thru ConfigMgr/Intune via NDES on iOS devices. The enrollment worked like a charm on Windows Phone 8.1 devices. The error I got in the crp.log file (Certificate Reqistration Point component) was key usage in CSR 160 and challenge 224 do not match To fix the issue you have to modify the certificate NDES General Purpose certificate template and remove Signature in proof of origin. You will find the property in Extensions After that iOS devices started appying the certificates.

By |2014-11-11T15:29:49+01:00november 11th, 2014|Configuration Manager (SCCM)|Kommentarer lukket til Troubleshooting Certificate deployment on iOS devices with ConfigMgr & Intune

Change Temporary Location for SCCM Media Creation

When you create Task Sequence media in Configuration Manager, the environment variable TMP is used to locate temporary storage for the creation process. By default this points to the users temp folder, which is usually on C: drive with limited space. While this is normally not a problem for creating an online boot media, creating offline media with many driver packages, software packages etc. you are bound to run into trouble. It is not only the Create TS Media wizard that uses this location, is also used when a WIM file needs to be mounted, so every time you create [...]

By |2014-10-28T09:47:36+01:00oktober 28th, 2014|Configuration Manager (SCCM), General info|7 Comments

SCO 2012 – Reading the last line of a MDT – BDD.log file

Today at my class a student tried to read the last line of a BDD.log file using the “Read Line” activity and setting the lines to “LASTLINE:1” This is the usual method for reading a text file, and it usually works! but in this case we got a weird result! not only one, but 8 lines was read and when we tested on another file, the output was 12 lines!   concluding that the “Read Line” activity must have some kind of bug, we switched to a PowerShell Script: $FilePath = "\\SERVER01\MDTLogs\BDD.local" $LastLine = Get-Content $FilePath | Select-Object -Last 1 [...]

By |2014-10-27T11:52:24+01:00oktober 27th, 2014|Automation|Kommentarer lukket til SCO 2012 – Reading the last line of a MDT – BDD.log file

SCOM 2012 R2 Crossplatform UI Error

Symptom If you have patched/updated your SCOM 2012 R2 environment and are getting the UI Error below – typically when trying to create new Linux Monitors/Rules or one of the Linux/Unix Syntethic Transactions.     Resolution Upgrade your Linux/Unix management packs. Download the new Linux/Unix MPs from> http://www.microsoft.com/en-us/download/details.aspx?id=29696 Import the following management packs: And of cause your MPs for the Linux/Unix built you need. Try to create the Linux script monitor again…  And now it Works…. Have a great day

By |2014-10-08T00:01:23+01:00oktober 8th, 2014|Operations Manager (SCOM)|Kommentarer lukket til SCOM 2012 R2 Crossplatform UI Error

Using Server V.Next as a ConfigMgr 2012 R2 CU3 site system role

Does it work? Sure it does, is it supported? – No way In my test I deployed the new Windows Server Technical Preview 9841, installed the distribution point, management point and software update point requirements. Here you see the distmgr.log file distributing content to my cm03.corp.viamonstra.com distribution point – notice the server version number. Windows 10 client downloading from the Server vNext distribution point Management Point works like a charm Application Catalog point running from a Windows 10 client Software update point configured as the second SUP works. The SUP is installed using the same shared database as my Windows [...]

By |2014-10-02T12:07:20+01:00oktober 2nd, 2014|Configuration Manager (SCCM)|Kommentarer lukket til Using Server V.Next as a ConfigMgr 2012 R2 CU3 site system role

Windows 10 as ConfigMgr 2012 R2 client

No, the client is not supported and yes it works with most of the features. In my case I used Jason Sandy’s startup script to get my client installed. Here is a few screenshots of what I have tested so far: Client is installed and assigned The Application Catalog feature works Application and package deployment works like a charm Compliance Settings tested and working Inventory works Software Update scanning works OS deployment works – just check the blog post from Johan Arwidmark - http://www.deploymentresearch.com/Research/tabid/62/EntryId/192/Beyond-unsupported-Deploying-Windows-Technical-Preview-with-MDT-2013.aspx

By |2014-10-02T11:45:29+01:00oktober 2nd, 2014|Configuration Manager (SCCM)|1 Kommentar

Configuration Manager 2012 SP1 and R2 PowerShell Provider

Updated 23.03.2015! As you might have already noticed that Configuration Manager PowerShell Provider is lot like Active Directory, Registry etc. provider. To run a cmdlet you need to be inside CMSITE. If you are still using SP1+, then: 1. you can´t use New-Item cmdlet to create folders 2. you can´t set the location to sub folders 3. Get-ChildItem does not work at all If you are using R2+, then 1. You can use New-Item to create folders 2. You can change the location i.e. sub folders etc. 3. Get-ChildItem only prints out folder objects but not collections, applications etc. inside [...]

