Unless you have been living under a rock the last few days, you haven’t missed the Every Windows 10 in-place Upgrade is a SEVERE Security risk blog post from Sami Laiho about the Shift-F10 security issue for Windows 10. Allowing a non-admin to get access to an BitLocker encrypted volume during an inplace-upgrade process of Windows 10.
A quite shiny weekend turned into even shinier with the release of Windows ADK (10) Insider Preview v14965.
During the Microsoft Ignite 2016 OS Deployment pre-conference, I demonstrated the ConfigMgr inplace-upgrade task sequence, and if you want to specify additional command-line options you can use the “not-so-easy-to-find” OSDSetupAdditionalUpgradeOptions variable. For example for using the /InstallLangPacks or /ReflectDrivers switches.
Here is a post on how to configure the Thunderbolt Software to not require admin rights when connecting a new Thunderbolt device.
Just wanted to post a quick reminder that ConfigMgr by default is logging info not only to it’s own log files, which are in the ConfigMgr installation directory, which is typically not on the C: drive, at least, should not be on the C: drive, but also to the IIS logs, which typically are on the C: drive. Obviously it is not good if the C: fills up, because then the site server dies. So some house-keeping is useful.
Here is a step-by-step guide to configure a MDT Lite Touch or ConfigMgr task sequence to move a computer to another OU during deployment. The webservice used in this guide does the same job as Maik Koster’s version available here: http://maikkoster.com/moving-computers-in-active-directory-during-mdt-deployments-step-by-step but I have include the C# source code for my version, so you can review, or modify it if you want to.
Just stumbled across the Zabbix monitoring platform (http://zabbix.com ) while working with a customer in Austin this week, so I figured I’ll set it up in my lab an test it out for a bit.
On this blog I previously posted PowerShell scripts to automatically generate reference images via the Hyper-V platform, often referred to as an Image Factory. Here is an example for the VMware platform, provided by my good friend Johnny Radeck. Thanks Johnny!
I just spend some time trying to find the Turn on TPM backup to Active Directory Domain Services policy after upgrading my group policy ADMX templates to the Windows 10 v1607 and Windows Server 2016 version. It used to be in the Computer Configuration / Policies / Administrative Templates / System / Trusted Platform Module Services node, but after updating the templates it was nowhere to be found.
I’ve been playing around with Server 2016 and the ViaMonstra Hydration Kit for ConfigMgr. If you want your lab environment to be able to connect to the internet, you know (if you’ve been reading our books) that you need to setup a virtual router. In Kent’s book (System Center 2012 R2: Mastering the Fundamentals), we actually walk you through setting up a very complex environment that requires you to use our “GW01” or a Vyatta virtual router in order for your lab to get out to the internet.