Trigger Teams Installer for User After Machine Wide Installer

|

The Problem: Teams Machine Wide Installer finishes… Then… Nothing? Have you or a loved one ever deployed Microsoft Teams in an enterprise environment? Did the users complain? Did project management complain? Management? You? I’m sure someone was not happy about the overall user experience. In particular when the Teams Machine Wide installer is finished, and detected by your application management tool of choice it does… nothing. The user is left with a message claiming Teams is ‘Installed’ when clearly it is not.

Collecting Logs with Log Analytics for Intune devices

|

Why do I need logs? The purpose of this guide is to configure the collection of Logs in an Intune environment. By default the log analytics you enable in Intune does not give you much information beyond auditing basic things. With this approach we can record any desired log for all of our machines. There is a companion video for this setup https://youtu.be/Uw3GjMnSXbI. Enabling Log Analytics Navigate to endpoint.microsoft.com Select Reports Select Diagnostic Settings Select Add Diagnostic setting Select all options under Log Select Send to Log Analytics workspace Select a Log Analytics workspace You can archive to a storage account to keep data longer Now that we have the log analytics workspace configured we can configure the Microsoft Monitoring Agent (MMA)

Finding Azure Virtual Machines in Configuration Manager

|

A request came in from my System Admin group to push certain policies only to VMs hosted in Azure. Currently, they had a naming convention being used (well, supposed to be used) to simply prefix the hostname with AZ-, but they came across a couple Domain Controllers that hadn’t installed Updates in 7+ months, and of course the names didn’t follow the accepted standard. So I started looking for ways to identify Azure devices definitively and came across this Detect Windows Azure Virtual Machine post, which led to reading the Azure Metadata Service docs, and eventually got me to turn this into a Configuration Item / Configuration Baseline and subsequent Device Collections.

Automating Outside of Business Hours Responses

|

Have you ever had customers emailing in outside of hours? In this post we will setup some scripted automatic maintenance of Auto-Reply responses on a user account. We considered several possibilities but the customer did not have an Azure Subscription yet, we ended up using PowerShell, Microsoft Graph, App Authentication, and a Scheduled Task. Our customer will be moving to Azure later so we will probably revisit this as Azure Functions, or possibly Power Automate later on.

Mapping Network Drives on Intune Devices

|

This guide is part of a video series companion guide on setting up mapped drives on Intune devices - you can watch the video here S02E18 How to Map Network Drives on Microsoft Intune Devices - (I.T)! This is rather simple but I will be adding some useful bits of code for people who do not have an always on VPN solution for all those Work From Home scenarios. Creating the script Before we get started let me explain how this process works.

Give your ADR a little boost with Status Filter Rules and PowerShell

|

Introduction MEMCM already offers a lot of features to help SysAdmins automate many processes and save them a lot of time to drink more coffee☕ work on less mundane and more interesting tasks. Among them, there are Automatic Deployment Rules (ADR) that let you automate patch management for your Windows devices. There are also Status Filter Rules that allow you to execute actions (Launch a program, execute a script…) when specific status messages are processed by the site server.

Find Microsoft Accounts on Company Domains

|

The other day I was helping someone over in the WinAdmins Discord. Their users kept getting confused about what their passwords were, and it was causing a lot of HelpDesk tickets. Let’s find out what users have Microsoft accounts on the company domain so we can help move those accounts elsewhere to streamline the user experience. Update on Prevention: Microsoft has introduced some changes that at least seem to prevent NEW Microsoft Accounts on Company Domains.

Downloading a Device Guard Signing Service version 2 Root Certificate for MSIX

|

Howdy y’all In this post I will show you how to get the Device Guard Signing Service v2 root certificate. Device Guard Signing Services v1 (DGSS) is being deprecated at the end of December 2020, so we need to migrate to DGSSv2, and it just so happens that the means to download the DGSSv2 root cert is a little bit more complex than the DGSSv1. MSIX crash course While MSIX is generally marketed as a replacement for MSI for developers, there are scenarios that can benefit systems administrators.

Every day tools for the productive IT professional

|

In this post I want to share with you a list of tips and tools that I feel have boosted my day-to-day productivity on the computer. The title suggests this is only for IT professionals. However I can’t see why power users can’t appreciate what’s here too. You may already have different tools that achieve similar, or better, functionality, so drop a comment below or tweet your tip on Twitter using the hashtag #EveryDayITPro.

ConfigMgr and The Case of the Mysterious {3DA228BE-34DA-49f4-A081-66465B077429} Folder

|

Over the weekend I ran into a weird issue that I hadn’t seen before. I was upgrading half of the Distribution Points for a client who’s ConfigMgr was in need of some TLC. I’ve been working on getting their overall infrastructure healthy and that includes upgrading their DPs from Windows Server 2012 to Windows Server 2016 (and eventually 2019). Once I started the upgrades I worked on other things while checking in on them periodically.