SCCM : Windows 11 inplace upgrade failing
Some of my Devices are with the UI language of en-GB, and some are with en-US. All are windows 10 enterprise. When I try to do an in-place upgrade (for win 11 enterprise - en-US). the devices with en-GB devices are failing. I would like to replace all the devices with en-US? can we do it via SCCM and with the same task sequence? and with the Windows 11 upgrade or do we need to do a fresh installation for those en-gb devices ?
Get Key Activation of Windows in SCCM
Hi Everyone! I Need a help for get a product key with all devices in my Configuration Manager , i have ADD a MOF in hardware inventory , Creating a VBS for Configuration Line and created a Configuration Baseline and deployed , but de Baseline not appear in my Clients and no have any try in deployment status. Anyone have a ideia how to get a key activation for windows ?
Installations via InTunes failing but work from SCCM
We have pretty much completed our migration from using SCCM to InTune (IT). However, we are encountering a few apps which hang at certain points during the installation. These have worked 100% falwlessly through SCCM and indeed, if we revive the SCCM deployment, we can install via that route. I strongly suspect that IT is handling output (STDOUT?) differently than SCCM does, wherein the installer is trying to display a screen but cannot and so just hangs indefinitely. Aside from the above return-to-using-SCCM work-around, we have occasionally resorted to repackaging the offending installer but this obviously introduces a delay in getting apps deployed to our user-base. Is there some flag we can set when adding apps to IT that we're somehow not seeing, or some other configuration we set - maybe at the client-level - to bypass this behaviour? If you feel like experimenting, grab the Innorix Agent installer which is one that's causing us grief presently.
SCCM Disable Optional Feature
Hello, can a feature that was enabled during an upgrade in SCCM be turned off again? I have a problem with the Orchestration Group. Although there is no rule, it always seems to be active. I also want to disable the feature, but I couldn't find any information in the official Microsoft documentation. Is this possible? Thanks.
Windows Defender AntiVirus with Intune
Hello Windows Defender antivirus is enabled with Intune(Co-managed deployment) Antivirus policy, Our organization normally had Symantec and did not use Defender. However the below is showing in Virus and Threat Protection. Basic settings are used in the policy: Allow Archive Scanning Allowed. Scans the archive files. Allow Behavior Monitoring Allowed. Turns on real-time behavior monitoring. Allow Cloud Protection Allowed. Turns on Cloud Protection. Allow Email Scanning Not allowed. Turns off email scanning. Allow Full Scan On Mapped Network Drives Not allowed. Disables scanning on mapped network drives. Allow Full Scan Removable Drive Scanning Allowed. Scans removable drives. Allow scanning of all downloaded files and attachments Allowed. Allow Realtime Monitoring Allowed. Turns on and runs the real-time monitoring service. Allow Scanning Network Files Not allowed. Turns off scanning of network files. Allow Script Scanning Allowed. Allow User UI Access Allowed. Lets users access UI. Avg CPU Load Factor 50 Check For Signatures Before Running Scan Enabled Cloud Block Level High Cloud Extended Timeout 50 Days To Retain Cleaned Malware 0 Disable Catchup Full Scan Disabled Disable Catchup Quick Scan Disabled Enable Low CPU Priority Disabled Enable Network Protection Enabled (block mode) PUA Protection PUA Protection on. Detected items are blocked. They will show in history along with other threats. Real Time Scan Direction Monitor all files (bi-directional). Scan Parameter Quick scan Schedule Quick Scan Time 720 Schedule Scan Day Monday Signature Update Interval 4 Submit Samples Consent Send safe samples automatically.HAADJ with Intune Co-Management
Hello, -I have HAADJ tenant with Intune Co-Management. -AD connect syncs devices only and not users to Entra (as users are third party provisioned and federated). -Devices appear in Azure then are added to group for Intune policy enrollment. Enrollment is done via GPO. -They get enrolled in Intune using Co-management with SCCM, Auto MDM enrollment with device credentials and appear in Intune as co-managed. -Bitlocker is applied via Intune on the devices to encrypt fixed data drives and operating system drives. GPO is applied to avoid backing up recovery key in AD as explained here. https://www.burgerhout.org/the-bitlocker-haadj-nightmare/ Question(s): 1-For testing, We encrypt and remove semantics drive encryption, Restart is done during removal then recovery key screen appears and key is requested to access device. Second Restart after uninstall, The Key is not requested. 2-After testing Recovery key is stored in Intune but not stored in the below location https://myaccount.microsoft.com/-> Devices -> Manage Devices -> Select devices -> View Bitlocker Keys (It appears only in test environment where enrollment is done via User credentials as opposed to device credentials) 3-Devies in Azure under the following URLDevices - Microsoft Entra admin center-> Show an owner when device is first moved with AD sync however later on owner is removed and the behavior is very random, However in Intune, Devices show a Primary user logged in as long as someone is logged in to office which is fine and acceptable. So what could be the reason for issue in Azure/Entra?
