Recent Updates

TimmyIT 10:00 am on March 26, 2018
Tags: , Features, Phased Deployments   

ConfigMgr Current Branch 1802 – Phased deployments

 

Late January Microsoft introduced something they called phased deployment in the technical preview 1801 for ConfigMgr and I went through the feature in a blog post here: https://timmyit.com/2018/01/22/configmgr-technical-preview-1801-phased-deployment

 

2 months later we now have a new ConfigMgr current branch release version 1802 and with that we now have the phased deployment as a pre-release feature in latest version of ConfigMgr Current Branch.

Here’s a blogpost from Miocrosoft talking about some of the new features in this release:

https://cloudblogs.microsoft.com/enterprisemobility/2018/03/22/now-available-update-1802-for-system-center-configuration-manager/

Where they mention this new feature:

  • Phased deployments – Phased deployments automate a coordinated, sequenced roll out of software without creating multiple deployments.

 

Activating Phased deployment

 

Since this is a pre-release feature you need to specify that you want to activate this feature before you can use it, this can be done either during the upgrade process or from the ConfigMgr console as soon as you have updated to version 1802.

 

Recommend you also check out this doc about pre-release features from Microsoft

https://docs.microsoft.com/en-us/sccm/core/servers/manage/pre-release-features

 

First you need to make sure you have activated the option to use pre-release features, this how you do it:

  1. Go to “Administration”
  2. Expand “Site Configuration” and click on “Sites”
  3. Choose the site you want to configure and click on “Hierarchy Settings”
  4. Under “General” make sure you have checked the “Consent to use Pre-release features”

 

 

Once that’s done you need to activate the Phased deployment feature it self

  1. Go to Administration
  2. Expand”Update and servicing” and click on “Features”
  3. Find the Phased deployment feature and right-click on it and choose “turn on”
  4. Reopen the ConfigMgr Console

 

 

 

Creating a Phased deployment

 

Microsoft Docs:

https://docs.microsoft.com/en-us/sccm/osd/deploy-use/create-phased-deployment-for-task-sequence

 

Let’s take a quick look at this and head over to a task sequence and in this particular case we will try to do a phased deployment with the “Awesome task sequence” and from there we will right-click on the Task sequence and choose ” Create Phased deployment” (We also have an icon for to do this see picture 2)

 

 

A wizard will appear were we need to specify a name and choose our pilot collection and production collection

 

 

Once we clicked “Next” we get some options to configure

 

  • Criteria for success of the first phase
    • Deployment success percentage – Were we can specify a critera between 0-100 %

 

  • Conditions for beginning the the second phase of deployment after success of the first phase
    • Automatically begin this phase after a deferral period in days – Pick how many days after the success of the first phase the production deployment should start. (From my own testing if you choose 0 days it will start within minutes once the the deployment success percentage has been reached)
    • Manually begin the second phase deployment – Determine if we want to start it manually or not

 

  • Once the device is targeted, apply the upgrade
    • As soon as possible
    • Deadline time (relative to the time the device is targeted) – Choose between hours, days, weeks, months

 

 

Click “next” and you will get an overview of the different deployment phases, you can reorder them, Add and Edit.

 

 

Continue to the end of the wizard and once done you will find the phased deployments

 

 

As we can see in the previous pic there’s one Phased deployment and at this time we only have 1 deployment because that deployment haven’t reached the success percentage we configured in the wizard.

 

 

You also have a few options on the Phased deployment to either manually move it  to the next phase or if you want to suspend the phases by right-clicking on the phased deployment or by selecting it and do it from the bar at the top.

 

 

Once the first phase has reached the success percentage we configured and the clients have reported back to ConfigMgr within a few minutes ( Becasue we configured the “Automatically begin this phase after a deferral period in days” to 0, if we would have gone with 1 day deferral it would wait until that time to kick off phase 2 )

 

 

There’s a bunch more settings we could have gone through but I will leave at this as for now and probably do a video showcasing it more in depth.

