Easily install and update apps on your home PC with Patch My PC Home Updater

My colleagues and I oversee numerous applications across our 6,000 managed workstations. Keeping these applications up-to-date is critical, as 70% of successful malware attacks target outdated vulnerabilities. Security updates occur monthly, sometimes even more frequently. Repackaging applications for managed devices is time-consuming, so we adopted Patch My PC years ago.
Patch My Pc enables us to save countless hours by automating the patching process for many applications installed on our workstations managed by Configuration manager or Intune. But what about your personal owned Windows devices?

Continue reading “Easily install and update apps on your home PC with Patch My PC Home Updater”

Error 0X800F0954 installing Feature on demand like Basic typing, handwriting, text-to-speech, etc.

Employees using our managed workstations have recently encountered issues installing Windows 11 language packs FOD. While the language packs install without a hitch, additional features such as Basic typing, handwriting, and text-to-speech fail to install across all attempted languages. In this post I will explain the cause of the problem and provide a solution.

Continue reading “Error 0X800F0954 installing Feature on demand like Basic typing, handwriting, text-to-speech, etc.”

Postpone or enable MFA for cloud admin accounts to access Microsoft admin Portals

Microsoft is set to enforce Multi-Factor Authentication (MFA) on admin accounts accessing the Microsoft Entra Admin Center, Azure portal and Microsoft Intune Admin Center starting October 15, 2024.

This article will guide you through the steps to either postpone this enforcement or immediately implement MFA for your admin accounts.

Continue reading “Postpone or enable MFA for cloud admin accounts to access Microsoft admin Portals”

Teams Outlook add-in missing after uninstall Classic Teams

Last week we were getting reports from employees that the Teams add-in in Outlook suddenly disappeared. After some research we discovered this happened because the Classic Teams was uninstalled automatically in the background by the Microsoft policy. These employees already were working with Teams 2.0. There are a few ways to get the Outlook add-in working again. In this post I will show how you can fix this, form a manual action to running a script.

Continue reading “Teams Outlook add-in missing after uninstall Classic Teams”

Great tool to change MECM content path locations

Just a tip for a really useful tool. Our storage department was planning a storage migration so the content share used for applications, packages, etc in MECM (SCCM) changed. We already used a cname to point to the content share for a lot of objects but not for all of them. So I was looking for a tool to change content paths to the correct cname share in MECM.

This tool does the job! I can really recommend it!

Continue reading “Great tool to change MECM content path locations”

Assign Intune device category based on users department property

macOS devices enrolled via Apple Business Manager don’t have the option to be enrolled to Intune with a group tag like Windows devices. With a group tag you can create a dynamic device group and then auto assign a scope tag to those devices. So it would be nice to think of something so macOS devices also could be added to a dynamic group and then auto assign a scope tag to those devices. In order to achieve this I created a PowerShell script with Intune Graph to auto assign a (department) category to the macOS Intune managed devices based on the users department property. You can read my post to find out how you can achieve this.

Continue reading “Assign Intune device category based on users department property”

Deploy Microsoft Project and Visio (Click-to-run)

I got a request at work if I could create the deployment of the latest versions (Click-to-run) of Microsoft Visio and Project and set the Monthly update channel. The deployment of the applications should be made available in the Company Portal for users that are a member of the Entra ID synced Active Directory group to which the Visio and or Project Online plan licenses are assigned to.
We still run a 32 bits MS365 Apps on devices so got a mix of 32 bits and 64 bits MS 365 apps. The deployment should automatically detect the MS 365 apps architecture and then install the correct 32 or 64 bits version of Project and / or Visio. In this post I will show you how I did this. I will also provide all the sources and scripts you need to accomplish this.

Continue reading “Deploy Microsoft Project and Visio (Click-to-run)”

Change Intune device category with PowerShell and MS Graph Intune module

I tried to find a way to be able to change the category assigned to an Intune device without having to use the Intune portal. I found a lot of information about it and even working scripts. But these scripts didn’t do exactly what I wanted. So I used some scripts and information about PowerShell and the MS Graph Intune module and merged them into my script. Some results I wanted to accomplish were to change an Intune device category by using the device name and the category name not the device ID or category ID. I also build in some checks. I wrote this post about it and I hope you find it useful.

Continue reading “Change Intune device category with PowerShell and MS Graph Intune module”

Deploy the Company Portal with Intune

In this post I will show you how to deploy the Company Portal App from the Microsoft Store app (new) with Intune. The company portal is an essential app you should deploy on the devices you want to manage with Intune. With the Company Portal users can securely access their company apps and data, install or reinstall applications, check if the device meets compliancy and more.

You can install the company portal on Windows 10/11, macOS, Android and iOS, but I will cover the Windows deployment in this post.

