How to install SCCM Client on Workgroup Computers

Jonathan LefebvreSCCM2 Comments

Recently, at a client site, I was asked to install the SCCM client to manage workgroup servers in the DMZ with SCCM. Following our a recent post on how to install a DP/MP/SUP in untrusted domain, I thought that documenting the process could be helpful. In this post, we will detail how to install the SCCM client on workgroup computers. Prerequisites The client must be able to resolve the FQDN of the management point. Depending on network security, it might not actually ping. The important is that it can associate the FQDN to the IP of the management point. Adding … Read More

Uninstall Windows Update using SCCM

Jonathan LefebvreSCCM, WINDOWS 105 Comments

SCCM Uninstall Windows Update

With the recent problems caused by monthly Windows Update, knowing how to massively uninstall Windows Update with SCCM is a must! This action is not available by default in SCCM. There are 2 ways to uninstall a Windows Update. Both solutions require the command line utility WUSA.exe, that as been around since Windows Vista/Windows Server 2008 era. In this post, we will detail both solutions to uninstall a Windows Update with SCCM. If you are looking for how to manage Windows update with SCCM, see our SCCM Software Update Management Guide for complete instructions. Prerequisites SCCM any version Windows 7 … Read More

List of SCCM Endpoint Protection Agent Versions

Jonathan LefebvreSCCM, SCEP2 Comments

We have compiled a list of SCCM Endpoint Protection agent versions, build numbers and cumulative updates. Anti-Malware platform updates are cumulative, meaning that the latest one includes the previous one. If you are new to System Center Endpoint Protection, see our complete guide which covers it all. We documented a few years back… since the SCCM 2012 RTM release. If we missed some versions, please let us know and we will update this post. This post will be updated as new releases are made available. **Updated 2017/04/10** How to get your SCCM Endpoint Protection Agent Version Numbers An easy and … Read More

Create SCCM Report Administrator Role

Benoit LecoursSCCM1 Comment

Role based administration is used to secure the access that is needed to administer SCCM. You also secure access to the objects that you manage, like collections, deployments, and sites but lacks a couple of roles to be complete. For example, there’s no built-in role for report administration or report viewer. We already covered the report viewer role in a previous post. This role give access to your users to consult and run SCCM Reports on the SSRS website. But what if you want to give access to an administrator to create, modify and upload reports without giving them access … Read More

How to install Local Administrator Password Solution (LAPS)

Jonathan LefebvreActive Directory, SCCM, WINDOWS 102 Comments

One of the challenges faced by workstation administrators, is to manage the local administrator account in large environment. One of the options was to use Group Policy Preferences, but that was before KB2962486 removed the possibility to set password using Group Policy Preferences. Since then, Microsoft as come up with a solution : Local Administrator Password Solution (LAPS). Here’s the benefits of using LAPS : Unique password for local administrator per computer Password available from Active Directory, if needed to use local administrator account Remotly change the local administrator password Ability to use a custom administrator account Limitation : Only … Read More

Refreshing a Windows 7 Computer to Windows 10 using USMT and SCCM

Benoit LecoursSCCM, WINDOWS 1015 Comments

Since SCCM 1511, you can use the new upgrade task sequence to easily upgrade a Windows 7 computer to Windows 10. But what if you want to upgrade a computer from a 32-bits operating system to Windows 10 64-bits ? You can’t use the upgrade task sequence for this specific scenario. Another reason would be that your company decided to use the wipe and reload option in your Windows 10 migration project. In those cases you will need to use USMT to capture data and settings from the users profiles before applying the new operating system. This post will describe how to upgrade a … Read More

SCCM Windows 10 Customization using Task Sequences

Benoit LecoursSCCM42 Comments

In this post we will describe how to customize your windows 10 image to personalize it to your company. There’s an infinite amount of customization that can be made but i’ll try to cover the more frequent one, those that are asked 95% of every Windows 10 projects I was involved in. You could also do all those modifications through group policies if you want to enforce those settings. SCCM Windows 10 Customization Package Before we begin any customization, we will create a Windows 10 Customization package that we will use in our task sequence. It will be empty to start but we … Read More

Inject Software Updates in your WIM using SCCM Offline Servicing

Stephane FaubertOSD, SCCM7 Comments

Offline Servicing in SCCM is the process through which you can inject software updates in your operating system WIM files. This process can alleviate your build and capture yearly/bi-yearly WIM updates that you most likely run in your enterprise. However, as much as this process is great to shorten your gold image updates, it’s still not perfect. Why? The answer is quite simple. Even if your gold image contains products such as Microsoft Office, offline servicing will not apply Office patches even though these are downloaded to your Software Update Point. Only core Windows applications can get patched through this process. … Read More

Windows 10 Deployment | SCCM Task Sequence Upgrade Windows 7 to Windows 10

Benoit LecoursSCCM, WINDOWS 1021 Comments

In the fourth post of this blog series about Windows 10 Deployment using SCCM, we will show you how to upgrade a Windows 7 to Windows computer 10 using SCCM task sequence upgrade. The goal of an upgrade task sequence is to upgrade an existing operating system to Windows 10 without loosing any data and installed software. This post assumes that you are running SCCM 1511 or SCCM 1602 and that you completed the preparation of your environment for Windows 10. If you are running SCCM 2012 R2 SP1, the product team has release important information about SCCM task sequence upgrade that you can find … Read More

Windows 10 Deployment | Create SCCM Windows 10 Build and Capture Task Sequence

Benoit LecoursSCCM, WINDOWS 1020 Comments

In the third post of this blog series about Windows 10 Deployment using SCCM, we will show you how to create a SCCM Windows 10 Build and Capture Task Sequence and deploy it. Complete the preparation of your environment before reading this post. You will be able to edit this task sequence later to customize it to your environment. The goal of a build and capture task sequence is to capture a reference machine OS in order to redeploy its configuration multiple time. As a best practice, we recommend not to add too much software and customization to your reference image. Rather, … Read More