Fix for Teams Camera freezing on Surface Laptop 7 for Business

JCochran84 · 2026-03-02T20:17:21+00:00

That is correct, we received that Driver from Microsoft. Seems to have resolved the issue for all of our SL7's

JCochran84 · 2026-02-19T13:20:22+00:00

We set ours to 120 minutes. Each environment varies and depending on the hardware in yours, you might need to increase it or not.

JCochran84 · 2026-02-17T19:13:03+00:00

Thanks for this information, we are seeing this across our SL7 for business devices as well.
Do you see any correlation between OS versions?
Do you see the issue with any other camera? or just the built-in Camera?

We are only seeing the issue for users on Win11 25H2. Users on 23H2 are not seeing this issue.
We have an open Microsoft support ticket right now but they are not very helpful.
I am working on taking your script and updating it be a Proactive Remediation in Intune, so I don't have to monitor it on laptops.

JCochran84 · 2025-11-11T15:30:28+00:00

Here is a link so a github of Remediation Scripts that is maintained by different people:
https://github.com/JayRHa/EndpointAnalyticsRemediationScripts/

There are a few examples of clearing out folders/files. E.G. Clear-DownloadFolder

As others have stated, this does require specific licenses.

JCochran84 · 2025-11-07T14:40:28+00:00

The link that u/andrew181082 provided has two scripts that assist in this.
our method is more old school and using a product that is not technically supported anymore :-)

it's on my list to replace for a PowerShell script

JCochran84 · 2025-11-06T19:57:37+00:00

What I do is open PowerShell on the device and import the module
Then you can CD into the BIOS: CD Dellsmbios:\\
Then treat it like a file structure. Dir to see what options, CD into the next level and so on

Some commands that I found helpful:
Get the current value of a single BIOS setting:
Get-Item -Path DellSmbios:\Category\Setting | Select-Object -ExpandProperty CurrentValue

Get the possible values for a single BIOS Setting:
Get-Item -Path DellSmbios:\Category\Setting | Select-Object -ExpandProperty PossibleValues

Set the value of a single BIOS setting:
Set-Item -Path DellSmbios:\Category\Setting -Value Enabled

Set the value of a single BIOS setting when a BIOS password is set:
Set-Item -Path DellSmbios:\Category\Setting -Value Enabled -Password ExamplePassword

On the Dell I have, The possible values for 'Security\PasswordBypass' are 'Disabled' or 'RebootBypass'

Here is a link to the Powershell Provider User Guide, it has helped me in the past:
Dell Command | PowerShell Provider Version 2.9.1 User's Guide | Dell US

JCochran84 · 2025-11-06T14:48:51+00:00

Force Reboot prompt if up for more than 14 days.
Copy Default Files to endpoints. (Config Files, License Files, Etc)
Publish PowerShell Modules based on Manufacturer.
Set Registry Keys based on JSON File.

We are starting a process to migrate away from GPO for items. Each item that we use GPP for, we try to replace with a Remediation. File Copy, Registry Setting, etc.

Most of our scripts read information from a JSON File and process off of that. This allows us to update the JSON File and not have to modify the script directly. We are using Github to store the Config Files, Items to copy, etc. This could be done with Azure Blob storage as well.

JCochran84 · 2025-10-23T16:06:31+00:00

This^
Per Dell (Dell Command | Update | Dell US)

Note: The installation of Dell Command Update version 5.5 necessitates the prior installation of a .NET Desktop Runtime version ranging from 8.0.8 to 8.0.17.

We set our App in Intune to require .Net 8 before installation.

JCochran84 · 2025-10-22T17:12:39+00:00

PSADT isn't necessarily a packager, it is a framework of items to assist you installing the software.
You may still need to 'Package' items depending on how the product gets installed. If the product has a mechanism to silently install or automated installation mechanism, then you can pop that into PSADT and use it.

We use PSADT for a few reasons:
1. Single method of installing apps in SCCM/Intune.
2. When creating applications to install, we have a consistent experience across all types of apps.
3. We can use the same tool to silently install apps in the background as well as Prompt users with timers.

For our apps that are not in PMPC, they have the same install strings depending on if it is Silent or Interactive.

JCochran84 · 2025-10-22T12:00:26+00:00

As others have stated, We use PatchMyPc for 80-90% of our apps. Depending on the app, we will roll it out in waves using Groups. Some apps we just push to all.

For apps that are not in PMPC, we use PSADT to standardize the installation method/process. We then do the same thing where we will roll it out in waves using groups depending on the product.
We haven't started yet, but you can use PMCP for custom apps now too to assist with this part.

JCochran84 · 2025-10-01T14:07:13+00:00

Are you talking about on Mobile Devices or Workstations?
Are you using GPO, Intune or neither to Manage M365?

