Jump to content


learningmode

Established Members
  • Posts

    54
  • Joined

  • Last visited

  • Days Won

    3

Posts posted by learningmode

  1. I wanted to update status.... 

    I do not have a real solution to update. Although, things seems to be working now and Hybrid devices are enrolling now. 

    The only thing that I could think of that maybe was a change, was enabling the "Microsoft Intune Enrollment" in the Mobility (MDM and MAM. I was told to just do "Microsoft Intune" and not worry about the "Microsoft Intune Enrollment" in the past.  I could be wrong since it is working, either if it was because of that or other things.  

     

    Thanks, 

  2. On 8/25/2022 at 12:43 PM, anyweb said:

    I'll have to investigate that, have you tried first of all verifying the version of Azure AD connect you are using and update to the latest, see does that resolve things

    if not, look into adding a pass-through auth agent, if that works great, if not, uninstall it

    The pass-through was enabled and downloaded, however didn't seem to fix the issue.  Still investigating....  

  3. Ah, I will check this. 

    I do see the "Pass-through auth" is disabled. 

    For this environment, Federation is enabled, would it matter?  Would you think there would be an impact if having both federation and pass-through enabled? 

    Also, the environment does have Okta, so, i'm not sure if that is oddly causing any problem.  

  4. Continuing troubleshooting...... 

    • Double checked the Azure AD Connect to see proper synchronization of the user and device OU's. Which they are correctly checked.   
    • For kicks, Grabbed device that is not domain joined, and manually azure joined the device.  It was success and the device shows up enrolled to Intune.  

    Here is another problem: 

    • When tried to log into the device, it does not recognize the credentials. Even the same credential used to join the device.  
    • There was another device that had been AAD Joined in the past, so grabbed that device and tried logging into it..... Same thing, does not recognize the credentials.  

    So, it leads me back to the Azure AD Connect sync??? Something is not right with the users side of the house

    ============

    Anyone has any idea what it could be?  

     

    Thanks, 

     

  5. Hi everyone, 

    I tried searching for this before posting, but didn't see any.  So, here we go... 

    Issue: 

    Trying to have domain devices enroll into intune (hybrid join). What I am not seeing when I look at "dsregcmd / status" are the mdmURL's that should be displayed in there.  

    ========================

    What has been checked: 

    Configuration side: 

    • Windows Enrollment for MDM user scope is set for "All" and MAM user scope is none. 
    • Azure AD Connect is synced to the OU with particular Devices
    • Created GPO and enabled "enabled automatic enrollment using default Azure AD credentials" and have User Credentials set.  
    • GPO is linked to the particular OU
    • Users are licensed with MSFT E3 

    Device side: 

    • Confirmed device receiving GPO
    • Seeing error event ID 76 in the event log
    • dsregcmd /status does show Domain joined: Yes and Azure Joined: Yes

    ========================

    Question / statement: 

    • Am I missing anything?
    • One thing to note, that i'm not sure makes a difference is that the environment does have SCCM / co-managed.  I don't see if that makes a difference.  
    • To me, i'm leaning towards something with users... because the MDM User scope is what should bring the URL, if I am thinking correctly. 

     

    Thanks, 

     

     

    mdmurl_missing.png

  6. 6 hours ago, anyweb said:

    have you tried using the import option in hyperv, point it to the folder where you have the original vms and let it do the magic, this will only work if you had ALL the files in that location, for example D:\Hyperv\vm1 and so on,

    by default, unless you change it hyper-v usually tries to store some snapshot and other configuration info in C:\ProgramData\Microsoft\Windows\Hyper-V  if i'm not mistaken... so if you haven't got a backup of that it might be difficult

    Thanks for the quick response @anyweb yeah, I tried the import option and it didn't recognize any of the files in the snapshots or virtual machine folders that I have.  I'm guessing it won't see it unless you had exported the VM previously.  I may have to bit the bullet and just start fresh again... ouch! 

  7. Hi Intelligent guru's, 

    I have a question with my current scenario.  

    I recently had to reload my windows OS that I was hosting my Hyper-V VM's on.  I stored my Hard Disk Image File and AVHDX File, and also my Virtual Machines snapshots in a separate partition.  

    Is it possible to create the new VM's with the existing snapshots? I am able to attach the HDI files, but that only takes me to the base load. When I try to attach AVHDX file, it errors.  I'm just not too sure where to begin.  

