Featured Article

Use Intune Policy CSP manage Windows 10 settings – Internet Explorer Site to Zone Assignment List

For start, I was actually testing ConfigMgr cloud gateway management and Client Installation over Internet, see this post https://blogs.technet.microsoft.com/arnabm/2017/08/27/client-installation-over-internet/ I did managed install ConfigMgr client on AAD joined Windows 10 (version 1709), but I also want configure some Internet Explorer settings to my AAD joined device. Since Windows 10 (version 1703), we can use Intune Policy CSP to… Read More »

Featured Article

SCCM with iPXE UEFI boot without WDS server

This is a long post….hope you have energy to read. 😀 Dell has a really nice post about How to configure PXE booting over UEFI without using Server 2012 and Windows Deployment Services, you can read this here. In that post, sample is MDT. I am going to do a SCCM scenario. You can watch this video see… Read More »

Force ConfigMgr client deployment on metered network

10 days ago I was in SCCM User Group Finland event (My presentation went badly, I don’t want to talk about that. :D). We are very happy to have Djam join us and talk about everything about ConfigMgr, and thanks for Panu Saukko organized this excellent event. In the afternoon, we have two hours Q&A, one of our… Read More »

First time speak in user group

Jun.28.2018 was an important day for me, we SCConfigMgr blog hosted our first user group event in London Microsoft Reactor amount 7 speakers and 83 attendees. You can find more details in here. I am honored as part of SCConfigMgr team, and as co-speaker with Nickolaj Andersen. Honestly I was nervous and scared before the summit, before the minute… Read More »

How to Install Windows Store apps to Windows Server 2016

You might find other posts or discussion related this topic, however I just want to write down my own notes. 🙂  I have Windows Server 2016 installed in my real machine, and setup Hyper-V for my test lab, but I do need some of the Windows Store apps in my Windows Server 2016, example Microsoft Whiteboard (Preview). Here… Read More »

Use PowerShell monitor WSUS pool status

This is a quick post. One of my colleague asked if I have a script to check if WSUS pool is running, if not then start it. I think it’s properly related WSUS high CPU, high memory and high network usage issue what related to many other matter. Anyway, this post is not about how to fix WSUS,… Read More »

Deploy Win32 applications from Microsoft Intune

UPDATE:  Mine this post is out dated, but I still keeping it. 🙂 For deploy Win32 apps from Microsoft Intune, please read this: http://www.scconfigmgr.com/2018/09/24/deploy-win32-applications-with-microsoft-intune/ I found this post from my draft today, I was writing it in last year December, I have no idea why I didn’t finish and publish it, somehow I just forgot. In this moment,… Read More »

Extend Enterprise Mobility + Security E5 trial license

I am sure many of us are using trial licenses of Intune or EMS, once your trial license is expired, you can extend it for another 30 days. You should do it immediately when your trial is expired, because this 30 days starts to count when trial is expired, so if you don’t go click on Extend you… Read More »

How to query Infineon firmware TPM (Microsoft Advisory ADV170012) in ConfigMgr

If you don’t know what is this about, you must read this https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012 Additional, in this article https://support.microsoft.com/en-us/help/4046783/bitlocker-mitigation-plan-for-vulnerability-in-tpm, it said  When TPM-based protector is used to protect the operating system volume, the security of the BitLocker protection is affected only if the TPM firmware version is 1.2. But the script what Microsoft provided doesn’t include detection if TPM… Read More »