Do you have Device Writeback enabled on Azure Active Directory Connect? Do you know how to check if a device has been written back?

Do you have Device Writeback enabled on Azure Active Directory Connect? Do you know how to check if a device has been written back?

I have been recently working with a customer and errors within AAD look which pointed to an issue with Device Writeback not being enabled on Azure Active Directory Connect.

But how do you check if the device is writing back? Well, I’m glad you asked. First of all, we need the Device ID which is obtain running a cmd via command prompt.

dsregcmd /status

Once you have this information you will need to run the following command using PowerShell on one of your domain controllers.

$deviceid = “Enter ID here”
Get-ADObject -LDAPFilter “(cn=$deviceid)” -SearchBase = “CN=RegisteredDevices,DC=OfficeC2R,DC=com,”

If you are returned an error i.e Directory Object Not Found. It is safe to say the device hasnt been registered yet.

And its as simple as that

Regards
The Author – Blogabout.Cloud

Understanding ProPlus Servicing Models

Understanding ProPlus Servicing Models

Office 365 ProPlus has adopted a servicing model for client updates, allowing new features, non-security updates, and security updates to be released on a regular basis, ensuring your users are always up to date with the latest functionality and improvements.

The client servicing model for Office 365 ProPlus provides options that allow organizations to manage the frequency at which features and updates are deployed using multiple release channels which can be configured for all users or a specific set of users within the organization allowing IT to manage update deployment.

Monthly Channel

The Monthly Channel is made available every month and is targetted to users that want the latest features and updates as soon as they are available.

The Semi-Annual Channel

The Semi-Annual Channel is made available every 6 months, in January/July and is best for organizations that don’t want to deploy the latest features of Office right away or that have a significant number of LOB applications, add-ins, or macros that need to be tested prior to broad deployment. This approach helps to avoid compatibility issues that can potentially stall deployments.

This channel has 18 months of support before the version will need to upgrade to the latest release of ProPlus.

The Semi-Annual Channel (Targeted)

The Semi-Annual Channel (Targeted) enables a group of early adopters who get the latest and greatest features four months in advance of a Semi-Annual release, allowing time for organizations to test the new features and updates. This is available every 6 months, in March and September.

This channel has 14 months of support before the version will need to upgrade to the latest release of ProPlus.

Below is a diagram about how the “Update Model” works.

The three primary Office 365 update channels, showing the relationship between the update channels and the release cadence

Check out my Office Pro Plus Tool Kit script designed to assist with testing and deployments.

https://github.com/TheWatcherNode/blogaboutcloud/blob/master/Get-OfficeProPlusToolKit.ps1

Regards,
The Author – Blogabout.Cloud

Common PowerShell modules using by IT Pro within Office 365 space

Common PowerShell modules using by IT Pro within Office 365 space

One of my pet hates when receiving a new laptop or device is reinstalling all the common modules that I use to complete my work. So in good old Blogabout.Cloud fashion I have created a script that installs the following

  • Azure
  • AzureAD
  • Microsoft Teams
  • MSOnline
  • SharePoint Online
  • CloudConnect
  • ORCA

This script will also check if the module installed and if a newer version is available within the PSGallery. I have made this script available on GitHub for your downloading pleasure;

https://github.com/TheWatcherNode/blogaboutcloud/blob/master/Get-CommonModules.ps1

Regards
The Author – Blogabout.Cloud

Office 365 ATP Recommended Configuration Analyzer Report

Office 365 ATP Recommended Configuration Analyzer Report

The ORCA module is your friend when it comes to reporting on the configuration of ATP. This module makes recommendations on where improvements can be made. So how does it work?

Well I have made this process as simple as it gets

– Download PowerShell Script
– Run PowerShell Script
– Open HTML page

Done

I have made the script intelligent to check for module updates to ensure you are running the latest and greatest.

