How to use Microsoft Defender for Endpoint antivirus security with Intune

Jonathan LefebvreIntuneLeave a Comment

Microsoft Defender has come a long way since the first few releases to become a leader in all all-things security-related. What was originally a standard antivirus solution has evolved into a full product suite. If you are looking to configure Microsoft Defender(Endpoint protection) with Configuration Manager, see our guide that is available in our shop This post will focus on configuring Microsoft Defender for Endpoint Security Antivirus by using Intune. Prerequisites Windows 10 or Windows 11 Aside from the Intune various licensing option you’ll need to manage your devices, there are no other requirements to use this feature. Create Microsoft Defender for Endpoint antivirus security profiles Connect to the Endpoint portal Browse to Endpoint Security/ Antivirus Click Create Policy. At this point, the Antivirus policies are split into 3 distinct sections. Microsoft Defender Antivirus This will essentially manage the core features. Microsoft Defender Antivirus Exclusions This will be the various … Read More

How to fix Azure Update Compliance missing devices

Jonathan LefebvreIntune, WINDOWS 10, Windows 11Leave a Comment

Azure Update Compliance has been around for a few years already. Originally part of Windows Analytics, it’s the only component that lived through the years. It has become more popular with the growing number of devices managed with Windows Update for Business. It is also useful for an environment that manages updates and feature updates with Configuration Manager. In this post, we’ll cover how to make the required change so devices report back to Azure Update Compliance. I recently did a check for a few clients and noticed that the number of devices in Update Compliance was drastically low or even almost empty in some environments. This is because of a change from Microsoft, that was enforced back in January 2022. Since devices were managed prior to May 2021, we need to adjust the configurations to fix Azure Update Compliance missing devices. If you are looking for how to use … Read More

How to move SCCM Move Content Library to another drive

Jonathan LefebvreSCCM6 Comments

One of the common mistakes we still see is having SCCM Move Content Library folders on many different drives, most of the time not on purpose. Usually, this will lead to the C drive being full, or the drive where the SQL database sits. This will then cascade into a series of errors all over SCCM. In this post, we will show how to use the SCCM Content Library Transfer tool to move distribution content folders Prerequisites If you are running SCCM latest build, the tool is now build-in the install folder If you are running a version older than Current Branch 1802, you will need to download the SCCM 2012 toolkit Move SCCM Move Content Library Find the drives where there are Distribution Point content folder that shouldn’t be there You can see the Content Library folder location in a registry key:  HKLM\Software\Microsoft\SMS\DP\ As stated in the limitation, the Distribution … Read More

How to use SCCM Cloud Management Gateway bulk registration token

Jonathan LefebvreSCCM1 Comment

One of the less-known benefits of the SCCM Cloud Management Gateway is the ability to install the Configuration Manager client to devices that are not connected locally and manage those devices without ever being on the internal network. For example DMZ servers. To do so, the client must be installed by a command line with an SCCM CMG Bulk Registration Token. In this post, we will show how to use the Bulk Registration Token to enroll DMZ servers to the Cloud Management Gateway. Requirements Configuration Manager version 2002 or higher Supported OS for Config Manager Cloud Management Gateway configured See our post, Setup SCCM Cloud Management Gateway The certificate used for the Cloud Management Gateway must be trusted by the client that will be installed If the certificate is a Public certificate, with a CNAME, then this will be trusted by default If the certificate is generated by a private … Read More

How to use Desktop Analytics for Windows 10 Feature Update

Jonathan LefebvreIntune, SCCM1 Comment

Desktop Analytics is still a recent product and a small beast that require a bit of time and trial and error to get going. The goal of Desktop analytics is to give data to understand your environment prior to mass roll out a new Windows 10 Feature Update. Desktop Analytics isn’t a product to deploy a Windows 10 Feature Update. ConfigMgr remains the master of the actual deployment. In this blog post, we’ll detail real-world scenarios on how to use Desktop Analytics information to help during a Windows 10 Feature update deployment. Desktop Analytics Windows 10 Update Requirements See our previous post on how to setup Desktop Analytics and connect it to your SCCM/ConfigMgr/MEMCM environment prior to reading this post. Select devices to be evaluated by Desktop Analytics Here are a few questions to help determine which devices should be included. Should Windows 7 devices be included? Assuming you are … Read More

Setup SCCM Cloud Management Gateway (SCCM CMG)

