SCCM - Intune - Endpoint Management

PowerShell: Detect and Fix – Hybrid Join, CCM CoManagement and Intune Service

On December 13, 2021December 13, 2021By Kayyum

# Removing any previous variables and their values (if any) Remove-Variable -Name “*Check*” -Force -ErrorAction SilentlyContinue # Defining variables and system status $HybridCheck = C:\Windows\System32\dsregcmd.exe -ArgumentList “/status” -NoNewWindow | Select-String -Pattern KeySignTest | Select-Object -ExpandProperty Line -ErrorAction SilentlyContinue $CoManagementCheck = Get-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\CCM -Name “CoManagementFlags” | Select-Object -ExpandProperty CoManagementFlags -ErrorAction SilentlyContinue $IntuneServicecheck = Get-Service -DisplayName […]

Advanced Group Policy Management Server – Installation and Configuration

On November 13, 2021November 14, 2021By Kayyum

Microsoft Advanced Group Policy Management (AGPM) extends the capabilities of the Group Policy Management Console (GPMC) to provide comprehensive change control and improved management for Group Policy Objects (GPOs). AGPM is available as part of the Microsoft Desktop Optimization Pack (MDOP) for Software Assurance.

PrintNightmare Fix – Finally

On October 15, 2021November 13, 2021By Kayyum

CVE-2021-34527 ‘PrintNightmare’ Known issues with KB5006667 Error: Windows cannot connect to Printer Detail: Recently introduced security update by Microsoft is causing failure for installation of Printer on Windows 10 Resolution : For now until further update, uninstall the patch and complete the printer installation. Let the patch install again later after next client policy update. […]

MS Defender – Fix Sensor Onboarding Issue

On October 2, 2021October 4, 2021By Kayyum

Sometimes you will notice that few machines will fail to complete the Defender Onboarding process. This issue could occur due to multiple reasons, one of the common reasons is machine unexpectedly restarted during the onboarding process. There is no article or any documentation from Microsoft explaining this behavior however, on further troubleshooting using process monitor, […]

Query SCCM Baselines using WMI

On September 27, 2021September 27, 2021By Kayyum

To get list of all baselines assigned to the computer: Open PowerShell with elevated privilege and run below command: Get-WmiObject -Namespace root\ccm\dcm -class SMS_DesiredConfiguration | Select-Object -Property DisplayName | Sort-Object -Property DisplayName To Trigger evaluation of one specific baseline: e.g., you want to trigger a baseline that evaluates Hybrid Azure […]

Hybrid Azure Join script

On September 27, 2021September 27, 2021By Kayyum

# You can use this as a RUN Script in SCCM or package it and make it available in software center # Performs DSREGCMD /join (requires elevation) and triggers Intune-Device-Sync # Status of each step is logged as well. $LogFilePathJoin = “C:\Windows\Temp\Logs\CA_Hybrid_Join.log” $LogFilePathStatus = “C:\Windows\Temp\Logs\CA_Hybrid_status.log” Start-Process -FilePath “C:\Windows\system32\dsregcmd.exe” -ArgumentList (“/join /debug”) -NoNewWindow -PassThru -RedirectStandardOutput “$LogFilePathJoin” […]

Request SCCM PKI certificate during OSD

On September 25, 2021By Kayyum

Enterprises who use PKI certificate for communication between Clients and SCCM server, often experience delay in client receiving certificate after OSD Task Sequence is completed. It takes the GPO to apply on systems and then client to fetch the certificate and sccm service to be restarted or system restarted once to get the initial communication […]

Using Run Scripts feature in SCCM

On September 25, 2021By Kayyum

Most of the ConfigMgr (MEMCM) admins often must take custom actions on a device or group of devices in a collection. These tasks could be running ConfigMgr client actions or making any ad-hoc changes to the system as required without user intervention. While there any many third-party tools available that you can purchase […]

Category: SCCM – Intune