By |2014-09-30T10:13:45+01:00september 30th, 2014|Configuration Manager (SCCM), Powershell, Scripting & Development|Kommentarer lukket til Configuration Manager 2012 SP1 and R2 PowerShell Provider

Activate local Admin account – or why you need BitLocker!

While this is not a newly discovered hack, I feel that we can not stress the importance of using Bitlocker to encrypt our hard drives. If you like me encounter customers that still runs their computers unencrypted, and don’t see the need for encryption. just use the following guide to show them how easy it is to activate the local administrator account and reset its password. Step 1 Show the customer that the local administrator account is disabled. (or that you don’t know the password). Step 2 Boot from any bootable media, such as the original installation media, Ultimate Boot [...]

By |2014-09-26T14:32:36+01:00september 26th, 2014|Operating Systems, OS Deployment, Security|8 Comments

Jeg taler på Microsoft Campus Days 2014

(sorry for the danish, but this is a DK event ;-))   Jeg er igen i år så heldig at jeg har fået lov at tale på Microsoft Campus Days 2014 i København!   Info om min session: System Center Orchestrator 2012 R2 & Windows Azure Pack – Introduktion til Service Management Automation Service management automation er en ny del af System Center Orchestrator 2012 R2 og det bygger på PowerShell! Få en introduktion til systemet, mulighederne og et start-til-slut eksempel på en Runbook i SMA. Denne session bliver leveret af Jakob G. Svendsen, Co-Founder af PowerShell User Group Danmark. [...]

By |2017-08-22T10:37:34+01:00september 25th, 2014|Events|Kommentarer lukket til Jeg taler på Microsoft Campus Days 2014

Service Management Automation: SMA Toolkit Released!

Microsoft has collected all of their SMA tools into one tookit called “SMART”   Info from their technet gallery item: The SMA Runbook Toolkit (SMART) is a collection of Service Management Automation (SMA) related tools. They are all PowerShell-based and provided as samples, to help achieve the following tasks:   Visualization and Dependency Mapping Tool 1.0 – New! This tool lets you browse SMA Runbooks and export their dependencies to the PowerShell console, Visio, Word and/or Visual Studio. Once runbook tendencies have been computed, the Visual Studio export is particularly fast and has a nice automatic layout in DGML. This [...]

By |2017-08-22T09:25:52+01:00september 23rd, 2014|Automation, Windows Azure Pack (WAP)|Kommentarer lukket til Service Management Automation: SMA Toolkit Released!

PowerShell Deployment Toolkit: Windows Azure Pack install fails

I am a big fan of PDT but I have been trying to install Windows Azure Pack and the complete system center using PowerShell Deployment Toolkit Using the newest version (currently version 2.64.2611) it fails installing the Windows Azure Pack components! Luckily i found the error: Use a password for the installer user that follows the rules for Windows Azure Pack Minimum 8 chars Include at least one upper case letter and one lower case. include at least one number Include at least one non-alphanumeric. (In my case i was missing this! .. so added a ! to the password) [...]

By |2014-09-23T14:16:47+01:00september 23rd, 2014|Powershell, Windows Azure Pack (WAP)|2 Comments

New 3-day Workshop: Windows Azure Pack: Mastering Service Management Automation (SMA)

I am currently in development of my new mastering class in SMA. Here is the detailed info and upcoming dates Title Windows Azure Pack - Mastering Service Management Automation Days 3 Level 300 Trainer Jakob Gottlieb Svendsen, Cloud & Data Center MVP. Email: [email protected] MVP Profile: https://mvp.microsoft.com/en-us/mvp/Jakob%20Gottlieb%20Svendsen-5000333 Blog: https://blog.ctglobalservices.com/jgs Summary Go from A to Z in Service Management Automation. The new automation tool based on PowerShell Workflows. Beside the introduction, architecture and installation, this workshop focuses on designing Runbooks using PowerShell Workflows in SMA. Learn how to convert your knowledge of PowerShell scripts to PowerShell Workflows. We will start from [...]

