Manage your Windows 10 devices via PowerShell and Microsoft Intune

A big wish of the community and companies using Microsoft Intune was the ability to manage Windows 10 devices that are managed with Microsoft Intune via PowerShell. Since the MDM channel is not supporting deployment and the execution of PowerShell scripts, Microsoft announced today at Ignite the Microsoft Intune Management Extension. Meet the Microsoft Intune Management Extension The Microsoft Intune Management Extension is an addition to the current Windows 10 MDM capabilities and allows us now to deploy and execute PowerShell scripts. The Microsoft Intune Management Extension is automatically deployed and installed on Azure AD joined devices. The Microsoft Intune [...]

By | 2017-09-26T02:35:29+00:00 September 26th, 2017|Automation, Enterprise Mobility Suite (EMS), Powershell|0 Comments

Create and run scripts with the new feature “Run Powershell scripts from the ConfigMgr console” on current branch 1706

In my last post I talked about how we could activate the new feature "Run Powershell script from the ConfigMgr" on current branch 1706 and in this post I would like to talk about on how to get started using this wonderful feature once you have activated it. This feature really shows that the ConfigMgr product team over at Microsoft really listens to its community and that they do everything they can to improve the product. Tho this feature is a bit rough around the edges it shows great potential and i can't wait to see how it will evolve over time [...]

How to activate the new feature “Run Powershell scripts from the ConfigMgr console” on current branch 1706

Yesterday the ConfigMgr product team over at Microsoft released the latest current branch version 1706 (and the techincal preview 1707 within a 24 hour period, Awesome work!) and with that came another great pre-release feature that we previously only had access to in the Technical Preview (TP 1706) and that's the ability to run powershell scripts directly from the ConfigMgr console. This is one great feature that really excites me :D   If you want to learn more about this feature you can read the MS docs here: https://docs.microsoft.com/en-us/sccm/apps/deploy-use/create-deploy-scripts   Lets get started. First make sure that we are running [...]

By | 2017-07-29T11:17:31+00:00 July 29th, 2017|Configuration Manager (SCCM), Powershell|0 Comments

Remove non authorized members of the local administrator group with ConfigMgr

    MVP Jörgen Nilsson did a great post the other day over at https://4sysops.com/archives/monitoring-laps-with-configuration-manager/ where he showcased how one could monitor LAPS with the help of CI's in ConfigMgr to make sure it's installed and running properly. Continuing on the LAPS theme and ways ConfigMgr can help us improve security and maintain control I would like to talk a little about how we can remove non authorized members of the local administrator group with the help of Configuration Items/Baselines in ConfigMgr.   For those who are unfamiliar with LAPS (Local administrator password solution) you can learn more here: https://technet.microsoft.com/en-us/mt227395.aspx     [...]

Watch out when using $PSModuleAutoLoadingPreference = “none” in a PS Remote Session in Windows Server 2016

Recently I discovered a change in the default behavior of PSRemoting Sessions in Windows Server 2012 R2 vs. Server 2016. I was migrating a script from 2012R2 to 2016 and surprisingly, I got this error:   The term 'Get-Date' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included , verify that the path is correct and try again. + CategoryInfo : ObjectNotFound: (Get-Date:String) [], CommandNotFoundException + FullyQualifiedErrorId : CommandNotFoundException + PSComputerName : ctaa01   When I vestigated the issue I found that [...]

VIP Users Part 2 or how to synchronize group membership from AD to SCSM

Dealing with VIP users is a common practice within Service Management. This old blogpost explains a very good approach to mark VIP users in SCSM as VIP users. We simply extend the User class with an extra boolean property (true/false) and we then expose that property on the Incident right under the Affected User. That way Analysts can quickly see if the person is VIP and you can also make various workflows or notifications based on this property.   What is missing in the above post is how we figure out who is VIP or not. For many, this relationship [...]