     

    Thanks, 

  8. Hey Folks, 

    I've been pondering some time what is the best method to create a shared calendar for conference rooms. I have been utilizing the Resources > 'Rooms & Equipment' from the Admin portal. But recently, I was wanting to add the conference room calendars to the Intranet sharepoint site. It appears you can not do so from the Resource section. 

    Versus if you create a conference room from Microsoft 365 groups, then you can use the "Group calendar" within sharepoint and choose the specific conference rooms from there.  Also, you would be able to make that group a dynamic group, so it would automatically add the members to the group. 

    I just wanted to get some of your opinions what you guys think. The big win for me is utilizing the dynamic group to add to the calendar vs always have to add / remove members to the Resources rooms manually. 

    My take and please correct me if i'm wrong. 

    ====================

    Rooms & Equipment Negative: 

    • Can not dynamically add members to the calendar for permissions. 
    • Can not add calendar to the Sharepoint site (company intranet).

    Pros: 

    • Easy and fast to use ( I just wanted to put something in pro for this, but can't really think of one)

    ====================

    Microsoft 365 Group Negative: 

    • I do not like how the group would now show under TEAMs

    Pros: 

    • You can create dynamic users to automatically add members for permission to calendar
    • Can be displayed in Sharepoint 'Group Calendar' 

    ====================

  9. **UPDATE** 

    Okay, what worked for me was reading through this article https://timmyit.com/2018/12/17/mdm-join-an-already-azure-ad-joined-windows-10-pcs-to-intune-with-a-provisioning-package/ 

    I already had an RMM in placed for my side of things, so, I just used the Powershell script that he had and pushed that out to all the devices.  Once I did that, all the devices started to enroll into Intune.  

    Learning Experience: 

    Keep Note: If you started off with MSFT standard license and down the road you upgrade to a premium license.  The above resolution will most likely fix your problem. I have attached zip file just in case Timmy site down the road goes offline.  

    MDM_File.zip

    • Like 1
  10. Not in the Device Event logs itself.  

    But I have read some where that if the existing devices were Azure AD joined already with the standard license, then you upgrade to the intune licenses... The existing devices will not automatically join.  I'm trying to look around and confirm that as we speak.  

    That might explain why it wouldn't work and if I manually unjoin the device and rejoin them, it will then enrol 

  11. Hi Everyone, 

    I've tried to do some searches here but didn't narrow down to my solution.  

    Story: 

    I've updated my licenses and upgraded Standard to now Business Premium, which now I would be able to enroll and manage my devices. 

    Issue: 

    None of the devices that are currently Azure AD Joined are enrolling into Intune.  They still show MDM none and N/A for Compliant. Now, if I would disconnect the user from the device and azure join them again, then the device will become compliant and enroll into intune.  

    Spot checked: 

    • verified licenses for the users.
    • verified auto-enrollment for all users enabled MDM.
    • verified on several devices for the Device state to confirm azure AD joined and URL.
    • verified the Device settings that all users can join devices. 
    • Checked enrollment restrictions. 

    My Question: 

    It is odd to me that if I Azure AD join a device now, it will work, but none of the current legacy devices before the license upgrade would auto enroll.  I prefer not going to each machine and have the users unjoin and rejoin for this to work.  Is there anything i'm missing or not catching? 

     

    Thanks,

     

     

  12. On 26/08/2017 at 11:30 AM, A.Kassem said:

    Thanks @GarthMJ and @learningmode for your help . I want an article talking about connecting SCSM to other databases and import devices from it .your help is much appreciated .

    Right, you could use Cireson Asset Management and create a connector to other Databases and bring over. I have screenshots of how its done and looks like.    

    image.png.e7f27840d45a350f499b2415f3e7ce36.png

    image.thumb.png.a10e7d6dae0a7203bc47395f000fd569.png

    image.thumb.png.65e4f4eaf6f7f7ad220a990a7967ae73.png

  13. 31 minutes ago, GarthMJ said:

    No, CMCB is NOT a CMDB, However SCSM (Service Manager) is a CMDB and you can do that with it.

    @A.Kassem Garth is correct, I wouldn't go about it via CM. SErvice Manager would be able to help with bringing in devices from CM. Then you could use third party like Cireson which has Asset Management tool that plugs into SM. You'll be able to manage your asset lifecycle from there. 

    http://cireson.com/apps/asset-management/

  14. Sorry, yes it was working until they realized Service Manager had gone down after Configuration Manager was installed. After looking through what was going on, they saw that both SM and CM was trying to use port 1433 and for Service Manager, that is not a configurable port.