 

I didn’t touch on troubleshooting in this post but if you want to look at the log files these are the ones that you should look to over at the primary site server.

SMS_PhasedDeployment.log

SMSProv.log

 

That’s all for now and until next time, cheers !

Don’t forget to follow me on twitter

 

And you can also find me blogging over at http://blog.ctglobalservices.com/

 

 

#configmgr, #features, #phased-deployments

TimmyIT 10:09 pm on January 22, 2018
Tags: , , Technical Preview 1801, TP1801   

ConfigMgr Technical Preview 1801 – Phased deployments

 

The ConfigMgr product group just keeps on producing builds for us to test out and here is the latest one, ConfigMgr Technical Preview 1801. One of the new features they introduced that caught my attention was something they called “Phased deployment” and in the documentation

they wrote:

 

Phased deployments automate a coordinated, sequenced rollout of software without creating multiple deployments. In this Technical Preview version, the phased deployment wizard can be completed for task sequences in the admin console. However, deployments are not created.

 

Links to the ConfigMgr Technical Preview 1801 docs and info :

 

https://docs.microsoft.com/en-us/sccm/core/get-started/capabilities-in-technical-preview-1801

https://cloudblogs.microsoft.com/enterprisemobility/2018/01/22/update-1801-for-configuration-manager-technical-preview-branch-available-now/

 

Let’s take a quick look at this and head over a task sequence and in this particualar case we will try to do a phased deployment with the “Awesome task sequence” and from there we will right-click on the TS and choose ” Create Phased deployment”

 

 

A wizard will appear were we need to specify a name and choose our pilot collection and production collection

 

Once we clicked “Next” we get some options to configure and they seem to be self explanatory

 

  • Criteria for success of the pilot phase
    • Deployment success percentage – Were we can specify a critera between 0-100 %

 

  • Conditions for  beginning the production phase of deployment
    • Automatically begin this many days after the success of the pilot phase – Pick how many days after the success of the pilot phase the production deployment should start
    • Wait for me to manually being this phase of deployment – Determine if we want to start it manually

 

  • Once the production phase begins, target all the devices within days – Choose number of days

 

  • Once the device is targeted, apply the upgrade
    • As soon as possible
    • Deadline time (relative to the time of the device is targeted) – Choose between hours, days, weeks, months

 

 

Click “next” and you will get an overview of the different phases

 

 

Next up is to set a failure rate where the deployments will be stopped if the failure rate is above X procent

 

 

 

 

Once done with the Wizard you will find the phased deployment under the lower statusbar.

 

 

As stated in the release docs for 1801 the phased deployment in this release doesn’t create any deployments so the feature Isnt “working” yet but I personally think its a really good Idea thats needs some fine tuning for sure but the concept Is awesome ! Can’t wait for the “updated” version of this feature so we can play around some more with it.

That’s all for now and until next time, cheers !

Don’t forget to follow me on twitter

 

And you can also find me blogging over at http://blog.ctglobalservices.com/

#configmgr, #technical-preview, #technical-preview-1801, #tp1801

TimmyIT 2:26 pm on October 31, 2017
Tags: , , Run Script, , Technical Preview 1710   

ConfigMgr Technical Preview 1710 – Run script update

 

Last night for us Europeans there was another ConfigMgr Technical Preview release and this time its version 1710. There are many new great features indroduced to this Technical Preview and the full overview you can find over at Microsoft.

https://docs.microsoft.com/en-us/sccm/core/get-started/capabilities-in-technical-preview-1710

 

In this post I will focus on one of the things that i find the most exciting in regards to the Run Script feature which is a way to almost in real-time execute powershell scripts directly on clients.

See my other posts on this feature if you need to get up to speed on what it is and how to use it:

 

http://blog.ctglobalservices.com/powershell/tan/how-to-activate-the-new-feature-run-powershell-scripts-from-the-configmgr-console-on-current-branch-1706/

http://blog.ctglobalservices.com/powershell/tan/create-and-run-scripts-with-the-new-feature-run-powershell-scripts-from-the-configmgr-console-on-current-branch-1706/

https://timmyit.com/2017/09/18/baseline-evaluation-with-run-script-feature-in-configmgr-1706/

 

 

 

The Wizard

 

One of the big updates here is the wizard and the ability to get realtime output to show up in the wizard during execution of the script.