Head over to my GitHub repo to download the script today 🙂

https://github.com/TheWatcherNode/blogaboutcloud/blob/master/Get-ATPReport.ps1

Regards,
The Author – Blogabout.Cloud

Delivering your applications to Windows 10 Clients using Azure Blob Storage and Intune

Delivering your applications to Windows 10 Clients using Azure Blob Storage and Intune

Delivering your corporate applications can be a nightmare if you dont have a enterprise delivery solution like System Center or 3rd party mechanism.

So let’s see how Azure Blob Storage and Microsoft Intune can address this issue by using a storage location and PowerShell script.

Azure Storage Account

One of the requirements for this solution is an Azure Storage Account within your Azure subscription, this account will be used for storing the applications which you would like to roll out to your Windows 10 desktops that are managed using Microsoft Intune.

Storage Account

Specify the required settings within the Basic tab for creating a Storage Account.

Basic Properties

Using the default settings as shown below

Advanced Properties

Click Review and Create
Click Create

Configuring Storage Account with required Applications

Click Container
Specify the Name
Select Conditioner (anonymous read access for containers and blobs) under Public Access Level

Blob – Container

Select your container
Select Upload
Select the files you want to upload
Modify the block size if it’s less than the size of the files you are uploading
Select Upload

Once the files are upload they all have a unique url which is used to identify the file as shown below.

The PowerShell Script!!!

I have created a PowerShell script that is available on GitHub and should be self-explanatory.

Step 1 – Download all the required files into C:\_Build
Step 2 – Run installer files
Step 3 – Run additional Powershell scripts (Optional)
Step 4 – Remove C:\_Build
Step 5 – Create RegKeys (Optional)

https://github.com/TheWatcherNode/blogaboutcloud/blob/master/Get-AppsfromBlobStorage.ps1

Publish script via Intune

If you are having issues with script not executing, please visit this URL to ensure you met all the Microsoft pre-requisites.

https://docs.microsoft.com/en-us/intune/apps/intune-management-extension

Regards
The Author – Blogabout.Cloud

Making your PowerShell script require a particular version of PowerShell to be installed.

Making your PowerShell script require a particular version of PowerShell to be installed.

A common mistake made in a lot of PowerShell scripts is that not all cmdlets are supported across all installed versions of PowerShell.

So how do you ensure that the script you have created can only be executed on a machine that supports the cmdlets? Simple!!!

By using one of the below will ensure that the client must met that version or be high;
#Requires -Version 3.0
#Requires -Version 4.0
#Requires -Version 5.0

So here is an example of a cmdlet that is only supported in version 5, it provides a horrible error message which doesn’t help the end-user.

And heres is an example of the same cmdlet but with #Requires -version 5.0

With this simple line you can prevent your scripts from being executed against machines that dont have the require PowerShell version installed.

Regards
The Author @ Blogabout.Cloud

Install-Module : The term ‘Install-Module’ is not recognized as the name of a cmdlet, function, script file, or operable program

Install-Module : The term ‘Install-Module’ is not recognized as the name of a cmdlet, function, script file, or operable program

Recently, I was trying to use Install-Module cmdlet to install a required module for some testing on a client machine however I ran into the following error

Install-Module: The term ‘Install-Module’ is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1Install-Module MSOnline. CategoryInfo : ObjectNotFound: (Install-Module:String) [], CommandNotFoundException FullyQualifiedErrorId : CommandNotFoundException

The error looks like below:

Install-Module : The term ‘Install-Module’ is not recognized as the name of a cmdlet, function, script file, or operable program

The error usually comes, if your PowerShell is not upto date. The major version of PowerShell should be equal or greater than 5. You can run the below cmdlets to check the PowerShell version.


1
$PSVersionTable.PSVersion

My PowerShell major version was 4.

To solve the error the following steps was taken to resolve the issue.

Download Windows Management Framework 5.1

Here make sure to choose Win8.1AndW2K12R2-KB3191564-x64.msu if you have Windows server 2012 or 2012 R2 machine.

