Mick's IT Blog

Remotely Pushing Windows Updates via Command Line to Windows 10 Machines

Mick's IT Blog

Normally, windows updates are pushed to machines using Configuration Manager in an enterprise environment. There are occasions though when they must manually be pushed, such as when a system continues to fail via ConfigMgr and troubleshooting is required.

Preventing Windows 10 Apps from Reappearing after an In-Place or Feature Upgrade

Mick's IT Blog

In the imaging process I devised, most of the Windows 10 Built-In apps, such as mail and maps, are removed. My company uses the SAC edition of Windows 10 enterprise. This requires us to perform an in-place upgrade every 6 months.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

AD Group Member Reporting

Mick's IT Blog

This tool queries specified AD groups for new users that have been added to the group within a specified number of days. The script is written so that it can be used with Azure Automation, Orchestrator, or even a scheduled task, with the addition of the send-mailmessage cmdlet.

Groups 143

Multiple Machine Logon Reporting

Mick's IT Blog

This tool is designed to report if a user profile has been logged into a defined number of machines or greater over a specified period of time.

Report 140

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

Deleting the Windows 10 Recovery Partition

Mick's IT Blog

We use VMWare for our servers and sometimes virtualized desktops. One of the issues we ran into was expanding the disk space on a virtual machine. When disk space was added, the C: drive could not be expanded because of the reserve drive "being in the way".

Which Configuration Manager PowerShell Module should I use?

Mick's IT Blog

If you use PowerShell with Configuration Manager, you likely know that there are two PowerShell modules named ConfigurationManager.psd1.

Upgrading to both Windows 10 1903 and 1909 with Configuration Manager

Mick's IT Blog

The time has come to do another creator update to the corporate systems. We skipped the 1903 upgrade because of the Windows 7 to Windows 10 deployment that completed just after the release of 1903. It was too soon to start another creator update project, so we waited until 1909. One of the new features we are wanting is the reserved space that was introduced in 1903. This reserves seven gigabytes of data for future updates and upgrades.

ConfigMgr Pending Reboot Report

Mick's IT Blog

We wanted a list of servers that are waiting for a reboot. Thankfully, ConfigMgr has a pending restart field that allows admins to see when systems are waiting for a reboot. Our server team wanted that list to be automatically generated and emailed to them daily. Other than myself, others that have the ConfigMgr console rarely look at it since they wear many hats in IT. I could not find any PowerShell cmdlets in the ConfigMgr module for viewing a pending restart.

Report 122

SCCM Pending Reboot Report

Mick's IT Blog

We wanted a list of servers that are waiting for a reboot. Thankfully, SCCM has a pending restart field that allows admins to see when systems are waiting for a reboot. Our server team wanted that list to be automatically generated and emailed to them daily. Other than myself, others that have the SCCM console rarely look at it since they wear many hats in IT. I could not find any PowerShell cmdlets in the SCCM module for viewing a pending restart.

Report 146

Check Boot Environment for BIOS or UEFI

Mick's IT Blog

One of my recent projects is to convert our remaining legacy systems from BIOS to UEFI. While setting up the task sequence, I needed to be able to test the system to make sure it was not already UEFI so the task sequence would end if it was. The PowerShell script reads the setupact.log file and extracts if it is configured as BIOS or UEFI. I have included an unknown message in the event the log file does not exist or is inaccessible, which is what I encountered on one machine.

How Embedding AI-Powered Analytics Can Give You a Competitive Advantage

Embedding dashboards and reports aren’t enough. Futureproof your application by offering instant, actionable insights that will give you and your customers a competitive advantage.

SCCM Client Installer for MDT

Mick's IT Blog

Recently, I wanted to revisit the process of installing the SCCM client during an MDT task sequence. At first, I tried to use the SCCM PowerShell module to initiate the install. I learned during testing that it does not work if a system is not present in SCCM. The process needed to include initializing the client deployment, waiting for the ccmsetup to begin, and then waiting until the ccmsetup disappears and ccmexec is running.

