How to resolve SCCM CMG Policy Violation Error

Eswar KonetiSCCMLeave a Comment

Cloud management gateway (CMG) is a new chapter in Microsoft Endpoint Manager Configuration Manager (MEMCM). It is getting improved better and better in each version that gets released. If you look at the technical preview build that was released recently (version 2009), it has a remote control feature for CMG connected devices which is very much needed to support the internet-connected devices and there are many other good features in the technical preview build that might ship in the next production build. But that’s a whole other topic. In this blog post, I will describe the SCCM CMG Policy Violation … Read More

Setup Microsoft Intune and manage it in Endpoint Manager

Benoit LecoursSCCMLeave a Comment

In this post, we’ll guide you through the process to setup Microsoft Intune and then using it thought the new Endpoint Manager Portal. But first, let’s start this post by clarifying the various services we’ll talk about in our post. Microsoft Azure is a set of cloud services to help your organization meet your business challenges. This is where you build, manage, and deploy applications on a massive, global network using your favourite tools and frameworks. Microsoft Intune was and is still one of Azure services to manage your devices. The “old” Intune Portal you were accessing in Azure has … Read More

How to fix SCCM Bitlocker prompt for fixed drives

Eswar KonetiSCCMLeave a Comment

This blog post describes how to fix SCCM Bitlocker prompt for fixed drives when integrated the MBAM features with Configuration Manager. Introduction Starting with Configuration Manager 1910 onwards, Bitlocker features that were available in MBAM are now fully integrated into ConfigMgr and allows you to manage the Bitlocker drive encryption (BDE) for your windows clients without requiring any additional tools. From Configuration Manager 2002 onwards, the Bitlocker management feature is no more a pre-release feature. The Bitlocker functionalities that exist in Configuration Manager 1910 onwards, only supports the clients that are on-prem and joined to Active Directory ONLY. You will … Read More

Collect Windows10 Events in log analytic Workspace

Jonathan LefebvreAzure, IntuneLeave a Comment

Windows 10, Azure, and Endpoint Manager offer many different tools to gather and know more about what is going on in your environment. One of those is Log Analytics Workspace. Log Analytics workspace has the ability to collect data from Windows devices such as Events and performance data through the Microsoft monitoring agent. This can centralize Windows events to be analyzed and crunched to identify potential impacts happening to many computers. While the Monitoring agent is free, the data hosted in Log Analytics Workspaces will cost a little per month for great insight. Based on past experience, you can expect … Read More

Monitor SCCM Task Sequence Progress

Benoit LecoursSCCM, WINDOWS 104 Comments

When deploying Windows 10 operating system using SCCM (OSD), you will need to monitor SCCM task sequence progress. This allows us to track task sequence start, end time and most importantly errors (if any). Our post will show 4 different ways to monitor SCCM task sequences. Each of them has its own benefits and drawbacks. Monitor SCCM Task Sequence Using the Console You can view the progress of a task sequence using the SCCM console. This method is simple and easy but permit to see the status of only one machine at the time. If your deployment staff don’t have access … Read More

How to use Endpoint Manager Group Policy analytics

Benoit LecoursSCCMLeave a Comment

Microsoft has released a long-awaited feature for Intune/Endpoint Manager administrators. Yet still, in “Preview”, you can start testing Endpoint Manager Group Policy Analytics now! If you’re not familiar with Endpoint Manager… well it’s the “new” branding for Microsoft Intune, simple as that. This feature lets you analyze your on-prem Group Policy Objects (GPO) and determine your level of modern management support. This tool can also be extremely helpful to resolve conflicts between Group Policy Objects (GPO) and Microsoft Intune policy One of the major struggle when migrating devices to Endpoint Manager. When you import a GPO, Endpoint Manager automatically analyzes … Read More

Renew Apple MDM Push Certificate in Endpoint Manager

Benoit LecoursSCCMLeave a Comment

To enroll and manage iOS/MAC devices into Endpoint Manager, you need to create an Apple MDM Push Certificate. These certificates expire 365 days after you create them and must be renewed manually in the Endpoint Manager portal. You will receive a notification email 30 days before the Apple MDM Push Certificate expires. It’s strongly recommended to renew the certificate before the expiration method. If you don’t renew the certificate in time, you will need to re-enroll all Apple devices. In a lab environment, this can be done easily, but in a production environment with a hundred or thousand devices, this … Read More

Step-by-Step SCCM 2006 Upgrade Guide

Benoit LecoursSCCM2 Comments

Microsoft has released a second SCCM version for 2020. SCCM 2006 has been released on August 11th, 2020! (SCCM has a new branding since 1910 – now called Microsoft Endpoint Configuration Manager (MEMCM). This post is a complete step-by-step SCCM 2006 upgrade guide, meaning that if you want to upgrade your existing SCCM/MEMCM installation to the latest SCCM/MEMCM updates, this post is for you. If you’re looking for a comprehensive SCCM installation guide to build a new server, refer to our blog series which covers it all. You won’t be able to install SCCM 2006 if you are running SCCM 2012. … Read More

How to use Windows Update for Business with Intune

Jonathan LefebvreIntuneLeave a Comment

Windows Update for Business is one of the new things Microsoft proposed along with Windows 10. It has come a long way since it’s release. Even if it isn’t perfect yet, or give all the flexibility that ConfigMgr (MEMCM) offer when managing monthly update or feature release, for many small/medium business, this brings a more simple approach to patching and maintaining Windows 10 up to date. In this post, we will detail how to configure Intune Windows Update for Business to patch Windows 10 devices managed by Intune Pre-requisites Windows 10 must be managed by Intune If Windows 10 is … Read More

Block TikTok using Intune device compliance policy and Conditional Access

Benoit LecoursSCCM1 Comment

This blog post will show you how to Block TikTok Microsoft Intune on iOS and Android. This strategy can be used for any app. TikTok was recently caught accessing user clipboard data when running in the background, potentially exposing passwords or other sensitive data. The behaviour was revealed because of a new feature in iOS 14, and it’s unclear how long it had been present in the app. TikTok has since removed the feature, but the privacy scare underscored long-standing privacy concerns over the app, which is owned by China-based ByteDance. The NY Times also reported that TikTok has been under scrutiny … Read More