Archives
-
Categories
-
Recent Posts
- PC Buyback for Windows Autopilot devices – part 3
- PC Buyback for Windows Autopilot devices – part 2
- PC Buyback for Windows Autopilot devices – part 1
- How does Windows Autopatch deal with the WinRE security patch ?
- Windows 10/11 version 21H2 and Windows Server 2022 not updating due to the size of the WinRE partition
-
Recent Comments
- Raghavendra.BH on How to fix “Exceeded the Maximum Number of Computer Accounts Allowed to Create in this Domain”
- ncbrady on Fixing: “Total identified Windows installations: 0”
- yjteng on Fixing: “Total identified Windows installations: 0”
- ncbrady on How does Windows Autopatch deal with the WinRE security patch ?
- Thomas on How does Windows Autopatch deal with the WinRE security patch ?
-
-
Meta
Category Archives: System Center Configuration Manager (Current Branch)
What’s new in Microsoft Endpoint Manager – part 1
Introduction These are my notes from a session shown today @ Microsoft Ignite 2020, the session was hosted by Steve Dispensa (Director of Program Management at Microsoft Endpoint Manager) and Ramya Chitrakar (Director of Engineering at Microsoft Endpoint Manager). For … Continue reading
Posted in Cloud Management, Microsoft Tunnel, tenant attach
Leave a comment
Troubleshooting BitLocker Management in ConfigMgr – Part 1. Server side
Introduction Microsoft blogged about Bitlocker Management capabilities back in May, 2019. They detailed how that would impact and evolve on the following three platforms. Cloud-based BitLocker management using Microsoft Intune On-premises BitLocker management using System Center Configuration Manager … Continue reading
Fixing an evaluation version of SSRS with “HTTP Error 503. The Service is unavailable”
Introduction I was writing a blog post about Troubleshooting BitLocker Management in ConfigMgr 2002 Current Branch and one of the things I was trying to do was install the web portals, but I was seeing errors shown below. Get-ReportServiceUri : … Continue reading
Posted in 2002, BitLocker Management, Reporting
Leave a comment
How can we utilize the Bitlocker Management feature during OSD with Endpoint Manager
Introduction I’ve had a lot of questions recently about people wanting to use the new BitLocker Management capabilities in Configuration Manager, and to make use of those abilities during OSD (Operating System Deployment). First things we need to keep in … Continue reading
Posted in 1910, 2002, 2006, BitLocker Management, Full Disk Encryption, MBAM, pki
Leave a comment
How can I replace an expired IIS certificate in a PKI enabled ConfigMgr environment
Introduction I was busy putting together another BitLocker Management OSD related blog post in one of my PKI enabled ConfigMgr labs (#11) when I noticed that PXE boot no longer worked. The virtual machine would attempt to PXE boot for … Continue reading
Posted in 2002, BitLocker, expired IIS cert, PKI, smspxe.log
3 Comments
Triggering Evaluation of SMS_DesiredConfiguration Instances on a Client Using Powershell
Introduction It has always been possible to trigger evaluation of an SMS_DesiredConfiguration instance using the TriggerEvaluation method on the SMS_DesiredConfiguration. Here’s an example of that from fellow MVP Timmy. The only information needed to trigger the instance evaluation was the … Continue reading
Enabling the new Tenant Attach feature in Configuration Manager
Introduction Microsoft are constantly innovating and adding new features to already amazing products, one such recent addition is a cloud feature called Tenant Attach for Microsoft Endpoint Manager and you can start testing it right now in Configuration Manager Technical … Continue reading
Posted in 2002, 2002.2, Intune, tenant attach
2 Comments
Full disk encryption (in ConfigMgr 1910) – a closer look using real hardware
Introduction In an earlier post I showed you how you can enable Full Disk Encryption via a task sequence in Microsoft Endpoint Manager Configuration Manager version 1910. The screenshots in that blog post were taken from virtual machines, and I … Continue reading
Posted in 1910, BitLocker, Full Disk Encryption
6 Comments
Learn about Bitlocker Management in Microsoft Endpoint Configuration Manager version 1910 – part 9 Group Policy
Introduction In this video (scroll down to the bottom of this post) I show you how you can obtain the MDOP ADMX templates for use within Active Directory Group Policy. I show you where to download the MDOP templates from, … Continue reading
Posted in 1910, ADMX, ADMX Templates, MBAM
Leave a comment
Learn about Bitlocker Management in Microsoft Endpoint Configuration Manager version 1910 – part 8 Migration
Introduction In this video (linked at the bottom of this post) I show you how you can migrate existing MBAM managed clients to Configuration Manager using the new BitLocker Management feature that was released in Microsoft Endpoint Configuration Manager version … Continue reading
Posted in 1910, MBAM, Migration
6 Comments
Enabling Full Disk Encryption in Microsoft Endpoint Configuration Manager 1910 in a task sequence
Introduction Microsoft Endpoint Configuration Manager 1910 came with BitLocker management capabilities (MBAM features), and this fits together nicely with task sequence steps regarding BitLocker. The option to enable Full Disk Encryption actually started with Configuration Manager 1806 but MBAM integration … Continue reading
Posted in 1910, BitLocker, Full Disk Encryption
12 Comments
Learn about Bitlocker Management in Microsoft Endpoint Configuration Manager version 1910 – part 7 Reporting and compliance
Introduction In this video I show you how you use the built in reports from the BitLocker Management feature that was released in Microsoft Endpoint Configuration Manager version 1910. I explain what each of the 5 built in reports offer … Continue reading
Posted in 1910, MBAM, Reporting
Leave a comment
Learn about Bitlocker Management in Microsoft Endpoint Configuration Manager version 1910 – part 6 forcing decryption
Introduction In this video I show you how you can enforce decryption of BitLocker encrypted drives in Microsoft Endpoint Configuration Manager version 1910. It involves the use of a custom Configuration Baseline with a Configuration Item to set a registry … Continue reading
Posted in 1910, MBAM
Leave a comment
Learn about Bitlocker Management in Microsoft Endpoint Configuration Manager version 1910 – part 5 key rotation
Introduction In this video I show you how key rotation works when a key has been revealed via the helpdesk using Bitlocker Management integrated as a feature in Microsoft Endpoint Configuration Manager version 1910. To see a list of all … Continue reading
Posted in 1910, key rotation, MBAM
Leave a comment
Learn about Bitlocker Management in Microsoft Endpoint Configuration Manager version 1910 – part 4 Enforce encryption
Introduction In this video I show you how to enforce encryption with no user interaction using Bitlocker Management in Configuration Manager 1910 (and a compliance baseline containing a configuration item with 2 registry keys). Below are the key path and … Continue reading
Posted in 1910, MBAM
Leave a comment