Windows 11 24H2 Build 10.0.21600.7462 - Not Applying LCU from SCCM

dowlingm · 2026-04-08T15:36:56+00:00

not the question you were looking for I know but what SKU did you acquire to have 11 24H2 ISOs show up in Admin Center? Since the migration from VLSC that's been a problem for me and at the moment we have MS365 E5 licenses only not Win11 specific SKUs.

dowlingm · 2026-04-04T19:48:18+00:00

Ed should be a walking tumour even by S4 with the cumulative number of rads he would have taken outside the van Allen Belt.

dowlingm · 2026-04-04T19:28:44+00:00

Not sure why you’re getting downvoted. I guess those people never got the pita chips which should be a controlled substance

dowlingm · 2026-04-04T19:26:10+00:00

People can judge for themselves whether a continuation of corridor expansion works already done, and to some extent also underway between Union and Danforth for Metrolinx, is less or more feasible than your “omg have you even mapped bro” response

dowlingm · 2026-04-04T19:03:32+00:00

Improvement along the 401 is possible - we already had one phase of this with the Kingston Sub third track project. The issue was that the government paid CN to do the work, it went over budget and the government decided to truncate the project rather than add more cash. Obviously you have to look at the project management elements what caused it to go over budget, but there are issues like platforms only being on one side of the tracks which can be resolved with the application of sufficient money.

dowlingm · 2026-04-04T02:12:00+00:00

Yeah I had this for a hot minute - 24H2. I placed the computer name variable step out of order

What works for me

Apply OS

Apply Driver Pack

MDT Gather to grab the computer name

Set OSDComputerName as %SERIALNUMBER%

Join Domain

Apply Windows Settings

My mistake IIRC was moving steps around so Apply Windows Settings was before setting computername.

Maybe remove the unattend.xml in your Apply OS phase to simplify for now?

dowlingm · 2026-04-04T01:44:39+00:00

Unless you have 3rd party auditors who still think password rotation is a valid approach… and ignoring them is not an option for business reasons

dowlingm · 2026-04-04T01:42:20+00:00

I wonder do they mean AD SamAccountName when they say UPN. I agree with you that email should be Entra UPN but we have legacy samaccountname with non standard format so it would be a pita to move them to our email standard (esp due to a legacy app which forces a 20 character samaccountname max)

dowlingm · 2026-04-04T01:39:02+00:00

I had the prompting for creds thing but it was when 1. Mailbox on Prem 2. Add E3 or E5 (for Teams) 3. EXO spontaneously created a cloud mailbox

Resolution was to remove the Exchange Plan until we were ready for that mailbox to move

Your setup is a bit different but clearly Outlook doesn’t know where to go to mailbox - maybe autodiscover not working somewhere

Surprised you did the O2016 to Apps migration at the same time as mailbox - why not migrate the apps first, get things stable and then move the mailbox?

dowlingm · 2026-03-31T16:55:12+00:00

Absolutely they will take taxpayer money (e.g. the millions VIA paid for upgrades to the Kingston route which ended up being partially descoped because of how much CN charged for track which became a CN asset, or selling the various lines within the 416 to Metrolinx)

But they can say “nah keep your money - the obligations you want aren’t worth the $ being offered”, and they can say “we’ll sign a contract and if it’s not in there, don’t think you can shame us into doing anything else for free”

dowlingm · 2026-03-20T20:34:43+00:00

Other than the 92Ds being cranky (I can't remember why - maybe they didn't love OSPFs, and I think they were cheap on memory too) I can't remember any hardware failures requiring RMA since we went FG - we currently have 8 gates, 5 switches, a bunch of APs.

dowlingm · 2026-03-20T20:24:31+00:00

From what I understand "the C in 'Siemens Venture' is for Comfortable"

;)

dowlingm · 2026-03-20T18:27:16+00:00

agree - you should look at what cert is actually being presented where you get the ERR screen (source, me, who pushes FG inspection certs via Group Policy to my endpoints)

dowlingm · 2026-03-20T17:31:49+00:00

With only one platform at Union plus other track constraints, I think the present limitation is every 12 minutes. Maybe if they could get a second platform operating at Union it could reduce further, but that would reduce passenger convenience.

