Technet Gallery has been there for almost 15 years for community to share scripts, files, utilities, tools etc for Microsoft Products. With the retirement/closure of Technet Gallery, there are large number of scripts/reports that I have uploaded to Technet for my blog and now am receiving the feedback from the blog readers that they cannot download the files. When you visit any of my blog post and find a link to Technet for sample download, you will be redirected to https://docs.microsoft.com/en-us/samples/browse/?redirectedfrom=TechNet-Gallery which does not help. In this blog post, we will see, how to download the samples from Technet Gallery…
Author: Eswar Koneti
Co-management enables you to concurrently manage Windows 10 devices by using both Configuration Manager and Microsoft Intune. For more information about Co-management, benefits, pre-requisites, licensing, read https://docs.microsoft.com/en-us/mem/configmgr/comanage/overview When you have windows 10 devices that are Azure AD joined, enrolled to Intune, and also co-managed, these devices would appear in Configuration Manager. In this blog post, i will show you how to create a collection for Azure AD joined co-managed devices. When a device is AAD joined and co-managed ( not on-prem domain joined but only the cloud), we will have the tenantID, device ID, domain or group, and other information.…
In this blog post, we will see how to use Microsoft Intune to disable the firewall and network protection notifications that pop-up on windows 10 workstation. The use case could be that, if you have POS devices where you need to disable/hide all notifications. We are not disabling the firewall instead it will be notifications ONLY. To disable the firewall and network protection notifications using Microsoft Intune, we will use configuration service provider (CSP). A configuration service provider (CSP) is an interface to read, set, modify, or delete configuration settings on the device. For a supported CSP’s, please refer Configuration…
This is quick blog post on how to create device collection for computers that are online and showing the green checkmark.When a configuration manager client is installed,it will have the following status code indicating the device. For more information about device client status, please refer hereHow do we create a collection for clients that are online? Collections uses WQL and following is the WQL syntax you can use to create the collection.we will use wmi class called SMS_CollectionMemberClientBaselineStatus which has the client online status information. This information comes from the client notification that uses BGB/fast channel.This collection uses sub-selected query.select…
I had provisioned a windows server 2012 R2 (Yes, it is 2012 R2) and while installing the SCEP client (System Center Endpoint Protection client installation files are picked from current branch 2010), it failed with the following error code. Setup - Cannot complete the System Center Endpoint Protection installation. An error has prevented the System Center Endpoint Protection setup wizard from completing successfully. Please restart your computer and try again. Error code:0x8004FF91. [8004FF91] I have tried various command line switches for SCEP client installation but all returned the same error code. The server was installed with Configuration Manager client 2010…
Starting in Configuration Manager 2010, we can use OS boot media from SCCM to reimage internet-based devices that connect through a Cloud Management Gateway (CMG). Do note that, this method cannot join the devices to domain but only in a workgroup as there is no domain connectivity for internet-based clients. This scenario is useful to support remote workers. Though the devices are in workgroup, these can be managed via Configuration Manager for application deployment, patching, and other features that support a client over CMG. In case of any issues with remote worker windows OS, we can use the OS Boot…
I was recently helping out a customer who had issues with wsuscontent folder size which was about 330GB. This folder size usually around 5-6GB if you are not using standalone WSUS or 3rd party updates for patching.This folder primarily stores the information about.1. Software update end-user license agreement (EULA).2. Microsoft patches for windows and other products for standalone WSUS.3. 3rd party updates In case you have integrated the 3rd party patching tool.The following is the screenshot for the wsuscontent folder size.When the customer reported about the wsuscontent size is huge, the following questions were raised.1. Is it standalone or integrated…
Microsoft 365 endpoints are the set of destination IP addresses, DNS domain names, and URLs for Microsoft 365 traffic on the Internet. To optimize performance to Microsoft 365 cloud-based services, these endpoints need special handling by client browsers and the devices in our edge network. These devices include firewalls, SSL Break and Inspect and packet inspection devices, and data loss prevention systems. By default, there are 3 core services Exchange Online, SharePoint Online & OneDriveForBusiness, and Microsoft Teams. Apart from this, there is a very critical service which is a must needed for Office 365 which is Microsoft 365 Common…