System 143

Legacy Distribution Point Cleanup

Mick's IT Blog

This script will clean up the legacy items left over after a distribution point has been deleted in the configuration manager console. This is sometimes necessary if the same server is going to be used to re-push the distribution point back down to it. The script will not proceed if the DP registry keys are not present so that it can find where the distribution point directory exists to be deleted. You can download the script from my GitHub site.


Configuration Manager 1910 Upgrade Tips and Issues I Encountered

Mick's IT Blog

We have a new datacenter and the configuration manager server needed to be moved to that location. The setup of Configuration Manager is not too difficult. I did though run into several gotchas along the way. The first one was a warning that read 'configuration for SQL server memory usage'. I needed at least 8 GB of RAM allocated to the SQL database. The following SQL query executed on the ConfigMgr SQL server will rectify that issue.

PowerShell One-Liner to Configure the NIC Power Management Settings

Mick's IT Blog

While working on a series of one-liners for configuring the NIC on machines, I created this needed to makes changes to the power management settings of the NIC. This is something that will be implemented in the build, so I also wanted to make the script into a one-liner so the code itself can reside within the task sequence. This one-liner can check/uncheck the boxes within the Power Management tab of the network adapter. There are two ways this can be done.

Configuration Manager Default Client Settings

Mick's IT Blog

I just started building a completely new configuration manager server. While setting it up, I remembered that I wished in the past that I had all of the original default client settings because some did get changed. If you have ever made changes directly to the default client settings and cannot remember what the original settings were, then here is a screenshot of each section.

Building Like Amazon

Speaker: Leo Zhadanovsky, Principal Solutions Architect, Amazon Web Services

Amazon's journey to its current modern architecture and processes provides insights for all software development leaders. To get there, Amazon focused on decomposing for agility, making critical cultural and operational changes, and creating tools for software delivery. The result was enabling developers to rapidly release and iterate software while maintaining industry-leading standards on security, reliability, and performance. Whether you're developing for a small startup or a large corporation, learning the tools for CI/CD will make your good DevOps team great. We are excited to be joined by Leo Zhadanovsky, a Principal Solutions Architect at Amazon Web Services.

Application List Report

Mick's IT Blog

We have started the Windows 10 upgrades and part of this process is installing applications for users that are not included in the standard build. One option is to use the SCCM Resource Explorer for a list of apps installed. The problem with that is it is a blanket report. It shows everything and all we were wanting is a report of the additional apps installed after a build.

Zero Touch Dell Command Update for SCCM and MDT

Mick's IT Blog

I have used the Dell Command | Update in the build for quite some time for managing the drivers on systems because it makes it a hand-off approach with little setup and reliable updates direct from Dell. The one thing I have wanted to be able to rerun this task several times without having to have duplicate tasks in the task sequence. Sometimes there are multiple reboots required because not all drivers can be installed at the same time.

Dell 134

Using PowerShell to list Zerto Unprotected Systems

Mick's IT Blog

This script will connect to the Zerto server and retrieve a list of systems that Zerto is not backing up. The script has been written so that it can function in the Azure Automation or Orchestrator environment. It can also be used as a scheduled task or executed manually. It excludes desktop operating systems. You will need to install both the activedirectory and zertoapiwrapper modules before using this script. You can download the script from my GitHub site.

System 101

Microsoft Endpoint Manager Configuration Manager PowerShell Upgrade Script

Mick's IT Blog

With the advent of Microsoft Endpoint Manager Configuration Manager 1910, I started researching the upgrade requirements. I happened to run into a great blog post by fellow MVP Martin Bengtsson on what should be done before the upgrade takes place. That got me to thinking that most of the tasks he listed can be automated with PowerShell.

Backup 118

eLearning demand is at an all-time high. Pick the right LMS!

The need for online learning is greater than ever having the right LMS is absolutely crucial. Quickly, easily, and cost-effectively decide which Learning Management System is right for you with this 12-step guide from LMS implementation experts.