Continue reading “Deploy the Company Portal with Intune”

Admin managed Office add-ins not shown

Sometimes it can happen that admin managed assigned add-ins are not shown in the 365 apps. Even though the requirements for deploying admin managed add-ins are all there. I had this issue on my Personal device but some employees on managed devices also had this issue. The add-ins were available when trying to add them in the 365 web versions of the apps but not in the local 365 apps. The message that appears when having this issue can be different. In this post I will show you the error you can get but also the solution that will fix this issue.

Continue reading “Admin managed Office add-ins not shown”

Fix 7-zip vulnerability help file

A vulnerability was found in 7-Zip 21.07 that can be exploited through the 7-Zip Help file. This post will show how to remediate this vulnerability by deleting the 7-zip.chm file. In this post I will show you 2 ways you can accomplish this:
With a MECM (SCCM) configuration item deployment and with Intune script. In this post I will remediate the 7-zip (all versions) 64 bits version with MECM, and only the 21.07 (32 and 64 bits) version with Intune.

Continue reading “Fix 7-zip vulnerability help file”

Upgrade to MECM version 2203

Update 2203 for Microsoft Endpoint Configuration Manager (MECM) is now available. In this post I will show all the steps you have to take to upgrade your current MECM installation. To install MECM 2203 as an update, you must have MECM version 2010 or later installed. If you check for updates in your console and the update is not available this post also shows how to get it using the early update ring script. I personally would not install the new version when it still is in the early ring on your production environment but it would be suited for a lab or test environment. When the new version is available in the production ring usually there is an hotfix available already so that would be a good version to install on your MECM production.

Continue reading “Upgrade to MECM version 2203”

Fix Microsoft 365 apps activation issue

I am currently testing deployment of the MS 365 apps. But we are running into the following error when users are trying to activate the MS 365 apps: Another account from your organization is already signed in on this computer. Enter a product key instead. This happens when users are already signed into older Office versions with their old User Principale Name (UPN) and it was changed was changed before the installation of the MS 365 apps. In this post I will explain the issue and show the solution to prevent this issue and to fix it when you have got the activation issue.

Continue reading “Fix Microsoft 365 apps activation issue”

Software Center customization: Display custom tabs with Microsoft Edge WebView2 runtime

In my post about the MECM 2103 upgrade I made a list of my top 5 new features of MECM version 2103. One of these new features is Improved user experience and security with Software Center custom tabs. You can now use the Microsoft Edge WebView2 browser control in MECM version 2103 and with this control more websites should work with custom tabs without displaying script errors or security warnings. We had a lot of script errors before when using custom tabs to websites, but now these errors should be gone. In this post I will show you how you can enable custom tabs with Microsoft Edge WebView2 runtime.

Continue reading “Software Center customization: Display custom tabs with Microsoft Edge WebView2 runtime”

Upgrade to MECM version 2103

Update 2103 for Microsoft Endpoint Configuration Manager (MECM) current branch is now available. In this post I will show all the steps you have to take to upgrade your current MECM installation. To install MECM 2103 as an update, you must have MECM version 1902 or later installed. If you check for updates in your console and the update is not available this post also shows how to get it using the fast ring script.

Continue reading “Upgrade to MECM version 2103”

Fix configuration missing error 401 in Endpoint Manager Admin Center

If you have setup Co-management in your MECM console you can now manage devices from the Microsoft Endpoint Manager Admin Center. If you want to know what you can do with the Microsoft Endpoint Manager Admin Center read this walktrough from Microsoft.
In this post I will show you how you can fix the Configuration missing error if you want to use one of the following features when selecting a device that is Co-managed: Resource explorer (preview), Client details (preview), Timeline (preview), Collections (preview), Applications (preview), CMPivot (preview) and Scripts (preview). In this post i will be using MECM version 2010.

Continue reading “Fix configuration missing error 401 in Endpoint Manager Admin Center”

Set custom Teams backgrounds with Powershell

I got a request at work that it would be nice if users already have got some of the companies custom teams background that they can select as their background in a meeting. They wouldn’t have to upload the images themselves but they would already be in teams to select. It also should be easy to add new custom backgrounds if needed. So I made a powershell script with a colleague of mine that would do this. In this post I will show you how this script works and you can use it yourself.

Continue reading “Set custom Teams backgrounds with Powershell”

Setting up Co-management MECM (SCCM) *Part 1*

A lot of company’s are still managing there devices on premise with domain joined devices and with MECM (SCCM). But with the pandemic most employees are working at home on there personal device or on a domain joined mobile device. Managing the domain joined devices that are being used at home is quite challenging. Off course you can deploy your applications and windows update with MECM and an active vpn connection.
But still how often do employees connect with the vpn application? If they don’t the device will become unsecure because of missing windows updates and missing application updates. You want these kind of devices to be updated and managed even without an active vpn connection. To be able to do this we can setup co-management in MECM. In this post I will show you how to setup co-management in MECM 2006.

