All Activity

I've create task sequence media with attached Boot Image, package, OS. Please help if anyone has same experience

Hi, in my task sequence I have to enter my user which is the administrator of the machine (not best practice i know but moving on) as well as the Computer Name. This works perfectly and have now added "OSDDomainOUName" in order to directly join the computer to a certain domain. This also works but the problem is typing the long DISTINGUISHED NAME. I would like to just either select it from a drop down menu or just enter the company branch name (city name). How can I accomplish this? Please in detail or a link would be much appreciated. Cheers!

Hi, Naill, again! As I wrote, all required permissions assigned at the Azure subscription – for one user was assigned Subscription Reader role, another one has – Owner role (two different users had added for experiments) These users have all required permissions at M365 tenant – they’re Global Administrators. Downhere my test environment illustration: Of course, I read this official documentation https://learn.microsoft.com/en-us/windows-365/enterprise/azure-network-connections and related docs. Also read a lot of other articles (like yours’s) and watched many videos (officials / by bloggers). All things must be simple, but… ☹ What could be wrong? Kind regards, Alex

hi Alex can you verify that you meet these requirements when creating the ANC ? as you are just doing AAD the first line is what you need Intune Administrator, Windows 365 Administrator, or Global Administrator role. and... once created, if you need to edit it... you'll also need > to have the Subscription Reader role in the Azure Subscription where the VNET associated with the ANC was located. for more info > Azure network connection overview | Microsoft Learn cheers niall Permissions required for Azure network connections The ANC wizard requires access to Azure and, optionally, on-premises domain resources. The following permissions are required for the ANC: Intune Administrator, Windows 365 Administrator, or Global Administrator role. An Active Directory user account with sufficient permissions to join the AD domain into this Organizational Unit( (Hybrid Azure AD Join ANCs only). To create or edit an ANC, you must also have the Subscription Reader role in the Azure Subscription where the VNET associated with the ANC was located. For a full list of requirements, see Windows 365 requirements.

Hello, Niall! Can you describe this Windows 365 Enterprise Azure AD join scenario in details about environments/ subscriptions (M365 & Azure)/ permissions? What’s needed to organize a TEST environment like your’s for this scenario? At my test environment I can’t create Azure Network Connection because the dropdown field for subscription choice at the ANC is empty. I have a test M365 subscription by cdx.transform.microsoft.com and two Azure subscriptions – Trial and another one by the Visual Studio. All required permissions assigned at the Azure subscription, but ANC can’t see Azure subscription: Kind regards, Alex

I fixed the issue. I'll leave my solution here for anyone that might have the same issue in the future. I ended up running my Windows 11 build and capture task sequence over again but this time I added a step after the Setup Windows and Configuration Manager to set the power plan to High performance in my base image. Then I used the new base image with the High Performance power plan in an OSD task sequence. The PC stayed awake through the whole TS so I just added a step at the very end of the TS to set the power plan back to balanced. I use SCCM to control the Power settings of all devices so I am not sure if it was necessary to manually set the PC back to balanced, but at any rate my issue is solved. Thanks

I have inherited an SCCM 2211 environment that was supposed to have been setup in HA, but it was not fully configured (no passive site node). I'm a bit stumped with how the SQL AOG has been configured and the person that built it is no longer around. In the past when setting up HA, I would setup the SQL AOG and point SCCM to the listener node. In the console I would see a single site database sever and it would use the name of the listener as the server name. In the environment I inherited, they setup an AOG, but there are 2 site database server roles in the console and they are both pointing to the 2 AOG replicas rather than the listener. I can't find anything saying this is supported and I don't see how that gets you HA capability, but before I start reconfiguring things I wanted to make sure this is not a supported method for HA with SQL and SCCM? Thanks

I have a OSD Task Sequence for Windows 11 22H2 being deployed to new Dell Optiplex 7000's. The Dell's are going to sleep during the "Setup Windows and Configuration Manager" step of the Task sequence. I have checked the "Run as high performance power plan" box in the more options tab, but the PC still goes to sleep. I have also tried using a run command to set the power plan to high performance "PowerCfg.exe /s 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c". The run command works fine in Windows PE, but doesn't persist when the task sequence boots into Windows to start the setup phase. I tried adding the run command right before the setup phase and right after the setup phase. No matter where I put the run command it doesn't seem to matter. If I don't touch the mouse or keyboard before the PC goes to sleep the TS halts. Once I shake the mouse it will continue where it left off. If I put the run command just above the "Setup Windows and Configuration Manager" It runs fine and if I hit F8 and run "powercfg /getactivescheme" it shows that the system is in high performance mode, but then when the system reboots into the installed OS the powerscheme has reset to balanced. If I put the run command after the "Setup Windows and Configuration Manager" step, then the pc goes to sleep because it runs after the fact. I guess I am asking how to set the powerscheme to high performance once the PC has booted into the installed OS but before the "Setup Windows and Configuration Manager" portion starts to run. I saw some posts from years ago on Reddit talking about connected standby and using a registry setting to change it to disabled, however I still don't know where to put the reg tweak in my TS and it seems like the adition of the "Run as high performance power plan" option was supposed to fix this. Thanks

