Mick's IT Blog

JANUARY 21, 2022

If you are still using an on-prem version of office, you know the need to populate the Updates folder so updates get applied when Office is installed instead of having to wait for the updates to download and then be installed. The issue I have run into is some of the updates, once extracted, are named the same. To resolve this, I extract each update from the cab file.

How To 148

How To 148

Mick's IT Blog

NOVEMBER 19, 2021

This PowerShell tool queries AD for a list of machines in the specified administrative admin groups. The list is specified by modifying the script with the groups to be queried. The following example shows how to add groups to the query. When there are multiple groups, they can be divided off by using the pipe character between each group. Where-Object {$_.MemberOf -match 'Admins|Domain Admins|System Admins|'} There is the parameter called $Days.

Tools 151

Tools Report Groups Examples 151

Mick's IT Blog

OCTOBER 13, 2021

KB5005652 resolved the "PrintNightMare" vulnerability, but it also brought many companies to a halt when it came to end-users installing printers if they did not have administrator privileges. During the time since the update, we had our help desk install printers for users on an as-needed basis. There was a workaround by setting the RestrictDriverInstallationToAdministrators to 0 to override the fix, but this would have thwarted the security vulnerability.

Security 224

Security Programming Company 224

Mick's IT Blog

JUNE 29, 2021

Font installation using PowerShell has changed since Windows 10 1909. The old way of doing it with PowerShell no longer works. This new script was originally written by Ben Reader who is a fellow Microsoft MVP from Australia. I took the script and modified it by improving on user interface and file tweaks. This script gets a list of all font files that exist in the same directory.

Microsoft 166

Microsoft Windows 166

Mick's IT Blog

SEPTEMBER 1, 2020

This tool queries specified AD groups for new users that have been added to the group within a specified number of days. The script is written so that it can be used with Azure Automation, Orchestrator, or even a scheduled task, with the addition of the send-mailmessage cmdlet. The intent of this is to track if say a user needs to be temporarily added to the domain admins group for software installation, but then the help desk forgets to remove them.

Groups 203

Groups Report Tools Software 203

Mick's IT Blog

AUGUST 28, 2020

This tool is designed to report if a user profile has been logged into a defined number of machines or greater over a specified period of time. The purpose of the tool is to: Detect a cybercriminal who may have gotten one user credential and is now using it to probe machines across the domain Detect a disgruntled employee who may be logging into multiple machines for destructive reasons The tool works by querying the ConfigMgr SQL server for a list of machines users have logged into.

Report 170

Report Microsoft Tools Groups 170

Mick's IT Blog

AUGUST 27, 2020

If you use PowerShell with Configuration Manager, you likely know that there are two PowerShell modules named ConfigurationManager.psd1. One is located at %PROGRAMFILES%Microsoft Configuration ManagerAdminConsolebin and the other one is located at %PROGRAMFILES%Microsoft Configuration ManagerAdminConsolebinConfigurationManager. If you are trying to figure out which one to use, the %PROGRAMFILES%Microsoft Configuration ManagerAdminConsolebin is the most logical one.

Microsoft 197

Microsoft 197

Mick's IT Blog

MAY 19, 2020

This script will connect to the Zerto server and retrieve a list of systems that Zerto is not backing up. The script has been written so that it can function in the Azure Automation or Orchestrator environment. It can also be used as a scheduled task or executed manually. It excludes desktop operating systems. You will need to install both the activedirectory and zertoapiwrapper modules before using this script.

System 207

System Windows Operating Systems Enterprise 207

Mick's IT Blog

MAY 12, 2020

During the COVID19 pandemic, one of my projects has been to build a new configuration manager server at our newer production site for optimal performance. During this process, we needed to be able to differentiate what servers were on our disaster recovery VMWare server, and what servers were on the production VMWare server. We quickly learned that some of the virtual servers could not be differentiated.

Vmware 173

Vmware Virtualization System Disaster Recovery 173

Mick's IT Blog

MAY 5, 2020

We have a new datacenter and the configuration manager server needed to be moved to that location. The setup of Configuration Manager is not too difficult. I did though run into several gotchas along the way. The first one was a warning that read 'configuration for SQL server memory usage'. I needed at least 8 GB of RAM allocated to the SQL database.

Microsoft 169

Microsoft Virtualization Applications Tools 169

Mick's IT Blog

MAY 1, 2020

We wanted a list of servers that are waiting for a reboot. Thankfully, ConfigMgr has a pending restart field that allows admins to see when systems are waiting for a reboot. Our server team wanted that list to be automatically generated and emailed to them daily. Other than myself, others that have the ConfigMgr console rarely look at it since they wear many hats in IT.

Report 162

Report System Data 162

Mick's IT Blog

APRIL 20, 2020

While building my new Configuration Manager server, MECM, I took screenshots of the default antimalware policy settings in the event settings in it ever got changed. The default should not be changed. A new policy should be created and deployed.

Policies 112

Policies Cloud Security 112

Mick's IT Blog

APRIL 13, 2020

I just started building a completely new configuration manager server. While setting it up, I remembered that I wished in the past that I had all of the original default client settings because some did get changed. If you have ever made changes directly to the default client settings and cannot remember what the original settings were, then here is a screenshot of each section.

