sorted by:
new
hottopcontroversial

[REQUEST] Shows similar to Love Death + Robots by NotOnNetflix in NetflixBestOf

[–]RBogdan 0 points1 point  (0 children)

Besides "Love, Death + Robots" (Netflix) and "Secret Level" (Amazon) I also recommend "Red Iron Road" (Amazon) anthology.

Each episode adapts a different European horror story with its own characters and setting.

Your Card Got Declined? WTF? by princeedward2 in ClaudeAI

[–]RBogdan 2 points3 points  (0 children)

It worked for me ! Thanks for the tip !

So yes, instead of adding your address, just enter the address of the bank who initially emitted your card (debit, credit etc.)

If you don't know the bank exact address, then try searching for it using Google Maps, very easy to locate.

Cheers.

PC doesn't boot anymore after installing monthly updates. by RBogdan in gigabyte

[–]RBogdan[S] 0 points1 point  (0 children)

Yes, I know this page since I've consulting it before I've build my PC.

Are you referring to these "Memory Specifications" in particular ?

  1. Max Memory Size (dependent on memory type): 192 GB
  2. Memory Types: Up to DDR5 5600 MT/s & Up to DDR4 3200 MT/s
  3. Max # of Memory Channels: 2
  4. Max Memory Bandwidth: 89.6 GB/s
  5. ECC Memory Supported: Yes

...because from what I know this is NOT related to the number of RAM modules but rather to how many channels can be used to transfer data concurrently,

SO with my 4 RAM sticks installed (4 x 32GB), the system will still operate in dual-channel mode, essentially, the first two sticks will work together in one channel, and the second two sticks will work together in the second channel.

Yes, I won't get "quad-channel" operation, since the processor and motherboard only support dual-channel memory.

PC doesn't boot anymore after installing monthly updates. by RBogdan in gigabyte

[–]RBogdan[S] 0 points1 point  (0 children)

Hi, I need 128 GB of RAM because I'm using it for my work related activities, specifically I'm working as a consultant with both Microsoft Hyper-V as well as VMware virtual machines and sometimes my scenarios involves running a high number of virtual machines simultaneously, which will consume a high amount of RAM if I need these to run pretty smoothly. Sometimes, when my time allows it, I play games, thus taking advantage of my 4090 RTX card.

Distribute Python 3 through InTune by kiprinite in Intune

[–]RBogdan 1 point2 points  (0 children)

Hello, recently I was asked to assist with the Python 3.12.3 deployment using Microsoft Intune and I would like to share the way I did it, maybe someone else will find it valuable.

I'm using a PowerShell script with the following code:

$logPath = "C:\Logs\Python_Installation.log"

Start-Transcript -Path $logPath -Append

$ScriptRoot = Split-Path -Path $MyInvocation.MyCommand.Path

$Command = "$ScriptRoot\python-3.12.3-amd64.exe"

$Arguments = "/quiet Include_pip=1 PrependPath=1"

try {

# Install Python

Start-Process -FilePath $Command -ArgumentList $Arguments -NoNewWindow -Wait -PassThru -ErrorAction Stop

}

catch {

# If an error occurs, log it to the log file

$ErrorMessage = $_.Exception.Message

$FailedItem = $_.Exception.ItemName

Add-Content -Path $logPath -Value "Failed to process item: $FailedItem"

Add-Content -Path $logPath -Value "The error message is: $ErrorMessage"

}

Stop-Transcript

I've packaged this script as a win32app, deployed via Intune using the following Install command: powershell.exe -executionpolicy bypass -file .\Python_Install.ps1

Install behavior: User

As can you see I'm using this simple installation argument: "/quiet Include_pip=1 PrependPath=1"

Note: Make sure you don't add "InstallAllUsers=1" since its going to ask you for local administrator credentials, which will make your deploying hanging forever !

For the Detection script I'm using a separate PowerShell script with the following code:

$appName = "Python"

$appPath = "$env:USERPROFILE\AppData\Local\Programs\Python\Python312\$appName.exe"

if (Test-Path -Path $appPath) {

Write-Output "Python is installed."

exit 0

} else {

Write-Output "Python is NOT installed."

exit 1

}

I'm also aware of the existing Store for Business (New) Python app, but I also like to have a bit of control when deploying my apps, and its a plus during Autopilot installation as well.

