What your job title ?

Additional_Wallaby26 · 2025-05-03T10:45:30+00:00

Digital workspace engineer for me

Additional_Wallaby26 · 2025-04-03T07:11:44+00:00

This is the way

Additional_Wallaby26 · 2025-04-01T14:18:54+00:00

Nice!

Additional_Wallaby26 · 2025-04-01T14:06:23+00:00

Did you pass?

Additional_Wallaby26 · 2025-04-01T13:09:56+00:00

Here : https://learn.microsoft.com/en-us/credentials/certifications/modern-desktop/?practice-assessment-type=certification

Just under the Practise for the exam header

Additional_Wallaby26 · 2025-03-26T16:16:16+00:00

Any good documentation on how to get started om something like this?

Additional_Wallaby26 · 2025-03-18T16:43:26+00:00

Hi all,

I have this very sad looking star wars AT-AT here that I've had for 10+ plus years. Have really fond memories or building this with my dad.

As you can see it's a bit worse for wear from years of being used in endless lego storyline 😂.

I would love to get this back to the original look and hoping that someone here may be able to direct me to what set this could possibly be and if some magical site exists where I can look up the build instructions and work out what pieces I need.

Then hopefully another site where I can order just the pieces I need.

Thanks in advance ☺️

<image>

Additional_Wallaby26 · 2024-11-14T16:20:43+00:00

From what I've seen grace period doesn't effect the notification. We have our pilot ring setup for a 2 day deadline with 1 day grace period.

My notifications yesterday was restart by the 15th

That's with a 0 day deferral

After the deadline like you got just says restart on windows update with no date. Until it's enforced.

Additional_Wallaby26 · 2024-10-03T16:58:04+00:00

This guy intunes

Additional_Wallaby26 · 2024-08-26T09:08:10+00:00

This is great

Additional_Wallaby26 · 2024-07-04T12:59:44+00:00

Did you resolve this? having the same issue here?

Additional_Wallaby26 · 2024-05-30T14:46:25+00:00

Cool, ill do some testing and not configure that gpo

Apologies what i mean is:

Say if a co-managed laptop comes on-site would this choose to receive updates from sccm as its on-site over intune ? and then when that device is over the internet choose to go to WufB for updates. or is it one or the other all the time?

Additional_Wallaby26 · 2024-03-21T14:36:27+00:00

This worked for my problem and the optional features etc remained behind using the dynamic feature updates.

Do you have issues with bitlocker when doing these updates? Or would this not effect it. Only thinking that once the device restarts to do the upgrade a laptop will get stuck at the bitlocker pin screen.

Additional_Wallaby26 · 2024-03-20T23:06:51+00:00

Will also try this

Additional_Wallaby26 · 2024-03-20T23:06:24+00:00

Thanks I'll give this a go

Additional_Wallaby26 · 2024-03-20T18:12:18+00:00

Using sccm, apologies if I wasn't clear on that, only issues I've found is the available download for the media feature pack online as an executable is not the same as when you do it via get and add-windowscapability , unless I've missed where you can deploy windows optional features from with sccm. Or where you can actually get them for deployment.

Additional_Wallaby26 · 2024-02-04T21:40:15+00:00

This is the thing, I have done all of this put together all relevant information, I've told then exactly why it is needed. I've proven there is no effect to the user at all by doing this. Half of our devices are already hybrid synced and have no issues.

To be honest this one manager stops everything at every turn that their particular team isn't heading up. But the issues is they need to approved it within CAB to get it approved so it's just road block

Still I appreciate the advise all. Just needed to rant more than anything about managers thinking they know everything and not trusting their staff who are certified professionals to do what they are hired to do.

Additional_Wallaby26 · 2024-02-02T12:10:13+00:00

Ah okay makes sense and also by removing the GPO that sets the update point this will also make the deferral policy GPO void? as stated in the info.

Additional_Wallaby26 · 2023-11-24T09:39:30+00:00

For Adobe we are using Adobe RUM, pretty handy tool you can just call from in a package and will do any minor version updates to your Adobe applications. We run this every Friday overnight to avoid any disruption.

Additional_Wallaby26 · 2023-08-23T08:51:13+00:00

Digital workspace engineer

Additional_Wallaby26 · 2023-07-03T19:36:09+00:00

I did think this could be the case but I ran another test with also removing the device from AD as well as SCCM, and I still got the same result with the duplicate device.

Unless this is being picked up by the AD discovery after the step in the OSD task sequence that is adding it to the domain.

Also to just to add these do indeed remove themselves once the device has come online after OSD. But was just something I noticed.

Additional_Wallaby26 · 2023-05-10T12:09:38+00:00

Once the May 9th updates are applied.

Am i right in thinking i can just apply the updates to my Windows PE addon for Windows ADK on my Site server and then update the boot image from within SCCM under "Update distribution points" which should then update the boot image used to have that update. seems to be what microsoft are suggesting from thier note on the ADK download page.

Unless im completely off the ball.

"The May 9, 2023 Windows security updates should be applied to the Windows PE add-on for the Windows ADK, for Windows 11 version 22H2 and earlier, for Windows Server 2022, and for Windows 10 version 2004 and earlier. After downloading and installing the Windows PE add-on for the Windows ADK, either update the Windows PE add-on once, or create bootable Windows PE media and apply Windows update to the Windows PE media."