SCCM Duplicate Machine Cleanup

Mick's IT Blog

I got tired of duplicate systems appearing in SCCM caused by computers being reimaged while using the same computer name. To rid myself of this issue, I wrote the script below. It queries the SCCM SQL database for a list of machines where the SCCM client installation was attempted with a return code of 120. This error code indicates the system is already present and active in SCCM, thereby indicating this system is the old one.

System 127

Importing and Using the SCCM PowerShell Module

Mick's IT Blog

Recently, I have begun setting up new front and back-office security runbooks in Microsoft Orchestrator. These runbooks needed to use PowerShell for getting data from the SCCM server. The SCCM console is not installed on the Orchestrator server, so PowerShell required to be able to connect directly to it. The following script will import the SCCM PowerShell module, connect to the SCCM server, and then disconnect.

End User Reboot Management

Mick's IT Blog

I have wrestled with the issue of managing mandatory reboots for quite a while. Back before laptops were introduced into the environment, we used an SCCM package that triggered a reboot once a week. Today, with the majority of systems being laptops and tablets, it is not so easy to implement a reboot. The problem came when the package ran, and a system was offline. It would not get done. The second issue comes from laptops being closed instead of shutdown. A reboot rarely happens.

Install Configuration Manager PowerShell Module

Mick's IT Blog

I wanted to install the Configuration Manager PowerShell module on my admin machine. After investigating a little, the module does not exist in the Microsoft PowerShell gallery. The PowerShell script below will create the module directory under the WindowsPowerShellmodule directory within %PROGRAMFILES%. It will then copy over all of the necessary files. After copying the files, it will import the module and then verify if the import was successful.

Why Distributed Tracing is Essential for Performance and Reliability

Speaker: Daniel "spoons" Spoonhower, CTO and Co-Founder at Lightstep

Many engineering organizations have now adopted microservices or other loosely coupled architectures, often alongside DevOps practices. Together these have enabled individual service teams to become more independent and, as a result, have boosted developer velocity. However, this increased velocity often comes at the cost of overall application performance or reliability. Worse, teams often don’t understand what’s affecting performance or reliability – or even who to ask to learn more. Distributed tracing was developed at organizations like Google and Twitter to address these problems and has also come a long way in the decade since then. By the end of this presentation, you’ll understand why distributed tracing is necessary and how it can bring performance and reliability back under control.

PowerShell One-Liner to Enable Features in Microsoft Windows 1809

Mick's IT Blog

In Windows 10 1809, I needed to enable some RSAT features that are now included in the OS. I figured this would be a good time to go from using a script to using one-liners for the build process. Mike Robbins's blog was a good start to developing this one-liner. This allows for you to manage the code within the task sequence, thereby negating the issue of storing a script and the possibility of the script accidentally being deleted.

PowerShell One-Liners to ensure Dell system is configured for UEFI when imaging

Mick's IT Blog

While planning and configuring the Windows 10 upgrades, we had to also include the transition to UEFI from BIOS. I wanted to make sure that when the build team builds new models that they are configured for UEFI when applicable, otherwise the build fails within seconds after it starts. We use Dell systems, so interacting with the BIOS is simple. The Dell Command | Configure allows for the BIOS to be queried, which is what we need here to verify specific models are set correctly.

Dell 156

WMI Query for Dell Manufacture and First Power On Date

Mick's IT Blog

A recent project of mine was to obtain the Dell manufacture and ownership dates from all systems for depreciation and lifecycle purposes. This information is not readily available in SCCM and on the local machines. Luckily, the newest version of Dell Command | Configure now includes the manufacture date and first power on date. The first power on date, as referenced in DCC, is also the Ownership Date in the BIOS, as shown below.

Dell 113

Configuring Wake-On-LAN for Dell Systems

Mick's IT Blog

If you have been wanting to wake your Dell systems up from sleep, hibernate, or shutdown states, this is how you do it. Starting out with this article from Dell, I got the list of things needed to set up the system for WOL. There are three areas that have to be configured on Dell systems, at least for the systems we have which range from the Optiplex 990 to the Latitude 7490. The areas are BIOS, advanced NIC, and power management settings.

