Creating and managing collections in SCCM is a basic and daily task. Over the years, we’ve seen too much SCCM infrastructure with a lack of collection maintenance. It can become a burden when you have a hundred or thousand of them and never clean them up. In this blog post, we’ll give you SCCM Collections Management Tips along with useful scripts and tools to help you become a SCCM collection master. You may wonder why you should care about this? Collections in Configuration Manager is a resource-intensive task, and some best practices need to be followed. The SCCM product group has understood that and released many improvements and features in their latest release to ease collection management. We’ve compiled the latest SCCM collection management changes and tools. This blog post is also available in a video format on our YouTube channel. SCCM Collections Management Tips SCCM 2010 Collection Features SCCM 2010 (November 2020) … Read More
Step-by-Step SCCM Custom Report Creation using Report Builder
One of our favorite tasks when it comes to SCCM management is SCCM Custom Report Creation. Not only does it bring value to an SCCM installation, but it also brings visibility to your hard work toward your management. Without SCCM reports, this huge management tool is running silently on all your devices but you’re not benefiting from all the advantages. It’s like having a sports car and discovering the Autobahn … ok maybe not. But what makes a good SCCM Custom report? In our opinion, the default SCCM Reports are lacking many of those points. Yes, they offer valuable data but they are often not adapted to your environment and are visually… basic. For all those reasons, we started to create our own set of reports and due to their growing popularity, we decided to help you begin your own SCCM report creation process. For this example, we will show the process … Read More
Upgrade Windows 11 22H2 using SCCM
This blog post will cover all the tasks needed to upgrade Windows 11 22H2 using SCCM. We will cover scenarios for new and existing computers that you may want to upgrade. Microsoft published the Windows 11 22H2 feature update on VLSC on September 2022. Windows 11, version 22H2 is a scoped release focused on quality improvements to the overall Windows experience in existing feature areas such as quality, productivity, and security. Home and Pro editions of the 2022 Update will receive 24 months of servicing, and Enterprise and Education editions will have 30 months of service. You may also need to deploy Windows 11 22H2 to your existing Windows 11 computer to stay supported or to benefit from the new features. There are a couple of important changes in this release. Before deploying a new Windows 11 feature upgrade, you need to have a good plan. Test it in a … Read More
Configure Windows Update for Business Reporting
As many enterprises are leaning towards cloud-driven technologies, Windows Update for Business (WUfB) integrated within Intune is gaining a lot of traction. There seems to be only one caveat with it, and it’s the level of reporting available in Intune for Updates compliance. While you can see the status of your expedited quality and Feature updates from the Intune portal, there’s no report for the regular monthly Cumulative Updates compliance. Thankfully, there is a Solution that resides within the Azure portal that leverages Log Analytics Workspaces (LAW). It requires a little setup, but you should be able to implement it easily following this guide. This blog post will show all the steps needed to Configure Windows Update for Business Reporting. Windows Update for Business Reporting Limitations Prerequisites To do the setup, you will need an account with at the very least “Windows Update Deployment administrator” as an Azure role. Intune … Read More
PatchMyPc Third-Party Patching with SCCM and Intune
Keeping your company computer’s software up to date is essential for optimal performance and security. Luckily, one of our partners has a solution to simplify the process: PatchMyPC! With its user-friendly interface and comprehensive features that integrate with the SCCM console and Intune, PatchMyPC offers numerous advantages that can benefit individuals and organizations alike. In this blog post, we’ll explore the advantages of PatchMyPc Third-Party Patching and discover how it can help you manage software updates on your company devices. If you are interested in Patchmypc third-party patching, have a demo, or a product quote, you can reach out to us. We offer an advantageous partner discount to our customers and members. PatchmyPC Advantages and Benefits Trusted by Over 5,330 Enterprises on Over 16.6 Million Endpoints, PatchMyPC is the reference for Third-Party Patch Management in Microsoft SCCM and Intune. It helps by : Patchmypc third-party patching Explanation Video Still unsure … Read More