When executing the script you will see a green statusbar that indicates that somethings i happening and under that you know have box that will populate with data onces the client have runned the script and reported back which just takes a few seconds.

 

(Side note, The script I’m running below is just a Ping to localhost on each client)

 

 

One of the options you have is the “Script details” found in the botton left corner and here you will se information like “Script name, Script Version, Last modified Time, Collection ID”

 

 

In the middle you have “Summary” which is the default one you will see and from here you can change how you want to view the data.

The data you can view is

  • Script output
  • Script Exit code

and you can view them as

  • Bar Chart
  • Pie Chart
  • Data table

 

 

You can also view this information on scripts you ran histroically if you go to Monitoring -> Script Status and right-click and than click on Show status (You will also able to preview the some information in the lower part of the console)

 

 

After clicking on Show Status you will get prompted by this windows containing all the info we saw in the Wizard when executing the script and can sort the data in the same way.

 

Parameters

The next thing i want to showcase is the Parameter functionallity which gives us the ability to specify a parameter when executing the script towards a collection. Here we are creating a new script which is called “Ping Parameter”

and in this script we will add a parameter and then do a ping with a variable based on that parameter.

 

 

Once clicking “Next” we get option to Edit the Parameter

 

 

From here we can change a few options like Data Type, required true or false etc. Also able to add a Description that will show up later when executing the script.

 

 

Once configured click next and then you have to approve the script as always. Next step is to run the script and when we do that we get the following option now to enter a parameter. In this case we need to enter the computer name we want to ping with the ping script we just created.

The description box shows the information we wrote earlier telling the user who executes the script some information about the parameter and what they need to enter.

 

 

We run the script and gets prompted with information as expected

 

 

but if we check under “Script Details” we find additional information on the parameter we entered

 

 

 

These are really cool additions to this great feature and I’m really happy that the ConfigMgr team just keep on working on it and add functionallity. Hopefully we can see some of these changes to the pre-release feature in the next ConfigMgr CB build.

 

 

That’s all for now and until next time, cheers !

Don’t forget to follow me on twitter

 

And you can also find me blogging over at http://blog.ctglobalservices.com/

 

 

#configmgr, #powershell, #run-script, #technical-preview, #technical-preview-1710

TimmyIT 10:00 am on October 2, 2017  

ConfigMgr related videos from Microsoft Ignite 2017

 

Ignite 2017 is now over for this time and Microsoft have already announced that they will come back to Orlando next year for Ignite 2018. Until next year we have hours upon hours of interresting videoes to watch and in this blog post I will highlight some of the talks that covered ConfigMgr related topics but also other videos that covered modern management and management in generall since they are often highly relevant if you are a ConfigMgr administrator.

 

You can find all the videos over at

https://myignite.microsoft.com/videos

or over at their yourtube channel

https://www.youtube.com/channel/UCrhJmfAGQ5K81XQ8_od1iTg

 

 

Microsoft 365: Modern management and deployment

 

What’s new in Configuration Manager

 

 

 

Dig deeply into BranchCache: Learning from the experts

BranchCache is a Peer-to-Peer solution that comes with ConfigMgr which aims to help out with content distribution. One of the biggest challanges enterprises are facing is bandwith and size of data that needs to be transfered over the network so its important to know when and how P2P can help out with content distribution.

 

 

 

How to design and complete your successful move to Windows 10 and WaaS

 

 

Learn how to service Windows 10 using Windows Update for Business

 

Secure Windows 10 with Intune, Azure AD and System Center Configuration Manager

 

 

 

Conduct a successful pilot deployment of Microsoft Intune

 

 

 

This is just a small sample of all the talks and I highly recommend you head over to https://myignite.microsoft.com/videos or to https://www.youtube.com/channel/UCrhJmfAGQ5K81XQ8_od1iTg

 

That’s all for now and until next time, cheers !