By | 2017-08-30T11:48:15+00:00 November 15th, 2016|Automation, Powershell, Service Manager (SCSM)|2 Comments

Azure Function to enable Microsoft Graph API webhook subscriptions to Azure Automation webhooks

Azure Functions is a great new, cheap and easy way to publish simple web services. Functions can be written in multiple languages such as C#, PowerShell or even Batch! You can read more about them here: https://azure.microsoft.com/en-us/services/functions/ This Azure Function is based on PowerShell and I have used it in multiple session on conferences such as MMS 2016 (was in a C# version though) and System Center Universe Europe 2016 About the function: When using subscriptions in Microsoft Graph API, you have to Validate your webhook by returning a verification code which Graph API sends to the webhook. Unfortunately Azure [...]

By | 2016-08-24T16:00:48+00:00 August 24th, 2016|Azure|0 Comments

Create ConfigMgr Servicing Plans with Excel and PowerShell

Last week I posted one example how to create ConfigMgr Servicing Plans with PowerShell. In this post I will show you how to create Servicin Plans using Excel. Step 1 is to create a table like this If you have that table with necessary information or if needed you can add more data, then simply save it as a CSV file and import the data to PowerShell.   Here is one quick and simple example how to create these Servicing Plans based on a CSV file and if needed create the Device Collections as well. This example also assumes that [...]

By | 2016-05-31T21:32:16+00:00 May 31st, 2016|Configuration Manager (SCCM)|0 Comments

ConfigMgr cmdlets and Lazy properties

If you have worked with Configuration Manager before, then most probably you know that some of the WMI classes contain lazy properties. Microsoft cmdlets for ConfigMgr queries by default these lazy properties, for example If you query the same Device Collection directly through WMI, then you don’t see RefreshSchedule property value. If you need to query lazy properties, then you can use the .GET() method or [WMI] accelerator. Starting from 1604 cmdlets we have a new parameter called -FAST. Parameter FAST allows us to skip Lazy properties and this should make the queries much faster and should also lower the [...]

By | 2016-05-26T17:43:26+00:00 May 26th, 2016|Configuration Manager (SCCM)|0 Comments

ConfigMgr Move-CMObject issue and one possible workaround

If you have been following me in twitter, then most likely you already know that the Move-CMObject cmdlet is broken in 1604 release. Here is one quick examples that shows the error message. Microsoft already knows this issue and hopefully they can fix it quickly but meanwhile we need to find a workaround or do something else: 1. Uninstall 1604 cmdlets and go back to older version 2. Replace Move-CMObject with your own custom function - http://cm12sdk.net/?p=1006 3. NEW! Use Invoke-CMWmiMethod   In this blog post I will show one example how to use Invoke-CMWmiMethod cmdlet. In this example Im [...]

By | 2016-05-24T15:23:08+00:00 May 24th, 2016|Configuration Manager (SCCM)|0 Comments

Creating ConfigMgr Servicing Plans with PowerShell

Last week we got a new set of cmdlets for Configuration Manager and now we have the ability to create Servicing Plans with PowerShell. I put together end-to-end example and with this script you can: Create a folder called Software Updates (cant move Device Collections into a folder because Move-CMObject is broken in latest release) Create 5 Device Collections Create Software Updates Deployment Package Download the necessary upgrade package Distribute the package to a Distribution Point Create 5 different Servicing Plans   ############ WINDOWS 10 SERVICING ###############################     Get-CMWindowsServicingPlan     New-CMWindowsServicingPlan #These cmdlets require Configuration Manager 1511 or newer. $DeploymentPackageName [...]

