This post is the second part of a two-part series on configuring and deploying the Microsoft Local Administrator Password Solution (LAPS). The first post covered the steps needed to configure Active Directory to support LAPS. That post can be found here . This post will cover the steps needed to enable the LAPS functionally on devices.
Continue reading “Configuring LAPS (Part 2)- Configuring and Deploying Group Policy”
Have you ever had a deployment or maybe a security change that happened with no one noticing? Maybe you’re working with a team and someone accidentally deployed to the wrong collection. We all have busy schedules, it’s not easy stay on top of changes or deployments in Configuration Manager. Therefore, we need to take advantage of the built-in status system. This post will walk you through creating a status filter rule that sends an email whenever a security setting is created, modified, or deleted in ConfigMgr.
Continue reading “Email Notification for Security Changes in ConfigMgr”
Using web services for OSD is a great way to allow your task sequence to request changes to your ConfigMgr or Active Directory environment even if your devices are running from WinPE. The problem with building web services for many IT administrators is that they either need to find a web service online that has all of the functionality that they need, or they need to learn a web development framework to build their own. I wrote the PowerShell Web Service to help bridge the gap – it allows you to customize all of the available web calls by writing new PowerShell scripts or editing the out of box samples. Continue reading “Customizable OSD PowerShell Web Service”
The script can be found here
Deploying an updated Office installation has always been an annoyance of mine. It is ideal to be able to deploy a fully updated Office installation so you don’t have to run a software update scan and then wait for all the office patches to download and install. Having to install less software updates can reduce your deployment or build and capture times significantly.
Continue reading “Maintaining Your Office 2016 Installation Source”
It’s a DevOps world, and that means the pace of change is only going to keep accelerating. But what direction is that change going to take? You are the biggest part of that answer.
Feedback Driven Change
The ConfigMgr and Intune teams are laser focused on customer feedback and data to drive decision making. We see evidence of that in every single major release and minor technical preview. Participating in the processes means that you help shape Continue reading “ConfigMgr and Intune Feedback”
Purchasing imaged devices from vendors can be a hassle. Often times the images sent to the vendor need to be produced differently from the normal image deployment process, leading to extra work for the IT department. Additionally, the images the vendor uses are quickly out of date as new updates, drivers, or applications are applied to the image deployment process. In a typical VAR scenario, a vendor is given a point-in-time snapshot of the image. These snapshots work great for deploying to new systems, but they become out-of-date in short order. With ImageConnect, WIMs are no longer shipped manually to the vendor. We utilize your existing System Center Configuration Manager environment to make sure Now Micro’s production facility always has the most up-to-date version of your image. Since the devices are deployed in the same way as you would deploy them in house, they are ready to ship directly to the end user. When utilizing ImageConnect, the I.T. department no longer needs to finish the image deployment process in house by manually joining the domain, encrypting the devices, or running Windows updates.
Continue reading “Effective Imaging using SCCM with ImageConnect”
Locking down devices can be a difficult task. Even when we take administrator permissions away, our users still find ways to defeat our best intentions. When we restrict things too much, we run the risk of making the device unusable. One way we could prevent configuration drift is by reverting the device to a known-good state at every reboot. There are many solutions that take this approach, but often times they fall short with ConfigMgr managed devices. When combining ConfigMgr with state reset software, administrators need to take extra precautions to ensure their devices are patched, have the latest malware definitions, and maintain healthy ConfigMgr clients. Often ConfigMgr administrators are forced to schedule unlock intervals to allow their workstations to receive these updates.
Continue reading “StateLocker: Configuring the Unified Write Filter from within ConfigMgr”
The Configuration Manager Console is the primary tool used to manage an organization’s Configuration Manager environment. Currently, when using the ConsoleSetup.exe file to install the Configuration Manager Console silently, the R2 RTM version of the console is installed. Also, the Report Viewer is left out of the install. Now Micro’s team of expert engineers presents the process for creating a Configuration Manager application that will silently install the console and the report viewer while also applying the latest cumulative update.
Continue reading “Deploying the ConfigMgr Console as a ConfigMgr Application”
The Windows Management Framework 4.0 is an update for devices running Windows 7 SP1, Windows Embedded 7, Windows Server 2008 R2 SP1, and Windows Server 2012. It allows these operating systems to gain some of the new improvements and functionality available in Windows 8.1 and Windows Server 2012 R2.
Continue reading “Deploying Windows Management Framework 4.0 with ConfigMgr”
Deploying .NET Framework 4.5.2 as a Package/Program has always been a possibility, and now it can even be deployed with Software Update Management as a feature pack. But, since the .NET Framework’s only purpose is to support other applications, it makes a lot of sense to be able to deploy it using the Application Model in Configuration Manager. This means the .NET Framework can be defined as a prerequisite for another application. Having .NET Framework 4.5.2 ready to go as an application means any requirement can be covered .NET Framework 4 or above.
The offline installer can be downloaded here from Microsoft.
Continue reading “Deploying .NET Framework 4.5.2 as a ConfigMgr Application”