SCCM Collection for AAD joined devices (co-managed)

Co-management enables you to concurrently manage Windows 10 devices by using both Configuration Manager and Microsoft Intune. For more information about Co-management, benefits, pre-requisites, licensing, read https://docs.microsoft.com/en-us/mem/configmgr/comanage/overview When you have windows 10 devices that are Azure AD joined, enrolled to Intune, and also co-managed, these devices would appear in Configuration Manager. In this blog post,…
SCCM Collection for devices online with green checkmark

This is quick blog post on how to create device collection for computers that are online and showing the green checkmark. When a configuration manager client is installed,it will have the following status code indicating the device. For more information about device client status, please refer here How do we create a collection for clients…
System Center Endpoint Protection (SCEP) Installation Error code 0x8004FF91

I had provisioned a windows server 2012 R2 (Yes, it is 2012 R2) and while installing the SCEP client (System Center Endpoint Protection client installation files are picked from current branch 2010), it failed with the following error code. Setup - Cannot complete the System Center Endpoint Protection installation. An error has prevented the System…
Troubleshooting WSUSContent folder size when it grows bigger and bigger

I was recently helping out a customer who had issues with wsuscontent folder size which was about 330GB. This folder size usually around 5-6GB if you are not using standalone WSUS or 3rd party updates for patching. This folder primarily stores the information about. 1. Software update end-user license agreement (EULA). 2. Microsoft patches for…
How to monitor Microsoft 365 endpoint URLs using PowerShell

Microsoft 365 endpoints are the set of destination IP addresses, DNS domain names, and URLs for Microsoft 365 traffic on the Internet. To optimize performance to Microsoft 365 cloud-based services, these endpoints need special handling by client browsers and the devices in our edge network. These devices include firewalls, SSL Break and Inspect and packet…
Exploring Azure AD Continuous Access Evaluation (CAE) in real time

Microsoft Azure Active Directory and Office 365 uses open standards and protocols such as OpenID Connect (OIDC) for authentication and OAuth 2.0 for authorization. In Azure Active Directory, when a client application like Outlook connects to a service like Exchange Online, the API requests are authorized using OAuth 2.0 access tokens. By default, these access…