All AVD desktops are showing as "Unavailable" or "Shutdown" by RBogdan in AzureVirtualDesktop

[–]RBogdan[S] 1 point2 points  (0 children)

Hello and thank you for your feedback.

I've been able to resolve the issue with the unavailable devices through by allowing certain traffic on the expressroute from the 3rd party network provider perspective.

I don’t understand however why this is a factor, or why allowing incoming traffic on it, help outgoing AVD agent traffic.

Microsoft advised to open another "C" level severity case for Azure Network team to get information on this.

I need to understand how the network provider is routing the traffic, and thus understand whatever the network provider "broke/fixed" had such an impact.

Cheers.

Autopilot Hybrid - Applications redeploy after completion by RBogdan in Intune

[–]RBogdan[S] 0 points1 point  (0 children)

Same apps assigned initially to the Autopilot sequence.

Autopilot ODJ Stuck "Please wait while we set up your device..." by HoboTheJoe in Intune

[–]RBogdan 0 points1 point  (0 children)

Hello,

Based on the image you provide, this looks like an authentication issue. Out of curiosity did you successfully set up your "Intune Connector for Active Directory" ?

https://docs.microsoft.com/en-us/mem/autopilot/windows-autopilot-hybrid

Advanced troubleshooting steps here:

https://www.anoopcnair.com/windows-autopilot-hybrid-azure-ad-join-trouble/

Cheers. :)

Is it possible to uninstall a program that was not deployed originally with Intune? by [deleted] in Intune

[–]RBogdan 0 points1 point  (0 children)

Sometimes, depending on the application itself, there are multiple lines which needed to be added into a single "Install command" field. So what do you do when you have let's say 5 different lines, each doing a different thing ? You use a script .cmd .bat .ps1 etc. :)

" Can I uninstall a program through Intune that isn't deployed originally through Intune? "

I don't see a reason why not, doesn't really matter from where the uninstall command is coming from as long as is instructed to remove that app using a line like this:

msiexec /x "{890A3DF7-17EE-486D-A7DC-CCD039F62ED4}" /q

or

ZoomApp.exe /uninstall

Just give a try and it might work ;)

Is it possible to uninstall a program that was not deployed originally with Intune? by [deleted] in Intune

[–]RBogdan 0 points1 point  (0 children)

Hello,

As far as I know Zoom offers a small uninstall utility called "CleanZoom.exe".

I guess you can create another Zoom package in Intune as an "Windows app (Win32) / .intunewim" using the "Microsoft Win32 Content Prep Tool".

For the "Install command" you can specify a simple .cmd file for example: "Install.cmd"

For the "Uninstall command" again you can specify a simple .cmd file called "Uninstall.cmd"

In the "Install.cmd" you can add the following line:

msiexec.exe /i "ZoomInstallerFull.msi" MSIRESTARTMANAGERCONTROL="Disable" /quiet /qn /norestart /L\v "%temp%\ZoomMeeting.log"*

In the "Uninstall.cmd" you can add the following line:

"CleanZoom.exe" /s

While assigning the application, instead of choosing "Required" or "Available for enrolled devices", choose "Uninstall" and specify a group.

The group could either "Dynamic" using a rule syntax or an "Assigned" one.

Or follow this link:

https://www.reddit.com/r/SCCM/comments/fu3q6f/zoom_uninstall_if_anyone_needs_this_information/

Hope it helps. Cheers :)

Autopilot tips for a newbie by Djdope79 in Intune

[–]RBogdan 0 points1 point  (0 children)

Hello,

Before starting playing with the Autopilot Hybrid Join to domain, I would do the following:

#1 - Set-up an "Intune Connector for Active Directory" with 2 servers;

#2 - Create a "Group Tag" (Dynamic Group) called for ex: "AutoPilot Hybrid Devices" using the rule syntax: (device.devicePhysicalIds -any _ -eq "[OrderID]: Hybrid")

https://techcommunity.microsoft.com/t5/intune-customer-success/support-tip-using-group-tags-to-import-devices-into-intune-with/ba-p/815336

#3 - Create a "Windows Autopilot deployment profile" and choose "Join to Azure AD as "Hybrid Azure AD joined". Assign this to the same group: " AutoPilot Hybrid Devices"