How to configure BitLocker Management in SCCM
BitLocker Management, also known previously as Microsoft BitLocker Administration and Monitoring(MBAM), has been around MECM for a little while now. Whether a move from an old stand-alone MBAM server, hosted on a Windows Server 2012 R2 for example, or simply a wish to go the extra mile compared to BitLocker with AD backup, it is still a good idea up to today to implement it. In this blog post, we will configure SCCM MBAM Integration with SCCM with detailed steps. SCCM MBAM Integration Prerequisites For more details on the prerequisites, see Microsoft Docs. Create BitLocker Management in SCCM For more details on Creating the BitLockerment Management policy, see Microsoft Docs Configure the BitLocker management web portals There are 2 portals that can be installed in support of BitLocker Management. Helpdesk Portal, is made for IT folks to request the recovery key after an end-user has an issue and the Self-Service … Read More
Implementing Windows LAPS with Azure AD
First announced at MS Ignite 2022 as Cloud LAPS , the now rebranded Windows LAPS Enables local admin password management for Azure Ad and Hybrid-joined devices to store those passwords in Azure Ad instead of the on-prem AD. This is a big win for remote users that are not connected to the VPN. You can also use Windows LAPS to backup the key to on-prem Active Directory instead of using the GPO, making the old LAPS obsolete. This blog post will only focus on doing the Windows LAPS backup to Azure AD. For more context on LAPS (Local Administrator Password Solution), this was introduced by Microsoft in May 2015 and does just what the name suggests, allows the management of the password of the Local Administrator Account on workstations, allowing all Windows PCs to have their own unique local admin password by storing it in the computer’s Active Directory object. … Read More
Step-by-Step SCCM 2303 Upgrade Guide
Microsoft has released the first SCCM version for 2023. SCCM 2303 has been released on April 11th, 2023. This post is a complete step-by-step SCCM 2303 upgrade guide, meaning that if you want to upgrade your existing SCCM installation to the latest SCCM updates, this post is for you. If you’re looking for a comprehensive SCCM installation guide to building a new server, refer to our blog series which covers it all. You won’t be able to install SCCM 2303 if you are running SCCM 2012. Well, that’s an odd phrase! Thank you current branch naming. SCCM 2303 is a baseline version. This means that if you’re downloading the source from Volume Licensing, SCCM 2303 will be the starting version of your new SCCM site. At the time of this writing, SCCM 2303 is available in the Early update ring. You must run the opt-in script to see it appear in … Read More
Create Adobe Photoshop Intune package for mass deployment
Application packaging in Intune or SCCM is one of the jobs that can frequently create headaches. For many years, Adobe products have been challenging to automate and deploy for MECM/Intune Admins. Whether because of updates, licensing, or unclear instructions, it has always been a challenge for Adobe Creative suite products. I was recently tasked to package Adobe Photoshop with Intune. To my pleasant surprise, Adobe now has a cloud admin console that makes that process a breeze compared to what was done before. In this blog post, we will detail how to generate a source installation for Adobe Photoshop using the Adobe Admin Console and deploy it using Intune. Requirements We will start by downloading the software from the Adobe website. Here are the high-level steps : Create Adobe Photoshop deployment package Abode products need to match the architecture of the OS. 32 Bit applications won’t work on 64-bit Windows … Read More
How to manage Google Chrome with Intune
Google Chrome is one of the most widely used web browsers in the world. It is known for its speed, stability, and a wide variety of extensions that are available for it. As a result, many organizations have adopted Chrome as their default web browser. To manage Chrome on enterprise devices, Intune is a powerful tool that can be used to deploy and manage policies. In this blog post, we will discuss how to manage Google Chrome with Intune. With the increasing popularity of Intune, and the ability to replace Group Policy with Device Configuration, one area needs a bit more work to be managed. Third-party applications that support the GPO model can be used with Intune by importing ADMX from the vendor. It is the case for Google products, especially Google Chrome. We will demonstrate how to manage Google Chrome by importing Google’s admx for a similar approach as … Read More