Migrate your OneDrive for Business to Per Machine installation (With or without source files using SCCM and Powershell)

Introduction

Installing the OneDrive for Business client on a per machine basis is an often requested feature and for good reasons. OneDrive in it’s current state in the production ring, is installing into the users profile in %localappdata%, and for equally good reasons that is often not desired by enterprises.

Now, Microsoft has finally given us an option, allowing us to install OneDrive for the device into %programfiles(x86)%. The option is currently in preview and all the juicy details are found here: https://docs.microsoft.com/en-us/onedrive/per-machine-installation

PS. Credit where due: I was inspired by Per Larsen’s post on doing the same with Microsoft Intune and like many times before, this brought me to doing something on my own for the sharing and learning experience. Enjoy. 🙂

Read more…

Connect to Exchange Online with Powershell, Modern Authentication and Conditional Access

Introduction

This is not one of the usual topics I blog about, but nonetheless it’s quite relevant. If you leverage Conditional Access to protect your corporate resources, good chances are that you are blocking legacy authentication (or at least that is something you should consider doing).

If you also fancy connecting to Exchange Online using Powershell for automation reasons, another good chance is that this is done with basic/legacy authentication. This is obviously a conflict with my first statement, so I figured it would make a good blog post to describe how to connect to Exchange Online automated with Modern Authentication while being protected by Conditional Access.

Read more…

Windows as a Service: PreCaching drivers before In-Place Upgrades with ConfigMgr Task Sequences

Introduction

Since my previous WaaS posts, I have received a few inquiries about how to do drivers when precaching the content prior to running the actual In-Place upgrade. As of such, I figured it would make a great blog post covering the approach I’m currently using.

So this is me doing just that, as a small addition to what I have previously covered with my PreCache and In-Place Upgrade Task Sequences.

Note: I’m brewing on a complete WaaS section on here, sharing all and everything I do in details in regards to Windows Servicing. This will be available from this link once I get there: https://www.imab.dk/windows-as-a-service/

Read more…

Connect to Microsoft Graph for Intune with Powershell ISE Add-ons

Introduction

If you are working with Microsoft Intune on a daily basis, chances are that you are familiar with the awesome Powershell Intune Graph script samples over at GitHub: https://github.com/microsoftgraph/powershell-intune-samples.

I have previously blogged specifically about putting 2 of the scripts to use here:

If you are less familiar with Powershell, the script samples might seem a bit intimidating and difficult for some to put to use. The new Microsoft.Graph.Intune PowerShell Module to the rescue!

Now, this post is not about using the actual module, but how you with a single click can connect to the Graph API and gain access to all the available cmdlets in a very easy and sufficient way.

Read more…

Install Google Chrome Extensions using Microsoft Intune in 3 different ways (Powershell, ADMX ingestion and MSI)

Introduction

I have previously covered the approach on how to install Google Chrome extensions using System Center Configuration Manager. Find my post here: https://www.imab.dk/forcefully-deploy-the-windows-defender-google-chrome-extension-using-configuration-manager/

Then it came to my attention that Microsoft released another and new extension for Chrome last week. It’s called Microsoft Web Activities. This made me go through the approach again, and figured I wanted to cover the methods on how to install Google Chrome Extensions using Microsoft Intune.

Read more…

PXE boot your way into Windows AutoPilot and Windows 10 Shared PC

Introduction

This is a continuation of my previous post on Windows AutoPilot for existing devices. This time covering a similar scenario, where I’m PXE booting an existing device (known or unknown to ConfigMgr) into a Windows 10 Shared PC with Windows AutoPilot and Microsoft Intune

Now, the scenario might have many similarities compared to last week, but nevertheless there’s a real purpose with the crazyness. This is about getting started with Windows AutoPilot and giving you inspiration on how to do that. In my environment, it’s a whole lot easier to make the switch into AutoPilot for non-user devices (I bet I’m not alone on this one). That be devices which are shared between users in public spaces and kiosk devices in particular.

Also, devices in this category are quite often not brand new and might even be old repurposed user-devices (hence we cannot ask our reseller to add them into AutoPilot prior to delivery and thus we have to do it ourselves) 🙂

A peek into the AutoPilot Deployment Profiles in my environment

Read more…

AutoPilot for existing devices: Move from Windows 7 to modern Co-managed Windows 10 in a jiffy using ConfigMgr

Introduction

Lately I have been preparing our own shift from old school device provisioning with PXE and ConfigMgr, to the modern alternative with Windows AutoPilot. The preparation is two folded, where the mindset of the IT pros working with the technologies needs a shift, but obviously also the technologies and features involved.

