Windows 10 Must-have Customizations

I’ve performed a number of Windows 10 Deployment projects, and have compiled this handy list of must-have customizations that I deploy at build time using SCCM, or that I bake into the image when capturing it.

Hope it helps, and I’ll keep updating it as I find more good things to tweak.

Continue reading

Advertisements

MDM errors failures and how to fix them

Over the course of this many month Air-Watch MDM project I’ve been conducting, I have run into WAY more than my fair share of MDM enrollment related issues.

Troubleshooting MDM issues presents a whole new set of difficulties, because where SCCM provides glorious log files with tons of community engagement and answers, MDM gives you hard to locate Windows Event logs. Every SCCM error code is meticulously documented on the web, where MDM errors give you this result:

This is how you know you are WAY off the reservation!

Never fear though, for I have compiled the most common and frustating errors which I have painstakingly worked through into this, very originally named volume

Where to find enrollment errors

You can monitor the status of an enrollment in the Windows Event Viewer, under this area:

Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin

It is routine to see some errors here, so not all errors need to be solved, however when you’re trying to troubleshoot why a machine won’t enroll in MDM, then you should be looking here first.   Continue reading

The quest for true silent MDM Enrollment

If you’ve been reading my blog recently, you’ve seen a lot of posts about MDM and Provisioning Options for Windows 10.  Previously we’ve covered:

And in this post we will dig further into the options available to us to deploy a Provisioning Package with the goal of allowing for silent MDM Enrollment and Silent application of a provisioning package!

Continue reading

SCCM v Intune Showdown

sccm

If you’re an SCCM Administrator you’ve likely heard of InTune and might be wondering when to use it.

In this post, we’ll cover how SCCM and Intune are able to manage Windows 10 full desktop computers (including laptops and Windows tablets like the Surface or Surface book.)

If instead you’re wondering about managing the Surface RT, lol, enjoy your metro cutting board.

Best use for a Surface RT in 2016

To understand where InTune really shines, let’s think of where SCCM works best:

  • known and defined network infrastructure
  • well connected end-point devices (less of an issue today)
  • standardized hardware models
  • standardized, company owned hardware
  • Active Directory Domain (all SCCM servers must be domain members)
  • Managed machines are either domain joined, or need certificates (certs =PKI =Even more infrastructure and configuration)
  • Wonderfully powerful imaging capabilities

It becomes pretty obvious, SCCM is for the big enterprise,  which its also expensive and has some serious requirements.

Now, let’s contrast this to the management story we have from Intune:

  • No requirement for local hardware or infrastructure
  • No on premises Active Directory requirement
  • Works very well with Azure AD
  • Works great with user owned and heterogeneous devices
  • Literally zero imaging options

For the rest of this post, I’ll list the big capabilities of an Enterprise Client Management tool and contrast how each of these tools perform at that task, we’ll cover: Continue reading

SCCM 1606 Cloud Proxy Guide

Configmgr in the cloud

UPDATE

This post is about the Cloud Proxy feature, which was included with Tech Preview 1606 of SCCM Current Branch.

While featured in the Tech Preview for 1606, Cloud Proxy was not included with the production release of SCCM 1606, which shipped on July 22, 2016.

Didnt make it.png

So, while you cannot use this SCCM 1606 today, it’s still available in the tech preview.

Continue reading