Continue reading “Setting up Co-management MECM (SCCM) *Part 1*”

Issues after Google Chrome enterprise upgrade

I recently updated Google Chrome Enterprise version 84.0.4147.125 x64 to version 86.0.4240.111 x64. After the upgrade some users had issues. Users that had set Chrome as their default browser before the upgrade could not open URL’s anymore. Some shortcuts that we created to open a specific URL with Chrome by default even if the default browsers wasn’t Chrome didn’t work anymore. In this post I will explain what happened and how you can fix the issues if your would run into them.

Continue reading “Issues after Google Chrome enterprise upgrade”

Uninstall Adobe Flash with KB4577586

Microsoft has released a Windows update (KB4577568) that removes Adobe’s Flash Player before it reaches end of support on December 31, 2020. However, it isn’t rolling out via Windows Server Update Service (WSUS) yet, and the update needs to be downloaded and installed from the Microsoft Update Catalog. It will become available to WSUS in early 2021. In this post I will show how you can Import this update in WSUS and deploy it with MECM (Software Update Point).

Continue reading “Uninstall Adobe Flash with KB4577586”

Create structure in your MECM (SCCM) console !UPDATED!

The MECM console is the place where you do all of your operational tasks. Deploying windows OS and updates, creating and deploying applications, creating user and device collections, task sequences, running scripts, monitoring and much more.
In order to keep a good overview it is important to create structure within your MECM (SCCM) console, so everyone knows where to find what.
This post will describe a way to structure the MECM console.

Continue reading “Create structure in your MECM (SCCM) console !UPDATED!”

Right Click Tools for MECM (SCCM)

You can do a lot of tasks with MECM, but the one thing that MECM doesn’t have are some good device management remote actions. MECM has got client notification that allows you to perform client actions on a collection or on a single device, but still the amount of actions and feedback of these actions are not really that great. I have been using an other great MECM 3rd party tool called RECAST Right Click Tools (RCT) and it is available as a free version or a payed Enterprise version. Off course the Enterprise version has got more actions/tools available but still the free version really makes the life of a system administrator or it support employee much easier.

Continue reading “Right Click Tools for MECM (SCCM)”

Start menu not working: Critical Error

After installing the Cumulative Update KB4570333 released the 8th of September (W10 1809) we got some calls from users that the start menu didn’t work anymore. There also was a Critical Error shown when clicking the start menu button. In this post I will show you how to fix this error.

Continue reading “Start menu not working: Critical Error”

Show specific scripts to MECM (SCCM) console users

A few days ago one of my colleagues asked me if we couldn’t let the IT helpdesk colleagues run scripts from the console by themselves. Great idea of course because a script can fix an issue and help a user really quick and the user will be helped a lot faster if the helpdesk employees can run the script(s) by themselves instead of having to call a colleague of a different IT team first who can run the scripts. But the console can have a lot of scripts, perhaps you don’t want the helpdesk to be able to run all the created scripts but only a selection of them. So in this post I will show you how to allow a specific script or scripts to be run by the helpdesk employees.

Continue reading “Show specific scripts to MECM (SCCM) console users”

Install Microsoft Teams with Microsoft Endpoint Configuration Manager

Because of the world wide epidemic of COVID-19 a lot of employees are working at home. The last few months the usage of online/cloud meeting platforms has exponentially grown and because of this a lot of companies had to implement MS teams much faster then planned. In order to use teams you can use the online teams or install the Teams app, you don’t need admin rights in order to install it on a computer.
So an employee could go and use a browser to use the teams online or install the Teams app on his or hers companies computer, but it would be even better when the employees won’t have to install it at all, and could just use the desktop Teams app when using the companies computers. In this case the best thing to do is to deploy the Teams desktop client. So in this post I will show how to Install Microsoft Teams with Microsoft Endpoint Configuration Manager.

Continue reading “Install Microsoft Teams with Microsoft Endpoint Configuration Manager”

Microsoft 365 Apps update channels

A few months ago Microsoft changed the names of the Microsoft 365 Apps update channels (May 2020) and the titles of the Microsoft 365 Apps update channels monthly feature/security updates (July 2020). In this post I will show you what impact this could have on your active Office 365 environment in MECM (SCCM).

Continue reading “Microsoft 365 Apps update channels”

Deploy Windows 10 build as a feature update

With MECM (SCCM) you can deploy a new Windows 10 build in two ways. You can deploy Windows 10 build as a feature update (Servicing) or you can create a task sequence (in-place-upgrade).

In my opinion with a task sequense you can easy create pre and post actions based on variables but the time that a user can’t use the computer (downtime) can be quiet long.

Deploying the feature update with servicing is much more user friendly, because there is almost no downtime for the user. Creating pre and post actions can be done but are not easy and can’t be based on variables like task sequence steps can.

Continue reading “Deploy Windows 10 build as a feature update”
Theme: Overlay by Kaira