SCCM – Configure a pointer record for your Cloud Management Gateway

Lets assume you want to set a pointer record (PTR) for your System Center Configuration Manager Cloud Management Gateway (CMG).

First of all, you will need to install the “Azure PowerShell Service Management module”, and Login to your Tenant. This process is documented on the Microsoft Website:
Installing the Azure PowerShell Service Management module

When this is done, you may want to change the subscription, in my case it was necessary. To do so, simply show all of your subscriptions with “Get-AzureSubscription” and select the appropriate subscription with “Select-AzureSubscirtion” afterwards:

When you have selected the correct subscription, you can list the Azure Services with “Get-AzureService”.
With the following command, you can set the Pointer record for your CMG:
Set-AzureService -ServiceName "YOURSERVICENAME" -ReverseDnsFqdn "HOSEBECMG01.hosebei.ch."

Intune – NDES Enrollment

I recently changed my Intune Subscription from SCCM Hybrid to Intune Standalone. Within this change, I face an issue with the NDES, respectively the SCEP, enrollment for the certificates.
After I have configured the SCEP profile within Intune, my Windows 10 Clients show th following error Message within the eventlog:

A security error occurred 0x80072f8f (WinHttp: 12175 ERROR_WINHTTP_SECURE_FAILURE)
Continue reading

ConfigMgr – My Guide for a SCCM driven Windows 10 Installation

In this blog I would like to give an overview of my Windows 10 Installation, since this has changed a lot to previous versions of Windows.
This blog will cover the following topics:

  • Windows 10 Image Customization
  • Windows 10 Unattended File
  • Windows 10 Language Pack (MUI) Integration
  • Optional: Windows 10 with .Net feature

The blog is based on Windows 10 1703:

Continue reading

ConfigMgr – Create Office 365 Package through Console

Today I would like to show you, how you can easily create and deploy an Office 365 Application within Microsoft System Center Configuration Manager Console.
Within the ConfigMgr Console navigate to the “Office 365 Client Management” Dashboard, and click on “Office 365 Installer”:
Continue reading

ConfigMgr 1702 – Primary Site Server Inplace Upgrade from Server 2012 R2 to Server 2016

Let me say: This is an unsupported scenario

Today I decided to do an in place upgrade of my LAB Installation, which means to switch from Microsoft Server 2012 R2 to Server 2016 as operating System. Before I started that upgrade, I made sure to have a proper backup of the database and the cd.latest Folder, because this is a single box installation.
Then I mounted the Server 2016 ISO and started with the installation. The installation itself took quite a while, but it ran through without an error. When I saw that the virtual machine was ready to logon, I actually tried to use RDP, without success. I then logged on through the Hyper-V Console and checked the System Center Configuration Manager Console, and for my surprise, the console started up and had also no error.
I checked the Component status and recognized a lot of issues, which led me to check the IIS Service (World Wide Web Publishing Service; W3SVC). This Service was not started, the startup type was on “Disabled”. Continue reading

ConfigMgr – Windows 10 Servicing – Step by Step

Today I would like to show you, how you can implement an Upgrade of a Windows 10 Installation through the Servicing Option.
I always think of two things, when I have to decide to use an Upgrade Task Sequence or the Servicing Model, and those are:

  • Do I want to use the Option that the clients will download the Windows 10 Sources from the Microsoft Update Servers?
  • When I use an Upgrade Task Sequence, I can copy most of the steps from the regular OSD Task Sequence
  • But for this blog post, I would like to show my setup for the servicing model.

    First of all, I have already written a post about the Update process in a slightly overview manner, you will find this post here: My old post

    The first step would be to determine which packages you would like to implement for the upgrade. Based on the fact, that I use English as base language, I will add the Feature on Demand (FoD) packages, and I will also add the feature package NetFx3. My Setup does also contain the German Langauge, which requires me to add the corresponding Language Pack and FoD Packages. The following picture shows the folder of my Packages which I want to include within the Windows 10 Installation:

    Continue reading

    ConfigMgr – Windows 10 Feature Update without a Task Sequence

    Today I would like to talk about the upcoming update cycles you have to do, when you are using Windows 10 Current Branch or Current Branch for Business. This means, if you have started to install Windows 10 1507 (which represents the first Windows 10 Release, some may call it also RTM) in spring of last year, you will be soon required to upgrade to a newer version of Windows 10. Also if you are using Windows 10 1511, with the upcoming creators update, the 1511 version of Windows 10 will be soon unsupported, following the official guidelines.
    winver.exe 1607 Continue reading

    ConfigMgr – NDES Certificate Deployment fails due to Network Device Enrollment Service failure

    I was struggling a little bit within my LAB trying to get the Network Device Enrollment Service (NDES) up and running again for the Simple Certificate Enrollment Protocol (SCEP), which is I believe not that simple, but anyway. I was really unsure what I did have changed (because I changed a lot in the last month within my LAB), that would have stopped the functionality of the Certificates to my devices, but I had a start point, the event log of the NDES Server told me the following:
    The Network Device Enrollment Service cannot retrieve one of its required certificates (0x80070057). The parameter is incorrect.
    The Network Device Enrollment Service cannot be started (0x80070057). The parameter is incorrect.

    Network Device Enrollment Service error
    Continue reading