Welcome to the Recast Endpoint Management Recap, June 2020 by Gary Blok
Thanks for checking out the June edition of our recap. As always, the layout to the post:
- Events / Conference News
- Microsoft Product Announcements
- Hardware Vendor Updates (Tools / Security / Features)
- Community Tools / News
- Recast Updates
That’s the idea, a high level overview of things going on that you’ll want to be aware of and you can dig into them further on your own. If you’re new to this monthly post, you’ll want to look back at previous months, so much great content.
Events & Conferences
- Microsoft Events for 2020 are all virtual. [zdnet.com]
- [Training (Paid)] MMS MOA – mms moa is cancelled, but still planning for MMS Midway
- [Training (Paid)] Mastering Configuration Manager with Johan Arwidmark and Kent Agerlund (Options: Jun 15, Aug 31, Nov 2)
- [Training (Paid)] Workplace Ninja Virtual Edition 2020 (2020.08.25)
I’ve posted several groups that I’ve seen active over the past few months, many doing virtual events. I’ve added their Twitter information so you can follow them all and keep apprised of their virtual events. Often times, by the time I see an event is coming, the event has come and gone before I release this monthly update, rarely do I see something a couple months out to be able to place the info here. If any of you have Website Information for the ones that don’t, let me know. I did some searches but some had dead links and others I just couldn’t find.
- TCSMUG – Twin Cities Systems Management User Group. [Twitter] [EventBrite]
- HASMUG – Houston Area [Twitter] [EventBrite]
- AZSMUG – Arizona Systems Management User Group [Twitter] [EventBrite]
- NWSCUG – Northwest System Center User Group [Twitter] [EventBrite]
- FMSCUG – Fargo-Moorhead System Center User Group [Twitter]
- MEMUG – Microsoft Enterprise Management Usergroup – Denver [Twitter] [EventBrite]
- CSMUG – Chicago Systems Management User Group [Twitter] [EventBrite]
- CKYMUG – Central Kentucky Microsoft User Group [Twitter] [EventBrite]
- LouMUG – Louisville area Microsoft User Group [Twitter]
- DFWSMUG – Dallas Fort Worth [Twitter]
- CTSMUG – Central Texas Systems Management User Group – Austin, TX [Twitter] [EventBrite]
- SASMUG – San Antonio Systems Management User Group [Twitter]
- CLESCUG – Cleveland System Center User Group [Twitter]
- NEW! – V_SMUG – Virtual System Management User Group [Twitter]
Microsoft Products & Announcements
Microsoft has posted a page with a lot of great resources during this time, to help IT professionals, Educators, Families, and Remote Business, along with how Microsoft is helping in the battle on Covid-19 on their Responding to COVID-19 together page.
Microsoft Edge Browser (Based on Chromium Engine): [Landing Page]
Microsoft Defender Advanced Threat Protection – [Resource Hub]
- Channel Changes – Added Monthly Enterprise and renamed the rest.
- Name Changes – Office 365 ProPlus is being renamed to Microsoft 365 Apps for enterprise
- 2020.05.06 –ConfigMgr 2002, Hotfix PXE Boot failures or task sequence delays after updating to Configuration Manager current branch, version 2002
- Now Available: Configuration Manager Community Hub
- [MDT] Windows 10 deployments fail with Microsoft Deployment Toolkit on computers with BIOS type firmware
ConfigMgr Tech Preview [What’s New Page]
- TP 2005
- Lots of Tenant attach stuff
- VPN boundary type
- Community hub and GitHub
- Microsoft 365 Apps for enterprise
- Improvements to BitLocker task sequence steps
- [Blog Post] MEMCM Technical Preview 2005 = Epic! (Jörgen Nilsson @ccmexec)
- [Blog Post] A look at task sequence media support for cloud-based content (Niall C. Brady @ncbrady)
- Manage endpoint security in Microsoft Intune [New MS Doc]
- Roll out updates faster with the Update Baseline for Windows 10
- Resuming optional Windows 10 and Windows Server non-security monthly updates
- What’s next for Windows 10 updates
- 2004 Group Policy ADMX Template Downloads
- 2004 Group Policy Reference
- [Blog Post] 2004 Group Polices (Wolfgang Sommergut)
Hardware Vendor Updates
This month I’m trying something different, I’m only listing changes. If you want a more complete list of their tools, check out previous month’s posts.