    Thanks Garth and quick responses! Doing a site recovery could do the trick for them, and you're right, it is best to have SQL on same site server anyway especially if its stand alone.

  15. Question: Regarding to the Port 1433.

     

    We had installed Configuration Manager 2012 R2 to point to the same Database server as Service Manager, but on a different Instance. It come to find out that both SM and CM using Port 1433 is a no go. How would I go about chaing Configuration Manager to point to a new port if i assign it port 1434?

     

    Or is it better to just create a new database server for CM and some how to tell it to point to the new Database Server?

     

     

    Thanks,

  16. Good Morning!

     

    About to install SCCM 2012 on a virtual server and have a question for the group.

     

    Here's what we have in place:

     

    - Windows 2008 R2 Enterprise SP1 with all the current updates

    - 16Gb. memory

    - Intel Xeon E5645 (4 Processors)

    - 350Gb. storage on drive 'D' for packages, apps, etc...

     

    The SCCM server will not be a CAS. We probably have about 2000 systems in our school district. These are laptops and desktops.

     

    SCCM 2012 was setup previously, but an update was installed and toasted everything.

     

    My question:

     

    - Just follow anyweb's EXCELLENT step-by-step guide for installing a standalone server?

     

    Any other 'gotcha' info would be great, too.

     

    Thanks!

     

    BRS

     

     

     

     

     

     

     

     

     

    BRS,

     

    the step by step guide is very helpful... be sure to read over it few times to understand before actually building it. If possible, build in VM first as practice run.... Other than that you will run into small issues that you can not avoid, but just ask questions and someone will be willing to help.

     

    I noticed that you having one drive to have all your packages, apps... etc.. I highly recommend for you to have at about 7 partitions (my opinion).

     

    You want to have the Configuration manager installed in separate partition from the local desk drive. then you will have SQL partition for backup, tempDB, log, and Data. all those are its own separate partition. After that I have partition for the DPs and I would store the application under that.

     

    This is what I just did, don't know what best practice would be but this made for ease of separation and organization.

     

     

    Thanks

  17. Make sure that you completely removed everything from your old environment (mainly in the AD).

     

    Peter,

     

    I'm curious... what would happen if you still have old environment in AD and active? My company upgraded from 2007 to 2012 and currently migrated everything over, but the 2007 environment is still up for a few more months before decommission.

     

    What conflict would happen if both environment is stood up and also still in AD? Note: we have already have all clients moved over to the 2012 environment.

     

    Thanks,

  18.  

    Hi Guys,

     

    I am having separate issue with deleting secondary. On my first attempt creating Secondary Site Server from the console to a server that is in another region, it passed the prerequisite, but eventually "failed to install". Stupid me, I didn't really pay attention what failed, I just went ahead and did a delete to start over the install from console. When I initiated the Secondary installation for the second time.. it failed to install again, this time I looked at the "show install status" what caused the failure. It showed "Site server or site system role is already installed ......." and "SQL was installed....."

     

    So, I went into the server to look and it does show from the first attempt it had successfully installed on the server although the console showed "failed to install". I did an delete again from console and gave it some time to replicate. It was cleared from console, but it does not appear it would delete from the site server itself.

     

    This is where i believe i screwed up!

     

    I uninstalled manually the SQL server from programs and features first, then the Microsoft System center. Now, when I try to uninstall the Microsoft System Center I get this error:

     

     

    attachicon.gifSQL Error.PNG

     

    So, I had tried is install Sql express manually hoping Configuration Manager would pick it up and it appears that does not work either. I get the same error message.

     

    Anyone have an idea how to remove the configuration manager manually so I could push this through again from the console? Is there any powershell trick to get this done i wonder?

     

     

    Thanks all for help,

     

     

     

     

    Guys I have fixed my issue...

     

    I went into the regedit and deleted the SMS REG folder. located at: HKLM\software\Microsoft\SMS

     

    You would also want to make sure the SQL folder is also deleted in the Programs files of Windows.

     

    So, after making sure all is cleaned to near fresh machine again... I ran the secondary creation again from console and I was able to get everything re-installed and read ACTIVE now.

     

     

    Thanks,

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.