Category Archives: System Center Configuration Manager (Current Branch)

New video: Resolving expired certificates in a PKI (HTTPS) based SCCM OSD Lab

Posted on October 23, 2022 by ncbrady

Introduction I use PKI based labs to test various scenarios from Microsoft. I’ve multiple SCCM (Configuration Manager) labs that are running in HTTPS only mode (PKI) using a two tier PKI infratstructure (Offline Root CA, Issuing CA). Using multiple labs … Continue reading →

Posted in 2207, PKI | Leave a comment

If you use tenant attach client management actions then update TODAY to avoid disruption

Posted on July 26, 2022 by ncbrady

Introduction I saw a tweet today shown below. It gave me a semi-panic feeling as today is the 26th, and the patch by date is tomorrow. I’m on vacation but remembered I have a few CM2203 labs with tenant attach … Continue reading →

Posted in 2203, hotfix rollup, tenant attach client action certificate issue | Leave a comment

Migrate to the cloud – Part 1. Setup

Posted on May 22, 2022 by ncbrady

Introduction This blog series is comprised of 3 parts. In this part I’ll cover how you can migrate your existing configuration manager managed, domain joined devices to Azure AD joined, and Intune managed devices. During that process the app also converts … Continue reading →

Posted in Auto MDM enrollment, Azure AD, System Center Configuration Manager (Current Branch), Windows AutoPilot | Leave a comment

First look at the Migrate to the cloud app

Posted on May 13, 2022 by ncbrady

Introduction This video is a quick look at the Migrate to the cloud app. The Migrate to the cloud app is a Powershell based solution delivered via Software Center in Microsoft Configuration Manager, that takes your domain joined, ConfigMgr devices … Continue reading →

Posted in System Center Configuration Manager (Current Branch) | 2 Comments

Cloud attach – Endpoint Managers silver lining – part 10 using apps with tenant attach

Posted on March 27, 2022 by ncbrady

Introduction This is part 10 in a series of guides about cloud attach in Microsoft Endpoint Manager, with the aim of getting you up and running with all things cloud attach. This part will focus on using some of tenant … Continue reading →

Posted in 2111 | Leave a comment

New video: Escrow Bitlocker recovery password to the site during a task sequence in Configuration Manager 2203

Posted on March 6, 2022 by ncbrady

Introduction I blogged about the new ability in Configuration Manager 2203 (Technical Preview) to allow you to simply enable the Escrow of Bitlocker recovery info to Configuration Managers database here, please check it out. As this is such a long … Continue reading →

Posted in 2203, escrow bitlocker recovery info | Leave a comment

Escrow BitLocker recovery password to the site during a task sequence in Configuration Manager 2203

Posted on March 3, 2022 by ncbrady

Introduction Update: Microsoft have now released Configuration Manager 2203 and it contains this and other amazing new features. Microsoft released Technical Preview Configuration Manager version 2203 and it contains some cool new features, one of which is the ability to … Continue reading →

Posted in 20H2, 2203, 2203, BitLocker, escrow bitlocker recovery info, escrow bitlocker recovery info, Windows 10 | Leave a comment

Cloud attach – Endpoint Managers silver lining – part 9 renewing expiring certificates

Posted on December 26, 2021 by ncbrady

Introduction This is part 9 in a series of guides about cloud attach in Microsoft Endpoint Manager, with the aim of getting you up and running with all things cloud attach. This part will focus on renewing expiring certificates. This … Continue reading →

Posted in 2111, Cloud Attach, System Center Configuration Manager (Current Branch) | Leave a comment

Checking for network cable connections before deploying an OS from the CMG via Software Center

Posted on December 15, 2021 by ncbrady

Introduction Note: In a previous blog post I showed you how you can deploy an Operating System from a Cloud Management Gateway (CMG) using bootable media. That blog post assumed you had a working network connection (wired) and also required … Continue reading →

Posted in 2111, CMG, System Center Configuration Manager (Current Branch) | Leave a comment

Retrieve BitLocker recovery keys from Tenant attached devices in the MEM console

Posted on September 28, 2021 by ncbrady

Microsoft recently added a new preview ability to the production version of ConfigMgr 2107. Aaron tweeted about it here. Below are the prerequisites. Prerequisites Configuration Manager site version 2107 or later Apply a Configuration Manager BitLocker management policy to the … Continue reading →

Posted in 2107, BitLocker recovery info (preview), bugfix | Leave a comment

Hotfix available for ConfigMgr version 2103 to solve policy storm issues caused by Invoke-MbamClientDeployment.ps1

Posted on July 28, 2021 by ncbrady

Introduction I tweeted and blogged about policy storm problems caused by using the following MBAM script Invoke-MbamClientDeployment.ps1 during OSD with Configuration Manager version 2103 when the BitLocker Management feature is enabled, you can read about that here. My original tweet … Continue reading →

Posted in 2103, hotfix for BitLocker issue | Leave a comment

Cloud attach – Endpoint Managers silver lining – part 8 Enabling Tenant Attach

Posted on July 19, 2021 by ncbrady

Introduction This is part 8 in a series of guides about cloud attach in Microsoft Endpoint Manager, with the aim of getting you up and running with all things cloud attach. This part will focus on enabling the compliance policies … Continue reading →

Posted in 2103, AzureAD, Cloud Attach, tenant attach | Leave a comment

using BitLocker Management in ConfigMgr and do OSD, read this !

Posted on July 1, 2021 by ncbrady

Introduction I like many others have blogged about enabling BitLocker during a task sequence in the past, however recently it’s come to my attention that the Invoke-MBAMClientDeployment.ps1 scripts which were provided for MBAM setups are not supported for use with … Continue reading →

Posted in 2103, Bitlocker, BitLocker, policy storm | Leave a comment

A quick look at the “Retire MY PC” app

Posted on June 23, 2021 by ncbrady

Introduction I tweeted about this recently and it gained a LOT of attention, so I thought I better do a video showing what this actually does. When your users get a new Windows Autopilot PC, their old computer will usually … Continue reading →

Posted in 2103, AzureAD, BitLocker, BitLocker Management over CMG, httptrigger, sendgrid | Leave a comment

Cloud attach – Endpoint Managers silver lining – part 7 co-managing Azure AD devices

Posted on May 25, 2021 by ncbrady

Introduction This is part 7 in a series of guides about cloud attach in Microsoft Endpoint Manager, with the aim of getting you up and running with all things cloud attach. This part will focus on enabling the compliance policies … Continue reading →

Posted in Cloud Attach | Leave a comment