By |2017-08-22T09:25:52+01:00september 23rd, 2014|Automation, Windows Azure Pack (WAP)|1 Kommentar

Scripts and links from my sessions @IT/Dev connections

A big thanks to all who attended at our sessions. Below are the links to the scripts and blog post we referenced during the session. Hope to see you all again next year! Managing Configuration Manager with PowerShell [download id="217"] Building Custom Tools Using PowerShell [download id="216"] Truly Better Together: Configuration Manager 2012 R2 and PowerShell [download id="215"] Quick and Dirty – Build Configuration Manager 2012 Admin Console Extensions automatically - http://cm12sdk.net/?p=2299 Configuration Manager 2012 R2 Developer Excel Sheet - http://cm12sdk.net/?p=2326 Does Your Hard Work Advance the Ecosystem? - http://blogs.msdn.com/b/powershell/archive/2011/02/07/does-your-hard-work-advance-the-ecosystem.aspx Coretech Collections Tool - https://blog.ctglobalservices.com/kaj/coretech-configuration-manager-2012-r2-powershell-automation-module-0-1/ Before you start using these script examples on your production environment, please make [...]

By |2014-09-21T20:10:39+01:00september 21st, 2014|Configuration Manager (SCCM), Powershell, Scripting & Development|Kommentarer lukket til Scripts and links from my sessions @IT/Dev connections

Links and downloads from SCU 2014 in Basel

Below is a list of the links and scripts that I used in my two sessions today on Compliance Management and Troubleshooting ConfigMgr. Compliance examples – download Configuration Manager Support Center: http://www.microsoft.com/en-us/download/details.aspx?id=42645 Microsoft System center 2012 R2 Configuration Manager Toolkit: http://www.microsoft.com/en-us/download/details.aspx?id=36213 Optimizing ConfigMgr database: http://stevethompsonmvp.wordpress.com/2013/05/07/optimizing-configmgr-databases/ Background on maintenance task: http://stevethompsonmvp.wordpress.com/2013/04/19/how-to-determine-if-the-configmgr-rebuild-indexes-site-maintenance-task-is-running/ Configuring SQL Backup and recovery, includes link to demo: http://stevethompsonmvp.wordpress.com/2014/02/24/configmgr-2012-site-backup-and-recovery-overview/ Autmating the WSUS Cleanup process https://blog.ctglobalservices.com/kea/house-of-cardsthe-configmgr-software-update-point-and-wsus/ SQL PowerShell audit script http://stevethompsonmvp.wordpress.com/2014/05/19/powershell-sql-audit-script/ Splitting existing ConfigMgr database into multiple SQL files http://myitforum.com/cs2/blogs/jnelson/archive/2009/07/27/140199.aspx Pre-creating the database before installing Configmgr – download script SQL Script to for fragmentation on the SQL DB   Checking [...]

By |2014-09-19T18:30:27+01:00september 19th, 2014|Configuration Manager (SCCM), General info|4 Comments

Monitoring Exchange 2013

With Exchange 2013 a new way of monitoring workloads appeared, at least in the windows world. Managed Availability is the name and my guess is, that we will see more of this type of monitoring going forward. As a SCOM administrator you have limited possibilities of creating overrides for Exchange 2013 monitoring. This must be done by an Exchange administrator in the Exchange Management Shell, but you still need to know how this is done so you can work with the Exchange administrator to tweak the default monitoring configuration. I recommend reading these articles to begin with: Understanding how Exchange [...]

By |2014-09-18T13:54:06+01:00september 18th, 2014|Operations Manager (SCOM)|4 Comments

Scripts and links from the ConfigMgr 2012 Site Review session @IT/Dev connections

A big thanks to all who showed up at our session, Steve and I had a fantastic time and could easily have gone on for 75 more minutes Below are the links to the scripts and blog post we referenced during the session. Hope to see you all again next year! Optimizing ConfigMgr database: http://stevethompsonmvp.wordpress.com/2013/05/07/optimizing-configmgr-databases/   Background on maintenance task: http://stevethompsonmvp.wordpress.com/2013/04/19/how-to-determine-if-the-configmgr-rebuild-indexes-site-maintenance-task-is-running/   Configuring SQL Backup and recovery, includes link to demo: http://stevethompsonmvp.wordpress.com/2014/02/24/configmgr-2012-site-backup-and-recovery-overview/   Autmating the WSUS Cleanup process https://blog.ctglobalservices.com/kea/house-of-cardsthe-configmgr-software-update-point-and-wsus/ SQL PowerShell audit script http://stevethompsonmvp.wordpress.com/2014/05/19/powershell-sql-audit-script/

By |2014-09-18T11:58:08+01:00september 18th, 2014|Configuration Manager (SCCM), General info|1 Kommentar