LAN 137

Nine Developer Enablement Practices to Achieve DevOps at Enterprise Scale

In this eBook, Christian Oestreich, a senior software engineering leader with experience at multiple Fortune 500 companies, shares how a metrics-driven mindset can dramatically improve software quality and enable DevOps at enterprise scale.

Populate VMWare Virtual Systems to a ConfigMgr Collection

Mick's IT Blog

During the COVID19 pandemic, one of my projects has been to build a new configuration manager server at our newer production site for optimal performance. During this process, we needed to be able to differentiate what servers were on our disaster recovery VMWare server, and what servers were on the production VMWare server. We quickly learned that some of the virtual servers could not be differentiated.

Using PowerShell for SQL Backup Verification

Mick's IT Blog

Earlier this year, we had a non-critical SQL server to crash. Come to find out, the backups were successful every night, but the data in the backup was corrupt. Needless to say, the server had to be recreated from scratch. Thankfully it was a non-critical server. We wanted a way to automatically verify SQL backups are valid. Using PowerShell, I wrote the following script that runs RESTORE VERIFYONLY against the latest backup contained in the designated directory.

Backup 113

Extract SCCM WIM from ISO and Configure for WDS via PowerShell

Mick's IT Blog

One issue, more like a time-waster, I have had as we are migrating to SCCM from MDT is getting the boot image on the WDS server. SCCM is not configured to manage WDS because we use it for other things, so we manually upload the WIM. SCCM creates an ISO that needs to be mounted to extract the WIM for WDS. Thanks to this blog post , it is explained. I wanted the steps automated, so I wrote the following PowerShell script that will perform all of the steps needed to extract and configure the WIM.

MDT Conditional Reboot

Mick's IT Blog

I wrote an article about three years ago on conditional task sequence reboots. It used the built-in reboot task sequence that was initiated only if any of the three conditions were met. The problem was a fourth condition that could not be tested for because a WMI query is the only way to test and MDT conditions do not incorporate WMI.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

MDT: How to initiate a reboot during a task without corrupting the task sequence

Mick's IT Blog

Recently, I have been working on updating several scripts I have written for the build process. One big thing I have wanted is for the script to be able to initiate a reboot without the build process becoming corrupt. An additional functionality I have wanted to implement is to be able to restart the task sequence at the same point it left off before the reboot. I knew the task sequence reruns the windows update process multiple times, so I started by looking at the ZTIWindowsUpdate.wsf file.

Active Directory PowerShell Module Configuration Baseline

Mick's IT Blog

With the recent 1809, RSAT is now integrated into Windows, which is a major plus for the admin side. In my environment, I have the active directory PowerShell module enabled on all machines for two reasons. The first is I use it to move the machine in AD during the build process. The second is that I have an SCCM baseline that makes sure the Bitlocker key matches the one stored in AD. For these, I need the module installed and thankfully it is now just a simple Add-WindowsCapability cmdlet.

Running an SCCM Package via PowerShell and Command Line

Mick's IT Blog

While working on a new compliance policy, I ran into a lot of hurdles that needed to be resolved. One of those hurdles was executing an SCCM package via PowerShell. Using the WMIExplorer, I was able to locate a method that allows you to execute an SCCM package as shown below. Once I located the namespace, class, and method, I needed to find out the name of the package in SCCM that I wanted to execute.

Local Administrator Baseline Compliance

Mick's IT Blog

One of the issues we have had is some users ending up being in the administrators group. There are circumstances to which we have to sometimes put a user in that group to install an application which is both user and computer-based. It can be easy to forget to take the user back out of that group. We don't allow the end users here to have local administrator privileges for security reasons.

Groups 134

The Complete Guide to Distributed Tracing

Distributed tracing is a diagnostic technique that reveals how a set of services coordinate to handle individual user requests. Distributed tracing helps enable loosely coupled work across teams for fast, independent problem-solving.