Deploying Apps from the Windows Store

There’s a lot of apps in the Windows Store, and one of the best bits about them is we don’t have to worry about managing their updates. Luckily we can deploy these through MEMCM and it is fairly easy to do.

You will need a subscription which creates an Azure tenancy (e.g. Office 365) to link MEMCM with the Microsoft Store for Business (or Microsoft Store for Education) – the Business and Education versions are pretty much the same just with different phrasing in places. Continue reading “Deploying Apps from the Windows Store”

Hybrid Azure AD Domain Join Without an SCP

The standard method to configure hybrid domain join is to open up Azure AD Connector and follow the wizard. However this isn’t suitable for every environment – for a start it needs to write forest-level configuration data, create a Service Connection Point (SCP), and if you want to link multiple tenancies to a single AD forest you’re in for a hard time.

Luckily we can hybrid join with some registry settings on the client devices, and don’t need to set up an SCP. Here’s how I’ve managed it on my network.

Continue reading “Hybrid Azure AD Domain Join Without an SCP”

Enabling BitLocker with MEMCM

Enable BitLocker to protect your data in case of device theft.

MEMCM comes with a Bitlocker Management section (under Endpoint Protection), however as far as I can tell this just allows you to set the Bitlocker policy but not force drives to be encrypted – at least I couldn’t get it to do anything on devices it claimed were compliant.

I’ve got an OS deployment task sequence which installs Windows, and has a few BitLocker steps – however I forgot to set a variable telling it to use the TPM chips without additional PIN/password/keys for Bitlocker – so my computers built without Bitlocker being enabled.

Not wanting to go through the build process again for all these devices, I decided to push it out to existing devices through MEMCM. Continue reading “Enabling BitLocker with MEMCM”

Delving into the “Last PXE Advertisement” flag

This post has actually come from having a look at the search queries coming up in my blog visit stats – “all active pxe flag deployements” – which seems like a good thing to look into.

If you’re trying to make a device collection you’ll find the LastPXEAdvertisement doesn’t appear to be available through the query builder UI. Here I’ll look into getting the data through PowerShell and then also putting it into a Device Collection within MEMCM. Continue reading “Delving into the “Last PXE Advertisement” flag”

Wake on LAN revisited

If only it were as simple as a BIOS setting any more!

A couple of years ago I wrote about the pain of getting Wake on LAN to work on HP switches. While this got some of my machines to work, there was still quite a large proportion (about 60%) that weren’t playing ball.

I’ve finally had a bit of time to look into this, so here’s everything I’ve gone through to get a lot more of the PCs powering up on command. Of course there will always be some PCs which just refuse to work (we have some Gigabyte H81M based machines where they just don’t Wake on LAN – whatever you do the LAN link drops when the power is turned off), and some older H61M based machines that are a bit hit and miss. Continue reading “Wake on LAN revisited”

MEMCM Support Centre

Tools installed as part of the Support Centre

I’m not sure how long it’s been around, but one of the neat things I discovered lately is the Support Centre. The installer for this can be found on your MEMCM server, in the installation directory\tools\SupportCenter.

The Support Centre contains a variety of tools to help troubleshoot all things MEMCM. I’m just going to do a very brief look at it here so the best thing to do is install it and have a look for yourself!

Continue reading “MEMCM Support Centre”

Deploying OS Task Sequences Without PXE

No onboard LAN? No problem.

If you’ve had to deploy any laptops recently you’ll have noticed that it’s very difficult to find smaller (lower budget) devices with onboard LAN any more. We recently replaced two trolleys of laptops and the only choice to keep within budget was sacrifice the network port. While this isn’t a problem for their day to day use (as we have full site wireless coverage), when it comes to deploying and updating them… not so great. Well it’s MEMCM to the rescue again with bootable media.

Continue reading “Deploying OS Task Sequences Without PXE”

Deploying the new Edge (Edgium!)

Microsoft Edge (based on Chromium)’s shiny new logo

I’ve been following the new Edge browser for a while, using the Dev version as my main browser for almost a year now. Now that it’s been released I want to update my network to replace the old Edge with the new one – which I call Edgium. What better way to do this than using the built in Edge management section which appeared recently when I updated my  MEMCM installation?

If you’re just looking for Edge MSI installer it’s available from https://www.microsoft.com/en-us/edge/business/download however we don’t need this if doing the deployment through MEMCM. Continue reading “Deploying the new Edge (Edgium!)”

Windows 10 Edition Upgrade – scripted without re-install

winver showing Education edition

We took delivery of 5 Surface Go tablets a while ago, as we are trialling a Surface Go paired up with a Microsoft Wireless Display adapter on the projector, to replace the traditional PC + interactive whiteboard. They came with Win 10 Pro pre-installed and I didn’t fancy re-imaging them (given at the time I didn’t have any Surface Docks, so no way to plug into the network). This post covers creating and running Powershell scripts through MEMCM as well as the script required to bump up the Windows edition.

Continue reading “Windows 10 Edition Upgrade – scripted without re-install”

Windows 10 and Super fast logon times

Could be in for a long wait… let’s see if we can speed things up a bit.

I’ve been working at really cutting down the initial logon times – started last year, and again with me rolling out Windows 10 2004 I’ve had to struggle to remember what I actually did, one of the main reasons for my blog is helping out future Katy as she is very forgetful 🙂

This has always been something that has bugged me, as I remember in 2003 at university there was a Windows 2000/XP network with some sort of NetWare back end. The Windows 2000 PCs (libraries etc mostly) logged on in about 2 minutes, nice and speedy, but in the computing labs they ran XP and it was a 13 minute logon (literally 13 minutes as I timed it). Subsequent logons were also 13 minutes. Extremely frustrating, yet means I’ve always been dismissive of people complaining of a 90 second logon time.

Continue reading “Windows 10 and Super fast logon times”