I have recently converted my hybrid Azure ad joined device to an Entra joined device (wipe the device and use autopilot) . While most tasks worked seamlessly, I encountered an issue with accessing the Active Directory Users and Computers MMC console. This blog post outlines the problem and provides a simple solution. After successfully converting my device to Entra join and ensuring it's connected to the corporate network, I faced an unexpected challenge when trying to access the Active Directory Users and Computers MMC console (you can also use dsa.msc from the run command. RSAT tools must be installed on…
Author: Eswar Koneti
If you've been following Aria Carley on Twitter (X), you're likely familiar with the intriguing world of #funfacts. Aria Carley, a Program Manager for Windows Update for Business at Microsoft, regularly shares insights about the realm of Windows Update for Business (WUfB). Her Twitter feed is a filled up with valuable information, and in this blog post, I will compile a collection of the most interesting #funfacts she has shared over time. As we journey through this post, I will continually update it with the latest and most intriguing #funfacts about WUfB. Some of these funfacts even include Twitter links,…
Introduction: Microsoft has recently rolled out Windows 11, Version 23H2, which is available as an enablement package for Windows 11, Version 22H2 OS. For more information https://learn.microsoft.com/en-us/windows/whats-new/whats-new-windows-11-version-23h2 In this blog post, we'll discuss a scenario where a customer needed to downgrade from Windows 11 23H2 to 22H2 for internal security reasons. Additionally, we'll explore the steps taken to implement safeguard hold policies using Microsoft Intune for effective Windows device management. The customer utilizing Microsoft Intune for managing Windows devices encountered challenges when their devices automatically upgraded to Windows 11 23H2, impacting internal security. To address this (Downgrading Windows 11 23H2…
Introduction:Microsoft Delivery Optimization (DO) is a powerful feature integrated into Windows 10 and Windows 11, designed to enhance the distribution of updates and applications across devices within a networkDelivery Optimization (DO) leverages peer-to-peer distribution model and It basically serves to reduce the bandwidth usage by sharing the content with each other and speed up the delivery of updates to devices.Delivery Optimization Download request flow Delivery Optimization client-service communication - Windows Deployment | Microsoft LearnFor more information about Delivery Optimization, please read What is Delivery Optimization? - Windows Deployment | Microsoft LearnRecent Implementation:In a recent assignment, I collaborated with a customer…
In a modern organization, managing Windows devices can be a complex undertaking. Fortunately, Microsoft Intune offers a suite of powerful tools that streamline device management, ensuring your endpoints remain secure and compliant. However, the need often arises to retrieve specific data from Intune for a list of devices. For example, you might want to validate whether a set of devices exists in Intune, check their MDM status, assess disk space availability, or review their last interaction with Intune. While accessing this information for one or two devices can be done directly in the Intune portal, the process becomes tedious when…
Verbose logging is a powerful tool that provides a detailed record of events, actions, and errors, making it invaluable for troubleshooting, diagnosing issues, and monitoring activities. When enabled, verbose logging offers an enhanced view of what's happening within client, offering deeper insights that can prove essential for IT administrators and support person. By default, SCCM keeps verbose logging disabled. This conservative approach is to prevent generating extensive log files, However, when tackling complex problems or investigating unusual behavior, verbose logging becomes an essential ally. Here, we'll explore how to enable and disable verbose logging at the client level in SCCM…
If you are managing windows devices using SCCM, you know the level of control it offers for the reboot experience through the client settings and the timely notification of impending reboots. SCCM excels at ensuring users are well-informed about scheduled tasks, with toast notifications that are hard to miss. However, when transitioning your Windows patching tasks to Intune (windows update for business) or adopting Intune for device management, you may notice a difference in the reboot experience. The controls for end-user experience are limited (especially the remainders). In this blog post, we will explore options and settings that can help…
Blog post updated on 23 Oct, 2023 Problem: Few weeks ago ,colleague of mine was trying to perform patch management on bulk number of clients (servers) as monthly patching ,as part of it he made sure the maintenance window was in place, deployment was set rightly for software updates deployment. Maintenance window started ,patches started installing and after a while ,he logged in ( browse the reports ) to check the status for deployed patches (software update groups) using reports. He found that, 30-40% was compliant and rest of them non-compliant (majority) /unknown (very few) . By the time ,he…