Block Apple Facetime Built-in App with Microsoft Intune

Nicolas PilonApp Protection Policies, Intune, SCCMLeave a Comment

Block Apple Facetime Intune

A new bug was discovered with Apple’s Facetime app that gives the caller the ability to listen to the other device and even watch the video without approving the call. This vulnerability is not giving access to corporate data or personal information, but have more consequences on personal level. Even though Apple temporarily kill the switch of the service and seems to have solved the problem via a future software update, there are some actions that can be made if you want to avoid trouble. You can manually turn off the Facetime app with iOS and MacOS. But, can we … Read More

SCCM Best Practices (Tips and Tricks)

Benoit LecoursSCCM12 Comments

Sccm best practices

That being said we are doing numerous SCCM Assessment these days, looking at various SCCM setup and configuration. Here’s our compiled list of settings, configuration and tricks we can give you to makes your SCCM configuration better. Central Administration Site (CAS) Don’t use a CAS. You’ll see this advice everywhere… and it’s true. Don’t use it. Just don’t. When the Central Administration Site was introduced back in SCCM 2012 SP1 there was no concept of a preferred site system. If you had to manage thousand of clients in a remote site/region and a secondary site was not an option, the … Read More

Remove Recurring Schedules from Device Collections in SCCM Before Upgrading to 1810

Adam GrossSCCM16 Comments

Today I upgraded my production SCCM/ConfigMgr environment from 1806 to 1810, but before I did, I took care of some housekeeping that saved me a fair amount of work on the backend. If you’re like me, you try ensure that your collections aren’t being refreshed unnecessarily. For collections where I have direct or include/exclude rules, I always uncheck the incremental and scheduled refresh boxes when setting up the collection. However, there’s one extra step that I haven’t been doing that requires just a bit of consideration before upgrading to 1810. The picture below is the setting in question. The Issue … Read More

Failed to sign in to Azure error when configuring SCCM Cloud Management Gateway

Jonathan LefebvreSCCM9 Comments

While configuring the Cloud Management Gateway (CMG) at different client sites, we stumbled on an issue ‘Failed to sign in to Azure‘ to create the Azure web applications. While we don’t know the official cause or how to prevent it, a workaround is possible. If you are looking to configure the Cloud Management Gateway from A to Z, see ourprevious post. SCCM CMG Failed to sign in to Azure – Symptoms One of the first step to configure the Cloud Management Gateway is to configure the Azure Services. This step consists of creating the connection to the Azure Tenant and create … Read More

Monitor Bitlocker Status using SCCM Bitlocker Report

Benoit LecoursSCCM19 Comments

If you’ve been using BitLocker in your organization, you probably receive some requests from your security department to monitor the status of a device if it gets stolen. There’s a couple of ways to achieve this. #1 – MBAM The first and recommended one would be to use Microsoft BitLocker Administration and Monitoring (MBAM). However, this tool is not free, you need to have Microsoft Desktop Optimization Pack (MDOP). Microsoft has also announced that the actual MBAM 2.5 version is getting deprecated soon (Extended support on July 2019). So we’ll skip this one for now. #2 – Configuration baseline The … Read More

Repair Application from Software Center using SCCM 1810+

Benoit LecoursSCCM8 Comments

SCCM Repair Application

Beginning with SCCM 1810, you can now repair an application directly from software center on an SCCM client. A small but useful new feature! Before 1810, you would have to go through Control Panel (not useful if a user didn’t have admin rights) or by uninstalling and reinstalling the application using 2 distinct software center actions. Now, you can directly initiate a Repair action in Software Center. The good news, is that’s really simple to do ! The only thing that you need to do is : Upgrade to SCCM 1810 Add a repair command line to your application Check … Read More

How to enable SCCM Wake on LAN Client Notification (1810+)

Benoit LecoursSCCM7 Comments

When I first read the SCCM 1810 New features list, the features that I found the most interesting was the new SCCM Wake on LANClient Notification addition. By reading the feature description it looks too good to be true. Finally an easy way to do Wake on LAN on an enterprise network : What makes it exciting is that SCCM can now find another client on the same subnet and wake up its neighbour. We won’t describe in details how WoL works, but let’s say that it’s always been a challenge to implement it in a corporate environment mostly because magic … Read More

SCCM 1810 Client Notification error

Benoit LecoursSCCM3 Comments

We had an issue in one of our clients site where some SCCM Administrator were receiving SCCM 1810 Client Notification error in the console. They informed us that they just upgraded to SCCM 1810 recently. When we tried to initiated a client notification on SCCM 1810, the following error occured : Clearly a missing permission in the security role of the affected users… but which one ? We found our answer in the SCCM 1810 What’s new documentation : A new permission is now required to perform the Client Notification Actions. SCCM 1810 Client Notification error Resolution Here’s how to fix this … Read More

Step-by-Step SCCM 1810 Upgrade Guide

Nicolas PilonSCCM18 Comments

Microsoft has released the final SCCM version for 2018. Microsoft still uses the same standard naming versions. You can begin upgrading your SCCM Current Branch environment to the latest 1810 release. If you want to install the latest updates, this post is a complete step-by-step SCCM 1810 upgrade guide. If you’re looking for a comprehensive SCCM installation guide, see our blog series which covers it all. You won’t be able to install 1810 if you are running SCCM 2012, the baseline version is 1802. To install SCCM 1810 as an update, you must have installed at least SCCM 1710, SCCM 1802 or SCCM 1806. … Read More

How to update HP BIOS using latest HPFirmwareUpdRec with SCCM

Jonathan LefebvreSCCM17 Comments

At a client site, they received newest HP models to be tested. Downloading drivers and BIOS updates were the usual. Looking at details about the BIOS update, we noticed that the HPBIOSUPDREC.exe that was used was no longer available.  HP released a new version called HPFirmwareUpdRec to replace it. Even if the help stated the command line to be the same, it turned out it didn’t work at all. Unfortunately, it doesn’t seem HP documented the new tool and how to use it. we were able to figure it out by digging into HP forums… In this post, we will show … Read More