Everything can be done automatically, as long as you configure it manually :-)
This post is a just a quick follow up on my previous post: Uninstall any application in a jiffy using PowerShell and Configuration Manager
I received a few questions whether the PowerShell script can be used with Microsoft Intune instead of Microsoft Configuration Manager. And sure! This post will explain one of many approaches available with Intune. š
As promised, I’m continuing my Windows 11 journey, this time giving you a small nugget on how to escrow BitLocker recovery keys to Azure AD during a Windows 11 Feature Update.
In my specific scenario, the recovery keys has so far been stored in on-premises AD. For Windows 11, we change that, and store them in Azure AD instead.
For your convenience, find links to my previous Windows 11 posts here:
I’m kind of continuing on last weeks topic, where I wrote about leveraging SetupConfig.ini and SetupComplete.cmd to carry out custom tasks during a Windows 11 Feature Update.Ā
Today I want to demonstrate, how you can leverage the same custom action scripts, to send notifications to a Microsoft Teams channel upon success or failure, when upgrading to Windows 11Ā using a Feature Update.
I’m still preparingĀ Windows 11 for broad deployment and I will post my exact process once it’s ready. For now I’m just giving you tiny tidbits along the way. š
This topic in particular, has been very popular since the release of Windows 11 back in October last year.
At this point, there’s at least a dozen posts out there, on how to remove either the built-in Teams app or the Chat Icon from the task bar on devices running Windows 11 already.
I’m in the middle of preparing Windows 11 for broad deployment myself, and this is how I make sure the built-in Teams app and Chat Icon is removed before the user logs on to Windows 11 for the first time. In this scenario, after completing the Feature Update coming from Windows 10.
My Toast Notification Script unfortunately only works in PowerShell Full Language Mode (for the time being. I have plans to look into this).
This requirement does not work well with AppLocker and having Constrained Language Mode enabled. My solution to this, is to digitally sign the New-ToastNotification.ps1 file. While working my way through the process myself, I realized that a few changes to the Toast Notification Script itself was needed.
The changes made to this “edition” of the script, are only targetedĀ Configuration Manager. I’m not sure that moving between PowerShell Language Modes coming from Proactive Remediations in Intune, is something that’s possible (if anyone knows this, please let me know).
Additionally to the changes needed, I thought the process itself would make a decent and useful blog post. So here goes. š
Super quick blog post, covering the new version of Security Baselines for Windows 10 and 11 in Intune, which was delivered to us with the 2111 service release.
Not much has changed. In fact, if coming from the previous baseline version (December 2020), only one setting has been added: Scan scripts that are used in Microsoft browsers.
So lets take a quick peek at the process I went through, in order to update my Security Baseline.
It’s been a while since the last update on this script. I admit that. Better late than never, I guess.
This update brings a slight improvement to the looks of the toast notifications, and (almost) definitely removes the option for the end-user to disable the notifications as well.
Also, I was wondering about naming the script differently. The script surely works with Windows 11 too, but seeing the entire toast framework was introduced with Windows 10, and Windows 11 behind the scenes is still appearing as version 10.0, I will stick with the current name.
Another kickstarting blog post, getting into the swing of things again after a somewhat lacking period.
Now, RDCman has been revived and arrived last week in a new version 2.8.
For fun and giggles, I did a short PowerShell script which uninstalls the old version (2.7, registered with windows installer) and downloads the new version 2.8 directly from live.sysinternals.com.
This is a little something on the script itself and how to put that to use with ConfigMgr.
A new version of theĀ Windows 10 Toast Notification ScriptĀ is here. The script is now being on versionĀ 2.2.0.
This version brings the option to run the script and thus display toast notifications coming from SYSTEM context.
A requirement has been so far, that the script is being run with the logged on user’s credentials. This is still recommended, but for scenarios where this is not possible, like running this with a task sequence (task sequences always run as local system), this new ability will give you the option to display toast notification for the logged on user, even if coming from local system context.
The work done here, with running the script under SYSTEM, is entirely done by Andrew. Thank you!
Also, with a built-in prevention of having multiple toast notifications being displayed in a row, the script is now also better at handling the re-run behavior in ConfigMgr. Having multiple toast notification displayed in a row, is something that can happen, if a device misses a deployment schedule. The nature of ConfigMgr is to catch up on the missed schedule, and this can lead to multiple toast notifications being displayed.
This is just a really quick post, describing how you configure Microsoft Edge to always – and without prompting the user – open certain links in their associated application.
This might seem like an odd and out of the ordinary post, but I needed this myself, and failed to find the relevant details described properly anywhere.
The mentioned prompt is something that’s generated when opening links to Teams meetings, or when trying to open Office documents in their respective desktop application.
Prompts which in most cases are irrelevant to the end-users, and by eliminating those, the user-experience is improved by a little. TL:DR down below.
