Windows – Quick reminder: Windows Server 2008 and Windows Server 2008 R2 are reaching end of support in Jan 2020

It has been already reminded few times but as this is quite important as these versions are still use quite a lot you really need to start thinking to move on from Windows Server 2008 and Windows Server 2008 R2. They are reaching their end of support/end of life on January 14th 2020.You have few options available to move on: migrate your 2008/2008 R2 workloads on Azure; you will enjoy…

Read More

Intune – You can now target specific users/devices when applying Windows Hello policy

With the latest updates on Intune, you can now define specific users/devices when you apply a Windows Hello policy. Until then, the Windows Hello policy was a tenant level settings and as such applied to all users/devices. To define the Windows Hello policy, go to your Intune configuration blade and reach out the Device configuration\Profiles and create an Identity Protection profile, then you will be able to define the targeted…

Read More

Windows 10 – Error 0x80180014 when joining Windows 10 to Azure AD

I just got an interesting error when trying to join a Windows 10 1803 to Azure AD; I was continuously getting the error ‘0x80180014’ when trying to join the device to Azure AD. The interesting thing was this device has been already Azure AD Joined but has been reset, with all reference in Azure AD or Intune removed. Nonetheless, each time I tried to join again I was getting this…

Read More

Azure – AD FS 4.0 is now available on Azure Marketplace

You can now quickly deploy a Windows Server 2016 virtual machine with AD FS configured for Federation and single sign on for cloud applications. Search the Azure Marketplace or the virtual machine catalog for “ADFS 4.0 Server Windows 2016” (I give you the direct URL for it https://azuremarketplace.microsoft.com/en-us/marketplace/apps/cloud-infrastructure-services.adfs-server-2016 to the Marketplace). AD FS will then be ready for the final touch, meaning adding the certificate and setting up the federation…

Read More

Azure – Windows Server 2019 Preview is available as VM image

Windows Server 2019 Preview (the next major release of Windows Server) is now available for Azure Virtual Machine. Just search for Windows Server 2019 when you create a new virtual machine Search the marketplace (https://azuremarketplace.microsoft.com/en-us/marketplace/apps/) for Windows Server 2019 Or access the marketplace directly from this URL https://azuremarketplace.microsoft.com/en-us/marketplace/apps/microsoft-hyperv.rs5_preview Enjoy

Read More

Windows – Windows 10 1803 ADMX files are now available

Few days after the release of the new Windows 10 build (1803, also known as April Update), the ADMX files to manage GPO settings for Windows 10 1803 are now available for download here https://www.microsoft.com/en-us/download/details.aspx?id=56880 NOTE for some reason, the files are not extracted to the defined target folder when running the MSI package (default “C:\Program Files (x86)\Microsoft Group Policy\Windows 10 April 2018 Update (1803)\”) but to C:\PolicyDefinitions. Even if…

Read More

Windows 10 – You can (finally) manage the bandwidth used by Windows Update

UPDATE May 6th, after the release of the ADMX file for Windows 10 1803, the GPO settings to manage these restrictions are available With the Windows 10 April Update (build 1803) you finally can manage the amount of bandwidth being used by Windows Update. To manage the limits (applicable to both download and upload [aka sharing with internet clients] – knowing that if you have already restrict the sharing with…

Read More

Windows – Windows Admin Center is now available in GA

Windows Admin Center (formerly known as Project Honolulu) is now available. You can get it from http://aka.ms/WACDownload Windows Admin Center (WAC) is a new web-based administration interface, centralizing all (or most of) administration consoles (MMC) you are using as a Windows servers administrator. WAC can be used to manage Windows Server 2012 to Windows Server 2016 – will also support the coming Windows Server 2019, as well as Windows 10.…

Read More

Intune – Enable Windows Redeployment from logon screen

Starting with Window 10 build 1709, it is possible for administrators to re-initialize Windows 10 devices to remove personal files and settings and revert the device to an original state, while keeping the device enrollment. Enable the policy To make Windows Automatic Deployment available from the logon screen, you must first enable the policy; which can be done either with Intune (or any MDM supporting CSP) or with a Windows…

Read More

Microsoft Deployment Toolkit (MDT) 8450 is now available

The latest and new release of Deployment Toolkit (MDT) for Windows is now available for download at ​https://www.microsoft.com/en-us/download/details.aspx?id=54259 This version supports Windows 10 build 1709 (Fall Creator Update) and SCCM current branch (1710), as well as includes some fixes like: Win10 Sideloaded App dependencies and license not installed CaptureOnly task sequence doesn’t allow capturing an image Error received when starting an MDT task sequence: Invalid DeploymentType value "" specified. The…

Read More

Windows Server – Honolulu technical preview

As you may know, Microsoft has announced a new Windows Server management experience to manage on-premises system with the Honolulu project. The Honolulu project delivers a more modern interface for managing on-premises system through a web interface with no cloud footprint (no dependency what so ever with Azure or other clouds services). In this post I will go through the setup of the technical preview – available for download at…

Read More

Windows 10 – Windows Defender Advanced Threat Protection

Windows Defender Advanced Threat Protection (ATP) is a security functionality built in Windows 10 to help detecting, investigating and protecting against threats, introduced with Windows 10 build 1607 (or known as Anniversary Build). In this post, I’m going to implement ATP integrated with SCCM Current Branch (you can request a trial for ATP here http://aka.ms/register-wdatp) Once you have requested the trial and get approved, you will receive an email to…

Read More

SCCM – Identify Azure AD Joined device

UPDATE this post has an updated version here https://t.co/W3AUonuSR9 Following my post to create an SCCM device collection for Windows Core (https://t.co/ZGdL91Vkht), I wanted to do the same to identify all Azure AD Joined device. So the first thing was to find how to identify an Azure AD Joined device; and the answer is with the following registry key which only exist if the device is joined to Azure AD:…

Read More

SCCM – Create a device collection for Core server

There is a lot of resources available on Internet to create System Center Configuration Manager device collection based on the operating system but none are helpful to create a device collection to identify all Windows Core servers, especially Windows Server 2016 Core as there is no more switching between Core and UI. So after digging around I found this MSDN resource which explains how to identify a core server (https://msdn.microsoft.com/en-us/library/hh846315(v=vs.85).aspx).…

Read More