Install-Module : The term 'Install-Module' is not recognized as the name of a cmdlet, function, script file, or operable program
Install-Module : The term ‘Install-Module’ is not recognized as the name of a cmdlet, function, script file, or operable program

Download and install Download Windows Management Framework 5.1, then it will ask to restart the machine-like below:

The term 'Install-Module' is not recognized as the name of a cmdlet
The term ‘Install-Module’ is not recognized as the name of a cmdlet

Regards
The Author – Blogabout.Cloud

ForEach Installed PowerShell Module Thanos Wipe.

ForEach Installed PowerShell Module Thanos Wipe.

In recent times I have been playing with a number of PowerShell modules and now decided to have a bit of a clean up or in the world of PowerShell and Marvel Install-Thanos

Image result for thanos

This process couldnt be any easier if I try,


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
$Array = @(Get-InstalledModule)

   Foreach ($Module in $Array)
   {
     $ModuleCheck = Get-InstalledModule -name $Module.Name -ErrorAction SilentlyContinue  

     if ($ModuleCheck) {
     Write-Host 'Info: Detected an installation of the',$Module.Name,'Module' -ForegroundColor Green
     $Module = Get-Module -Name $Module.Name -ListAvailable
       
     # Identify modules with multiple versions installed
     Write-Host 'Info: Removing',$Module.Name,'Module' -ForegroundColor Yellow
     Uninstall-Module -Name $Module.Name -Force
   }
   }

And just like magic, all your PowerShell Modules should disappear like the Spiderman.

Regards
The Author – Blogabout.Cloud

Changing Window Updates setting using PowerShell

Changing Window Updates setting using PowerShell

In this post, I will look at how to modify the required Registry Keys for Windows Server 2012R2 / 2016 Update settings using PowerShell. PowerShell is one of the gems within Microsoft and enables us to work with systems without the help of a GUI.

Windows always looks at registry keys located in the following hive:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

Typically there is a key named ‘NoAutoUpdate’ with a value in the range 2-5, and have the following meaning:

– 1 = Disable Updates – Only supported on Windows 2012 R2.
– 2 = Notify before download.
– 3 = Automatically download and notify of installation.
– 4 = Automatically download and schedule installation. Only valid if values exist for ScheduledInstallDay and ScheduledInstallTime.
– 5 = Automatic Updates is required and users can configure it.

But if there is a ‘NoAutoUpdate’ key with the value of ‘1’, no updates will be processed by Windows.

You can change the registry key with the help of Powershell directly:

1
Set-ItemProperty -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU -Name NoAutoUpdate -Value 3

Regards
The Author – Blogabout.Cloud

Say goodbye to your legacy PSGallery modules with Get-InstalledModuleUpdate.ps1

Say goodbye to your legacy PSGallery modules with Get-InstalledModuleUpdate.ps1

Working as a Microsoft Cloud Consultant sometimes its hard to keep update to all the latest release of the required PowerShell modules installed on your client machine. Would it be nice if there was a script that took all that pain away?

Say hello to Get-InstalledModulesUpdate.ps1 script

Image result for groot wave

This script is based off my Microsoft Teams Detection script but instead of looking at just that module. I am grabbing all your installed PowerShell module and checking each one against the PSGallery

Module checking

As you can see from my screen shot the script has looked at each modules installed on my client machine and compared to the online version. If a legacy module was detected the update process would start to remove the old version and install the latest from the gallery.

This script is available via my Github or via this site.

Download

Get-InstalledModulesUpdates.ps1 (59 downloads)

Change Log

Version 1.0 – Features

  • Initial release

Version 1.1 – Features

  • Minor updates to code structure

Version 1.2

  • Minor updates to code structure

Version 1.3

  • Minor updates to code structure
  • Transcript of the changes made and dumped to Desktop.

Regards

The Author – Blogabout.Cloud