All about Microsoft Endpoint Manager

SCCM Collection for AAD joined devices (co-managed)

Posted on February 5, 2021 by Eswar Koneti | 0 Comments | 1,982 Views

Co-management enables you to concurrently manage Windows 10 devices by using both Configuration Manager and Microsoft Intune. For more information about Co-management, benefits, pre-requisites, licensing, read https://docs.microsoft.com/en-us/mem/configmgr/comanage/overview When you have windows 10 devices that are Azure AD joined, enrolled to Intune, and also co-managed, these devices would appear in Configuration Manager. In this blog post,…

How to disable Firewall and network protection notifications using Microsoft Intune

Posted on January 29, 2021 by Eswar Koneti | 0 Comments | 1,417 Views

In this blog post, we will see how to use Microsoft Intune to disable the firewall and network protection notifications that pop-up on windows 10 workstation. The use case could be that, if you have POS devices where you need to disable/hide all notifications. We are not disabling the firewall instead it will be notifications…

SCCM Collection for devices online with green checkmark

Posted on January 21, 2021 by Eswar Koneti | 0 Comments | 1,787 Views

This is quick blog post on how to create device collection for computers that are online and showing the green checkmark. When a configuration manager client is installed,it will have the following status code indicating the device. For more information about device client status, please refer here How do we create a collection for clients…

System Center Endpoint Protection (SCEP) Installation Error code 0x8004FF91

Posted on January 20, 2021 by Eswar Koneti | 1 Comment | 1,023 Views

I had provisioned a windows server 2012 R2 (Yes, it is 2012 R2) and while installing the SCEP client (System Center Endpoint Protection client installation files are picked from current branch 2010), it failed with the following error code. Setup - Cannot complete the System Center Endpoint Protection installation. An error has prevented the System…

Certificate error while deploying an OS over CMG using bootable media

Posted on January 17, 2021 by Eswar Koneti | 2 Comments | 1,205 Views

Starting in Configuration Manager 2010, we can use OS boot media from SCCM to reimage internet-based devices that connect through a Cloud Management Gateway (CMG). Do note that, this method cannot join the devices to domain but only in a workgroup as there is no domain connectivity for internet-based clients. This scenario is useful to…

Troubleshooting WSUSContent folder size when it grows bigger and bigger

Posted on January 13, 2021 by Eswar Koneti | 4 Comments | 1,824 Views

I was recently helping out a customer who had issues with wsuscontent folder size which was about 330GB. This folder size usually around 5-6GB if you are not using standalone WSUS or 3rd party updates for patching. This folder primarily stores the information about. 1. Software update end-user license agreement (EULA). 2. Microsoft patches for…

How to monitor Microsoft 365 endpoint URLs using PowerShell

Posted on December 30, 2020 by Eswar Koneti | 0 Comments | 1,317 Views

Microsoft 365 endpoints are the set of destination IP addresses, DNS domain names, and URLs for Microsoft 365 traffic on the Internet. To optimize performance to Microsoft 365 cloud-based services, these endpoints need special handling by client browsers and the devices in our edge network. These devices include firewalls, SSL Break and Inspect and packet…

Exploring Azure AD Continuous Access Evaluation (CAE) in real time

Posted on December 28, 2020 by Eswar Koneti | 0 Comments | 780 Views

Microsoft Azure Active Directory and Office 365 uses open standards and protocols such as OpenID Connect (OIDC) for authentication and OAuth 2.0 for authorization. In Azure Active Directory, when a client application like Outlook connects to a service like Exchange Online, the API requests are authorized using OAuth 2.0 access tokens. By default, these access…