Just came back from an amazing week at Microsoft Campus in Redmond with 25 fellow SCCM & Intune MVP’s from all over the world. A special thanks to everyone from the Product Group that took time out of their busy calendar to spend time with us and listen to our feedback.Looking forward to come back again in March for the Global MVP Summit 2019./Ronni

Two weeks ago, at Microsoft Ignite in Orlando, Microsoft announced the public preview of Password-less phone sign-in. We enabled this feature right after the session in our company tenant, and we have all been super excited about this cool way of signing in. One big step closer to a more secure and password less world. This blog post will explain how to configure password-less phone sign-in and how to enable this feature for your users. Please note that this is still a pre-release feature. Prepare the Tenant First we need to install the latest version the of Azure Active Directory…

Yesterday, I received an e-mail from the Microsoft MVP Award program, and I am delighted to share that I have been awarded Microsoft Most Valuable Professional (MVP) 2018-2019 for the 11th consecutive year.I am honored to receive this award again and I appreciate everyone that reads my blog, watch me speaking, attend my training and keeps up with me on twitter (@ronnipedersen). I will strive to keep contributing to the community and hope that my contributions help you out in some way.I would like to thank everyone of you who have supported me in any form. Especially the members of…

Yesterday I started a new Windows 10 1803 project with a customer. They want to start deploying Windows 10 1803 to new machines and also start upgrade existing Windows 10 clients to 1803. To upgrade existing clients, I’ve created a Task Sequence template that I’ve been using at many different customers in previous projects (including 1803). But yesterday I got the following error displayed in a Command Prompt during the deployment: winpeshl.ini file is present, but no commands were successfully launched. This could be caused by incorrect formatting or an invalid executable name. Please consult the documentation for more information.…

IntroductionThe Cloud Management Gateway (CMG) feature was first introduced in version 1610 as a pre-release feature. Last week Microsoft released 1802, and this feature is no longer a pre-release feature. We also now have the option to create the CMG using Azure Resource Manager (ARM).In this blogpost I will share some learnings that I got from migrating the first customer from an existing (Classic) CMG deployment to the new modern (ARM) deployment.Pre-Migration TasksThere is really not that much that needs to be prepared, but you should spend the 15-20 minutes it takes to read the following documentation before you start:Plan…

IntroductionWith the release of Configuration Manager 1710, Microsoft now supports co-management, so Windows 10 clients can be managed by both SCCM and Intune at the same time. There are a few pre-requirements that need to be completed if you want to use co-management, and the most important one is that you need have your MDM authority in Intune set to Intune.The following are general prerequisites for you to enable co-management: Configuration Manager version 1710 or later Azure AD EMS or Intune license for all users Azure AD automatic enrollment enabled Intune subscription (MDM authority in Intune set to Intune)See all…

IntroductionWith the 1702 release of Configuration Manager, Microsoft released (pre-release) the Data Warehouse service point that can be used to report on long-term historical data. And with the 1706 release, this feature is no longer a pre-release feature.Setting up the Data Warehouse feature is pretty much straight forward, but depending on your environment you might see some challenges.Prerequisites and Installation guide can be found here: https://docs.microsoft.com/en-us/sccm/core/servers/manage/data-warehouseThe Remote SQL challengesLast week I was asked to setup a new Data Warehouse server for one of my customers. The Data Warehouse Database should be hosted on a new dedicated SQL Server 2016.Setup:SERVER1 (Primary…

Sometimes when troubleshooting the Cloud Management Gateway (CMG) feature in System Center Configuration Manager (SCCM) you need to access the IIS log files from the Virtual Machine that runs the cloud service. From the Azure Portal navigate to Cloud Services (classic) and select the Cloud Management Gateway service. Select Remote Desktop, and Enable Remote Desktop to the Service (Virtual Machine), and click Save. This will normally take 3-5 minutes to activate. When Remote Desktop Services has been activated, you can connect to the Virtual Machine by selecting Roles and Instances, and selecting the ProxyService (ProxyService_IN_0). Click Connect, to download the…

IntroductionImportant: This feature is only available in the technical preview for now.Most SCCM customers are trying to limit the number of servers they need for the SCCM environment. And for many good reasons. Having a server, on each remote office to support clients can be very expensive for some customers.Most of the workloads can be provided by other desktop clients by making them distribution points or enabling services like BranchCache or Peer Cache. But one important function that required a full server Operating Systems is the option to provide PXE boot.So, If you have been doing OS deployment using SCCM…

Over the years, I’ve created multiple labs, so that I can test different scenarios. One of my first “cloud only” Azure AD labs was created back in 2012. Two weeks ago, I wanted to use this lab to test a new Conditional Access scenario that one of my customers needed.Long time ago, I also created an “All Users” group, that was based on direct membership, so I thought it was a good idea to replace that group with a new and “shiny” dynamic group based on the “UserType” attribute.So, I created the following group, and started to redeploy all my…