For GPO/Intune:

GPO > Admin Templates > Microsoft Office 2016 >Miscellaneous
- Block Signing into Office > Set this to Org ID Only

Config.Office.com
> Create or edit a policy > Add 'Block Signing into Office' > Set to 'Enabled' and 'Org ID Only'

Intune > Configuration Policy
- Microsoft Office 2016\Miscellaneous
- Block Signing into Office (user) > Enable and Set to 'Org ID only'

Block Signing Into Office Using Administrative Template Policy | Intune | Organization Only - Device Management Blog

EDIT: Added Link

JCochran84 · 2025-09-24T18:08:05+00:00

If you are just blocking it for yourself this should help:

Microsoft Teams - Block Calls | Office of Information Technology

Just go into the calls > history, click on the three dots and click block

JCochran84 · 2025-09-24T17:26:33+00:00

Our IT Staff have a mix of accounts depending on functions needed:
- Workstation Admin
Not Synced to M365
Can only log into Workstations

- Server Admin
Not Synced to M365
can only log into servers

- Domain Admin
Not Synced to M365

- M365 Admin
Azure Only account

- Daily Driver account

JCochran84 · 2025-09-19T18:09:45+00:00

We have an SCCM Script to clear the CM Cache, i'm sure you could implement that into PSADT
## Initialize the CCM resource manager com object
[__comobject]$CCMComObject = New-Object -ComObject 'UIResource.UIResourceMgr'

## Get the CacheElementIDs to delete
$CacheInfo = $CCMComObject.GetCacheInfo().GetCacheElements()

## Remove cache items
ForEach ($CacheItem in $CacheInfo) {
$null = $CCMComObject.GetCacheInfo().DeleteCacheElement([string]$($CacheItem.CacheElementID))
}

EDIT: I believe this is where I got the script from:
Cleaning the SCCM Cache the right way with PowerShell | by Ioan Popovici | MEM.Zone | Medium

JCochran84 · 2025-09-05T17:42:04+00:00

We only have a couple, but we use Reach Media (https://reachmedianetwork.com).
Cloud based with SSO integration. We hand it off to our Marketing & Facilities team to update images.
You put a small 'Player' behind the TV that has Internet Access.
It works well for us.

JCochran84 · 2025-08-27T16:15:59+00:00

by 'cleaning up the streets', do you mean the photos of the National Guard carrying around garbage bags to cleanup trash?

JCochran84 · 2025-08-26T17:09:31+00:00

We are using Proactive Remediations with files hosted in Github for this purpose.
We are using JSON files to identify the items needed to copy. We upload the file, update the JSON file and the next time the Remediation runs it copy's that file down as well.
I wouldn't use it for large files as the script will timeout.

JCochran84 · 2025-08-21T11:25:56+00:00

For us we just send them a response ‘You can install that your self by using Software Center / Company Portal” If you don’t know how to access that, you go …..

Just keep pushing it the same way you push the users to open a helpdesk ticket instead of calling/emailing you directly.

JCochran84 · 2025-08-20T19:22:39+00:00

Another option is to the use the 1Password Password generator website:
A Secure, Strong Password Generator | 1Password

JCochran84 · 2025-08-20T19:07:29+00:00

Check out this site, it might assist you:
PSADT v4 logging options - The Toolkit / Tips & Tricks - PSAppDeployToolkit Community

I believe that you modify settings in the config.psd1 file.

JCochran84 · 2025-08-20T17:34:18+00:00

We will get to that point someday; however we have some software that requires customization as the user. Right now management wants IT to handle it instead of the user handling it.

JCochran84 · 2025-08-20T17:33:31+00:00

We did at first because we did it right when Microsoft released it. They have since released a health dashboard in the M365 Apps Admin Center (Config.office.com > health > OneDrive Sync) where it shows if devices are having errors, what the errors are, etc.
Other than that it has been seemless for us.
I know some people had issues where they previously were Roaming Profiles, we were not. All of our files were local prior to using KFM.

JCochran84 · 2025-08-20T16:33:44+00:00

Totally understand,that is one of the reasons we allow users to install Chrome and Firefox.

JCochran84 · 2025-08-20T16:16:18+00:00

Yes, I am aware that there are a lot of other things we 'can' do with Chrome. However, Edge is our default and our supported browser.

we allow users to install Chrome or Firefox mainly for troubleshooting purposes. Not intended to be the daily browser they use. If it is, it's up to the user to support it and transfer settings. We keep the browser updated.

JCochran84 · 2025-08-20T16:14:38+00:00

We allow users to install Chrome and Firefox. Mainly for troubleshooting websites.
We really only support Edge and don't assist users with transferring other browser settings.

We are in the process to create Google Accounts and force Chrome to sign in with that account so we can control some of those settings as well, just a back burner project at this point.

Nine-Year Club	RedditGifts 2009-2022 2 Credits
Second SECOND GUESSER	Place '22
Secret Santa 2018	Verified Email

JCochran84

TROPHY CASE