ConfigMgr – My Guide for a SCCM driven Windows 10 Installation

In this blog I would like to give an overview of my Windows 10 Installation, since this has changed a lot to previous versions of Windows.
This blog will cover the following topics:

  • Windows 10 Image Customization
  • Windows 10 Unattended File
  • Windows 10 Language Pack (MUI) Integration
  • Optional: Windows 10 with .Net feature

The blog is based on Windows 10 1703:

Continue reading

ADFS – Single Sign On with automatic Login on Edge Browser

Today I would like to share my experience when it comes to add a User Agent (e.g. Browser) to the list of Single Sign On capable applications. There is quite a good Article from Microsoft that describes how to add a User agent to the ADFS Configuration, you will find this Article here:
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configure-intranet-forms-based-authentication-for-devices-that-do-not-support-wia
Continue reading

ConfigMgr – Windows 10 Servicing – Step by Step

Today I would like to show you, how you can implement an Upgrade of a Windows 10 Installation through the Servicing Option.
I always think of two things, when I have to decide to use an Upgrade Task Sequence or the Servicing Model, and those are:

  • Do I want to use the Option that the clients will download the Windows 10 Sources from the Microsoft Update Servers?
  • When I use an Upgrade Task Sequence, I can copy most of the steps from the regular OSD Task Sequence
  • But for this blog post, I would like to show my setup for the servicing model.

    First of all, I have already written a post about the Update process in a slightly overview manner, you will find this post here: My old post

    The first step would be to determine which packages you would like to implement for the upgrade. Based on the fact, that I use English as base language, I will add the Feature on Demand (FoD) packages, and I will also add the feature package NetFx3. My Setup does also contain the German Langauge, which requires me to add the corresponding Language Pack and FoD Packages. The following picture shows the folder of my Packages which I want to include within the Windows 10 Installation:

    Continue reading

    ConfigMgr – Windows 10 Feature Update without a Task Sequence

    Today I would like to talk about the upcoming update cycles you have to do, when you are using Windows 10 Current Branch or Current Branch for Business. This means, if you have started to install Windows 10 1507 (which represents the first Windows 10 Release, some may call it also RTM) in spring of last year, you will be soon required to upgrade to a newer version of Windows 10. Also if you are using Windows 10 1511, with the upcoming creators update, the 1511 version of Windows 10 will be soon unsupported, following the official guidelines.
    winver.exe 1607 Continue reading

    Azure AD Domain Services – What you can do, and what you can’t do

    Since Microsoft has Released Azure AD Domain Services, many questions are coming up, and the top one of them might be: Can I join my Windows 10 Client through the internet to my Domain and receive Group Policies? No, you can’t.
    But besides this, there are other questions that remains to be answered, and I will try to do so.
    The first thing is to explain, what is required to get the Azure AD Domain Services (AAD DS) up and running:
    1. Create a group in Azure AD called “AAD DC Administrators”
    2. Create a VNET in Azure if not already existent
    3. Activate the AAD DS in the Azure Portal:
    Active Azure AD Domain Services
    4. Update DNS Settings for the specific VNET
    And now, you are ready to go, for a more detailed explanation refer to this Microsoft Article.

    Continue reading

    Windows 10 – Deploy Profile Picture to Logon Screen

    In my current deployment I wanted to get our fancy pictures from Active Directory to our Windows 10 Machines where it can be used for the logon screen and other places like start menu:
    Windows 10 Logon Screen User Picture

    First, I want to let you know, how I add the Picture to my user accounts. Well this is quite simple, I just use those two lines of Powershell:
    $userphoto = [byte[]](Get-Content "C:\temp\MYUserPic.jpg" -Encoding byte)
    Set-ADUser -Identity MYUserPic -Replace @{thumbnailPhoto=$userphoto}

    If this is done, and you have also Azure AD Connect in Place, your picture will be synced to Azure AD as well, and therefore the picture will show up in Office365. Mind that there are different recommendations for specific systems (Exchange, Office365, Skype for Business), but you can also use high-resolution images. See also this Microsoft Knowledgebase article for issues with pictures larger than 100kb: Technet Article Exchange Online Hybrid Image size
    Continue reading