We’ve been hitting F12 and preparing devices within IT for many years and while it’s easy to persuade IT pros into using new and exciting technologies, the businesses we serve also needs maturing. We are not quite there yet, but we are getting closer, and the first step is obviously to embrace the technology and start using it.

We don’t have any devices running Windows 7 in our environment (phew), but this is an approach that can be used with previous versions of Windows 10 as well. For example when moving from 1803 to 1809.

Read more…

Windows as a Service: Remind users of pending Windows upgrades using Windows toast notifications, part 3

Introduction

UPDATE: The script used here has been severely updated: https://www.imab.dk/windows-10-toast-notification-script/. The scenario described here is still relevant though, so I recommend that you still read through this 🙂

This will be a small but exciting contribution to my ‘Windows as a Service’ series!

The usual story here is, that everyone wants to add more user-friendliness to the whole experience around Windows Servicing.

End-users generally doesn’t care about new versions of Windows and they also, generally speaking, find interruptions in their work annoying, especially if those interruptions come unexpected.

So we come up with clever solutions to solve those problems and this will be an addition to that; remind the user with a big nice Windows toast notification when a Windows upgrade is pending. This is for the obvious reminder, but also to lure the end-user into a voluntary participation.

Find some of my previous WaaS posts here:

Part 1: https://www.imab.dk/windows-as-a-service-sharing-my-precache-and-in-place-upgrade-task-sequences-part-1/
Part 2: https://www.imab.dk/windows-as-a-service-sharing-my-precache-and-in-place-upgrade-task-sequences-part-2/

Read more…

Windows as a Service: Sharing my PreCache and In-Place Upgrade Task Sequences, part 2

Introduction

This is an extremely hot topic and I do know that we have some awesome OSD experts out there sharing their content already (Gary Blok, Mike Terrill etc.).  Now, their content is way superior to mine and probably suit a lot of needs already, but I think that content around WaaS in particular is interesting and especially when sharing how one does Windows Servicing in details.

So, this is me doing just that – sharing my precaching and in-place upgrade task sequences – in details. This will be a lengthy post, so grab a good cup of coffee ?

Also, this is based on a mid-size company in Denmark and we don’t manage thousands and thousands of devices. WaaS is a small part of my daily job and I’m the only one doing it, so the time and effort put into this is reflecting the size of the company and the resources available, but is still done with an eye on the detail. With that being said, some of the stuff I do here is done with inspiration from how some of the mentioned people does it (credit where due during the posts). If you find yourself in similar position or just need some more inspiration – then this will be for you 🙂

Part 1: https://www.imab.dk/windows-as-a-service-sharing-my-precache-and-in-place-upgrade-task-sequences-part-1/

Read more…

Windows as a Service: Sharing my PreCache and In-Place Upgrade Task Sequences, part 1

Introduction

Update! The content in this post, has been updated: Windows as a Service: Sharing my PreCache and In-Place Upgrade Task Sequences – 20H2 edition, part 1

This is an extremely hot topic and I do know that we have some awesome OSD experts out there sharing their content already (Gary Blok, Mike Terrill etc.).  Now, their content is way superior to mine and probably satisfy a lot of needs already, but I think that content around WaaS in particular is interesting and especially when sharing how one does Windows Servicing in details.

So, this is me doing just that – sharing my precaching and in-place upgrade task sequences – in details. This will be a lengthy post, so grab a good cup of coffee 🙂

Also, this is based on a mid-size company in Denmark and we don’t manage thousands and thousands of devices. WaaS is a small part of my daily job and I’m the only one doing it, so the time and effort put into this is reflecting the size of the company and the resources available, but is still done with an eye on the detail. With that being said, some of the stuff I do here is done with inspiration from how some of the mentioned people does it (credit where due during the posts). If you find yourself in similar position or just need some more inspiration – then this will be for you 🙂

Part 2: https://www.imab.dk/windows-as-a-service-sharing-my-precache-and-in-place-upgrade-task-sequences-part-2/

Read more…