Powershell – Page 5

MEMCM Compliance Item Scripts to Secure PointAndPrint Registry Keys

Posted on July 9, 2021 by Trevor Jones in Compliance, ConfigMgr, Powershell, SCCM

Microsoft published some updated guidance yesterday for the Windows Print Spooler Vulnerability (CVE-2021-3457) and recommend securing a couple of Point and Print registry keys if they exist, in addition to deploying the security update: After applying the security update, review the registry settings documented in the CVE-2021-34527 advisoryIf the registry keys documented do not exist, … Continue reading MEMCM Compliance Item Scripts to Secure PointAndPrint Registry Keys →

Querying Windows Build Version History with the Intune Data Warehouse and PowerShell

Posted on June 23, 2021 by Trevor Jones in Intune, Powershell, Software Updates

I had an interesting requirement recently which was to review the OS build numbers of a group of computers over time. This would reveal not only when they got patched, but which patches they installed and when they installed a feature update, for example. Since we aren't using the Data warehouse in MEMCM and our … Continue reading Querying Windows Build Version History with the Intune Data Warehouse and PowerShell →

Create custom Intune reports with Microsoft Graph, Azure Automation and Power BI

Posted on May 12, 2021September 27, 2021 by Trevor Jones in ConfigMgr, configmgr client health, Intune, PowerBI, Powershell, Reporting, SCCM

Microsoft Endpoint Manager aka Intune has been around for a while now and has evolved quite significantly since its early days and the old Silverlight portal (remember that?). Historically Intune hasn't been particularly good with its reporting capability, but since end 2019 and the announcement of the new reporting framework, things are starting to improve … Continue reading Create custom Intune reports with Microsoft Graph, Azure Automation and Power BI →

A case of the unexplained: Intune password policy and forced local account password changes

Posted on April 27, 2021 by Trevor Jones in Compliance, ConfigMgr, Intune, Powershell, SCCM

Having a password policy is a best practice for security of accounts, whether domain, local or wherever passwords are used. In the Windows world, domain accounts have a default domain password policy. Azure AD accounts have the Azure AD password policy. Accounts local to Windows can have a password policy too, and you can use … Continue reading A case of the unexplained: Intune password policy and forced local account password changes →

Get the current patch level for Windows 10 with PowerShell

Posted on April 20, 2021April 22, 2021 by Trevor Jones in Compliance, Powershell, Reporting, Software Updates

I was working on some updates to our unified reporting solution for Windows Updates (ie WUfB + MEMCM) and I wanted to figure out simply from the OS build number whether a Windows 10 workstation has the latest cumulative update installed. The only reliable and useable static list I could find for Windows 10 build … Continue reading Get the current patch level for Windows 10 with PowerShell →

Deploying HP BIOS Updates – a real world example

Posted on March 30, 2021 by Trevor Jones in Applications, Azure, ConfigMgr, configmgr client health, Drivers, Powershell, SCCM, Software Updates

Not so long ago HP published a customer advisory listing a number of their models that need to be on the latest BIOS release to be upgraded to Windows 10 2004. Since we were getting ready to rollout 20H2 we encountered some affected models in piloting, which prompted me to find that advisory and then … Continue reading Deploying HP BIOS Updates – a real world example →

Getting Creative: a Bespoke Solution for Feature Update Deployments

Posted on January 26, 2021 by Trevor Jones in Azure, ConfigMgr, Intune, OS Deployment, PowerBI, Powershell, Reporting, SCCM, Software Updates, WPF

This is the first blog post in what I hope will be a series of posts demonstrating several custom solutions I created for things such as feature update deployments, managing local admin password rotation, provisioning Windows 10 devices, managing drive mappings and more. My reasons for creating these solutions was to overcome some of the … Continue reading Getting Creative: a Bespoke Solution for Feature Update Deployments →

Using a LiteDB portable database with your PowerShell project

Posted on November 23, 2020 by Trevor Jones in Powershell, SQL

I was working on a PowerShell project recently where I needed to reference a large number of items - more than I wanted to add as an array or hash table in script, or even an external file like an XML document. So I searched for a portable, standalone database that I could distribute with … Continue reading Using a LiteDB portable database with your PowerShell project →

Prevent Users from Disabling Toast Notifications – Can it be Done?

Posted on November 12, 2020 by Trevor Jones in Compliance, ConfigMgr, Powershell, SCCM

Another toast notifications post - this time to deal with an issue where users have turned off toast notifications. In my deployment of Windows 10 feature updates for example, I use toast notifications to inform users an update is available. Once we hit the installation deadline, the notifications become more aggressive and display more frequently … Continue reading Prevent Users from Disabling Toast Notifications – Can it be Done? →

Adding Your Own Caller App for Custom Windows 10 Toast Notifications

Posted on October 20, 2020October 20, 2020 by Trevor Jones in Powershell, SCCM

I've seen a lot of blog posts recently with people making good use of custom toast notifications for various purposes, as I have done many times myself. One bugbear for me was that you must call the toast notification using an existing application installed on your system. For example, if you are creating the toast … Continue reading Adding Your Own Caller App for Custom Windows 10 Toast Notifications →