Mapping Network Drives on Intune Devices

|

This guide is part of a video series companion guide on setting up mapped drives on Intune devices - you can watch the video here S02E18 How to Map Network Drives on Microsoft Intune Devices - (I.T)! This is rather simple but I will be adding some useful bits of code for people who do not have an always on VPN solution for all those Work From Home scenarios. Creating the script Before we get started let me explain how this process works.

Give your ADR a little boost with Status Filter Rules and PowerShell

|

Introduction MEMCM already offers a lot of features to help SysAdmins automate many processes and save them a lot of time to drink more coffee☕ work on less mundane and more interesting tasks. Among them, there are Automatic Deployment Rules (ADR) that let you automate patch management for your Windows devices. There are also Status Filter Rules that allow you to execute actions (Launch a program, execute a script…) when specific status messages are processed by the site server.

Find Microsoft Accounts on Company Domains

|

The other day I was helping someone over in the WinAdmins Discord. Their users kept getting confused about what their passwords were, and it was causing a lot of HelpDesk tickets. Let’s find out what users have Microsoft accounts on the company domain so we can help move those accounts elsewhere to streamline the user experience. Update on Prevention: Microsoft has introduced some changes that at least seem to prevent NEW Microsoft Accounts on Company Domains.

Downloading a Device Guard Signing Service version 2 Root Certificate for MSIX

|

Howdy y’all In this post I will show you how to get the Device Guard Signing Service v2 root certificate. Device Guard Signing Services v1 (DGSS) is being deprecated at the end of December 2020, so we need to migrate to DGSSv2, and it just so happens that the means to download the DGSSv2 root cert is a little bit more complex than the DGSSv1. MSIX crash course While MSIX is generally marketed as a replacement for MSI for developers, there are scenarios that can benefit systems administrators.

Every day tools for the productive IT professional

|

In this post I want to share with you a list of tips and tools that I feel have boosted my day-to-day productivity on the computer. The title suggests this is only for IT professionals. However I can’t see why power users can’t appreciate what’s here too. You may already have different tools that achieve similar, or better, functionality, so drop a comment below or tweet your tip on Twitter using the hashtag #EveryDayITPro.

ConfigMgr and The Case of the Mysterious {3DA228BE-34DA-49f4-A081-66465B077429} Folder

|

Over the weekend I ran into a weird issue that I hadn’t seen before. I was upgrading half of the Distribution Points for a client who’s ConfigMgr was in need of some TLC. I’ve been working on getting their overall infrastructure healthy and that includes upgrading their DPs from Windows Server 2012 to Windows Server 2016 (and eventually 2019). Once I started the upgrades I worked on other things while checking in on them periodically.

Use the Task Sequence deployment type to deploy an application with sensitive information

|

Introduction Introduced with ConfigMgr 2002, the “Task Sequence as an application deployment type” feature is available in pre-release. That means it is still in active development and can contains bugs. Using a Task Sequence (TS) as a deployment type allows for more complex installation process that can even contains reboot. And as it is a Task Sequence, you can also benefit from many other feature like the use of TS variables.

Signing and Deploying Applications via MSIX with Intune

|

Why would I want to use MSIX and what is it? MSIX is a Windows app package format that provides a modern packaging experience to all Windows apps. The MSIX package format preserves the functionality of existing app packages and/or install files in addition to enabling new, modern packaging and deployment features to Win32, WPF, and Windows Forms apps. Do you have a bloated application? Maybe one or two that are so old it doesn’t even have any install parameters?

VPN Boundary Type and Understanding Its Options

|

Like many, I was very excited that the new Configuration Manager 2006 release included a huge improvement for remote devices by adding a new VPN Boundary type. “Finally! I don’t have to constantly bug my Network Engineers as to which IP pools are being used for which VPN appliances.” Create A New Boundary In the Admin Console, navigate to the Administration Node and open up Hierarchy Configuration and right-click on Boundaries

Allow OneDrive Syncing on AAD joined Devices

|

The Problem So I was walking on the beach and noticed that OneDrive wasn’t syncing anymore on my AzureAD joined laptop. I later learned that my endpoint administrator, Adam Gross, had enabled Allow syncing only on computers joined to specific domains in the OneDrive admin portal. which effectively blocked my AzureAD device 🙁 Which resulted in this message on my corporate device Our Legacy AD joined devices were fine, but all of our Azure AD joined devices got the above error.