Configuring Windows Defender Credential Guard with ConfigMgr

I’m currently engaged in multiple customer projects where Windows 10 is already in production, but unfortunately without Windows Credential Guard enabled. For those who think “Credential ….what?” Windows Defender Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them. Unauthorized access to these secrets can lead to credential theft attacks, such as Pass-the-Hash or Pass-The-Ticket. More details can be found here. Some of you might think, why wasn’t Read More …

ConfigMgr Client Policy Settings – Get-CMclientpolicysettings

Here’s a function i wrote recently to retrieve the ConfigMgr Client Policy settings. To use the function you must have the System Center Configuration Manager Cmdlet library installed.


Deploying ConfigMgr Current Branch in Azure Dev Test Lab

Remember the days when you spend hours if not days just to get a lab environment in place and any time you wanted to use the environment again, you spend another couple of hours to get It updated. About 3 years ago I started to make more use of Azure based compute to run my virtual machines, that I use for technology learning and research activities. Initially created the virtual machines through the portal, but Read More …

The System Center Configuration Manager Cmdlet Library

Hey there, usually when I post something I try to post something new, something that ideally hasn’t been posted before. Today, I’ll make an exception.  This becasue when recently speaking to others dealing with ConfigMgr I noticed that not everyone is aware yet that back in April the ConfigMgr team released the System Center Configuation Manager CmdLet Library. So i believe it’s worth to spread the word again. So here we go: The Configuration Manager Read More …

Get-CMTSAgentSetupInfo (Get ConfigMgr Task Sequence Agent Setup Step Info)

We recently performed an upgrade of our ConfigMgr 2012 R2 Infrastructure and due to way how we install the Agent and Agent patches, we had to update the “Setup Windows and ConfigMgr” step within a number of our Task Sequences. I therefore wrote the below Get-CMTSAgentSetupInfo.ps1 PowerShell script which dumps all the ConfigMgr Agent Setup step information from all or specified task sequences. The script retrieves the following information: Task Sequence Name Agent Instalaltion propoerties Read More …

Installing Software using Collection Commander

In the past days I had to provision a number of clients for testing purposes. A specific set of software also needed to be installed on these clients. At our company when deploying software to computers, the deployment for none mandatory software is always set to “Available” so that users can choose themselves when to install the software via the Software Center. I did not want to logon to each machine and initiate the installation Read More …

How to solve “The RPC server is unavailable” when loading the ConfigMgr PowerShell Module

Since a few weeks, I received the below error message when importing the ConfigMgr module in PowerShell, but everything I ran afterwards worked fine, so I kept ignoring it for a while. But now it was about time to get rid of this annoying message. My friend Claude Henchoz gave me a hint a while ago that helped me solve the issue. Looking at the error message more closely, I noticed the name of our Read More …

Use PowerShell to find all collections where the specified device has a membership

Yesterday I deployed a computer with ConfigMgr and then wondered why it got certain software installed. And so another script was born. The Get-CMCollectionOfDevice command retrieves all collections where the specified device has a membership The Script can be downloaded from here

How to identify ConfigMgr collections that take long to refresh

I’ve put together the below PowerShell script this week to identify collections in ConfigMgr that require the longest time to refresh. If you ever experience a decrease in ConfigMgr collection update performance, you might want to run this script to find potential collections that have a long refresh duration.  

Thanks to Roger Zander and Claude Henchoz for the SQL query to find these collections.

PowerShell Script – Get-CMInstalledSoftware

ConfigMgr 2012 comes with a lot of build-in reports, but often it just does not contain all the information I want. Creating a custom report takes more time than just writing a script. The Get-CMInstalledSoftware script retrieves all computers that have the specified software installed. Like it? Get your copy of the script from here  

  Have a good day