!!! HP Just released a blog post that helps explain deploying their UWP apps needed for Windows 10, leveraging HPCMSL and Configuration Manager. If you manage HP devices, you NEED to read this! HP UPW Application Pack Deployment in a Microsoft Endpoint Configuration Manager OS Deployment Task
- [Enterprise Tools Landing Page] [Community / Blog Site]
- MIK (HP Manageability Integration Kit for Microsoft System Center Configuration Manager) 220.127.116.11 – Updated 2020.06.22
- HP Sure Run Gen 3 – Support to add 10 Custom processes running on managed platform. – Customer can have Sure Run add their own processes to the official list to monitor and protect
- HP Sure Recover – Support to configure OS recovery retry attempts and wait period between next retry.
- Pre-boot WiFi – Support to configure 6 WiFi profiles and the priority. – New WiFi preboot support in some 2020 platforms
- Programmable Key – Support to program a key to launch pre-defined URLs at a press of button. – Feature added to most 2020 laptops’ keyboards
- HP Tamper Lock – Support to enable tamper protection and notifications for unauthorized chassis intrusion. – Feature available on some new ZBook platforms for 2020 designs
- [Blog] Power Profiles and Modern Standby (it is coming to ALL laptops, not just tablets in 2020), and the use of HP’s System Default Settings to enable an optimized power profile to obtain best battery life with sleep, hibernate and other settings
- ADVISORY: HP Commercial Notebooks and Desktop PCs – Insufficient EFI Partition Size Prevents BIOS Update or Auto-Recovery
- I’ve updated my Blog Post which covers partitioning during OSD to match the guidance.
Dell reported no changes to me this month but said next month should be a few things. There were some rumblings in the community on twitter [Twitter Thread] about some some issues when flashing BIOS on some models when SMM was enabled. Updated Flash utility Posted
- The Lenovo Updates Catalog is now in V3 format so you can now select categories to auto publish. In our testing we have seen the V3 catalog automatically sync’d when the catalog was already subscribed to. However, some have noted that they had unsubscribe and re-subscribe in order to get the V3 version. Part of this change is some back-end work that we hope will allow us to include more content and refresh the catalog more frequently. More details
- Lenovo has new ThinkPad models launching now. An item of note for anyone that targets devices by the model name (e.g. ThinkPad T14) to apply drivers, there will be two versions of some models – one Intel, the other AMD – and they will have the same model name. In these cases please use an alternative targeting method. We will have AMD models of ThinkPad L14, L15, T14, T14s and X13.
- Hopefully by the end of June, Lenovo will have our new HSA Packs published on our support site. These will be similar to SCCM Driver Packs except they only contain the UWP apps needed by modern drivers so that customers deploying their own images with access to the Microsoft Store disabled can deploy these as part of their build. There is a new blog post with details about these along with a very handy PowerShell script that will make it a little easier to consume these HSA Packs in your deployments.
- Related to modern drivers, we are starting to see that customers who use Thin Installer in their OS deployment process to install drivers on top of a base OS image will have issues on certain models. Primarily KabyLake-R models which straddle the transition from legacy drivers to modern drivers can run into this. During deployment, either from inbox drivers or from Windows Update, some DCH drivers are applied. The packages that we have for these models available through Thin Installer (via Update Retriever) are legacy drivers. Thin Installer will not be able to install the legacy driver over the modern driver as that is strictly not allowed by the OS. In these scenarios customers may want to consider injecting drivers (SCCM driver packs) instead of installing under the OS. Otherwise they may need to rely on Windows Update and the Microsoft Store for drivers.