Jonathan LefebvreSCCM38 Comments

The ConfigMgr team is working really hard to make SCCM admins job easier for some of the key components of Modern Management. Starting with SCCM 1806 release, they ease a bit the setup of the SCCM Cloud Management Gateway (CMG). If you are new to the concept of SCCM Cloud Management Gateway, the main advantage is that it doesn’t expose your SCCM servers to the internet. The downside is that it requires an Azure subscription which brings recurring monthly costs. If you’re still unsure which method to use, you can read the Microsoft documentation and see our blog post about internet client management. Make sure that you understand the limitation of using internet clients. We strongly encourage to use the SCCM Cloud Management Gateway if you’ll be managing client on the internet since this feature will evolve with time and the traditional way support should go away. Here the available features … Read More

How to send SetupDiag Result in your SCCM Inventory during a Windows 10 Feature Update

Jonathan LefebvreSCCM, WINDOWS 106 Comments

Windows 10 Feature updates can be tricky for many reasons. Fellow SC Dudes, Adam Gross, created a free and easy-to-implement solution to help debug and track down Feature Update logs. This solution will describe how to send SetupDiag Result in your SCCM Inventory during a Windows 10 Feature Update. Along with our previous post to track down Windows 10 Feature Update hard blocks, will greatly ease Windows 10 Servicing. Windows 10 SetupDiag SCCM Inventory Benefits Centralized log for any on-prem Feature Update attempt SetupDiag details stored in Hardware Inventory, which can be monitored by SQL query/reports and PowerBI While we recommend sticking to Feature Update to deliver new Windows 10 builds, this solution will work the exact same if a Task Sequence is used to do an upgrade. In this post, we’ll detail how to implement the Windows 10 Feature Update script to include it in your SCCM Inventory. This … Read More

Troubleshoot Windows 10 Update hard block

Jonathan LefebvreSCCM, WINDOWS 10Leave a Comment

Windows 10 Feature Updates can be tricky to troubleshoot. The trick is to find relevant information about what’s causing the Windows 10 Feature Update to fail. In a previous post, we covered the Windows 10 Feature update error 0XC1900208. This is still accurate and possible that it happens for a Feature Update to Windows 10 20h2. We followed the instruction in the blog post to find what’s preventing the Feature Update to run. We start to test the Feature Updates from Windows 10 1809 to 20h2 at a client site. Our previous post was not helping, since running Setup.exe manually returned a restart error. We restarted the machine without success. This was not the problem. In this blog post, we’ll describe how to troubleshoot Windows 10 Update hard blocks using various methods. Troubleshoot Windows 10 Update hard block The first place to look is in the Windows Panther folder: Browse … Read More

SCCM SQL 2019 Install Guide

Jonathan LefebvreSCCM1 Comment

In the first part of this SCCM Current Branch blog series, we planned our hierarchy, prepared our Server and Active Directory. Click the following link to see all supported SQL versions. For our post, we will install SQL 2019 locally on the same server where the Primary Site will be installed. SCCM SQL 2019 Install Guide Execute Setup.exe from the SQL installation media, select New SQL server stand-alone installation Provide the product key and click Next Review and Click Next Check Use Microsoft Update to check for updates and click Next Select SQL Server Feature Installation Select the Database Engine feature and specify the SQL installation directory. This is the directory for the program files and shared features Select Default instance and ensure that your instance is created on the SQL Volume Set all services to run as the SQL domain account that you created previously and set the services startup type to … Read More

Collect Windows10 Events in log analytic Workspace

Jonathan LefebvreAzure, IntuneLeave a Comment

Windows 10, Azure, and Endpoint Manager offer many different tools to gather and know more about what is going on in your environment. One of those is Log Analytics Workspace. Log Analytics workspace has the ability to collect data from Windows devices such as Events and performance data through the Microsoft monitoring agent. This can centralize Windows events to be analyzed and crunched to identify potential impacts happening to many computers. While the Monitoring agent is free, the data hosted in Log Analytics Workspaces will cost a little per month for great insight. Based on past experience, you can expect ~100$/month for roughly 7000 devices reporting Errors and Warning. In this post, we will describe how to configure the Azure Log Analytics Workspace to gather Windows10 Events centrally. Windows10 Events log analytic – Prerequisites The following operating systems are supported to report event viewer by using the Log Analytics agent … Read More