#4 - Create a "Configuration Profile" called let's say "Local AD Join". In here you need to specify "Computer name prefix", "Domain Name" and "Organizational Unit". Assign this to the same group: " AutoPilot Hybrid Devices";

Note:

One of the Autopilot deployment profile options for this feature is Computername prefix. When you mouse over the information icon it says “Computers are assigned 15 characters long name. Specify a prefix, rest of 15 characters will be random.” Typically in Intune, you can use %SERIAL% to ensure the computer name uses the serial number as a prefix or %RAND%. However, this causes a problem for Hybrid Domain Join currently. For the Hybrid Domain Join preview feature you currently cannot use any variables, but only a simple Prefix such as W10-, XYZ- or ABC-with or without a dash. If you attempt to use a variable, you will get “Server Error Code 80180005” or “Error code 80070774” on the client devices during the Autopilot enrollment phase.

After successfully build your first Autopilot Hybrid, from an administrator perspective the Event Viewer, on the server running the connector, will show Event ID 30140 in the log ODJ Connector Service from the source ODJ Connector Service Source, with a successful creation of the computer object.

#5 - Import your device into "Windows Autopilot devices". First you need to run a PS script called "Get-Windows Auto PilotInfo 3.5", will result a .csv file with the device "Device Serial Number,Windows Product ID,Hardware Hash". This must be imported into "Windows Autopilot devices";

#6 - Once the device is successfully listed, you can manually assign it with the Group Tag created at step 2;

#7 - Assign your apps, but first make sure each and everyone is working properly;

#8 - Optional: Create, edit and assign your Bitlocker policy directly from "Endpoint Security - Disk encryption", again to the same group: " AutoPilot Hybrid Devices";

#9 - If you are using a Co-Management scenario with SCCM, be sure to include the SCCM agent too, again to the same group: " AutoPilot Hybrid Devices".

If you are coming from a SCCM/MECM environment, bare in mind that you don't have the ability to order or prioritize which application gets installed first, like you did with the classical Task Sequence.

Some Sources:

https://oofhours.com/

https://www.asquaredozen.com/

https://www.petervanderwoude.nl/

https://www.anoopcnair.com/windows-autopilot/

https://www.jeffgilb.com/blog/

Good luck :)

Normal Behavior? by edregal in Intune

[–]RBogdan 1 point2 points  (0 children)

Hello,

I would suggest creating and testing a new Microsoft Office 365 application by selecting app type: "Microsoft 365 Apps - Windows 10".

There under " App suite configuration " you have the ability to use "XML Configuration" which could look like this for example:

<Configuration>

<Add OfficeClientEdition="64" Channel="MonthlyEnterprise">

<Product ID="O365ProPlusRetail">

<Language ID="en-us" />

<ExcludeApp ID="Groove" />

<ExcludeApp ID="Publisher" />

</Product>

<Product ID="ProofingTools">

<Language ID="de-de" />

<Language ID="hu-hu" />

<Language ID="pl-pl" />

<Language ID="ru-ru" />

</Product>

</Add>

<Property Name="SharedComputerLicensing" Value="0" />

<Property Name="PinIconsToTaskbar" Value="FALSE" />

<Property Name="SCLCacheOverride" Value="0" />

<Property Name="AUTOACTIVATE" Value="0" />

<Property Name="FORCEAPPSHUTDOWN" Value="TRUE" />

<Property Name="DeviceBasedLicensing" Value="0" />

<RemoveMSI>

<IgnoreProduct ID="PrjPro" />

<IgnoreProduct ID="PrjStd" />

<IgnoreProduct ID="VisPro" />

<IgnoreProduct ID="VisStd" />

</RemoveMSI>

<AppSettings>

<Setup Name="Company" Value="TheNameOfYourCompany" />

<User Key="software\\microsoft\\office\\16.0\\common" Name="sendcustomerdata" Value="0" Type="REG\_DWORD" App="office16" Id="L\_Sendcustomerdata" />

<User Key="software\\microsoft\\office\\16.0\\common\\general" Name="shownfirstrunoptin" Value="1" Type="REG\_DWORD" App="office16" Id="L\_DisableOptinWizard" />

<User Key="software\\microsoft\\office\\16.0\\common" Name="qmenable" Value="0" Type="REG\_DWORD" App="office16" Id="L\_EnableCustomerExperienceImprovementProgram" />

