Teams’ default behavior is to launch automatically upon user login. This can be undesirable for a myriad of reasons, and can be managed with Group Policy with a couple of caveats. The first is that this policy is a User configuration policy, and not a Computer configuration policy. The second is that the policy must…
Category: MECM
Posts pertaining to Microsoft Endpoint Configuration Manager
PowerShell – ConfigMan – Convert OUs to Collections
With ConfigMan application deployments, it’s good practice to, when applicable, divide large groups up and take a staged approach at deployment. I’ve found myself multiple times creating multiple collections containing the objects within an Active Directory (AD) Organizational Unit (OU) for staged deployments. I decided to build a script to ease this process. This script…
PowerShell – Get Affiliated Devices by User
The Configuration Manager PowerShell module contains the Get-CMUserDeviceAffinity cmdlet to allow one to use an AD user object to search for devices that the user is the Primary User for. I’ve written a script which first runs an LDAP query to derive the AD user objects from a list in First Name + Last Name…
PowerShell – CM Uninstall Collections + Deployments Tool
To maintain a healthy environment, providing capability for other supporting teams to remove applications using CM may be desirable. One way this might be arranged is to provide the ability to place devices in predetermined uninstall collections that already have required uninstall deployments for their corresponding application. In this scenario, it would be desirable for…
PowerShell – Report CM Application Information
A common problem with applications in Configuration Manager is that an uninstall command has not been specified for many applications. This tends to cause the accumulation of technical debt. As applications age, it will eventually become desirable to remove them from the environment en masse. The ideal time to specify an uninstall command is when…
Fix “SQL Availability Replica Disconnected”
If you are using Always On Availability Groups in SQL, you may encounter connectivity issues between nodes if there has been a change in configuration of the nodes. When I encountered this issue, the nodes in question had been transitioned from a commercial firewall application to Windows Defender Firewall, and traffic was not being allowed…
Generate Email List From CM Primary User Data
Let’s say you want to perform an ad-hoc test deployment. You build a small test collection and go to deploy, but wait – you ought to do your due diligence and notify the primary users of the targeted devices, right? You highlight primary user data in the console and attempt to copy it to a…
WQL Query Optimization & Collection Evaluation Run Time
As an engineer working with CM, it is likely you will find yourself running SQL reports to identify collections that may potentially be utilizing sub-optimal query-based membership rules. If these queries have been poorly written, it can waste valuable system resources. If you modify and optimize these queries, it would behoove you to validate (and…
Scripted Restart of Service – Azure Update Management
If you are using Update Management to handle patching of Windows VMs in Azure, you are bound to see devices display in the “Not Assessed” compliance state from time to time. To remedy this, one can restart the service “Microsoft Monitoring Agent (HealthService).” This service has a corresponding process as well, and I check the…
Formatting A Disk for OSD from CM – Error 0x8007000F
When performing an Operating System Deployment (OSD) from Configuration Manager (CM), it is a common occurrence to encounter error 0x8007000F- Failed to Stage WinPE. WinPE is the Windows Preinstallation Environment in which one will authenticate and select the desired Task Sequence. In the case of this error, you are able to use WinPE to complete…