Your browser (Internet Explorer 6) is out of date. It has known security flaws and may not display all features of this and other websites. Learn how to update your browser.

Reducing Windows Deployment Time Using Power Management

Great post over on The Deployment Guys blog. 

Read the full post here.

The following post was contributed by Benjamin Rampe a Senior PFE working for Microsoft.

While studying up on Windows 10, I came across a technique that has been shown to reduce the time it takes to apply an OS WIM to disk by 20 – 50%*.  That’s a fairly significant savings in time and the implementation of this technique is relatively easy and does not require you to change how you deploy Windows.  Believe it or not, the savings come from adjusting the OS power management settings during a deployment.  While there are multiple ways to implement these power management settings, below I’ve outlined what I consider the most non-intrusive to existing deployment methods.


Microsoft Intune: Certificates for Microsoft Intune

Excellent post by fellow MVP Jason Sandys. When certs are needed or not needed can be quite confusing and Jason has done a nice job of explaining the topic.

Read his full post here.

Certificates needed for using Intune and managing devices can be a very confusing topic whether in a hybrid or standalone configuration. If you are unfamiliar with the difference between hybrid and standalone, check out my previous post on this: Comparing the Two Modes of Microsoft Intune.


Free ebooks from Microsoft Press

If you haven’t seen this before, well here you go :)

Really great list of free ebooks in various format (PDF, EPUB and Kindle) that covers a wide range of topics. 

Download the books here.

The current list is as follows:

Microsoft System Center Deploying Hyper-V with Software-Defined Storage & Networking

Microsoft System Center Software Update Management Field Experience

Introducing Windows Server 2012 R2

Microsoft Azure Essentials: Fundamentals of Azure

Building Cloud Apps with Microsoft Azure

Introducing Microsoft Azure HDInsight

Introducing Windows Azure for IT Professionals

Rethinking Enterprise Storage: A Hybrid Cloud Model

Introducing Windows 8.1 for IT Professionals

Creating Mobile Apps with Xamarin.Forms, Preview Edition

Programming Windows Store Apps with HTML, CSS and JavaScript

.NET Technology Guide for Business Applications

Microsoft System Center Deploying Hyper-V with Software-Defined Storage & Networking

Microsoft System Center Software Update Management Field Experience

Microsoft System Center Introduction to Microsoft Automation Solutions

Microsoft System Center Extending Operations Manager Reporting

Microsoft System Center: Integrated Cloud Platform

Microsoft System Center: Network Virtualization and Cloud Computing

Microsoft System Center: Building a Virtualized Network Solution

Introducing Microsoft System Center 2012 R2

Microsoft System Center: Designing Orchestrator Runbooks

Microsoft System Center: Configuration Manager Field Experience

Microsoft System Center: Cloud Management with App Controller

Microsoft System Center: Troubleshooting Configuration Manager

Microsoft System Center: Optimizing Service Manager


ConfigMgr: Excluding Known Multi-Reboot Updates During a ZTI Deployment

Here is a fantastic post by Cliff Jones (Microsoft Consulting Services) with a great solution to address the ever cumbersome multiple issue while executing a Task Sequence. 

Read the full post here.

Today’s blog post goes behind the scenes to talk about how to prevent installing all published Windows Update’s which require multiple reboots to successfully install, during a ZTI deployment Task Sequence. These updates can cause issues as a result of the following behavior; the Task Sequence engine is aware the update requests the initial reboot. Upon boot-up, the Task Sequence engine never initializes and therefore can’t be aware that the same update is requiring a second reboot, and thus finally won’t make the necessary changes to restart the TS engine again. When the second reboot occurs, during the deployment, the TS will be in an erroneous state, and will cause an error similar to:

"Task Sequence environment not found"

Ideally, these updates should be injected using DISM during the Offline phase of installation, or added during the Build and Capture as the LTI process is not affected by these updates. Either way, a detection and blocking mechanism is needed for your ZTI deployment process.


Microsoft Intune: Conditional Access Now Available for Hybrid

In December, Microsoft Intune got a new feature that allowed for conditional access to email.  Until now this feature was only available in the cloud solution, not in hybrid (Configuration Manager + Intune).

This feature allows for restriction to Exchange Activesync (EAS) or Exchange Online to only those users who have enrolled their devices. You can configure an exception list as well, so it’s not all or nothing. 

This is one my favorite features, and it’s nice to see it roll over to hybrid now. The extension hasn’t shown up in my lab yet, otherwise I’d grab some screen captures.

