All about Microsoft Endpoint Manager

Addressing SCCM Software Update Deployment Challenges with PowerShell – Remote install

Blog post updated on 23 Oct, 2023 Problem: Few weeks ago ,colleague of mine was trying to perform patch management on bulk number of clients (servers) as monthly patching ,as part of it he made sure the maintenance window was in place, deployment was set rightly for software updates deployment. Maintenance window started ,patches started…

SCCM Right Click Tool Managed workloads of co-managed device

Posted on September 25, 2023 by Eswar Koneti | 0 Comments

Co-management (cloud attach) enables you to manage Windows 10 or later devices simultaneously by using both Configuration Manager and Microsoft Intune. For more information about co-management, please refer here. For a device to be co-managed, one of the pre-requisite is Windows devices must be connected to Azure AD using Hybrid Azure AD joined or Azure…

Efficiently Identify Co-Managed Devices: Techniques and Tools

Co-management is a feature that allows organizations to manage their devices using both Microsoft Intune and System Center Configuration Manager (ConfigMgr). This enables organizations to take advantage of the latest security features and cloud capabilities, such as conditional access and device compliance policies, while also being able to manage certain client actions without the need…

Investigating SCCM Client Policy Request and Communication Status with a Collection Specific Report

Introduction: As a SCCM Configmgr administrator, one of your key responsibilities is to ensure the health of SCCM clients for tasks like application deployment, software updates, and inventory management. Oftentimes, you may encounter situations where you need to identify computers that haven't contacted the server in a specific number of days or determine the clients…

Right-click installer tools unable to register correctly with SCCM console

I was installing the famous SCCM right-click tools from recast software (there are other right-click tools as well) on the freshly installed SCCM site for a customer, the installation of right-click tools went well, the console doesn’t seem to get registered with the right-click tools and there is no option when you right-click on a…

Update scan failed due to Group policy settings were overwritten by a higher authority

Few years ago, I have blogged about the client update scan failure due to GPO’s. https://eskonr.com/2014/10/sccm-configmgr-2012-software-update-scan-error-group-policy-settings-were-overwritten-by-a-higher-authority-error-code-0x87d00692/ Introduction: When the software update point is configured for a site, client computers receive a machine policy that provides the active software update point server name (WSUS) and configures the Specify intranet Microsoft update service location local policy on…

Download ConfigMgr builds from the eval center

Update: Eval site is now restored with improved user experience and is accessible via Microsoft Evaluation Center .The new improved eval center does not require any sign-in to download the media files. This is quick post on the recent inquiry on various forums such as Twitter, reddit and Microsoft forums about the download of configuration manager…

SCCM Software Update installation failed with error code 0x87D00664

I was approached by a customer who had issues deploying the March 2022 windows 10 cumulative updates. The error code and the screenshot is provided below. The software updates are failed with error code 0x87D00664 (-2016410012). The error code 0x87D00664 translates to ‘Updates handler job was cancelled’. There could be several reasons why the updates…

How to deploy Microsoft Store apps (offline) using Microsoft Endpoint Manager

Microsoft Endpoint Manager (ConfigMgr & Intune) allows us to configure and deploy the Microsoft Store apps. For more information, please read through ConfigMgr and Intune . In my recent engagement with customer, there is need to deploy Microsoft store app (offline) using Configuration Manager as there is no integration with store for business. Online: This…

Using Intune remediation – check the windows license activation is subscription or KMS based

Posted on July 24, 2023 by Eswar Koneti | 0 Comments | 1,836 Views

Using Intune remediation - check the windows license activation is subscription or KMS based #EMS #Intune #Remediation #scripts

Disable windows updates (wufb) on selected devices using Intune

Posted on July 7, 2023 by Eswar Koneti | 3 Comments | 1,882 Views

Wufb (windows update for business) is feature in Microsoft Intune that allows organizations to manage and control the deployment of Windows updates across their devices. With WUfB, Intune administrators can define update ring policies and settings to ensure that devices within their organization receive the necessary updates in a controlled manner. This helps organizations maintain…

Streamlining Primary User UPN Fix in Intune Using PowerShell

Posted on July 7, 2023 by Eswar Koneti | 2 Comments | 1,306 Views

Introduction: In Intune world of device management, the concept of the primary user plays a crucial role, especially when it comes to application deployments. In this blog post, we will explore the significance of the primary user and how it affects the installation of applications using the company portal in Intune. We will also…

Company portal – Install option grayed out due to primary user

Posted on May 9, 2023 by Eswar Koneti | 0 Comments | 4,516 Views

Introduction: During my testing of Intune's delivery optimization feature using win32 apps, I encountered an issue where the installation option for an application was grayed out on one device while working fine on another. In this blog post, I will share my troubleshooting journey and explain the concept of primary users in Intune and…

Efficiently Target Your Devices and Users with Intune Filters

Posted on April 16, 2023 by Eswar Koneti | 4 Comments | 4,946 Views

As many of you are likely already aware, Intune filters is a feature of Microsoft Intune that enables administrators to filter and target specific groups of devices or users based on certain criteria. This helps to manage devices and users in a more efficient and effective way by applying policies and configurations only to the…

MyApps and Conditional Access – Exclude with ease

Posted on January 26, 2023 by Eswar Koneti | 0 Comments | 3,321 Views

Azure Active Directory (Azure AD) Conditional Access is a powerful feature that allows administrators to control access to cloud applications based on specific conditions. These conditions can include factors such as location, device type, and network status. By using Conditional Access, administrators can ensure that only authorized users are able to access sensitive resources, and…

Efficiently Identify Co-Managed Devices: Techniques and Tools

Posted on January 17, 2023 by Eswar Koneti | 0 Comments | 1,729 Views

Troubleshooting Azure MFA call to phone option missing (TwoWayVoiceMobile)

Posted on January 14, 2023 by Eswar Koneti | 0 Comments | 786 Views

Recently, while working on an office 365 hardening project, I came across an issue that was causing problems for many users in verifying the 2nd factor authentication (Azure MFA). During the 2nd factor authentication process, users were presented with the following screen. As you can see, the user has the option to verify their identity…