This will be a short post on how to update WinPE boot images with a Cumulative Update as we need to do that now with the release of May 2023 Cumulative Update to address CVE-2023-24932. Spent all day with colleagues to try to test what happens to OS deployment (and AutoPilot) when deploying the mitigation…
Category: Configuration Manager
Remove built-in apps in Windows 11 22H2 during OSD
I have updated the script I use to uninstall built in apps in Windows 10 and Windows 11. Windows 11 22H2 has some changes when it comes to removing built-in apps. Is uninstalling built-in apps still a thing, yes it is. Teams Personal is one example of a similar app to Teams that causes unnecessary…
Installing updates during OSD using PSWindowsUpdate
When we move workloads to Intune in our Co-Management scenarios we lose some features we have been using and need to go back to basic. In this short post we will install updates during OSD using the PSWindowsUpdate module which is great. When we moved the Windows Update workload and uninstalled WSUS we need another…
Logging the Co-management and Defender onboarding process during OSD
When starting to move workloads to Intune of the first workload to move is Compliance and Endpoint Protection. When moving the Endpoint protection workload the following configurations are moved to Intune instead of MEMCM: Windows Defender Antimalware Windows Defender Application Guard Windows Defender Firewall Windows Defender SmartScreen Windows Encryption Windows Defender Exploit Guard Windows Defender…
Show DP information during OSD using TSBackground
One request that was made many times in the comments of the blog posts on TSBackground which is a remarkable tool from Johan Schrewelius, is to be able to show which DP is being used during OSD. I will try to explain the challenges with displaying DP information using TSBackground and some ways of doing…
MEMCM 2203 released with great features
MEMCM 2203 has been released with some great features that I need to write about. Must be one of the releases that includes most the top request features like Escrow BitLocker Recovery Key to MEMCM in a Task Sequence, Dark Mode! and Icons for Task Sequences and packages. Escrow BitLocker Recovery Key to MEMCM in…
MEMCM SQL Query Poor Performance
A few days ago, we experienced performance issues when querying a ConfigMgr DB view. A very simple query: “SELECT Name, MachineID, IsActive, AADDeviceID FROM v_CombinedDeviceResources WHERE CoManaged = ‘1’” could take up to a minute to complete. Since we already knew that “v_CombinedDeviceResources” is the source from where the Device view in the ConfigMgr console…
MEMCM Cloud Management Gateway migration options
Now that Cloud Management Gateway (Classic Service classic) is deprecated and will be removed in the future releases of Configuration Manager after 1 March 2022 we can now longer deploy a CMG using the cloud service (classic). This is most likely due the fact that Classic VMs is being removed in Azure as the link…