Meet the Belgians at MMS DE !

MMS in general, if it's now MMSMOA or MMSDE, one of the best conferences around for me to attend or speak! The reason to be there is that their is no better community focused conference available where you could have a direct interaction during the sessions with MVP's and Product team members. If you know uservoice, well then you have a lot of walking uservoice options as interaction with Product team people like David James (Director of Product Engineering) and that is just priceless! We Belgians are greatly represented at MMS Desert edition : Dieter Wijckmans (MVP Cloud & Datacenter) : Opening with MMS 2018 Desert Edition Welcome Reception - That will be hilarious Monitoring Configmgr Patch management with log analytics! Best of both worlds?   Kenny Buntinx and Tim De Keukelaere (MVP Enterprise Mobility) : Enterprise Mobility Suite Part 1 & 2 But if you really want to go deepdive on technical Configmgr, Modern Management or simply Belgian Beer questions, come...
Read More

Update KB4343909 for Windows 10 1803 kills Windows Defender Application Guard

Update KB4343909 for Windows 10 1803 has broken ‘Windows Defender Application Guard’ (WDAG) after installing the August 2018 KB4343909 update. The Windows Defender Application Guard reports the error code 0xC0370106 as shown below. We confirm that it is a ‘known issue’ if you read the release notes of KBb4343909  : "Launching Microsoft Edge using the New Application Guard Window may fail; normal Microsoft Edge instances are not affected." The workaround is uninstall the KB4343909 update and install updates KB4340917 and KB4343909 in that specific order. Microsoft will fix this in the September release. Kenny Buntinx...
Read More

Hybrid Mobile Device Management (MDM) and why you should plan for migration now !

Hi , Microsoft recently  posted a service change announcement in the Office Message Center to customers using Hybrid Mobile Device Management (MDM). Maybe you are one of those type of customers that need to take action as you are using SCCM + Intune in hybrid mode and this impacts you . MC146431 - Plan for Change: Move to Intune on Azure for your Mobile Device Management Since launching on Azure over a year ago, Intune has added hundreds of new customer-requested and market-leading service capabilities, and now offers far more capabilities than those offered through hybrid Mobile Device Management (MDM). Intune on Azure provides a more integrated, streamlined administrative experience for your enterprise mobility needs. As a result, we see that most Enterprise Mobility + Security (EMS) customers choose Intune on Azure over hybrid MDM. The number of customers using hybrid MDM continues to decrease as more customers move to the cloud. Therefore, on September 1, 2019, we will retire the hybrid MDM service offering. Note: This...
Read More

MVP in Enterprise Mobility – 10th Anniversary.

I’m very proud to  announce that my MVP award got renewed for the year 2018 – 2019 in the category of Enterprise Mobility and at the same time it is also my 10th anniversary. This is certainly a great honor for me and our company OB-V-US. Thank you Microsoft, Blog readers and all the community members that helped me out! Thanks for the recognition. I am delighted.   Kenny Buntinx Enterprise Mobility MVP  ...
Read More

Upgrading from ConfigMgr 1702 to 1706 gives you “Microsoft SQL Server reported SQL message 2627, severity 14” in your status messages

If you upgraded your ConfigMgr 1702 or earlier environment to Configmgr 1706 and in the status messages after the upgrade you get : Microsoft SQL Server reported SQL message 2627, severity 14: [23000][2627][Microsoft][SQL Server Native Client 11.0][SQL Server]Violation of PRIMARY KEY constraint 'SUM_DriverUpdates_PK'. Cannot insert duplicate key in object 'dbo.SUM_DriverUpdates'. The duplicate key value is (d8483f4f-0390-49db-b251-faf884dd8eaf Be aware that the Product Group are aware of this issue and are on a working on a fix. The result of this problem is that admins cannot see new Surface driver updates. Other than that, nothing else is impacted so it can be ignored. Hope it helps , Kenny Buntinx MVP Enterprise Mobility...
Read More

Enterprise Mobility : In the land of NDES – Where one eye is King and you need to watch your CRL Delta files

I was doing a EMS POC and deployment of certificates on mobile devices was a requirement. So I needed to setup an NDES server with a separate Subordinate CA for MDM , NDES Server and SCCM Certificate Registration Point (CRP). Big deal I thought as I did it a already multiple times. At my customer we worked close with the server team and setup the infrastructure which was working fine at first sight. After a reboot of the NDES server I was struggling to get the Network Device Enrollment Service (NDES) up and running again as it would throw me an error 500. The event log of the NDES Server told me the following: The Network Device Enrollment Service cannot retrieve one of its required certificates (0x80070057). The parameter is incorrect. The Network Device Enrollment Service cannot be started (0x80070057). The parameter is incorrect. When the service starts, it searches for two certificates that are used by the service : 1. The service searches in the...
Read More

How to get OMS alerts in SCOM

  During recent events and customer contacts I got a lot of question regarding integrating SCOM with OMS. Also recently with my webinar with Savision it popped up several times. This question actually makes sense because SCOM has already a lot investments in it + is mostly the start of your ITIL process… But how do you actually get alerts in SCOM from OMS? Well by using OMS and Azure Automation of course! Step 1 Define what you want to forward to SCOM by defining a scenario and a search query The scenario is key in this stage of the process. You need to define what you are looking for. Alerting in OMS is quite different than SCOM for example. In OMS you need to ask yourself “How many time did X happen in Y time” instead of “If this then that” kind of monitoring in SCOM. This is very important to...
Read More

When deploying Windows Server 2012R2 using an Configmgr OSD Task Sequence, additional disks will be offline when the Task Sequence completes

  When using a Configuration Manager OSD Task Sequence to deploy Windows Server 2012 or Windows Server 2012 R2 to a server (VM) that contains disks that are not local (such as SAN Disk), when the Task Sequence completes, the additional disks may not come online and may show as offline. Specifically in the Disk Management, the additional disks will show offline with the message: Disk is offline due to a policy set by an administrator If you look at my VM, you will see I have 2 separate disks that I will need in a later phase to install the backup software to the D:\ partition, residing on the other vmdk. To resolve the issue, for the WinPE phase, the steps from KB971436 need to be added to the Task Sequence. For deployments from Operating System Images, a registry key value will need to be updated with the correct SAN policy value as...
Read More