I was working with a client that had a requirement where each computer that was deployed needed to be paired with a physical document that had information about the computer. The solution I used to automate this process was to use a … View full post
Update Compliance Log Analytics Queries
Lately I have been helping many people with moving their update workloads from Configuration Manager and WSUS to Windows Update for Business. The one thing I get the most questions about with the move to Windows Update for Business is how to … View full post
Management Point Root CA Trust Issue (HTTP 403)
I was setting up a Configuration Manager environment in HTTPS mode and I was running into issues with the server selecting a client authentication certificate.
I was seeing these messages in the MPControl.log.
I was seeing this message in the IIS … View full post
Microsoft LAPS Step by Step – Part 2
This post is the second part of a two-part series on configuring and deploying the Microsoft Local Administrator Password Solution (LAPS). The First Post covered the steps needed to configure Active Directory to support LAPS. This post will cover the steps needed … View full post
Microsoft LAPS Step by Step – Part 1
This is an updated version of a post I made on the Now Micro blog last year. The original version of this post can be read Here.
Why is Local Administrator Password Management Needed?
The question of how to deal with … View full post
Create Configuration Manager Antimalware Policies with PowerShell
As I spend time working in many different Configuration Manager environments, I find myself regularly needing to create Antimalware Policies. Most of the settings in the antimalware policies can be configured quickly, however the setting that always takes me the most time … View full post
Create Windows Firewall Rules for AppData Executables
I was recently deploying an application that required Windows Firewall rules to be created for an executable that ran from each user’s AppData folder. The way I accomplished this was to use a combination of PowerShell scripts and the Windows Task Scheduler.… View full post
Modify Local Administrators Membership
I encountered a scenario where I needed to add or remove domain users from the local administrators group on an individual computer basis. The Run Script feature in Configuration Manager worked great for this.
I used an Add script and a Remove … View full post