By | 2016-05-23T16:18:15+00:00 May 23rd, 2016|Configuration Manager (SCCM)|0 Comments

ConfigMgr 1604 new cmdlets

Microsoft released a new set of command-lets for Configuration Manager and all these new cmdlets are also included in the ConfigMgr 1605 TP release. Here are all the new cmdlets: cmdlet Category Notes Get-CMWindowsServicingPlan Software Updates Windows 10 Servicing New-CMWindowsServicingPlan Software Updates Windows 10 Servicing Add-CMServiceConnectionPoint Infrastructure Set-CMServiceConnectionPoint Infrastructure Remove-CMServiceConnectionPoint Infrastructure Get-CMServiceConnectionPoint Infrastructure Remove-CMCertificateRegistrationPoint Infrastructure Set-CMCertificateRegistrationPoint Infrastructure Add-CMCertificateRegistrationPoint Infrastructure Get-CMCertificateRegistrationPoint Infrastructure Invoke-CMDeviceAction Resource Management Get-CMDeviceActionState Resource Management Add-CMIntuneSubscription MDM / Hybrid Set-CMIntuneSubscription MDM / Hybrid Get-CMIntuneSubscription MDM / Hybrid Remove-CMIntuneSubscription MDM / Hybrid Add-CMMdmEnrollmentManager MDM / Hybrid Remove-CMMdmEnrollmentManager MDM / Hybrid Get-CMMdmEnrollmentManager MDM / Hybrid New-CMApnsCertificateRequest MDM / Hybrid New-CMDepTokenRequest [...]

Azure PowerShell: How to assign access to a subscription using PowerShell (RBAC)

I had this question from a customer recently, and when I searched the net I wouldn’t find any specific examples. This example assigns a user as a Contributor to the subscription. When you assign roles to resources, all you need is the URL for the resource and provide it to this cmdlet. Here you go: [crayon-59e71d1debccc541141462/] That’s all for today!

By | 2016-02-18T13:41:05+00:00 February 18th, 2016|Azure, Powershell|0 Comments

Roll Out New Configuration Manager Distribution Point with PowerShell

Here is a quick example how to install new Configuration Manager Distribution Point with PowerShell. As you see we have many options to expand this script. We can install Windows Server features, reboot it remotely, install additional software etc. It all depends how you wanna install and configure it. #Import the Module Import-Module $env:SMS_ADMIN_UI_PATH.Replace("\bin\i386","\bin\configurationmanager.psd1") $SiteCode = Get-PSDrive -PSProvider CMSITE #Change the connection context Set-Location "$($SiteCode.Name):\" #New DP Information $DistributionPoint = 'DP01.4demo4.com' $SiteCode = 'PS1' # Test the connection to server     Test-Connection         -ComputerName $DistributionPoint # OPTIONAL - Install Windows Server Roles and Features     Install-WindowsFeature         -Name Web-ISAPI-Ext,Web-Windows-Auth,Web-Metabase,Web-WMI,RDC         [...]

December 1st: Azure Automation: Triggering a webhook from a SharePoint workflow using Out-of-the-box Activities

Welcome to this year Coretech December Calendar! Today is the 1st of december and we have a great little christmas treat for you! This is the first post in a series of posts, published every day in December. Today's subject is Triggering Webhooks from SharePoint! One of the great new features in Azure Automation is Webhooks! Webhooks is everywhere! More and more cloud services support them. Basically it is a simple HTTP Post sent to a web service that starts the runbooks. We can then send a bunch of data with the post and have the runbook receive these dato. [...]

By | 2015-12-01T12:00:00+00:00 December 1st, 2015|Automation, Azure|7 Comments

Azure automation: Start-AutomationRunbook – New simple way to start runbook jobs from within a runbook!

Microsoft has just released a new cmdlet in the realm of Azure automation. Start-AutomationRunbook The cmdlet is designed to start runbook jobs in the same account as the current running runbook, without having to define any endpoints/credentials/etc. Syntax is: [crayon-59e71d1decfba944246214/]

By | 2015-11-20T15:33:22+00:00 November 20th, 2015|Automation, Azure|6 Comments

Azure Automation: Script for downloading and preparing AzureRM modules for Azure Automation!