- Updated release SEMM for Surface Dock 2
Community Tools \ Blogs
Check out some of our favorite tools for ConfigMgr, along with several blog posts covering a wide range of areas and ideas to all help with Endpoint Management. I’m also going to admit, not each one of these is new, most are, but every so often I find a really good one that I missed awhile back, so I’m posting it now. If you’re new to blogging and have started posting content, connect with me on Twitter so I can check our your content that I might not normally catch in my typical twitter feed.
This month I saw some new names posting things I haven’t seen before, which was really cool. Wanted to thanks the team at SysmanSquad for making a great place for new folks to get into the blogging game with the help of some seasoned bloggers.
As part of our support for the community, we’re also starting a series of posts to highlight community members. These people donate their time, in HUGE amounts, making our jobs easier. I’ve started by interviewing Donna Ryan. Catch the interview in this POST. I have several more of these lined up, so keep watching twitter or this blog feed to learn more about the people behind the community tools.
One more note, I do my best to provide Twitter accounts with the blog posts, both to provide credit where credit is due, and so you can then follow them yourselves to stay in the loop as things are coming out and ideas are being discussed on twitter.
Podcasts / Blog Series / Video Blogs
- [Youtube Channel] Episode 42 Advanced Threat Hunting with Microsoft Defender ATP [@OnPremCloudGuy & @AdamGrossTX]
- PSConfEU (@PSConfEU) All of the videos for #PSCOnfEU 2020 are available
- [Teams Meeting – Training] Free Intune Training from How to Manage Devices Community via HTMD Teams Channel (Anoop C Nair @anoopmannur)
- [Blog Series] Setting up CMG in Lab (Gary Blok @RecastSoftware)
- Part 1: CMG Cert Pre-Reqs
- Part 2: Azure Subscription
- Part 3: Azure Services Connection
- Part 4: Setting up CMG in the Console
- Part 5: Post CMG Config
- Part 6: Client CMG Endpoints
- [Blog Series] Applocker Part 1, Part 2, Part 3 of 5) (Sami Laiho @samilaiho)
- [PodCast] Latest Episode (Couple of Jerks @JustJerksPod) – Just a Couple of Jerks takes us into the IT community to meet the individuals out there who are helping others and sharing their solutions and ideas.
- [Video Series] Video Tutorial: Introduction – Application Deployment Part 1, Video Tutorial: Packages – Application Deployment Part 2 (Steve Rachui @steverac)
- [Blog Series] Cloud OS Deployment (Johan Arwidmark @jarwidmark)
- Part 1: Running MDT Task Sequences from Microsoft Intune
- Part 2: Bare Metal Deployment via MDT from the Cloud
- Part 3: Bare Metal Deployment via ConfigMgr with Content from the Cloud
- [Blog Series] Tenant Attach (Paul Winstanley [MVP] @SCCMentor)
- Adding Tenant Attach to your ConfigMgr instance
- Tenant Attach extras – Running a Script via the Admin Center
- Tenant Attach extras #2 – Application Install via the Admin Center
- Tenant Attach extras #3 – The Power of CMPivot in the Admin Center
- Tenant Attach extras #4 – Timeline
- [Blog Post – CMG & Azure] Cloud Management Gateway and Azure tags (Gerry Hampson (@GerryHampson)
- [Blog Post -CMG] Deploy CMG on MEMCM 2002 – Single Wildcard (Nathan Blasac @nblasac)
- [Blog Post – Intune] Microsoft Office 365 Deployment Using Intune (Anoop C Nair @anoopmannur)
- [Blog Post] Co-Management Workloads – What Do They Mean To Me: Compliance Policies (Nathan Ziehnert @theznerd)
- [Blog Post – Intune] Display simple toast notification for user in System context with Intune (Damien Van Robaeys (@syst_and_deploy)