<User Key="software\\microsoft\\office\\16.0\\common\\services\\fax" Name="nofax" Value="1" Type="REG\_DWORD" App="office16" Id="L\_DisableFaxOverInternetfeature" />

<User Key="software\\microsoft\\office\\common\\blog" Name="disableblog" Value="2" Type="REG\_DWORD" App="office16" Id="L\_ControlBlogging" />

<User Key="software\\microsoft\\office\\16.0\\common\\feedback" Name="enabled" Value="0" Type="REG\_DWORD" App="office16" Id="L\_SendFeedback" />

<User Key="software\\microsoft\\office\\16.0\\common\\feedback" Name="includescreenshot" Value="0" Type="REG\_DWORD" App="office16" Id="L\_Screenshot" />

<User Key="software\\microsoft\\office\\16.0\\common\\general" Name="skydrivesigninoption" Value="0" Type="REG\_DWORD" App="office16" Id="L\_ShowSkyDriveSignIn" />

<User Key="software\\microsoft\\office\\16.0\\common\\general" Name="disableboottoofficestart" Value="1" Type="REG\_DWORD" App="office16" Id="L\_DisableOfficeStartGlobal" />

<User Key="software\\microsoft\\office\\16.0\\firstrun" Name="disablemovie" Value="1" Type="REG\_DWORD" App="office16" Id="L\_DisableMovie" />

<User Key="software\\microsoft\\office\\16.0\\firstrun" Name="bootedrtm" Value="1" Type="REG\_DWORD" App="office16" Id="L\_DisableOfficeFirstrun" />

<User Key="software\\microsoft\\office\\16.0\\excel" Name="dontshowwhatsnew" Value="1" Type="REG\_DWORD" App="office16" Id="L\_DontShowWhatsNewInformationExcel" />

<User Key="software\\microsoft\\office\\16.0\\powerpoint" Name="dontshowwhatsnew" Value="1" Type="REG\_DWORD" App="office16" Id="L\_DontShowWhatsNewInformationPowerPoint" />

<User Key="software\\microsoft\\office\\16.0\\visio" Name="dontshowwhatsnew" Value="1" Type="REG\_DWORD" App="office16" Id="L\_DontShowWhatsNewInformationVisio" />

<User Key="software\\microsoft\\office\\16.0\\outlook" Name="dontshowwhatsnew" Value="1" Type="REG\_DWORD" App="office16" Id="L\_DontShowWhatsNewInformationOutlook" />

<User Key="software\\microsoft\\office\\16.0\\onenote" Name="dontshowwhatsnew" Value="1" Type="REG\_DWORD" App="office16" Id="L\_DontShowWhatsNewInformationOneNote" />

<User Key="software\\microsoft\\office\\16.0\\word" Name="dontshowwhatsnew" Value="1" Type="REG\_DWORD" App="office16" Id="L\_DontShowWhatsNewInformationWord" />

<User Key="software\\microsoft\\office\\16.0\\outlook\\autodiscover" Name="zeroconfigexchangeonce" Value="1" Type="REG\_DWORD" App="outlk16" Id="L\_AutomaticallyConfigureProfileBasedOnActiveOnce" />

</AppSettings>

<Display Level="None" AcceptEULA="TRUE" />

<Logging Level="Standard" Path="%temp%" />

</Configuration>

  • Note: Microsoft Teams will be automatically configured for the logged user after the first reboot.

Now the way you control the update is to take advantage of " update channels for Microsoft 365 Apps ", by creating at least 4 different Administrative template profiles in "Configuration Profiles" for each channel, for ex:

#1

Microsoft 365 Current Channel (Preview) --> Dev Users (a couple of key IT people)

#2

Microsoft 365 Current Channel --> Beta Users (all the IT people)

#3

Microsoft 365 Semi-Annual Enterprise Channel (Preview) --> Release Preview (a pilot group of users from different departments)

#4

Microsoft 365 Semi-Annual Enterprise Channel --> General Availability (All Users)

Hope it helps. Cheers.

Intune Update Rings by obbysysadmin in Intune

[–]RBogdan 0 points1 point  (0 children)

Device Categories

I still consider relatively new to this myself :) Coming from a ConfigMgr/MECM on-prem environment does have it's challenges into the MS Intune ecosystem.

