Featured Article

Use Intune Policy CSP manage Windows 10 settings - Internet Explorer Site to Zone Assignment List

For start, I was actually testing ConfigMgr cloud gateway management and Client Installation over Internet, see this post https://blogs.technet.microsoft.com/arnabm/2017/08/27/client-installation-over-internet/ I did managed install ConfigMgr client on AAD joined Windows 10 (version 1709), but I also want configure some Internet Explorer settings to my AAD joined device. Since Windows 10 (version 1703), we can use Intune Policy CSP to… Read More »

Featured Article

SCCM with iPXE UEFI boot without WDS server

This is a long post….hope you have energy to read. 😀 Dell has a really nice post about How to configure PXE booting over UEFI without using Server 2012 and Windows Deployment Services, you can read this here. In that post, sample is MDT. I am going to do a SCCM scenario. You can watch this video see… Read More »

Use PowerShell monitor WSUS pool status

This is a quick post. One of my colleague asked if I have a script to check if WSUS pool is running, if not then start it. I think it’s properly related WSUS high CPU, high memory and high network usage issue what related to many other matter. Anyway, this post is not about how to fix WSUS,… Read More »

Deploy Win32 applications from Microsoft Intune

I found this post from my draft today, I was writing it in last year December, I have no idea why I didn’t finish and publish it, somehow I just forgot. In this moment, we cannot deploy Win32 applications from Microsoft Intune, my idea is put those application source media files on Azure Storage file share, use Intune… Read More »

Extend Enterprise Mobility + Security E5 trial license

I am sure many of us are using trial licenses of Intune or EMS, once your trial license is expired, you can extend it for another 30 days. You should do it immediately when your trial is expired, because this 30 days starts to count when trial is expired, so if you don’t go click on Extend you… Read More »

How to query Infineon firmware TPM (Microsoft Advisory ADV170012) in ConfigMgr

If you don’t know what is this about, you must read this https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012 Additional, in this article https://support.microsoft.com/en-us/help/4046783/bitlocker-mitigation-plan-for-vulnerability-in-tpm, it said  When TPM-based protector is used to protect the operating system volume, the security of the BitLocker protection is affected only if the TPM firmware version is 1.2. But the script what Microsoft provided doesn’t include detection if TPM… Read More »

Use PowerShell detect if Lenovo laptop is attached docks

Big thanks for Joe Parker (@joe_lenovo) gave us PnP ID of Lenovo ThinkPad Pro/Ultra docks. ThinkPad Pro dock 40A1: USB\VID_17EF&PID_1012 ThinkPad Ultra 40A2: USB\VID_17EF&PID_1010   This a simple PowerShell script for detect if Lenovo laptops are attached to dock station, includes mechanical Lenovo ThinkPad docks and Lenovo USB 3.0 Pro/Ultra docks. 

or:

 

Windows 10 Upgrade won't continue after reboot

Ran into a problem today, during windows 10 inplace upgrade, machine didn’t continue upgrade after reboot, it was about 70% of the update, machine shutdown and won’t restart again. Trouble shooting… yes I did find where is the issue. Because I have tested my Task Sequence like hundred times, I know what steps are 100% work and what… Read More »

Devices Management: Azure AD Join vs. Azure AD Device Registration vs. Domain Join

For start, please read this article https://blogs.technet.microsoft.com/trejo/2016/04/09/azure-ad-join-vs-azure-ad-device-registration/, there are details regarding these matters. So why am I writing these? As an IT professionals, we can read those technical articles, understand like MDM, MAM, ConfigMgr/SCCM, AAD, GPO, but customers don’t. When customer wants a device management solution, they often ask “What kind of devices management you can offer?” or… Read More »

How to set up Azure AD self-service password reset (Cloud SSPR)

I am happily notice this new feature of Windows 10 Insider preview: Recover pin and password from the lock screen. https://blogs.windows.com/windowsexperience/2017/07/13/announcing-windows-10-insider-preview-build-16241-pc-build-15230-mobile/ Recover your pin and password from the lock screen:  Self Service solutions empower end users, unburden helpdesk/IT admins, and save organizations money. Cloud Self Service Password Reset (Cloud SSPR) has been a really popular Azure AD Premium… Read More »