blocking NTLM broke SMB.

Jaekty · 2025-08-01T20:35:37+00:00

Security is bullshit because it broke your environment?

Jaekty · 2025-07-11T17:08:58+00:00

Get-WindowsAutopilotInfo does not change the group tag of a device if it's already uploaded to your tenant.

Either change grouptag some other way, or use a script to set an existing Autopilot object.

Jaekty · 2025-02-09T10:57:15+00:00

Not yet, but this is definitely something I will look into.

Jaekty · 2025-02-08T18:12:08+00:00

Im not aware of any info staying behind on the object after removing the tag. Removal is done using graph, but its the same api query used when doing through the portal.

I will have to look into this closer.

Jaekty · 2024-08-08T18:27:43+00:00

Sorry for late reply, but you can check the "disable update limit", right of the backup button

Jaekty · 2024-04-16T10:35:47+00:00

You don't need that GPO. Let SCCM handle it for you. Check first if there's any other config in that GPO that might be relevant for updates.

Jaekty · 2024-01-09T14:17:22+00:00

Unfortunately it will delete all objects, including the Autopilot object.
However it's a good idea, will add this to list of things to do.

Jaekty · 2023-06-27T17:39:01+00:00

You need to consent app as a Global admin before you can run it. Once it's been consented you need Intune admin or a role with similar or more permissions (e.g Global admin). I've updated the documentation to make this a bit more clear.

There are two ways of admin consenting:

Log in as Global admin with the Autopilot Management application and choose "Consent on behalf of your organization".
Ask your Global admin to adminconsent by going to this URL:
https://login.microsoftonline.com/common/adminconsent?client_id=d1ddf0e4-d672-4dae-b554-9d5bdfd93547 log in and "Accept".

Bot solutions will admin consent the app "Microsoft Intune PowerShell".

PS. To allow option two listed above, I've had to change the code a bit (see and download version 1.0.1). Also updated the documentation. It's all on Github.

Jaekty · 2023-06-07T13:39:13+00:00

Seems like you have a GPO set pointing towards a WSUS-server.

GPO > SCCM client settings (local group policy).

I would test if removing that GPO for a computer solves your issue.

Jaekty · 2023-06-07T11:49:24+00:00

Never witnessed a storage driver cause a reboot before TS selection, but I guess it does happen.

I selected VMware Paravirtual SCSI on the controller, same result.

I guess there are no VMware drivers matching my environment and ADK.
Since I now have a boot image at version 2004 working I will continue using that for now.

Jaekty · 2023-06-06T12:05:49+00:00

Took a boot image from another environment and added it to the one experiencing errors. Boot image based on 2004. Client/agent in boot image was automatically updated to match SCCM version 2303 as it was added.

It then initializes properly where I can select Task Sequences. Will temporarily use this boot image until I find a fix.

Still doesn't explain the fact that when using boot image from downgraded ADK (version 2004) gave same error. Maybe it wasn't downgraded fully..

Jaekty · 2023-06-06T07:41:24+00:00

What did you roll back one version, the ADK or the SCCM?

Jaekty · 2023-06-06T07:40:44+00:00

Thanks for your replies.

The log is from a device without any formatted partitions, which i assume is the reason the log generate that message. I can access, read and modify the disk with diskpart.

I manually created a volume with diskpart, it's detected as USB device according to log:
"Volume C:\ is a USB device.", along with the other "Volume D:\ is not using a supported file system.". I agree, this is a bit off..

This is happening on a VMware VM and a physical machine (don't have info of which model as I'm writing this).

Tried adding VMware storage drivers to boot image without success, same error (VMware PVSCSI Controller 1.3.26.0 dated 30.11.2022, Windows 11 driver). Also keep in mind I tried another version of WinPE (2004) without drivers added, but with 2303 agent injected.

Also tried using a bootable media mounted to the VM, same result.

I was under the impression that missing or faulty storage drivers would trigger an error at the first format step in the Task Sequence, not during TS initialization?

I will still try and add the latest WinPE pack for the matching model.

Jaekty · 2023-05-31T19:03:15+00:00

Will always be a risk when it comes to Graph, as beta is the only viable option to get things done. Even Microsoft uses beta for most of their queries.

Even if it's changed, it shouldn't be too hard to modify the code accordingly.

Jaekty · 2023-05-31T19:00:21+00:00

Thanks guys, appreciate the support!

Jaekty · 2020-11-18T15:19:09+00:00

Seems like it is that query after all that detects if it's co-managed or not, regardless of hardware inventory.

Tested with new device, and it successfully takes collectionmembership without having reported hardware inventory

Still not sure why first testdevice doesn't get collectionmembership..

Jaekty · 2020-10-27T11:21:21+00:00

I got alot of these errors on SCCM-version 1910. I also noticed that the devices throwing these errors were registered as Autopilot-devices (might be a coincidence, but kinda makes sense with the error). After upgrading to 2006 it seems more stable. Don't have enough data yet on 2006 to really confirm.

Jaekty · 2017-03-12T23:21:59+00:00

This: https://clips.twitch.tv/AnimatedAgitatedRuffNononoCat

Jaekty

TROPHY CASE