How to package an application with large set of content ex: Visual studio (45GB)
In recent time we have got a request for Visual studio to onboard through SCCM, while we analyzing the Visual studio onboarding option using SCCM, have found couple of challenges one of them is complete package size is around 45 GB, if we exclude the Mobile, C++, Gaming, Extensions development it's reducing to around 32-35GB. we have very less cache in size for system (5 GB) do we have any option/ approach for handling this kind of scenario? like incremental download, lazy, dynamic loading etc.SCCM Client showing as "No" or "Not Installed"
Hi After a little support if possible please, We are preparing to upgrade and replace circa 50 PCs in our office. We have prepared a custom build of Windows 11 Enterprise, with all of the required applications installed. We are able to provision a PC via our custom Task Sequence in SCCM, this all works well. However, when the task sequence installs the SCCM client on the PC, the ccmsetup.log reports "CcmSetup is exiting with return code 0" - the Computer registers and is visible within the SCCM console, but, the "Client" column states "No" which would indicate that there is some sort of communication issue from the Client to the SCCM server. Attached is an example of where the newly provisioned PC has had the Client installed, but it does not appear to be communicating to the SCCM server. The same happens even if we uninstall the client via the "ccmsetup.exe /uninstall" command and manually re-install by just running "ccmsetup.exe" This is not all PCs that we are having this issue with. Any pre-existing PCs that were provisioned a couple of years back continue to work and respond ok with SCCM. Attached is an example of a pre-existing PC where the SCCM client is reporting to the server ok : This only appears to be with any PCs we provision recently (we had an in-place server upgrade take place approx 12 months ago and went from MS Server 2016 to MS Server 2019) Would anyone be able to offer any assistance or be able to take a look at any log files to help out? Thanks in advance!updating content of the application in SCCM using WMI
Hi, I wan to Call Update Content API on Application in Sccm using WMI Object. I tried with below code ManagementPath MgmtPath1 = new ManagementPath($"SMS_SoftwareUpdatesPackage.PackageID='{applicationID}'"); ManagementClass ProcessClass1 = new ManagementClass(Scope, MgmtPath1, null); ManagementObject managementObject = ProcessClass1.CreateInstance(); if (managementObject != null) { var inParams = managementObject.GetMethodParameters("AddUpdateContent"); inParams.Properties["ContentIDs"].Value = new UInt32[] { }; inParams.Properties["ContentSourcePath"].Value = new String[] { @"\\LocalHost\publish\7-Zip (x64)\16\4\" }; inParams.Properties["bRefreshDPs"].Value = false; ManagementBaseObject outParams1 = managementObject.InvokeMethod("AddUpdateContent", null, null); ///An Exception is thrown here } But it is throwing an Error "Invalid Method Param(s)" or "Not Found" Exception . Am I Missing here anything? what would be the best way to call it?Missing User State Migration Tool For Windows under MECM (SCCM) Packages
Hello, sorry if this has been asked before but I am unable to find anything via google-fu. We have an in service version of Microsoft Configuration Manager (2309) that appears to have not been installed with USMT at the beginning. I have added USMT into the ADK and have set up State Migration Point to one of the servers and role. There is nothing within the packages section though which from what I can see is supposed to be added as part of the original install. Is there a way to get this added or is there settings I can set to have it pull from the ADK folder?
