SCCM 2012 R2 and SP1 February 2015 anti-malware platform update for Endpoint Protection Clients

Players, If you’re on SCCM 2012 R2 or SP1, you’ll have noticed (depending on your WSUS sync schedule) a new version of SCEP that became available this week. We’re now on version 4.7.205.0 The update contains the following improvements: The following configuration settings are updated in the ADMX templates: DisableAutoExclusions SubmitSamplesConsent UILockdown Improvements to registry and file system protection to counter tampering from malware. Sub-mount points can be automatically excluded, and volumes can be fully excluded in Real time protection (RTP). This update also includes the deprecation of the DisableGenericReports subkey in the following registry location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Defender\Reporting NOTE: You need to be on at least CU1 of SCCM 2012 R2 or CU 5 for SCCM 2012 SP1. Please refer to this link (where I got the info from for this post) http://support.microsoft.com/kb/3036437 Enjoy Heinrich Pelser

Read the complete blog: http://thedesktopteam.com/blog/heinrich/sccm-2012-r2-and-sp1-february-2015-anti-malware-platform-update-for-endpoint-protection-clients/

Read More»

Step-by-Step SCCM 2012 R2 CU4 Installation guide

Here’s a step-by-step SCCM 2012 R2 CU4 Installation guide. Installing SCCM cumulative updates is very important to your infrastructure. It fix lots of issues, which some of them are important. As this is a cumulative update, you don’t have to install prior CU(1,2,3) before installing CU4. CU4 contains all the fixes included in previous CU.… Read More »

The post Step-by-Step SCCM 2012 R2 CU4 Installation guide appeared first on System Center Dudes.

Read More»

Hotfix extends client notification in System Center 2012 R2 Configuration Manager to MDM devices

Players, I had a bit of a panic induced call from a former client this morning because it took to long time to wipe a device from SCCM. Luckily there is a hotfix for this. He applied it and … as if my magic, the issue went away, we were unable to test this on Android devices, but his iOS and Windows 8.1 devices were all wiping a lot faster. Prerequisites To apply this hotfix, you must have CU3 for System Center 2012 R2 Configuration Manager installed. Restart information You do not have to restart the computer after you apply this hotfix. Hotfix can be found here http://support2.microsoft.com/kb/2990658/en-us Enjoy @Heinrich_Pelser

Read the complete blog: http://thedesktopteam.com/blog/heinrich/hotfix-extends-client-notification-in-system-center-2012-r2-configuration-manager-to-mdm-devices/

Read More»

How to uninstall SCCM 2012 agent

Players. I had this on my old blog a while back, but its a common question that I get asked. It seems that a few of you wish to uninstall the SCCM agent (or at least want to know that you can uninstall it) I will blog on how to script this in a later post. But, for now this is how you remove it manually. From the command promt type (Start>Run>cmd)C:\Windows\system32> cd\ C:\>cd windows C:\windows> cd ccmsetup C:\Windows\ccmsetup>ccmsetup /uninstallKeep an eye on the un-installation using the log files from C:\Windows\ccmsetup\ccmsetup.logOnce that’s complete delete the following files in boldC:\Windows\ccmsetup C:\Windows\ccmC:\Windows\SMSCFG.iniRemove the Machine Certs from the SMS storeTo do thisStart>Run>MMC>Click File>Add/Remove Snap-in…>Certificates>Click Add>Computer Account>Local Computer>SMSDelete the certificates in the SMS store.Enjoy Heinrich Pelser

Read the complete blog: http://thedesktopteam.com/blog/heinrich/how-to-uninstall-sccm-2012-agent/

Read More»

SCCM 2012 – Updating SCCM client during TS

Hi All, for ages, i’ve being using a script to automatically populate the PATCH option of the SCCM client installation in a TS environment. the reason i’ve been using this script (if not clear for you), is the number of hotfixes and the allowed size of the text box on a TS… fortunately with SCCM 2012, the SCCM product group changed the way they di hotfixes and started to use Updates Rollup, meaning that you would not find the issue we’ve been experiencing on SCCM 2007. Even it is true, Microsoft had to release few updates out of the Update Rollup and people don’t know how to manage them in a Task Sequence as this has changed a bit. Fortunately (again), the script has been updates to SCCM 2012 (http://blogs.technet.com/b/deploymentguys/archive/2013/06/04/automatically-populate-the-patch-property-for-the-configmgr-client-installation-script-update.aspx) however, what happen if you don’t have the ZTIUtility.vbs or don’t want do the MDT integration? Well…you need to do…

Read the complete blog: http://thedesktopteam.com/blog/raphael/sccm-2012-updating-sccm-client-during-ts/

Read More»

SCCM 2012 – Cutomizing Windows lock screen

Hi All, today i’ll talk about how to customize the Windows Lock Screen as well as the user/guest picture via OS Deployment (read as Task Sequence) it is really easy. the way i do is always copy the files i need to have on the client machine after the apply os and before the setup windows using robocopy. if you want to know how to do this, check my post about robocopy and task sequence here anyway, the problem is simple, which file and copy where… there are 4 files responsible for the user picture as well as picture. yes, that picture you see when you log on to a machine while typing your username/password. These files (user.bmp, user.png, guest.bmp and guest.png) should be put under c:\ProgramData\Microsoft\User Account Pictures See here for more information Now that you customized the icon, this is what you’ll see when trying to log on…

Read the complete blog: http://thedesktopteam.com/blog/raphael/sccm-2012-cutomizing-windows-lock-screen/

Read More»

Install Client action is disabled for unsupported value

Hi All, recently i was at a customer and noticed one event viewer quite annoying Level: Error Source: Critial EventID: 3 Data: Install Client action is disabled for unsupported value of ResoruceType, ClientType or Unknown The interesting thing was on the smsadminui.log [25, PID:5284][11/15/2013 09:55:18] :Install Client action is disabled for unsupported value of ResoruceType, ClientType or Unknown but why this was happening was not clear for me, until my fellow friend MVP Jason Sandys guesses that this would be when you right clicking on a resource in the console so that it knows whether or not to enable the install client option on the context menu. Because of the ribbon bar, it may happen on normal left click selection also. I went and checked this and for some reason it did no happened again, however, as i was doing some OS Deployment tests, i had a “Unknown” record and…

Read the complete blog: http://thedesktopteam.com/blog/raphael/install-client-action-is-disabled-for-unsupported-value/

Read More»

SCCM 2012 – Firewall for Remote Access

Hi All, SCCM gives you the ability to remote access to client machines. This is not new as this feature has been there for quite a while. Interesting is that SCCM gives you 3 options for remote access: 1- Remote Tools (Remote Control). This is a “SCCM feature” 2- Remote Assistance: This is a “Windows Feature” and what SCCM does is to set local GPO to allow/block access 3- Remote Desktop: This is also a “Windows Feature” and again, SCCM only set local GPO to allow/block access. What is really interesting here is what happen “behind” the scenes regarding firewall. When you open the client settings for remote access, the 1st option is to enable/disable and also configure the firewall. There are many people that think that once you enable, SCCM will enable the firewall for all 3 options..but unfortunately this does not happen. The only rule SCCM does manage…

Read the complete blog: http://thedesktopteam.com/blog/raphael/sccm-2012-firewall-for-remote-access/

Read More»