This post is the second part of a two-part series on configuring and deploying the Microsoft Local Administrator Password Solution (LAPS). The first post covered the steps needed to configure Active Directory to support LAPS. That post can be found here . This post will cover the steps needed to enable the LAPS functionally on devices.
Continue reading “Configuring LAPS (Part 2)- Configuring and Deploying Group Policy”
Why is Local Administrator Password Management Needed?
The question of how to deal with users having administrative rights on computers or other network resources is one that has many different answers and has evolved over time. While the scenarios around network and domain administrative access may be more complex, the local administrative rights scenario should be very similar for almost everyone.
Continue reading “Configuring LAPS (Part 1)- Configuring Active Directory”
Have you ever had a deployment or maybe a security change that happened with no one noticing? Maybe you’re working with a team and someone accidentally deployed to the wrong collection. We all have busy schedules, it’s not easy stay on top of changes or deployments in Configuration Manager. Therefore, we need to take advantage of the built-in status system. This post will walk you through creating a status filter rule that sends an email whenever a security setting is created, modified, or deleted in ConfigMgr.
Continue reading “Email Notification for Security Changes in ConfigMgr”
Recently, two new methods for Office 365 SSO have become available: Azure AD Seamless SSO, and Azure AD Domain Join. Active Directory Federation Services (ADFS) had (and still has) its place within Office 365 environments, but it is not nearly as attractive and easy to use as the new methods. Continue reading “Decommission ADFS: How to switch from ADFS to Password Sync for Office 365”
Using web services for OSD is a great way to allow your task sequence to request changes to your ConfigMgr or Active Directory environment even if your devices are running from WinPE. The problem with building web services for many IT administrators is that they either need to find a web service online that has all of the functionality that they need, or they need to learn a web development framework to build their own. I wrote the PowerShell Web Service to help bridge the gap – it allows you to customize all of the available web calls by writing new PowerShell scripts or editing the out of box samples. Continue reading “Customizable OSD PowerShell Web Service”
ImageConnect is Now Micro’s solution for using a customer’s ConfigMgr task sequence to image devices they purchase from us. Internally we give each ImageConnect customer a unique VLAN that’s designed to service PXE requests for their environment. Before 2Pint, we maintained a table mapping customer to VLAN ID and our staff would need to SSH in to the appropriate switch to change the VLAN. This blog post will describe how Now Micro uses the iPXE Anywhere solution from 2Pint Software to help us remove some of the manual steps by automating the VLAN switching process. Continue reading “Improving ImageConnect with 2Pint”
What is first release?
First release is a selective program that any administrator can enroll in to try out new Office 365 features before they roll out to everyone else. This is a part of all Microsoft’s Office 365 plans (with the exception of consumer plans). The features that you receive will be fully functional as they are tested by Microsoft internally before they reach your doorstep. Continue reading “How to Use Office 365 First Release”
So you’ve decided to deploy Office Online Server 2016, but after looking everywhere can’t find where to download it? You’re not alone.
Office Online Server, formerly known as Office Web Apps Server, provides the ability to view and edit Office files in the browser using Skype for Business, Exchange, and SharePoint on premises. Basically the same functionality you get with Office 365. Full details can be found here.
Continue reading “Where to download Office Online Server 2016”
With the release of ConfigMgr 1610 came the ability to transition from MBR (legacy) to UEFI in a single task sequence. This is an awesome feature and it is outlined nicely here. And, it works great. 🙂
Let’s dig into each of these steps:
Continue reading “1610 Legacy to UEFI Conversion”
Significantly reduce the time needed to create usable boot media and remove one of the bigger barriers to updating the ADK you are using. Adding the network and storage drivers you need to newly created boot media.
With the new “Current Branch” model of ConfigMgr and Windows 10 we can expect a faster release cycle of the ADK, which means new boot images pretty regularly! Creating new boot media is really simple. However, reimporting all of your required drivers into that boot image can be a real chore. Here is a script that that identifies the drivers in a source boot image and imports them into a destination image. Give it a spin and give me some feedback.
Continue reading “How to import boot image drivers from your exiting boot image”