Hardware 199

Hardware Windows Software Software 199

Mick's IT Blog

DECEMBER 31, 2019

I wanted to install the Configuration Manager PowerShell module on my admin machine. After investigating a little, the module does not exist in the Microsoft PowerShell gallery. The PowerShell script below will create the module directory under the WindowsPowerShellmodule directory within %PROGRAMFILES%. It will then copy over all of the necessary files.

Microsoft 147

Microsoft Video Course 147

Mick's IT Blog

DECEMBER 26, 2019

A recent project of mine was to obtain the Dell manufacture and ownership dates from all systems for depreciation and lifecycle purposes. This information is not readily available in SCCM and on the local machines. Luckily, the newest version of Dell Command | Configure now includes the manufacture date and first power on date. The first power on date, as referenced in DCC, is also the Ownership Date in the BIOS, as shown below.

Dell 142

Dell System Report 142

Mick's IT Blog

DECEMBER 5, 2019

Earlier this year, we had a non-critical SQL server to crash. Come to find out, the backups were successful every night, but the data in the backup was corrupt. Needless to say, the server had to be recreated from scratch. Thankfully it was a non-critical server. We wanted a way to automatically verify SQL backups are valid. Using PowerShell, I wrote the following script that runs RESTORE VERIFYONLY against the latest backup contained in the designated directory.

Backup 142

Backup Microsoft Data 142

Mick's IT Blog

NOVEMBER 22, 2019

Recently, I wanted to revisit the process of installing the SCCM client during an MDT task sequence. At first, I tried to use the SCCM PowerShell module to initiate the install. I learned during testing that it does not work if a system is not present in SCCM. The process needed to include initializing the client deployment, waiting for the ccmsetup to begin, and then waiting until the ccmsetup disappears and ccmexec is running.

System 203

System 203

Mick's IT Blog

NOVEMBER 14, 2019

I publish new blog postings to multiple Facebook groups regularly. It can be daunting if there are a lot of groups. Although there are several online options, there is a Google Chrome extension called Toolkit for Facebook that is fabulous. It lets you post to multiple groups while being able to designate a random delay in between posting so you don't go to Facebook jail.

Groups 83

Groups Google Development 83

Mick's IT Blog

NOVEMBER 5, 2019

We wanted a list of servers that are waiting for a reboot. Thankfully, SCCM has a pending restart field that allows admins to see when systems are waiting for a reboot. Our server team wanted that list to be automatically generated and emailed to them daily. Other than myself, others that have the SCCM console rarely look at it since they wear many hats in IT.

Report 165

Report System Data 165

Mick's IT Blog

OCTOBER 30, 2019

I have wrestled with the issue of managing mandatory reboots for quite a while. Back before laptops were introduced into the environment, we used an SCCM package that triggered a reboot once a week. Today, with the majority of systems being laptops and tablets, it is not so easy to implement a reboot. The problem came when the package ran, and a system was offline.

Advertising 127

Advertising Policies System Report 127

Mick's IT Blog

OCTOBER 15, 2019

I got tired of duplicate systems appearing in SCCM caused by computers being reimaged while using the same computer name. To rid myself of this issue, I wrote the script below. It queries the SCCM SQL database for a list of machines where the SCCM client installation was attempted with a return code of 120. This error code indicates the system is already present and active in SCCM, thereby indicating this system is the old one.

System 131

System 131

Mick's IT Blog

OCTOBER 3, 2019

Recently, I have begun setting up new front and back-office security runbooks in Microsoft Orchestrator. These runbooks needed to use PowerShell for getting data from the SCCM server. The SCCM console is not installed on the Orchestrator server, so PowerShell required to be able to connect directly to it. The following script will import the SCCM PowerShell module, connect to the SCCM server, and then disconnect.

Microsoft 130

Microsoft System Security Programming 130

Mick's IT Blog

SEPTEMBER 11, 2019

I have used the Dell Command | Update in the build for quite some time for managing the drivers on systems because it makes it a hand-off approach with little setup and reliable updates direct from Dell. The one thing I have wanted to be able to rerun this task several times without having to have duplicate tasks in the task sequence. Sometimes there are multiple reboots required because not all drivers can be installed at the same time.

Dell 152

Dell Microsoft System Applications 152

Mick's IT Blog

AUGUST 21, 2019

One issue, more like a time-waster, I have had as we are migrating to SCCM from MDT is getting the boot image on the WDS server. SCCM is not configured to manage WDS because we use it for other things, so we manually upload the WIM. SCCM creates an ISO that needs to be mounted to extract the WIM for WDS. Thanks to this blog post , it is explained. I wanted the steps automated, so I wrote the following PowerShell script that will perform all of the steps needed to extract and configure the WIM.

Windows 123

Windows Data 123

Mick's IT Blog

AUGUST 2, 2019

Recently, I have been working on updating several scripts I have written for the build process. One big thing I have wanted is for the script to be able to initiate a reboot without the build process becoming corrupt. An additional functionality I have wanted to implement is to be able to restart the task sequence at the same point it left off before the reboot.

