This is a short one: While you will find plenty of blogs how to configure a Windows 10 Kiosk Device, I was not able to find a very important information:
Where can I find Information, if starting an app within a multiple App Kiosk configuration fails. And it’s that simple:
Open Event Viewer and go to Microsoft\Windows\AppLocker, there you will find more Information about the process that fails to start:
Hope this helps 🙂
In this blog I would like to describe, how I managed to set required user settings to Windows 10.
Since I still do have an On-Premises environment, in which also File Servers reside and a DFS Namespace is still up and running, I wanted to make sure to get the advantages of using the local network.
So here are my two use-cases to solve:
1. Add a Network location for the DFS Path if the user is logged on On-Premises
2. Modify the local “host” file, to redirect the workfolder clients to the file server internally
Continue reading
It might be not that popular with Windows 10, but every company wants a well curated startmenu, rather than the default delivered from Microsoft:
We have multiple Options to configure the startmenu, I’m sure I don’t know them all. But when it comes to Windows 10 and Intune autopilot, we do not really have an option as what I have considered. This blog tries to catch the available options we currently have with Intune and Autopilot.
Continue reading
When a journey ends, a new journey will begin. My journey with the old school domain joined and GPO managed devices within my LAB ended, and I finally conquer new areas with Azure AD join and Intune controlled devices. Due to the lack of opportunities, I still waited so long, because a lot of settings were not possible to set. And some of them are still not that simple to set through Intune, but there is a solution for, I would like to say, most of the requirements.
So within this blog post, I would like to document my current knowledge of Windows 10 settings management through Intune. As today, we have the following options to configure GPO alike settings through Microsoft Intune:
Let’s have a closer look to the different options.
Continue reading
I was struggling a little bit within my LAB trying to get the Network Device Enrollment Service (NDES) up and running again for the Simple Certificate Enrollment Protocol (SCEP), which is I believe not that simple, but anyway. I was really unsure what I did have changed (because I changed a lot in the last month within my LAB), that would have stopped the functionality of the Certificates to my devices, but I had a start point, the event log of the NDES Server told me the following:
The Network Device Enrollment Service cannot retrieve one of its required certificates (0x80070057). The parameter is incorrect.
The Network Device Enrollment Service cannot be started (0x80070057). The parameter is incorrect.
Continue reading
In this post, I would like to explain, what my experiences and solutions for the delegation of local Administrator permissions are. In a Client deployment Scenario, you will often be asked for a solution to provide IT Professionals and maybe also end users with local Administrator permissions. I will point out the most useful solutions which I do prefer.
Hi folks,
we are on the way, it will finally happen: We will be able to serve Clusters with System Center Configuration Manager and it’s update functionality. With the new released current branch 1602, a new feature called server cluster maintenance coordination was added to ConfigMgr, it comes close to a Cluster Aware updating solution. You will find it on the General Tab of a collection named “All devices are part of the same server cluster”:
Continue reading
Hi there,
finally I got time to check, which new Features was brought to us System Center 2012 configuration Manager guys with the R2 SP1 update. My interests were on the iOS and Windows Management. And for both of them, some nice Features were added.
Blocking Apps
The availability of blocking Apps is now supported through the normal configuration, rather than using OMA-URIs as before (https://blog.hosebei.ch/2014/11/10/sccm-2012-r2-windows-phone-8-1-black-listing-apps-and-vendors/). You can create a Configuration Item with the specific Settings: Continue reading
In System Center Configuration Manager 2007, there was sometimes a challenge to find to correct Installation properties, most of the problem came with the patch files. But in 2012 we don’t have to install msp-files yet. But even then, a friend of mine considered a problem with the new apllication model in SCCM 2012. When you use apllications, and create deployments on collections, there isn’t an option to tell “Run from Distribution Point”, as it is still on Deployments of the 2007 style Packages. So if your SCCM Application Deployment Type which should run on the client, is larger than the default SCCM Client cache size of 5120MB, the download and installation will fail.
So I use for my client installation the following Installation properties (Client Push):
SMSSITECODE=H05 SMSCACHEFLAGS=PERCENTDISKSPACE;NTFSONLY SMSCACHESIZE=10 SMSMP=FQDN-MP FSP=FQDN-FSP Continue reading
blog.hosebei.ch 