Microsoft Endpoint Manager: Configuration Manager
Katy Nicholson, 29 July, 2021
I was recently asked about how to deploy a single application but with varying installation command line parameters, using Configuration Manager. Luckily we can do this fairly easily using the Requirements screen on your Application Deployment Type.
Katy Nicholson, 31 August, 2020
There's a lot of apps in the Windows Store, and one of the best bits about them is we don't have to worry about managing their updates. Luckily we can deploy these through Config Mgr and it is fairly easy to do. You will need a subscription which creates an Azure tenancy (e.g. Office 365) to link Config Mgr with the Microsoft Store for Business (or Microsoft Store for Education) - the Business and Education versions are pretty much the same just with different phrasing in places.
Katy Nicholson, 19 August, 2020
Config Mgr comes with a Bitlocker Management section (under Endpoint Protection), however as far as I can tell this just allows you to set the Bitlocker policy but not force drives to be encrypted - at least I couldn't get it to do anything on devices it claimed were compliant. I've got an OS deployment task sequence which installs Windows, and has a few BitLocker steps - however I forgot to set a variable telling it to use the TPM chips without additional PIN/password/keys for Bitlocker - so my computers built without Bitlocker being enabled.
Katy Nicholson, 17 August, 2020
This post has actually come from having a look at the search queries coming up in my blog visit stats - "all active pxe flag deployements" - which seems like a good thing to look into. If you're trying to make a device collection you'll find the LastPXEAdvertisement doesn't appear to be available through the query builder UI. Here I'll look into getting the data through PowerShell and then also putting it into a Device Collection within MEMCM.
Katy Nicholson, 10 August, 2020
I'm not sure how long it's been around, but one of the neat things I discovered lately is the Support Centre. The installer for this can be found on your Config Mgr server, in the installation directory\tools\SupportCenter. The Support Centre contains a variety of tools to help troubleshoot all things Config Mgr. I'm just going to do a very brief look at it here so the best thing to do is install it and have a look for yourself!
Katy Nicholson, 7 August, 2020
If you've had to deploy any laptops recently you'll have noticed that it's very difficult to find smaller (lower budget) devices with onboard LAN any more. We recently replaced two trolleys of laptops and the only choice to keep within budget was sacrifice the network port. While this isn't a problem for their day to day use (as we have full site wireless coverage), when it comes to deploying and updating them... not so great. Well it's MEMCM to the rescue again with bootable media. If you have a look in Software Library\Operating Systems\Task Sequences, you may have noticed a button called "Create Task Sequence Media". This will let us pick from a range of media types, in this case we are interested in the first two - Stand-alone media, and Bootable media. You'll need a few USB pen drives handy, and make sure you insert the drive before launching the wizard or it'll not appear as an available device.
Katy Nicholson, 4 August, 2020
I've been following the new Edge browser for a while, using the Dev version as my main browser for almost a year now. Now that it's been released I want to update my network to replace the old Edge with the new one - which I call Edgium. What better way to do this than using the built in Edge management section which appeared recently when I updated my Config Mgr installation?
Katy Nicholson, 2 August, 2020
We took delivery of 5 Surface Go tablets a while ago, as we are trialling a Surface Go paired up with a Microsoft Wireless Display adapter on the projector, to replace the traditional PC + interactive whiteboard. They came with Win 10 Pro pre-installed and I didn't fancy re-imaging them (given at the time I didn't have any Surface Docks, so no way to plug into the network). This post covers creating and running Powershell scripts through MEMCM as well as the script required to bump up the Windows edition.
Katy Nicholson, 19 February, 2019
Today I had "The Case of the Missing PXE Advertisement" with a PC. Bit of background - I've an OSDeploy device collection which has a zero touch MDT Task Sequence deployed to it, advertised to PXE and Media only, and set to always rerun program. So anything in this collection will automatically get the deployment. Infinite loops are prevented by the "PXE Deployments" flag that is automatically set on computer objects once they have started a PXE deployment. To re-image a PC I just drop it back in the collection and clear the flag. I've also got one which prompts for the computer name, advertised as optional to all Unknown Computers. New kit I boot to this and put the name in and off it goes.