Don’t forget to follow me on twitter

 

And you can also find me blogging over at http://blog.ctglobalservices.com/

TimmyIT 10:30 am on September 18, 2017  

Baseline Evaluation with Run script feature in ConfigMgr 1706

 

One of the new pre-realease features in ConfigMgr 1706 is the Run Script function which makes it possible to run Powershell scripts directly from the ConfigMgr console towards clients. This is a huge benefit to be able to do so because this means as long as the client is active in ConfigMgr console it will execute the script you triggered almost in real time and without going through the process of making sure that WinRM is active on the client and configuring firewall and all the other things that can be an issue when you deal with clients on different subnets, physical locations, behind different firewalls etc. As long as you have your ConfigMgr infrastructure in place and the clients are active you are all good to go.

 

What you could do and as I will showcase in this post is to invoke Configuration baseline evaluation on demand with the Run script function. I have an old blog post on how to to it with Powershell remotely ( https://timmyit.com/2016/07/26/sccm-and-powershell-trigger-baseline-evaluation-on-client/ ) but that means you have to have everything in place to remote access clients with Powershell which isn’t always the case in a lot of environments for many reasons.

The reason for creating this script in the first place is because there’s no built in function to evaluate baselines on demand in ConfigMgr. I have also created an uservoice to add that function in the UI console here: https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/18652852-console-ui-function-to-invoke-evaluation-of-baseli

Give that uservoice a vote if you find it useful and in the mean time we can use the run script function to achieve the same result.

 

If you want to know in detail how to active the run script feature in ConfigMgr 1706 and how to create a script and run it in detail check out my blog posts about that over at CTGlobalservices blog:

 

http://blog.ctglobalservices.com/powershell/tan/how-to-activate-the-new-feature-run-powershell-scripts-from-the-configmgr-console-on-current-branch-1706/

http://blog.ctglobalservices.com/powershell/tan/create-and-run-scripts-with-the-new-feature-run-powershell-scripts-from-the-configmgr-console-on-current-branch-1706/

 

Baseline Evaluation with Run script feature

 

Here’s the Powershell script we want to use to evaluate all of the baselines deployed to the machines in a device collection. If you just want to evaluate a specific one you need to modify the script.

 

Note,

When testing this script as a Run script I wasn’t able to run the original Powershell script as a function, it returned Exit code 0 but didn’t execute the evaluation method on the client for some reason through ConfigMgr but it did work when I ran it manually on the client. I’m currently troubleshooting that and will probably file a bug report when I have more info and do a separate blog post on that later. But in the meantime we will just have to skip function part. And just to emphasis this is still a prerelease feature.

 


$Baselines = Get-WmiObject -ComputerName $env:COMPUTERNAME -Namespace root\ccm\dcm -Class SMS_DesiredConfiguration
$Baselines | % {

([wmiclass]"\\$env:COMPUTERNAME\root\ccm\dcm:SMS_DesiredConfiguration").TriggerEvaluation($_.Name, $_.Version)

}

 

First off all, lets create a script

 

Copy the or import the powershell script

 

Approve the script you just created.

 

 

Over at the client you can see that we have a Baseline that hasn’t been evaluated yet

 

Jumping back to the ConfigMgr console we find the device collection we want to run the script against and then right click and choose “Run Script” and go through the wizard

 

 

Under Client operations we can see that the operation has started

 

And under monitoring and “Script Status” we see that the evaluation has completed on the client.

 

 

and finally over at the client we see that the Baseline has been evaluated.

 

That’s all for now and until next time, cheers !

