Home

Bitlocker, Blog, HP, TPM, UEFI, Windows 10

How To Deploy HP BIOS Settings using SCCM

INTRODUCTION In most organizations, the workstation configuration needs to conform to a specific standard. If you are using HP workstations, you will need a strategy on how to deploy the HP BIOS settings. Enterprise OEMs such as DELL, HP and Lenovo provide solutions for deploying BIOS settings. Below is a list of the solutions for each manufacturer: HP  – HP BIOS Configuration Utility (BCU) DELL –  DELL Command Configure Toolkit (CCTK) Lenovo – Lenovo WMI scripts The DELL and Lenovo solutions…

Bitlocker, Blog, Configuration Manager Current Branch, HP, TPM, Windows 10

How To Upgrade TPM firmware from 1.2 to 2.0 for HP Devices

INTRODUCTION TPM 2.0 has been around since 2013, but vendors have been required to provide their machines with TPM 2.0 since July 28, 2016. The TPM chip, or Trusted Platform Module, is a hardware component on the motherboard. The TPM version is derived from the firmware version of the chip. Most modern chips support both version 1.2 and 2.0. The TPM chip is required for features such as: Bitlocker Windows Defender Credential Guard The only feature at this point that…

Blog, Configuration Manager Current Branch, Powershell, Windows 10, Windows 7

Read Files and Detect Strings Using Powershell Detection Methods in SCCM

INTRODUCTION Powershell methods, is there anything they can’t do? No, not really! As with many other cases with Powershell, the options are endless. In this blog post I will explain how you can use the Get-Content command in a Powershell script in an SCCM detection method. MY SCENARIO I came across a scenario at a customer where during an application installation, configuration files were to be replaced in the installation directory using a script. Since a configuration line was different…

Blog, Configuration Manager Current Branch, Software Updates

Powershell Script for Configuring SCCM Maintenance Windows Based on Patch Tuesday

INTRODUCTION Many organizations use Maintenance Windows as part of their Software Update deployment strategy. Maintenance Windows in SCCM are commonly used for controlling when updates are allowed to be deployed to servers. As of SCCM 1802, it is possible to configure the deployment of Automatic Deployment Rules with a defined day offset from Patch Tuesday. Read more about it here: https://docs.microsoft.com/en-us/sccm/sum/deploy-use/automatically-deploy-software-updates Unfortunately, this feature is not available for Maintenance Windows, which causes an issue that I describe in this blog…

Blog, Configuration Manager Current Branch

17 Cool Updates in SCCM Technical Preview 1901

INTRODUCTION SCCM Technical Preview 1901 was released with a bunch of cool updates. In this blog post I will cover 17 of the updates that I believe will benefit administrators the most in their day-to-day work. For a full list of all the new features and fixes please refer to: https://docs.microsoft.com/en-us/sccm/core/get-started/2019/technical-preview-1901 17 UPDATES IN SCCM TP 1901 As mentioned in the Introduction, the below mentioned updates are not all updates for SCCM TP 1901. UPDATE 1 – CLIENT HEALTH DASHBOARD…

Blog, Configuration Manager Current Branch, Software Updates

How To Configure Deadlines for Automatic Deployment Rules in SCCM

INTRODUCTION Upon creating an automatic Software Update strategy in your organization, you will need to configure Automatic Deployment Rules. This blog post describes in short Automatic Deployment Rules and how these are deployed to clients in different phases. As with everything, it is easy once you understand it. AUTOMATIC DEPLOYMENT RULES Automatic Deployment Rules are used to automatically accomplish the following tasks: Filter out Software Updates according to a set amount of criteria from the database. Add the filtered out…

Blog, Configuration Manager Current Branch, Office 365, Windows 10

My notes and experiences from Microsoft Ignite 2018

INTRODUCTION I have just spent a week at the Microsoft Ignite 2018 conference in Orlando, Florida. This was my first visit to both the conference and to Orlando, so I was very excited. Upon arrival att MCO (Orlando International Airport) you can pick up your badge straight away at the baggage claim. This was a super simple process and highly appreciated!   Before the conference, me and my colleague spent a full day at Universal Studios and Universal’s Islands of…

Blog, Configuration Manager Current Branch, Windows 10

Issue with automatically generated names based on serial numbers for virtual machines in SCCM

INTRODUCTION I noticed this issue at a customer where they were deploying machines and automatically configuring the machine name according to serial number. ISSUE There were no issues with deploying physical machines, but virtual machines were failing during the “Apply Windows Settings” step with the following error code: Failed to open the Task Sequencing Environment. Code 0x80220005. Please ensure you are running this executable inside a properly configured OS The reason why we see this issue is that virtual machines…

Blog, Configuration Manager Current Branch, Office 365, Powershell

Deploy Microsoft Office 365 ProPlus Using PS App Deployment Toolkit

INTRODUCTION There are currently many organizations migrating from previous versions of Microsoft Office to Microsoft Office 365 ProPlus. Many of these organizations are also spread around the globe with different language requirements. I have seen that deploing Microsoft Office 365 ProPlus in large enterprise environment is not as trivial as you might think, as you have to take many things in to consideration. The way described in this blog post is the way I go about deploying Office 365 ProPlus, and I have frankly…

Blog, Configuration Manager Current Branch, Office 365, Software Updates, Windows 10

Considerations When Deploying Office 365 Client Updates Using ADRs in SCCM

INTRODUCTION A customer contacted me the other day because their Office 365 client updates were not released to clients in a timely fashion. Their configuration was one Automatic Deployment Rule (ADR) for all client updates, with the following configuration: Date Released or Revised last 1 day Office 365 client updates enabled Evaluation schedule: Every Second Tuesday at 23:55 This is a fine setup except for the following scenarios: Out of band patches are not included Windows Defender Definitions in Configuration…