SCCM 2012 R2 – Who dun it?! What have your admins been doing?

Players, A client of mine started slowly but surely getting more and more of his staff to start using SCCM 2012 R2. I created some custom RBA for his team, but as soon as I left … it seemed that some of the guys got lazy and just started adding people into the administrators group … So some admins had access over stuff in SCCM that they really should be allowed to touch … Long story short … some collections were deleted (by accident) and we needed to understand why and by whom. The guy wasnt in trouble, we just needed to identify who the admin was, so we can train them on how to manage collections correctly. Now there are many ways of doing this … My client wanted the “easiest way possible” to see “who dun it” in SCCM. So, there are actually some inbuilt reports in SCCM that…

Read the complete blog: http://thedesktopteam.com/blog/heinrich/sccm-2012-r2-who-dun-it-what-have-your-admins-been-doing/

Read More»

ConfigMgr uber-Hydration Kit v0.9 with Powershell DSC

Are you a ConfigMgr (or SCCM) administrator? Are you sometimes (or often, like me) in a position where you need to rebuild your ConfigMgr 2012 lab environment? I, again, was in that situation and just came out of a very interesting discussion with a co-worker and thought to myself, why not use Desired State Configuration to do all that? I am calling it uber-Hydration Kit, but to be fair, it’s not 100% automated yet. There are still a couple of things that need to be done manually. I will explain later on, that is why it is still at version 0.9. Enter: Powershell Desired State Configuration I have already used … Continue reading

Read More»

Disable manual WiFi configuration of Windows Phone 8.1 through ConfigMgr

  I was recently working with a security-conscious customer to enable mobile device management through ConfigMgr 2012 R2. They had purchased a Windows Intune subscription and were following CESG guidelines regarding managing security policy for company-owned Windows Phone 8.1 devices. All the mobile data was routed through a private APN into the company LAN where it could be processed by the internal proxy rules. They also needed to use the phones as a tethering device for mobile users’ laptops so that, again, all data was routed through the LAN and its’ security appliances. I had a requirement to configure the following combination of ConfigMgr Configuration Item settings to enable this scenario: Tethering should be enabled. Wifi should be enabled only for an approved access point within the company’s offices. A user should not be able to join private wifi networks and hotspots etc.   Now according to various release comments…

Read the complete blog: http://thedesktopteam.com/blog/dominic/disable-manual-wifi-configuration-of-windows-phone-8-1-through-configmgr/

Read More»

SCCM 2012 R2 SQL Query Issues

Players, A client of mine had a issue with a custom SCCM query we created to find malicious software, he wanted to edit it, something went wrong and the console crashed. So we wanted to delete it and start again as we had the query backed up anyway. When we tried to delete it, we got a random error message and it simply wouldn’t move. So we ripped it out of SQL, here’s how we did it. Connect to your SCCM Database (CM_Sitecode), 1. Expand tables2. then right click “dbo.queries” and edit the to 200 rows3. Selected “Custom Query NAME”  then right click and then delete it. You’re also able to edit the query should you need to for SQL it self. Enjoy

Read the complete blog: http://thedesktopteam.com/blog/heinrich/sccm-2012-r2-sql-query-issues/

Read More»

SCCM 2012 R2 Firewall Compliance Settings

Players. I recently needed to create a nice and easy way to check what state of the Windows Firewall settings on devices. This is very straightforward  when you use Compliance Settings in SCCM 2012 R2. In this scenario it was fairly easy as we needed to check if the firewall was on and to see if the connected profile in Windows Firewall is enabled or disabled. In this post I’ll show you how I did this. Configuration Item.  So, step 1 is to create a configuration item. This is used to define a configuration that we want to validate. Basically, the “stuff” we want to confirm is either on or off. We will need to create a single Configuration Item and once we are done creating it, associate it with a Configuration Baseline. But first you will the script below you can also find it here on MSDN. This is the script that I…

Read the complete blog: http://thedesktopteam.com/blog/heinrich/heinrich_pelser-sccm-2012-r2-firewall-compliance-settings/

Read More»

How to recover a ConfigMgr 2012 site using a restored db

  This process makes the assumption that the ConfigMgr 2012 Sp1 (or later) SQL Server database was manually restored. There are two ways to restore a CM database; use the SQL Server Enterprise Management Studio restore database wizard or use the SQL RESTORE command. Now that the database was restored, located your media for ConfigMgr […]

Read More»

TheDesktopTeam Classroom – SCCM2012-SQL Server

Hi All, on this video video about SCCM2012R2 we’ll be talking about SQL Server The video was recorded at 1920 × 1080, so full screen recommended. To download the video, right click as save as here and here for the slides. I hope you’ll enjoy and if you have any questions, please contact us or twit your question to @TheDesktopTeam and we’ll try to answer as soon as we can.

Read the complete blog: http://thedesktopteam.com/blog/raphael/thedesktopteam-classroom-sccm2012-sql-server/

Read More»

What if Windows 8.1 had intelligence and no-one cared?

I am currently working on a Windows 8.1 deployment that will end up on quite a few tablets used in retail stores. Interesting project from a requirements perspective, because usually I never had to worry about machines being stolen by customers that much New Feature in Windows 8.1 Update Of course, I am deploying Windows 8.1 Update (latest and greatest!) to these tablets which is easy. Create a Build & Capture Task Sequence in MDT and afterwards deploy it with whatever you like. I have to stick to MDT as a deployment tool for the time being, as the customer has not yet upgraded their ConfigMgr environment to 2012 R2. … Continue reading

Read More»