Don’t forget to follow me on twitter

 

And you can also find me blogging over at http://blog.ctglobalservices.com/

TimmyIT 10:30 am on August 3, 2017
Tags: Application install issue, bug report, , ConfigMgr bug, deployment type   

Some special characters in deployment type name cause applications not to Install

I recently stumble upon a bug in ConfigMgr that can cause issues with application deployments so that applications won’t install. When you are creating and application and gets to the step where you are supposed to create a Deployment type and you give the deployment type a name containing some certain special characters this will cause you not to be able to install the application when deployed to a collection.

 

Following special characters have been tested and won’t cause any issues:

/ & ! # @ –

 

These special characters will cause issues:

\ ”

Example

 

Here you have an example where the Name field contains a backslash “Install\Uninstall”.

 

 

 

When trying to Install the application that contains the backslash character it can look like this where it just keeps saying “installing..” and won’t continue until you go to another pane and back and you will see the “Install” button again

 

 

Here’s a another example with different app but with the same scenario for the deployment type name and it can show up is with an error message like this:

 

 

 

 

And in some instances the application won’t show up at all (app that should appear is WinRar 5.4.0)

 

 

Here’s a short video showing off the issue

 

 

Workaround

 

So whats the workaround if this happens? Well it’s pretty simple actually.

Just rename the deployment type and remove the special character that caused the issue and let the client run an application deployment evaluation cycle and the installation will continue just fine.

 

Se which special characters that i found so far that will work and won’t work in the beginning of this post.

 

Bug report has been filed to Microsoft

https://connect.microsoft.com/ConfigurationManagervnext/feedback/details/3138523

 

 

That’s all for now and Until next time, cheers !

You can also find me over at

http://blog.coretech.dk/author/tan/

 

 

#application-install-issue, #bug-report, #configmgr, #configmgr-bug, #deployment-type

TimmyIT 12:46 pm on July 27, 2017
Tags: Bitlocker, Bitlocker recovery key, Bitloker issue, HP 820 G4, HP Elitebook 820 G4, HP Elitebook 840 G4, HP Elitebook 850 G4   

HP Elitebook 820 G4 – Bitlocker issue with BIOS firmware version 01.05

TLDR;

Bitlocker issue for model HP Elitebook 820 G4 with BIOS firmware 01.05. Solution: upgrade to 01.06

 

The following versions of the Elitebook also are affected and can use the same BIOS.

Elitebook 840 G4

Elitebook 850 G4

The issue

 

Earlier today I stumble upon an issue with the HP model Elitebook 820 G4 and bitlocker where during the startup it asked for BitLocker recovery key for no apparent reason.

In this specific scenario the Elitebook 820 G4 was replacing the old model Elitebook 820 G3 and just one week prior the Elitebook 820 G4 was implemented and installed without any issues. (What I didn’t know at the moment was that back then it was running BIOS version 01.03 and now it was running 01.05)

 

 

You could either input the bitlocker key and continue or just press ESC 3 times until you got in to BIOS and just press continue and the machine would continue without having to input any recovery key.

 

During the troubleshooting I made sure that the following things were as they should

 

  • Disk formated as GPT and not MBR – Checked
  • TPM 2.0 was enabled – checked
  • Legacy support disabled and Secure boot enabled – checked

and so on, there was nothing wrong with the configuration.

 

Still there was issues that not all the time but the majority of restarts the computer kept on asking for the bitlocker recovery key.

 

The solution

 

What I’ve found out was that the Firmware version 01.05 caused the issue. If you are running 01.03 you shouldn’t have this issue and on HP support site they just released a new version 01.06 so I updated and the problem was solved, no more bitlocker recovery key question during startup.

 

Checking the release notes for 01.06 from HP it also states it fixed issues with bitlocker:

 

 

Download link https://support.hp.com/us-en/drivers/selfservice/hp-elitebook-820-g4-notebook-pc/11122281

 

 

Thats all for now and Until next time, cheers !

You can also find me over at

http://blog.coretech.dk/author/tan/

 

 

 

 

#bitlocker, #bitlocker-recovery-key, #bitloker-issue, #hp-820-g4, #hp-elitebook-820-g4, #hp-elitebook-840-g4, #hp-elitebook-850-g4