Update from MSFT: 2/22/2016: To respond to a common user question, right now there is no timeline on when additional modules / new versions of modules will be shipped out of box in the Automation service. If you have additional requirements besides what we currently ship globally, these modules / module versions will have to be imported as user modules. Please note the new guidance is that if the latest version of any Azure/AzureRM module is imported as a user module to an automation account, the latest versions of ALL Azure/AzureRM modules (not just the ones that ship out of [...]

By | 2015-10-12T16:01:15+00:00 October 12th, 2015|Azure|7 Comments

Upgrade System Center Configuration Manager Console with PowerShell

Since Service Pack 1 was released to SCCM 2012 R2 I have been upgraded several environments. A couple of customers wanted me to create a PowerShell script to uninstall existing ConfigMgr Console and install the new updated version with the latest cumulative updates and hotfixes. If you create a package to distribute it with SCCM make sure you point the Data source to the location of the Client installations files, Script, KB3084586-msp and kb3074857-msp. Installation command for the program will then be: PowerShell.exe -file "script.ps1". Remember to set PowerShell execution policy to "Bypass" under Client Settings. This will not affect [...]

Azure Automation: New Features announced!

Today at the PowerShell summit in Stockholm,  Joe Levy and Anatoli Beliaev of Microsoft announced a bunch of new features that is publicly available in Azure Automation! Unfortunately I was not able to be there in person, but luckily multiple people tweeted about this stuff! (Thanks @vNiklas + @skillriver + more!! ) Some of the features is what I have demoed at multiple session within the last month. (SCU + User groups). Here is the list: Gallery Support Gallery has been expanded and has a nice button for it the gallery now also includes powershell scripts. PowerShell Script Runbooks Use [...]

By | 2015-09-15T14:03:34+00:00 September 15th, 2015|Azure, Scripting & Development|0 Comments

Automate Signature And Status Reports With PowerShell – Windows Defender (.txt file)

What you will be able to after reading this blog: Get the latest information about "your" Signature- & Anti Virus reports in Windows Defender and make it into a text file. How to automate it, so it will run every day and give you a status report with time and date. Being able to look at what time and date the latest updates have been completed. First of all, we have to create a folder/directory where the status reports can be stored in. Open up PowerShell in administrative mode and run this script only by copy-paste: [crayon-59e71d1df0267863386083/] Now that the [...]

PowerShell Script That Creates A Folder And A Shortcut On Your Desktop

Basic example of a script that creates a folder in your Local Disk "C"  and then makes a shortcut on desktop so you have easy access to the folder. First of all, open your powershell as administrator and make sure you are at a place where you are able to create folders such as the C:\ drive. PS C:\WINDOWS\system32> cd .. PS C:\WINDOWS> cd .. PS C:\> And now you are able to run the script! - Copy and paste what is written below [crayon-59e71d1df0e2c249327240/] Now that we have tried to create one folder, why not try to create 2 [...]

PowerShell: LEAP Motion PowerShell Lottery Script @ Danish PowerShell User Group

In our geek club aka The Danish PowerShell user group, we always do a lottery in the end, for books or similar. To draw the correct winner we have been using a script that I have developed. I have for a long time, promised to release the script so that other user groups or other interested people can use it for fun! It has amazing ascii graphics and colors!!! It will take you straight back to your C64 loading screen! The script is a lottery script that takes a file from www.eventbrite.com containing all attendees. The script need a LEAP [...]

Azure Automation: New features including graphical designer and Hybrid Workers goes live!

Today at Ignite, Microsoft announced the next version of the portal for Azure Automation. This portal is part of the new Azure Portal, and you can try it out right away!! It has some great features in the interface and It enables proper Hybrid Cloud Automation! Execute Azure Automation runbook on-premise and trigger them from on-prem solutions!   Can I get a Woohoo!?   In this article, I will explain each feature in details New Graphical Runbook Designer interface (similar to the classic Orchestrator runbook designer) Hybrid Worker Role!! Web Hooks New portal design with better overview over runbooks, Assets etc. [...]

By | 2015-05-04T17:30:01+00:00 May 4th, 2015|Automation, Azure|0 Comments