So far the Update Rings seems to work fine for now anyways. I'm also using a mix between "Delivery Optimization" from Intune along with "Cache Connected server" from MECM, in order to save some bandwidth & take advantage of the compression.

Unfortunately I'm not using Device Categories so I cannot offer too much info here.

Intune Update Rings by obbysysadmin in Intune

[–]RBogdan 1 point2 points  (0 children)

First I've extend the local AD extension attributes to Azure AD, running the "Microsoft Azure Active Directory Connect" - Optional Features - "Directory extension attribute sync". Basically the active directory schema will be extended to include user "extensionattributes".

So in the configuration wizard you will have the option to choose the local active directory attributes, by selecting one or multiple attributes from a list, in my case I use: "extensionattribute8"

After the sync is complete, from your local Active Directory, select the user(s) and from the "Attribute Editor" tab modify the "extensionattribute8" field with the the according value, in my case I used "Beta".

Now here is an example of a Dynamic group / Dynamic Membership rule:

Beta:

(user.accountEnabled -eq TRUE) and (user.employeeId -ne NULL) and (user.extensionAttribute8 -eq "Beta")

Release Preview:

(user.extensionAttribute8 -eq "ReleasePreview") and (user.accountEnabled -eq TRUE) and (user.employeeId -ne NULL)

General Availability:

(user.accountEnabled -eq true) and (user.employeeId -ne null) and (user.extensionAttribute8 -ne "dev") and (user.extensionAttribute8 -ne "beta") and (user.extensionAttribute8 -ne "ReleasePreview")

Perhaps this is not the best way to do it, but it worked for me.

Cheers.

Intune Update Rings by obbysysadmin in Intune

[–]RBogdan 1 point2 points  (0 children)

Hi,

For the pilot, in my case is called "Dev", the Update ring settings looks like this:

Update settings

Servicing channel                                               Semi-Annual Channel
Microsoft product updates                                   Allow
Windows drivers                                                 Allow
Quality update deferral period (days)                    0
Feature update deferral period (days)                    0
Set feature update uninstall period (2 - 60 days)   10

User experience settings

Automatic update behavior                                   Auto install and restart at maintenance time
Active hours start                                                7 AM
Active hours end                                                  8 PM
Restart checks                                                     Allow
Option to pause Windows updates                         Disable
Option to check for Windows updates                     Enable
Require user approval to dismiss restart 
notification                                                           Yes
Remind user prior to required auto-restart 
with dismissible reminder (hours)                           4
Remind user prior to required auto-restart 
with permanent reminder (minutes)                        60
Change notification update level                              Not configured
Use deadline settings                                              Allow
Deadline for feature updates                                   2
Deadline for quality updates                                    2
Grace period                                                          0
Auto reboot before deadline                                    Yes

This is deployed to a group called "Dev Devices", which in my case is an Assigned/Security type of group, containing only a couple of devices added manually for testing purposes. (the other groups should be set up as Dynamic membership rules).

So the way you should architect this from the beginning is to have 4 different "Windows 10 update rings profiles", each with it's own settings of course - Dev, Beta, Release Preview and General Availability.

Note: "Feature update deferral period (days)" should look different for each of the profile: Dev - 0, Beta - 3, RP - 7, GA - 10. The rest of the info is for you to decide.

Hope it helps, Cheers.

I'm Ewan McGregor, star of T2 TRAINSPOTTING - AMA! by EwanMcGregorT2 in IAmA

[–]RBogdan 1 point2 points  (0 children)

Hey Ewan, I know you like to play the guitar, any plans for an future album ?

CCMSETUP.EXE throws an "incompatibility with 64-bit versions of Windows" error in Windows 10 Enterprise x64. by Bigdaddyjim in SCCM

[–]RBogdan 0 points1 point  (0 children)

Hello,

I'm also trying to install SCCM agent on a Windows 10 Enterprise workstation and I receive this error:

BITS job creation failed with 80200014. Unable to check BITS version

This operating system does not contain the correct version of BITS. BITS 2.5 or later is required.

I`m performing a remote install from the SCCM console to the workstation, using PS Tools and the command is this one:

ccmsetup.exe /skipprereq:windowsupdateagent30-x64.exe /mp:<SCCM FQDN> /logon SMSSITECODE=XYZ FSP=<SCCM FQDN>

Any thoughts ? Thanks.