First announced at MS Ignite 2022 as Cloud LAPS , the now rebranded Windows LAPS Enables local admin password management for Azure Ad and Hybrid-joined devices to store those passwords in Azure Ad instead of the on-prem AD. This is a big win for remote users that are not connected to the VPN. You can also use Windows LAPS to backup the key to on-prem Active Directory instead of using the GPO, making the old LAPS obsolete. This blog post will only focus on doing the Windows LAPS backup to Azure AD. For more context on LAPS (Local Administrator Password Solution), this was introduced by Microsoft in May 2015 and does just what the name suggests, allows the management of the password of the Local Administrator Account on workstations, allowing all Windows PCs to have their own unique local admin password by storing it in the computer’s Active Directory object. … Read More
Step-by-Step SCCM 2303 Upgrade Guide
Microsoft has released the first SCCM version for 2023. SCCM 2303 has been released on April 11th, 2023. This post is a complete step-by-step SCCM 2303 upgrade guide, meaning that if you want to upgrade your existing SCCM installation to the latest SCCM updates, this post is for you. If you’re looking for a comprehensive SCCM installation guide to building a new server, refer to our blog series which covers it all. You won’t be able to install SCCM 2303 if you are running SCCM 2012. Well, that’s an odd phrase! Thank you current branch naming. SCCM 2303 is a baseline version. This means that if you’re downloading the source from Volume Licensing, SCCM 2303 will be the starting version of your new SCCM site. At the time of this writing, SCCM 2303 is available in the Early update ring. You must run the opt-in script to see it appear in … Read More
SCCM Daily Maintenance Tasks
Microsoft System Center Configuration Manager (SCCM) is a powerful tool for managing large-scale enterprise systems. It is essential for IT administrators to perform regular maintenance tasks in order to ensure that SCCM is functioning optimally and to prevent any potential issues from arising. In this blog post, we will discuss the daily maintenance tasks that should be performed in order to keep SCCM running smoothly. Check overall site server health and hardware performance The first step in SCCM’s daily maintenance tasks is to check the health of the SCCM site server itself. We suggest starting by simply looking at the overall resource consumption in the Task Manager. If your IIS Worker Process is using all CPU, we suggest that you read our post about Software update maintenance best practice Verify all disk-free space and ensure that there’s enough free space left. Here are the main things to check which consume … Read More
SCCM Best Practices (Tips and Tricks)
There’s no such thing as SCCM Best Practice. Every company, every IT department, and every computer configuration is unique. That being said we are doing numerous SCCM assessments these days, looking at various SCCM setups and configurations. Here’s our compiled list of settings, configurations, and tricks we can give you to make your SCCM configuration better. Central Administration Site (CAS) The most obvious SCCM Best Practice: Don’t use a CAS. You’ll see this advice everywhere… and it’s true. Don’t use it. Just don’t. When the Central Administration Site was introduced back in SCCM 2012 SP1 there was no concept of a preferred site system. If you had to manage thousands of clients in a remote site/region and a secondary site was not an option, the installation of numerous Primary sites was needed (so was the CAS). But now that new client management options were introduced in the later SCCM version, … Read More
SCCM Collections Management Tips, Scripts and Tools
Creating and managing collections in SCCM is a basic and daily task. Over the years, we’ve seen too much infrastructure with a lack of collection maintenance. It can become a burden when you have a hundred or thousand of them and never cleaned them up. In this blog post, we’ll give you SCCM Collections Management Tips along with useful scripts and tools to help you become a collection master. You may wonder why you should care about this? Collections in Configuration Manager is a resources-intensive task, and some best practices need to be followed. The SCCM product group has understood that and released many improvements and features in their latest release to ease collection management. We’ve compiled the latest management changes and tools available related to collections. This blog post is also available in a video format SCCM 2010 Collection Features SCCM 2010 (November 2020) has introduced 3 new important features for collections … Read More
