Update scan failed due to Group policy settings were overwritten by a higher authority

Few years ago, I have blogged about the client update scan failure due to GPO’s. https://eskonr.com/2014/10/sccm-configmgr-2012-software-update-scan-error-group-policy-settings-were-overwritten-by-a-higher-authority-error-code-0x87d00692/ Introduction: When the software update point is configured for a site, client computers receive a machine policy that provides the active software update point server name (WSUS) and configures the Specify intranet Microsoft update service location local policy on…
SCCM Software Update installation failed with error code 0x87D00664

I was approached by a customer who had issues deploying the March 2022 windows 10 cumulative updates. The error code and the screenshot is provided below. The software updates are failed with error code 0x87D00664 (-2016410012). The error code 0x87D00664 translates to ‘Updates handler job was cancelled’. There could be several reasons why the updates…
How to deploy Microsoft Store apps (offline) using Microsoft Endpoint Manager

Microsoft Endpoint Manager (ConfigMgr & Intune) allows us to configure and deploy the Microsoft Store apps. For more information, please read through ConfigMgr  and Intune . In my recent engagement with customer, there is need to deploy Microsoft store app (offline) using Configuration Manager as there is no integration with store for business. Online: This…
SCCM Collections for devices with pending reboot

Long ago, I wrote a blog post on a report for finding the devices with pending reboot, more information is available on https://eskonr.com/2019/01/sccm-report-get-list-of-devices-with-pending-reboot-in-a-collection-with-different-states/ I was recently working on checking the compliance of the devices in SCCM for windows patching and I could see that the software update compliance is not that great due to various…
Use PowerShell to audit the Conditional Access Policies and alert via email

Conditional Access in Azure Active Directory needs no introduction. To read more information about Conditional Access, please refer to https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview In my recent assignment, there was an ask to back up the conditional access policies every day and also notify through email for a list of conditional policies that are created or modified in the…
SCCM Right Click Tool Managed workloads of co-managed device

Co-management (cloud attach) enables you to manage Windows 10 or later devices simultaneously by using both Configuration Manager and Microsoft Intune. For more information about co-management, please refer here. For a device to be co-managed, one of the pre-requisite is Windows devices must be connected to Azure AD using Hybrid Azure AD joined or Azure…
SCCM Right click tools–find missing updates of a client

Managing software updates and creation of custom reports in ConfigMgr is OCEAN. You have so much data to visualize based on your needs. One of the very common requirements or reports is, find out the missing/required updates of a device that is managed by SCCM. If you have not moved the device management solution to…