View the full post over on the Microsoft Intune blog for a nice video overview, screenshots and configuration instructions.


Azure RMS: Office for Mac 2016 Preview

Microsoft announced recently that the Office for Mac 2016 Preview now has RMS (IRM) support. 

Office 2016 for Mac is powered by the cloud so you can access and share your documents on OneDrive, OneDrive for Business and SharePoint at anytime, anywhere. With Azure RMS, you can also secure and control your documents wherever they go.

The new Outlook (released), Word, PowerPoint and Excel for Mac support Azure RMS and AD RMS, which means that users can now send and receive IRM emails, as well as open and create IRM documents, and share them within and outside your organization.

Read the full article here.


ConfigMgr: Trouble Importing Windows 8/8.1 Drivers on Server 2008 R2

Recently had an issue while configuring some drivers for a client. I was unable to import any Windows 8/8.1 drivers into the site. Upon importing drivers through a script or through the console you will receive "driver is not applicable to any supported platforms"


Turns out it’s a known issue and there is a KB:

Installing the following hotfix resolved the issue for me.

After installing the hotfix and rebooting, I was able to import the Windows 8/8.1 drivers successfully.


Microsoft Enterprise Mobility Suite Webinar Series

Here is a very big and extensive list of the upcoming webinar’s focused around the Enterprise Mobility Suite (EMS):

Microsoft Enterprise Mobility Suite Webinar Series

  • How Do I protect my data wherever it goes?
  • An analyst view of EMM trends
  • Extend your existing Active Directory to the cloud
  • Cloud Suites explained: EMS and ECS
  • Configure Azure Active Directory Premium features
  • Better Together: O365 and EMS
  • Secure O365 apps with Microsoft Intune
  • Compare point solutions for enterprise mobility to Microsoft EMS
  • Configure Azure RMS for secure sharing
  • Streamline new employee onboarding with EMS
  • Configure Azure AD Application Proxy
  • Enterprise mobility security with Azure RemoteApp, MFA, and RMS
  • Configure Azure RemoteApp to provide user access to applications

There is also a list of on-demand webcasts:

  • Control access to cloud resources with Enterprise Mobility Suite
  • Secure access to cloud resources with Enterprise Mobility Suite
  • How to deliver apps with Azure RemoteApp
  • How to secure BYOD scenarios with conditional access
  • How do I make e-mail and office secure on mobile devices?
  • Do I really need an integrated approach for mobility instead of compiling point solutions?
  • Protecting corporate data with Enterprise Mobility Suite
  • How do I know when I’m under attack – and then what do I do?
  • How to manage apps in BYOD scenarios

Microsoft Intune: March 2015 Updates

    As part of our monthly release cadence, we will be making available the next service update for Microsoft Intune between March 4, 2015 and March 7, 2015. New Intune standalone (cloud only) features that will be released as part of this service update include:

    • Ability to streamline the enrollment of iOS devices purchased directly from Apple or an authorized reseller with the Device Enrollment Program (DEP)
    • Ability to restrict access to SharePoint Online and OneDrive for Business based upon device enrollment and compliance policies
    • Management of OneDrive apps for iOS and Android devices
    • Ability to deploy .appx files to Windows Phone 8.1 devices
    • Ability to restrict the number of devices a user can enroll in Intune

    Additionally, as part of this service update, we will be providing hybrid customers with the ability to create custom WiFi profiles with pre-shared keys (PSK) for Android devices. Delivering new features to our hybrid customers using System Center Configuration Manager integrated with Intune remains a top priority for our team, and you can expect additional hybrid features to be made available soon. Make sure to bookmark this blog and the ConfigMgr blog to keep up-to-date as we continue to release new features on a monthly basis.


Intune: February Updates


  • Management of the Office Mobile app (access, view, and edit Word, Excel, and PowerPoint documents) for Android phones
  • Management of the OneNote app for iOS devices. Management of Office mobile apps (Word, Excel, and PowerPoint) on iOS devices made available in December 2014
  • Ability to browse and install apps on Windows Phone 8.1 devices using Intune Company Portal website
  • Deployment of WiFi profiles for Windows devices using XML import and Windows Phone devices using OMA-URI (deployment of WiFi profiles currently supported for iOS and Android devices)
  • Support for Cisco AnyConnect per-app VPN configurations for iOS devices
  • Ability to require encryption on Windows 8.1 (x86) devices
  • Ability to set minimum classification of platform updates to be installed automatically on Windows 8.1 (x86) devices