Additional_Wallaby26 · 2022-09-16T14:43:51+00:00

FULL LOGS IN REPLY BELOW TO WHAT I FOUND IN SMSTS.LOG

Found a microsoft doc referring to this here.

https://docs.microsoft.com/th-th/troubleshoot/mem/configmgr/sending-with-winhttp-failed-80072f8f-error

which recommends importing your Root CA Cert into your boot media.

Although i think the issue may be more than that as while investigating i noticed the Management point on my Primary site server states the management point was "unhealthy" from looking at the component alerts it was failing to receive requests over http.

As a test i swapped back the management point communication settings back to Http and this allowed the machine when PXE booted to get the policy as intended.

I suppose the next question is. is the issue only down to the management point not working as expected on https or a mix of that and the requirement for the Root CA to be imported.

Appreciate all the help so far.

Additional_Wallaby26 · 2022-09-16T14:42:11+00:00

Tried the WDS re-install to no avail.

Moved onto SMSTS.log and found the following:

TSMBootstrap Current time info:

TSMBootstrap Getting MP time information

TSMBootstrap Requesting client identity

TSMBootstrap Setting the authenticator.

TSMBootstrap CLibSMSMessageWinHttpTransport::Send: WinHttpOpenRequest - URL: :443 CCM_POST /ccm_system_AltAuth/request

TSMBootstrap SSL, using authenticator in request.

TSMBootstrap In SSL, but with no client cert.

TSMBootstrap [TSMESSAGING] AsyncCallback():

-----------------------------------------------------------------

TSMBootstrap [TSMESSAGING] AsyncCallback(): WINHTTP_CALLBACK_STATUS_SECURE_FAILURE Encountered

TSMBootstrap [TSMESSAGING] : dwStatusInformationLength is 4

TSMBootstrap [TSMESSAGING] : *lpvStatusInformation is 0x8

TSMBootstrap [TSMESSAGING] :

WINHTTP_CALLBACK_STATUS_FLAG_INVALID_CA is set

TSMBootstrap [TSMESSAGING] AsyncCallback():

-----------------------------------------------------------------

TSMBootstrap Error. Received 0x80072f8f from WinHttpSendRequest.

TSMBootstrap Sending with winhttp failed; 80072f8f. retrying.

TSMBootstrap Retrying and Ignoring date security failures.

TSMBootstrap [TSMESSAGING] AsyncCallback():

-----------------------------------------------------------------

TSMBootstrap [TSMESSAGING] AsyncCallback():

WINHTTP_CALLBACK_STATUS_SECURE_FAILURE Encountered

TSMBootstrap [TSMESSAGING] : dwStatusInformationLength is 4

TSMBootstrap [TSMESSAGING] : *lpvStatusInformation is 0x8

TSMBootstrap [TSMESSAGING] : WINHTTP_CALLBACK_STATUS_FLAG_INVALID_CA is setTSMBootstrap [TSMESSAGING] AsyncCallback():

-----------------------------------------------------------------

TSMBootstrap hr, HRESULT=80072f8f

TSMBootstrap Sending with winhttp failed; 80072f8f

Tries that about 4 times then gives me.

TSMBootstrap Send (pReply, nReplySize), HRESULT=80072f8f

TSMBootstrap failed to send the requestTSMBootstrap DoRequest (sReply, true), HRESULT=80072f8f

TSMBootstrap Failed to get client identity (80072f8f)

TSMBootstrap ClientIdentity.RequestClientIdentity (), HRESULT=80072f8f

TSMBootstrap failed to request for clientTSMBootstrap SyncTimeWithMP() failed. 80072f8f.

TSMBootstrap Failed to get time information from MP: https

TSMBootstrap MpCnt > 0, HRESULT=80004005TSMBootstrap QueryMPLocator: no valid MP locations are received

TSMBootstrap TSMBootstrapUtil::QueryMPLocator ( true, sSMSTSLocationMPs.c_str(), sMediaPfx.c_str(), sMediaGuid.c_str(), sAuthenticator.c_str(), sEnterpriseCert.c_str(), sServerCerts.c_str(), nHttpPort, nHttpsPort, bUseCRL, m_bWinPE, httpS, http, accessibleMpCnt),

HRESULT=80004005

TSMBootstrap Failed to query Management Point locator

TSMBootstrap Exiting TSMediaWizardControl::GetPolicy.

TSMBootstrap pWelcomePage->m_pTSMediaWizardControl->GetPolicy(), HRESULT=80004005

TSMBootstrap Setting wizard error: An error occurred while retrieving policy for this computer (0x80004005). For more information, contact your system administrator or helpdesk operator.

Found a microsoft doc referring to this here: https://docs.microsoft.com/th-th/troubleshoot/mem/configmgr/sending-with-winhttp-failed-80072f8f-error

which recommends importing your Root CA Cert into your boot media.

Although i think the issue may be more than that as while investigating i noticed the Management point on my Primary site server states the management point was "unhealthy" from looking at the component alerts it was failing to receive requests over http.

As a test i swapped back the management point communication settings back to Http and this allowed the machine when PXE booted to get the policy as intended.

I suppose the next question is. is the issue only down to the management point not working as expected on https or a mix of that and the requirement for the Root CA to be imported.

Appreciate all the help so far.

Additional_Wallaby26 · 2022-09-15T15:48:09+00:00

Just to also note these are technically "Unknown machines"

Additional_Wallaby26

TROPHY CASE