Introduction: In recent weeks, I was working on a project to transition devices from Citrix VDI to the Azure Virtual Desktop (AVD) platform, managing all AVD devices using Microsoft Intune as the device endpoint solution. While the AVD devices had the SCCM (MECM) agent installed, I encountered a noteworthy issue with Windows Update for Business (WUfB) that led me to an interesting discovery and a solution. WUfB Delay Issue: Upon provisioning and enrolling AVD devices in Intune, I observed a delay in the WUfB scan, with the devices not reporting to the WUfB service (Log Analytics) for several days. Despite…
Author: Eswar Koneti
Introduction: Microsoft Intune provides efficient way to deploy configuration settings across device fleets, offering reporting capabilities for successful, failed, or not applicable status for specific configuration profiles. However, understanding the applied settings on a per-device basis and identifying the governing configuration profile can be challenging. To see a list of configuration profiles that assigned to a device, you can go to intune, search for a device, and find the list of device configuration with status but this view doesn't tell you any settings inside the configuration profile and also no searching capabilities available. This makes thigs very complicate if you…
I have recently converted my hybrid Azure ad joined device to an Entra joined device (wipe the device and use autopilot) . While most tasks worked seamlessly, I encountered an issue with accessing the Active Directory Users and Computers MMC console. This blog post outlines the problem and provides a simple solution. After successfully converting my device to Entra join and ensuring it's connected to the corporate network, I faced an unexpected challenge when trying to access the Active Directory Users and Computers MMC console (you can also use dsa.msc from the run command. RSAT tools must be installed on…
If you've been following Aria Carley on Twitter (X), you're likely familiar with the intriguing world of #funfacts. Aria Carley, a Program Manager for Windows Update for Business at Microsoft, regularly shares insights about the realm of Windows Update for Business (WUfB). Her Twitter feed is a filled up with valuable information, and in this blog post, I will compile a collection of the most interesting #funfacts she has shared over time. As we journey through this post, I will continually update it with the latest and most intriguing #funfacts about WUfB. Some of these funfacts even include Twitter links,…
Introduction: Microsoft has recently rolled out Windows 11, Version 23H2, which is available as an enablement package for Windows 11, Version 22H2 OS. For more information https://learn.microsoft.com/en-us/windows/whats-new/whats-new-windows-11-version-23h2 In this blog post, we'll discuss a scenario where a customer needed to downgrade from Windows 11 23H2 to 22H2 for internal security reasons. Additionally, we'll explore the steps taken to implement safeguard hold policies using Microsoft Intune for effective Windows device management. The customer utilizing Microsoft Intune for managing Windows devices encountered challenges when their devices automatically upgraded to Windows 11 23H2, impacting internal security. To address this (Downgrading Windows 11 23H2…
Introduction:Microsoft Delivery Optimization (DO) is a powerful feature integrated into Windows 10 and Windows 11, designed to enhance the distribution of updates and applications across devices within a networkDelivery Optimization (DO) leverages peer-to-peer distribution model and It basically serves to reduce the bandwidth usage by sharing the content with each other and speed up the delivery of updates to devices.Delivery Optimization Download request flow Delivery Optimization client-service communication - Windows Deployment | Microsoft LearnFor more information about Delivery Optimization, please read What is Delivery Optimization? - Windows Deployment | Microsoft LearnRecent Implementation:In a recent assignment, I collaborated with a customer…
In a modern organization, managing Windows devices can be a complex undertaking. Fortunately, Microsoft Intune offers a suite of powerful tools that streamline device management, ensuring your endpoints remain secure and compliant. However, the need often arises to retrieve specific data from Intune for a list of devices. For example, you might want to validate whether a set of devices exists in Intune, check their MDM status, assess disk space availability, or review their last interaction with Intune. While accessing this information for one or two devices can be done directly in the Intune portal, the process becomes tedious when…
Verbose logging is a powerful tool that provides a detailed record of events, actions, and errors, making it invaluable for troubleshooting, diagnosing issues, and monitoring activities. When enabled, verbose logging offers an enhanced view of what's happening within client, offering deeper insights that can prove essential for IT administrators and support person. By default, SCCM keeps verbose logging disabled. This conservative approach is to prevent generating extensive log files, However, when tackling complex problems or investigating unusual behavior, verbose logging becomes an essential ally. Here, we'll explore how to enable and disable verbose logging at the client level in SCCM…