IT compliance is a critical aspect of modern business as it refers to the adherence to policies, regulations, and government laws protecting IT systems and processes. IT compliance ensures businesses and organizations operate under strict security requirements, guidelines, and industry best practices for data protection and governance. IT business leaders, CIOs/CTOs/CISOs, MSPs, system administrators, and other roles within IT must understand the importance of implementing stricter compliance requirements to protect valuable data. Here are a few reasons why modern businesses and organizations must become IT-compliant: Ensuring Data Privacy and Security Businesses that handle sensitive information, such as customer data and financial and medical information, must comply with industry-specific frameworks like HIPAA, PCI-DSS, GDPR, and others. These frameworks provide guidelines for protecting the most sensitive of information a business handles, including data encryption, access controls, and vulnerability assessments. Mitigating Security Risks IT Compliance standards, such as ISO 27001, NIST, and CIS, provide guidelines for identifying, assessing, and mitigating security risks. These standards enable businesses to implement best practices for security and ensure that their IT infrastructure is secure against cyber threats. Avoiding Legal and Financial Fines IT compliance can help businesses avoid legal and financial penalties. However, non-compliance with industry-specific regulations can result in hefty fines, legal suits, and loss of reputation in case of data breaches and general loss of sensitive information. Providing Competitive Advantage Compliance with industry-specific regulations demonstrates to customers the willingness and seriousness businesses take toward data privacy and information security. Compliance can also help businesses improve their reputation, build customer trust, and enhance brand value. Take the Hornetsecurity IT Compliance Survey now! Feel free to participate and get a chance to win!

Sure no problem, attached my config previously.

can you show me how you originally configured SCCM other sources ? maybe that was the issue

Would you like to install the driver or copy it to a directory for later? I copy some drivers for various printers to a directory during my TS so that they are readily available for our support guys to install IF required.

I managed to solve this the wrong way by opening the GPO for updates to check for other products and from other sources. It refused to use my SCCM server even though those sources only specify configuration manager.

hi Joe, do you still have this problem ?

Wow ok.

point the server role to the right IP address.. that should do it

Could you help me please. I have added OCSP URL to "Enterprise CA.cer" as it is written on Step 5, but i can't check it. I use "certutil -url" command, but it returns "no urls" error (on screeshot). How can i repair it? TY in advance.

I am looking for details that need to be update in LMHosts file if Primary site sever, Management point, DP and SUP are located on different-2 servers (not all site system role on same server) then how we can use LMHOST file to install /configure the SCCM clients which doesn't have DNS.

We preload Lexmark drivers in our task sequence so yes it’s possible. What happens when you try and map the networked printer? Have you checked to make sure the driver files are indeed present on the device after imaging?

That did the trick! Actually, for my purposes, all I needed to do was add the 'Approved' column in SCCM, approve the devices, wait about 4-5mins for SCCM to push Client settings, etc., then SC showed my applications. Thanks @anyweb

They are not joined. Let me take a look at what you posted and I'll report back. Thanks!

are these devices domain joined or not ? if not, then you'll need to do some things on each computer (including approving them in SCCM) before they work correctly see this post for more details

Hi folks - Question about apps not showing in SC. I have some devices cable-connected to our network, but not in AD. We imaged them in SCCM and deployed the SCCM Client on them. I see the devices in SCCM and added them to a Device Collection (direct rule). Though they have the Client, in the Device Collection view, it shows in the Client column as 'No', yet they show the correct Site Code in the 'Site Colde' column. These desktops aren't able to see any applications in SC. Do they need to be connected to AD for the Client to show as 'Yes' and be "seen" by SCCM to be able to see apps in SC? Appreciate whatever help you can give. Thanks!

i have the same problem, however mine is happening on Packages or Applications The task sequence manager could not successfully complete execution of the task sequence. A failure exit code of 16389 was returned. The operating system reported error 53: The network path was not found "The task sequence manager could not successfully complete execution of the task sequence. A failure exit code of 16389 was returned" is consistent "The operating system reported error 53: The network path was not found" this can be a different error i have 2 failures out of 20 using the same task sequence, one is on MS Office and one which is just a cmd line to add a user to local admin group, so nothing fancy going on