SCCM Collection for devices online with green checkmark

This is quick blog post on how to create device collection for computers that are online and showing the green checkmark. When a configuration manager client is installed,it will have the following status code indicating the device. For more information about device client status, please refer here How do we create a collection for clients…
System Center Endpoint Protection (SCEP) Installation Error code 0x8004FF91

I had provisioned a windows server 2012 R2 (Yes, it is 2012 R2) and while installing the SCEP client (System Center Endpoint Protection client installation files are picked from current branch 2010), it failed with the following error code. Setup - Cannot complete the System Center Endpoint Protection installation. An error has prevented the System…
Troubleshooting WSUSContent folder size when it grows bigger and bigger

I was recently helping out a customer who had issues with wsuscontent folder size which was about 330GB. This folder size usually around 5-6GB if you are not using standalone WSUS or 3rd party updates for patching. This folder primarily stores the information about. 1. Software update end-user license agreement (EULA). 2. Microsoft patches for…
How to monitor Microsoft 365 endpoint URLs using PowerShell

Microsoft 365 endpoints are the set of destination IP addresses, DNS domain names, and URLs for Microsoft 365 traffic on the Internet. To optimize performance to Microsoft 365 cloud-based services, these endpoints need special handling by client browsers and the devices in our edge network. These devices include firewalls, SSL Break and Inspect and packet…
Exploring Azure AD Continuous Access Evaluation (CAE) in real time

Microsoft Azure Active Directory and Office 365 uses open standards and protocols such as OpenID Connect (OIDC) for authentication and OAuth 2.0 for authorization. In Azure Active Directory, when a client application like Outlook connects to a service like Exchange Online, the API requests are authorized using OAuth 2.0 access tokens. By default, these access…
Managing windows updates using Configuration Manager and Group policy

When a Configuration Manager client is installed and configured to use the software updates agent, it will automatically configured with a local Group Policy setting that specifies the Configuration Manager software update point. The Group Policy setting used is the intranet Microsoft update service location, specified as a Windows Update computer administrative template. The following…
Using Configuration Manager to perform Network Connectivity Tests for Microsoft Teams

Introduction: I was recently working on project performing the network assessment for teams call quality issues. The network assessment is being done using the free tool provided by Microsoft which is Skype for Business Network Assessment Tool (can be downloaded from Microsoft site). The Microsoft Network Assessment Tool provides the ability to perform a simple…