Getting started with Microsoft Intune
If you have been following the SCCM community for the past months, you’ve been hearing a lot about comanagement, cloud management gateway, cloud distribution point, and Intune. You may also hear that SCCM is dying and that Intune is your only path in the near future to manage your company devices. The good news is that SCCM is not dead, in fact, it’s been rolling out new features quarterly in the past 3 years thanks to the new servicing model and the product group is not slowing down. The bad news is that… well, there’s no bad news… but as a sysadmin, you have a steep learning curve if you’ve not been following the “sccm intune modern management” storm from past months. . In this blog post, we will go over the basics to start with Microsoft intune. It supports Windows and a variety of devices. You may wonder why would … Read More
Fix SCCM Error 0X87D00324 when deploying applications
SCCM can be used to deploy packages and applications on multiple computers. But as with any other deployment tools, you can get errors or issues. This blog post will describe the SCCM Error 0X87D00324 which occurs on computers after application deployment. What Causes Error 0X87D00324 During SCCM Deployment? This error code means that the application was installed, but it couldn’t be detected by SCCM. Usually, a faulty or incorrect detection method is set in the application you are deploying. The detection method is SCCM ways to know that the application is installed on a computer. After the installation, SCCM validates the presence of the application using the detection method parameter. The SCCM Error 0X87D00324 tells you that the application is not present on the computer. however, this can be misleading, the application can be installed correctly but SCCM will report it as not installed if the detection method is not … Read More
Step-by-Step SCCM 2211 Upgrade Guide
Microsoft has released the third SCCM version for 2022. SCCM 2211 has been released on December 5th, 2022. This post is a complete step-by-step SCCM 2211 upgrade guide, meaning that if you want to upgrade your existing SCCM/MEMCM installation to the latest SCCM/MEMCM updates, this post is for you. If you’re looking for a comprehensive SCCM installation guide to building a new server, refer to our blog series which covers it all. You won’t be able to install SCCM 2211 if you are running SCCM 2012. Well, that’s an odd phrase! Thank you current branch naming. SCCM 2211 is not a baseline version. This means that if you’re downloading the source from Volume Licensing, SCCM 2203 will be the starting version of your new SCCM site and you’ll need to apply SCCM 2211 on top of it. At the time of this writing, SCCM 2211 is available in the Early update … Read More
How to Setup Microsoft Intune tenant
In this post, we’ll guide you through the process of setup Microsoft Intune and then using it through the new Endpoint Manager Portal. But first, let’s start this post by clarifying the various services we’ll talk about in our post. Microsoft Azure is a set of cloud services to help your organization meet your business challenges. This is where you build, manage, and deploy applications on a massive, global network using your favorite tools and frameworks. Microsoft Intune was and is still one of Azure services to manage your devices. The “old” Intune Portal you were accessing in Azure has moved to the new Microsoft Endpoint Manager admin center. Endpoint Manager is a unified management platform for Microsoft Intune and Configuration Manager. (Endpoint security, device management, and intelligent cloud actions) This graph from Microsoft makes a good job explaining it: So to wrap up… before you were accessing the Microsoft … Read More
Deploy Windows 10 22H2 using SCCM
This blog post will cover all the tasks needed to deploy the new SCCM Windows 10 22H2 Upgrade. We will cover scenarios for new and existing computers that you may want to upgrade. Microsoft published the Windows 10 22H2 feature update on VLSC on October 18th, 2022. Windows 10, version 22H2 is a scoped release focused on quality improvements to the overall Windows experience in existing feature areas such as quality, productivity, and security. Home and Pro editions of the 2022 Update will receive 18 months of servicing, and Enterprise and Education editions will have 30 months of service. You may also need to deploy Windows 10 22H2 to your existing Windows 10 computer to stay supported or to benefit from the new features. There are a couple of important changes in this release. Before deploying a new Windows 10 feature upgrade, you need to have a good plan. Test … Read More