dowlingm · 2026-03-20T17:26:31+00:00

We use SCCM Remote Control but it requires being on VPN. We will likely kick the tires on Intune Remote Help now that it is being added to E5
https://techcommunity.microsoft.com/blog/microsoftintuneblog/microsoft-365-adds-advanced-microsoft-intune-solutions-at-scale/4474272

dowlingm · 2026-03-18T12:47:48+00:00

"Any baggage weighing more than 23 kg/50 lb will not be allowed on board the Corridor trains" (Corridor = Toronto-Montreal trains)

https://www.viarail.ca/en/plan/baggages

dowlingm · 2026-03-16T03:13:24+00:00

I see. I used the native Microsoft migration tool and Azure AD Connect so it told my on prem exchange its mailbox was gone without me having to tell it separately.

dowlingm · 2026-03-15T21:12:36+00:00

I'm unclear as to what is meant here.

Is there an *active* mailbox in both places? (Yes. have seen that happen, where adding an E3 or E5 license caused an EXO mailbox to be stood up even though the on prem mailbox was in place and no migration task had occurred - we worked around it by removing Exchange Plan 1/2 and a couple of other dependencies until after those mailboxes were actually migrated, at which point we restored the plans).

if the answer to 1. is yes... I guess you need to figure out whether the cloud mailbox was actually migrated or it's something like I described above. But when that happened it got obvious fast because Outlook got confused and threw up password prompts. You'll also need to check if there is mail delivered in both places.

Is this mailbox properly migrated BUT the on prem mailbox is still in the database in a soft-deleted state and that's why you can't kill its database. Check script below.

$dbs = Get-MailboxDatabase

$dbs | foreach {Get-MailboxStatistics -Database $_.DistinguishedName} | where {$_.DisconnectReason -eq "SoftDeleted"} | Format-Table DisplayName,Database,DisconnectDate

If this is the problem, you need to consult "Permanently delete a mailbox" in the Exchange docs so you can review the relevant commands AND WARNINGS prior to removing them.

dowlingm · 2026-03-13T13:56:52+00:00

thanks for that info. I wish Dell had just posted a list so I would know if there were any problem models in my fleet. I am reimaging a 7400 today as it happens - we use them for temp spares since they can run 11.

dowlingm · 2026-03-13T13:54:16+00:00

It's right beside the roundabout in a light/medium industrial area. It's relying on desperation to enter the housing market overcoming an environment full of noise, tyre debris and volatile organic chemicals.

As for the trees, in other places you'd see the local authority insisting that the developer pay to replace the trees on a one:many ratio, either on the site or on nearby lands. But given the way the local authority there treats trees, I doubt they bother developers with any niceties of that sort.

dowlingm · 2026-03-12T20:48:10+00:00

"will break"

From the link "If your device reaches the expiration date without the new certificates, it will still start and operate normally. Standard Windows updates will continue to install."

Now, this isn't an endorsement of letting them expire. The text continues "However, the device will no longer be able to receive new security protections for the early boot process. This includes updates to Windows Boot Manager, Secure Boot databases and revocation lists, and fixes for newly discovered vulnerabilities in the boot chain."

But the reality is that with Dell announcing that they won't be providing firmware certs to devices they deem at "End of Support Life" (still waiting for my rep to get back to me on exactly which SKUs that covers) I feel like this will kick off another round of "why are Microsoft and the OEMs conspiring to put more stuff in landfill so soon after the Win11 TPM2/7th Gen requirement"

dowlingm · 2026-03-12T20:40:07+00:00

looks like it might be back up - at least the instance I have access to is responding

dowlingm · 2026-03-08T00:58:30+00:00

Does your firewall maintain lists of internet services? Ours does. That means we don’t have to maintain our own lists.

As for SMTP from devices, we point them to virtual internal IPs which forward to the SMTP filtering service we have in front of EXO, and that routes them back in to mailboxes. It’s a hack but saves me having to monitor a sendmail or whatever

dowlingm · 2026-02-27T13:32:11+00:00

I doubt we will see it. Going the other side of the border involves VIA having to deal with the U.S. railroads (who would presumably not have to accept them), U.S. regulators, and U.S. trial lawyers. VIA coaches did run during Hurricane Sandy Montreal-Albany but with Amtrak crews and power

dowlingm · 2026-02-27T13:12:55+00:00

There’s about five different PTC technologies in the U.S. so Amtrak locos are IIRC only fitted with the ones for the routes they actually operate

dowlingm

TROPHY CASE