- [Blog Post – CMG] Cloud Management Gateway Choices (Jason Sandys @JasonSandys)
- [Blog Post – Intune] How to renew NDES service certificates for usage with Microsoft Intune (Nickolaj Andersen @NickolajA)
ConfigMgr Task Sequence / OSD / WaaS
- [Blog Post] Who Deleted my Task Sequence (Anoop C Nair @anoopmannur)
- [Blog Post] Enable Windows 10 servicing using SCCM | ConfigMgr | WSUS (Anoop C Nair @anoopmannur)
- [Blog Post] Modern Driver Management with the Administration Service & Modern BIOS Management with the Administration Service(Charles @NoRemoteUsers)
- [Blog Post] Working With Internet-Optimized Task Sequences and Generic Status Messages (Ronald Montgomery)
- [Blog Post] HinvChangeLog – The 600gb DB Backlog (Cody Mathis @CodyMathis123)
- [Blog Post] ConfigMgr Admin Console Silent Install Application Using SCCM (Anoop C Nair @anoopmannur)
- [Blog Post] A couple of MEMCM Collection Queries (Paul Winstanley @SCCMentor)
- [Blog Post] Where to Find User Name Data Within Configuration Manager – Part 1 (Garth Jones @GarthMJ)
- [Blog Post] How to use Delivery Optimization with SCCM/MEMCM (Jonathan Lefebvre @JLefebvreGloben)
- [Blog Post] Deploy languages via Software Center with PSCMWin10Language & Language Packs, Language Experience Packs, Language Interface Packs (Adam Cook @codaamok)
- [Blog Post] Getting started with AutomatedLab & Build a ConfigrMgr lab with AutomatedLab (Adam Cook @codaamok)
Other SysAdmin Goodies
- [Blog Post] Hacking or useful IT tool? You decide. – Rubber Ducky USB (Michael Niehaus @mniehaus)
- [Blog Post] Hyper-V Host Compute Service Diagnostics Tool -HCSDiag.exe for Containers, Windows Sandbox, Hyper-V VMs, WSL 2, and more! (Thomas Maurer @ThomasMaurer)
- [Blog Post] Enable Attendance Reports in Microsoft Teams (Nick @NickC_MSFT)
- [Blog Post] Always On VPN Device Tunnel Does Not Connect Automatically (Richard Hicks @richardhicks)
- [Blog Post] create device collections in Configuration Manager for the new Microsoft 365 Apps update channels (Martin Bengtsson @mwbengtsson)
- [Blog Post] Create Windows 10 Kiosk Environment (Ashley Mann-Thomas)
- ConfigMgr Prerequisites Tool has been updated with the latest Windows 10 ADK version 2004 – No application update needed, it’s just there when you click the button
- Tip from Peter Egerton (@PeterEgerton): Did you know about the Microsoft Error Lookup Tool? (AKA ERR) It’s a neat little cmd line that you can feed error codes and it will translate them for you. Requires no elevation either.
- WIMWitch – Updated 2020.06.05 [Blog Post] – PowerShell Gallery (Donny Ryan @TheNotoriousDRR)
Recast Software Updates
- New feature alert: You can now use Right Click Tools on the ConfigMgr Fast Channel, learn more about the new feature here and how to install it silently here.
- A new blog series on setting up a Cloud Management Gateway by Gary Blok is now available. Topics covered include Certs Prerequisites, Azure Subscription, Azure Services Connection, Setting up CMG in the Console, Post CMG Config, and Client CMG Endpoints.
- Check out the first of several posts highlighting Community influencers, we have the privilege of highlighting Donna Ryan for the first post.
- Stay tuned for more exciting new features in Right Click Tools version 4.3, launching next month!
Thanks for checking out the post, and look forward to more monthly updates of what’s going on. If you think we missed something, or want any other news added, find us on Twitter: @RecastSoftware
See how Right Click Tools are changing the way systems are managed.
Immediately boost productivity with our limited, free to use, Community Edition.
Get started with Right Click Tools today: