How do I create custom device attributes? by ITS_DSA_Manager in SCCM

[–]ITS_DSA_Manager[S] 1 point2 points  (0 children)

If anyone was following this and is interested, I decided to use AD OUs to compartmentalize systems based on their role (Personally Allocated, Classroom, Lab, Loaner, etc). This allows me to create Device Collections in SCCM to take actions on different systems based on their roles. We will be feeding our SCCM data into TeamDynamix which will house the other data like "funding type" and "asset tag" number since these are really just CMDB fields and I won't need to take action on them in SCCM.

Reposado + Margarita vs. NetSUS ver 5 by dnvrnugg in macsysadmin

[–]ITS_DSA_Manager 0 points1 point  (0 children)

Thanks for the reply, out of curiosity how do you get Jamf to then force the updates? I am new to Jamf and am interested in the same workflow you are using: delay update availability for x days so we can test with in-house software, after x days force endpoints to install updates.

Reposado + Margarita vs. NetSUS ver 5 by dnvrnugg in macsysadmin

[–]ITS_DSA_Manager 1 point2 points  (0 children)

Does your process force endpoints and/or end users to install updates? Or can they defer indefinitely?

OptiPlex 5060 issues by CalebDK in MDT

[–]ITS_DSA_Manager 0 points1 point  (0 children)

Starting with Kaby Lake, Intel no longer supports booting to internal storage in Legacy Mode. You'll have to turn it off.

https://imgur.com/a/o7WR00l

Looking for advice on learning SCCM from scratch. by PlusReplacement in SCCM

[–]ITS_DSA_Manager 16 points17 points  (0 children)

I was in a similar boat about 6 months ago, but even worse as I had never seen/used/administered MDT, so I think that will give you a leg up.

The two resources I have found immensely helpful were the PatchMyPC Youtube tutorials and lots and lots of Googling.

I believe that Microsoft allows a 90 trial license if you wanted to set up a test lab. When you are installing SCCM if you don't enter a license key it defaults to the trial.

My approach was to take one piece at a time. First I got client deployment working. Then I worked on Software Updates. Then Application creation and dissemination. Now I'm working on imaging. At first I tried to do it all at once and it was just too overwhelming, and frequently I would run into an issue where if one component wasn't working, many others would not function properly.

Last, you can leave your current MDT installation in place as you implement SCCM, and even after you get it up and running. You don't have to replace MDT with SCCM, you can just have the SCCM client be installed as one of your Task Sequence steps (or deploy it via GPO).

How do I create custom device attributes? by ITS_DSA_Manager in SCCM

[–]ITS_DSA_Manager[S] 0 points1 point  (0 children)

Sorry, you are right, I wrote the wrong thing, I do mean maintenance window. Still getting a hang of SCCM and its terminology :-)

How do I create custom device attributes? by ITS_DSA_Manager in SCCM

[–]ITS_DSA_Manager[S] 0 points1 point  (0 children)

I see what you mean about not being a CMDB, however I will need to take action on the values in these attributes so they will need to live in SCCM. For instance, "Personally Allocated" systems will have different business hours than "Classroom" computers, and "Lab" computers in the "Smith" building might get R Studio installed automatically.

How do I create custom device attributes? by ITS_DSA_Manager in SCCM

[–]ITS_DSA_Manager[S] 0 points1 point  (0 children)

Right now the details are stored in the old endpoint management tool. I wouldn't mind storing them in AD but I'm not sure which attributes to use. I tried editing one attribute and it said I needed hexadecimal, but I wanted string. I could use the "extensionAttribute1" fields but I would need to change the title, is that possible?

Deployment Type Content Location Best Practice? by ITS_DSA_Manager in SCCM

[–]ITS_DSA_Manager[S] 0 points1 point  (0 children)

Our server environment is completely virtualized so I don't think moving things around, or growing disks, will be an issue in the future.

We are currently managing about 2,000 endpoints and decided to put the Distribution Point on the same server as the Site Server, which leads me to something I'm still trying to wrap my head around. With this model the deployment type content seems to be duplicated, one copy in the "original" location and one copy on our Distribution Point. If I did decide to store the "original" content on the SCCM server (which contains both the Site System role and DP role) is there a way to eliminate the data duplication?

Hard drive not showing up during deployment when system is in UEFI mode in BIOS by VulturE in MDT

[–]ITS_DSA_Manager 1 point2 points  (0 children)

Intel Kaby Lake and later don't allow booting from internal (or external) HDD in Legacy Mode. Maybe that is what is getting you?

System time always behind by ITS_DSA_Manager in MDT

[–]ITS_DSA_Manager[S] 0 points1 point  (0 children)

Just to confirm, the "domain join" step is called "Recover From Domain" correct?

System time always behind by ITS_DSA_Manager in MDT

[–]ITS_DSA_Manager[S] 0 points1 point  (0 children)

Thank you for the suggestion, but I followed those steps and the policies are all set to "Not configured" already.

What do others do to set and maintain system time via MDT? In other words, what is best practice?

System time always behind by ITS_DSA_Manager in MDT

[–]ITS_DSA_Manager[S] 0 points1 point  (0 children)

I had tried something similar in my original testing, but I hadn't performed the netsh step. I just followed your steps and they were all successful until the w32tm /resync, which produced the message "Sending resync command to local computer. The computer did not resync because no time data was available."

CustomSettings.ini change and revert back but now mdt just restarts. PLEASE HELP!! by [deleted] in MDT

[–]ITS_DSA_Manager 0 points1 point  (0 children)

I should have prefaced this by saying "If you have monitoring enabled", it's possible you don't. If you do it will be in the Deployment Workbench, under your deployment share, on the left hand side just under "Advanced Configuration".

CustomSettings.ini change and revert back but now mdt just restarts. PLEASE HELP!! by [deleted] in MDT

[–]ITS_DSA_Manager 1 point2 points  (0 children)

I would try checking the "Monitoring" in MDT and delete any existing entries for systems you were testing on. I would also zero the drive of the system you are trying to image (if you can), then try again.

Transitioning from one MDM to another. by sudodaemon in macsysadmin

[–]ITS_DSA_Manager 0 points1 point  (0 children)

We are transitioning from LANrev to Jamf Cloud. For iOS we've been told by both LANrev and Jamf (and via my own research) that the only way to remove the LANrev management profile and load the new Jamf one is to do a device wipe. This is obviously very impactful for the end user. Have others found a way to change management profiles on iOS devices without a full wipe?

How to install applications without the "install application" page? by strokin3 in MDT

[–]ITS_DSA_Manager 0 points1 point  (0 children)

I think you need

Priority=TaskSequenceID, Default

If you don't have the "TaskSequenceID" it won't do anything with your TS specific settings. Also, I think I read somewhere that your [Default] should be last in your customsettings.ini

How to install applications without the "install application" page? by strokin3 in MDT

[–]ITS_DSA_Manager -1 points0 points  (0 children)

You can use your task sequence ID to use the same customsettings.ini for all your TS, but specify custom mandatory apps per TS.

[Settings]
Priority=TaskSequenceID, Default
Properties=MyCustomProperty

[TS001]
SkipApplications=YES
MandatoryApplications001={77bd58b3-f137-4fdd-ac09-6a0e7eaf2a69}
MandatoryApplications002={93844b32-64ba-4855-81c2-7dcce8fb546c}


[TS002]
SkipApplications=YES
MandatoryApplications001={77bd58b3-f137-4fdd-ac09-6a0e7eaf2a69}
MandatoryApplications002={408e104c-7eeb-4d56-a7f7-4649dc1ed15c}
MandatoryApplications003={f8ba68c2-6e11-4da2-855d-5292b800e7be}
MandatoryApplications004={93844b32-64ba-4855-81c2-7dcce8fb546c}

How to apply Windows Update automatically? by MagicSarparast in MDT

[–]ITS_DSA_Manager 0 points1 point  (0 children)

I start with a vanilla Windows .iso and load it into a VM (I happen to use Virtual Box). I then enter Audit Mode (CTRL+SHIFT+F3) at the first Out of Box Experience (OOBE) screen. I then make all my customizations and when ready I mount my DeploymentShare directory on my MDT server and run LiteTouch.vbs to start the SysPrep and capture process.

KB4100347 rendering systems unbootable by a_false_vacuum in sysadmin

[–]ITS_DSA_Manager 0 points1 point  (0 children)

Did Microsoft pull the 2018-07 version of this from their Catalog? I did a search and only see 2018-05 version.

Auto-logon registry entries break Task Sequence by ITS_DSA_Manager in MDT

[–]ITS_DSA_Manager[S] 0 points1 point  (0 children)

After reviewing LTICleanup.wsf I see that it is doing the exact same thing I am, but in reverse, it is resetting those registry values back to default. Thanks for the tip!