How To 125

How To Windows Research 125

Mick's IT Blog

JULY 18, 2019

I wrote an article about three years ago on conditional task sequence reboots. It used the built-in reboot task sequence that was initiated only if any of the three conditions were met. The problem was a fourth condition that could not be tested for because a WMI query is the only way to test and MDT conditions do not incorporate WMI. Recently, I revisited this, and it occurred to me how to incorporate the WMI query after going through the ZTIWindowsUpdate.wsf and seeing how it initiated reboots

Windows 126

Windows System How To 126

Mick's IT Blog

JUNE 6, 2019

Recently, we decided to change the power scheme on machines during the build. This can be quickly done using the powercfg.exe, but I wanted to be sure it always set correctly. Plus, the GUID associated with a power scheme can be different, so I wanted to specify the power scheme by the name. This PowerShell one-liner will set the power scheme on a machine to the scheme defined in the variable $Setting.

122

122

Mick's IT Blog

APRIL 15, 2019

If you have been wanting to wake your Dell systems up from sleep, hibernate, or shutdown states, this is how you do it. Starting out with this article from Dell, I got the list of things needed to set up the system for WOL. There are three areas that have to be configured on Dell systems, at least for the systems we have which range from the Optiplex 990 to the Latitude 7490.

LAN 148

LAN Dell System Energy 148

Mick's IT Blog

MARCH 27, 2019

Recently, I have been working on Configuration Baselines for security purposes. While doing so, two of my baselines required remediation that takes longer than 1 minute. I do not recall where I read it, but I believe the timeout for a compliance check is 1 minute. If the compliance remediation takes longer than 1 minute, then the baseline is designated as non-compliant until the next compliance check is run.

Security 123

Security How To 123

Mick's IT Blog

MARCH 8, 2019

Recently, we had an issue of some machines not backing up the Bitlocker recovery password to active directory, even with the GPO in place. They ended up being offline while the bitlocker process took place. Plus, some of the systems in AD had multiple entries, which can be cumbersome. To mitigate this issue, I have implemented an SCCM Configuration Baseline that makes sure the Bitlocker recovery password is backed up to AD and that it is the only recovery password present.

Backup 142

Backup Windows System 142

Mick's IT Blog

MARCH 7, 2019

With the recent 1809, RSAT is now integrated into Windows, which is a major plus for the admin side. In my environment, I have the active directory PowerShell module enabled on all machines for two reasons. The first is I use it to move the machine in AD during the build process. The second is that I have an SCCM baseline that makes sure the Bitlocker key matches the one stored in AD.

Windows 158

Windows How To 158

Mick's IT Blog

MARCH 4, 2019

One of the issues we have had is some users ending up being in the administrators group. There are circumstances to which we have to sometimes put a user in that group to install an application which is both user and computer-based. It can be easy to forget to take the user back out of that group. We don't allow the end users here to have local administrator privileges for security reasons.

Groups 153

Groups Windows System Applications 153

Mick's IT Blog

FEBRUARY 1, 2019

Here is a PowerShell one-line installer for Mozilla Firefox. This allows you to download the latest version of Mozilla Firefox during the build process without having to maintain the package each time. The URI used in this is for the 64-bit version of Firefox. If you need a different version, you will need to locate the download URI and copy and paste it in the one-liner thereby changing the value of $URI.

139

139

Mick's IT Blog

FEBRUARY 1, 2019

This application is straightforward to deploy. The PowerShell script below will kill all processes associated with Microsoft Office. Ping requires closing Outlook, but I have seen in the past where other Office apps can also interfere by keeping a component of Outlook open, so to be on the safe side, I included closing the entire suite, along with closing Ping if it is already installed.

Microsoft 80

Microsoft Applications Programming 80

Mick's IT Blog

JANUARY 23, 2019

While working on a series of one-liners for configuring the NIC on machines, I created this needed to makes changes to the power management settings of the NIC. This is something that will be implemented in the build, so I also wanted to make the script into a one-liner so the code itself can reside within the task sequence. This one-liner can check/uncheck the boxes within the Power Management tab of the network adapter.

Windows 197

Windows Network Report 197

Mick's IT Blog

NOVEMBER 1, 2018

It was time for us to upgrade the Microsoft Orchestrator to the newest 1801 version. We were three versions behind as we have been using 2012. Luckily starting with 1801, upgrades are performed via windows updates. Microsoft provides a well-documented page on setting up Orchestrator located here. The problem with upgrading from Orchestrator 2012 and 2016 is the fact that you must uninstall the old version and reinstall the new version.

Microsoft 92

Microsoft Windows System Security 92

Mick's IT Blog

OCTOBER 24, 2018

If you have to track the login times for a specific user, this tool will generate a report for you that scans the event viewer logs for ID 4624. The tool parses each event and retrieves the user name, securityID, type of logon, computer name, and time stamp. It formats the output and writes it to a centralized CSV file in the event this tool is deployed to multiple machines at once.

Report 101

Report Security Tools System 101