Links from the ConfigMgr 2012 R2 precon @IT/Dev Connections

Thanks for a great day @Aria in Las Vegas. As promised here are the links we (@Jarwidmark and @Agerlund) mentioned during our preconference: Pre-creating the database using this script SQL backup and restore http://stevethompsonmvp.wordpress.com/2014/02/24/configmgr-2012-site-backup-and-recovery-overview/ Software Update Report dashboard rdl file Software Update step-by-step: http://blogs.technet.com/b/gary_simmons_mcs/archive/2013/12/09/creating-a-custom-report-for-system-center-2012-r2-configuration-manager-part-1.aspx PowerShell Script to set permissions in Active Directory for OSD http://www.deploymentresearch.com/Research/tabid/62/EntryId/160/PowerShell-Script-to-set-permissions-in-Active-Directory-for-OSD.aspx Hydration for System Center 2012 R2 http://www.deploymentresearch.com/Research/tabid/62/EntryId/149/The-Hydration-Kit-for-System-Center-2012-R2-is-available-for-download.aspx Script for Deploying a reference image (VM) fully unattended http://www.deploymentresearch.com/Research/tabid/62/EntryId/172/Deploying-a-reference-image-VM-fully-unattended.aspx Link to Jason Sandy's startup script for ConfigMgr Client: http://blog.configmgrftw.com/configmgr-client-startup-script/ Video - Compliance Settings and Control End–User Installed Software http://channel9.msdn.com/Events/MMS/2013/UD-B307 Coretech Configuration Manager shutdown utility https://blog.ctglobalservices.com/kea/configuration-manager-shutdown-utility/ How to [...]

By |2014-09-17T14:41:21+01:00september 17th, 2014|Configuration Manager (SCCM)|1 Kommentar

Store encrypted password in a PowerShell script

I write a lot of PowerShell scripts where I need to access different kinds of services, servers and databases. Often these scripts needs to run on schedules in the background and so on. Instead of having cleartext passwords scattered throughout the scriptfile I like to store a securestring version of the password in the script. Normally you would build a credential object using something like this $username = "domain\admin" $password = "password" | ConvertTo-SecureString -AsPlainText -Force $cred = New-Object -typename System.Management.Automation.PSCredential -argumentlist $username, $password That means that anyone who can open and read the scriptfile, will know what the password [...]

By |2017-09-07T22:55:56+01:00september 10th, 2014|Powershell|17 Comments

Generate Random Timeslot for scheduled tasks

I was tasked to create a PS script that created a Windows Server Backup policy with a random start time I came up with the following script for the random start time bits. function Get-TimeSlot($startTime, $EndTime) { $timeslots = @() for ($i = $startTime; $i -ne $EndTime; $i++) { if ($i -eq 24) { $i = 0 } $timeslots += $i } $timeslot = "$(Get-Random $timeslots):00" return $timeslot } Get-TimeSlot -startTime 20 -EndTime 4 There might be a more Powershell’ish way of doing this, but it gets the job done.

By |2018-01-24T23:11:07+01:00september 10th, 2014|Powershell|3 Comments

House of Cards–The ConfigMgr Software Update Point and WSUS

A Card house; fun to build but not very solid and when one card falls the whole house often goes down with it. It’s a little like that with the WSUS server and Configuration Manager. Installing WSUS seems so easy but there are still some moving part, and if you get one of the wrong maybe the whole House of Cards falls. Recently I have seen that happen at several customers. This blog post is divided into 3 parts: 1. Introduction 2. Problem overview and symptoms 3. Solutions to fix issues and avoid it in the future Let’s start by [...]

By |2014-09-10T14:38:25+01:00september 10th, 2014|Configuration Manager (SCCM), General info|50 Comments

3rd party updates & Compliance using Secunia and System Center 2012 ConfigMgr

This is the 3rd and final post in my series of Secunia CSI and System Center 2012 Configuration Manager integration. Part 1 focused on installing and configuring, Part 2 focused on deploying and installing 3rd party software updates. This blog post will introduce you to the monitoring options in the product. You can monitor compliance in either ConfigMgr or in Secunia CSI. The difference between the two is ConfigMgr will only show you compliance about the updates you have published to WSUS where CSI will list compliance for all applications found on the systems. Tracking compliance in CSI In CSI [...]

By |2014-09-05T14:33:47+01:00september 5th, 2014|Configuration Manager (SCCM)|Kommentarer lukket til 3rd party updates & Compliance using Secunia and System Center 2012 ConfigMgr