CCM LAB

How to Deploy Feature Updates Using Intune: A Step-by-Step Guide Microsoft Intune provides a streamlined method for managing Windows feature updates across your organization. In this guide, I'll walk through the essential prerequisites, policy creation steps, deployment, and monitoring process to ensure a smooth rollout of feature updates using Intune. 1. Verify Prerequisites Before you create a feature update policy, ensure the following prerequisites are met on the target devices: Device Enrollment : Devices must be enrolled in Intune, either as Microsoft Entra hybrid joined or Microsoft Entra joined . Supported OS : Devices must be running a supported version of Windows 10 or Windows 11 . Telemetry Settings : Devices must have the telemetry level set to Required . You can configure this via Devices > Windows> Configuration > Create Policy > Templates>  Device Restrictions > Reporting and Telemetry > Share Usage Data >Set as Required...

Can Intune Deploy Shell Scripts to Linux Devices? Yes! Just like deploying PowerShell scripts to Windows, Intune can also deploy shell scripts to Linux devices. In this blog, I'll walk you through the process of deploying shell scripts to Linux using Intune, making it easier to automate tasks and manage Linux endpoints efficiently. Prerequisites Before deploying a shell script via Intune, ensure the following requirements are met: 1. Intune and Microsoft Entra ID Your environment must have Microsoft Intune configured for device management. This setup enables secure enrollment and policy enforcement on Linux devices. 2. Linux Device Enrollment The Linux PC must be properly enrolled in Intune to receive policies and scripts. If the device is not enrolled, follow Microsoft's documentation on Linux enrollment in Intune. Deploying the Shell Script Once the prerequisites are met, follow these steps to deploy your shell script through Intune: Access Microsoft Intune Sign in to the ht...

  Removing Obsolete Computer Records from Active Directory Using PowerShell Active Directory (AD) environments can accumulate obsolete computer objects over time. These stale records not only clutter the directory but can also pose security risks. This article provides a PowerShell-based approach to identifying and removing outdated computer records from Active Directory. Identifying Obsolete Computer Accounts The first step in cleaning up AD is to identify inactive computers based on their last logon timestamp and password last set date. Below is a PowerShell script to find obsolete devices that have not logged in for more than 60 days: Import-Module ActiveDirectory $DaysInactive = 60 $time = (Get-Date).AddDays(-$DaysInactive) # Identify obsolete devices $obsoleteDevices = Get-ADComputer -Filter { (LastLogonTimeStamp -lt $time -and PasswordLastSet -lt $time) -and (OperatingSystem -like '*Windows 10*' -or OperatingSystem -like '*Windows 11*' -or OperatingSystem...

Exporting All AD Computers by OU using PowerShell When you run this script, it generates a CSV file containing the following details for all computers in the specified OU: DistinguishedName : The full Active Directory path of the computer object. Name : The hostname of the computer. ObjectGUID : The unique identifier for the computer in AD. OperatingSystem : The installed OS on the machine. OperatingSystemVersion : The version of the installed OS. LastLogonDate : The last recorded logon date of the computer. The output file C:\Reports\AllComputers.csv can be opened in Excel or any text editor for further analysis. ------------------------------------------------------------------------------------------------------------- # Define the Organizational Unit (OU) to search $OU = "DC=CCM,DC=LOCAL"  # Change this if you want to target a specific OU # Retrieve all computers within the specified OU and export to CSV Get-ADComputer -SearchBase $OU -Filter * `     -Properties Dist...

Extracting Active Directory User Details with PowerShell Active Directory (AD) is an essential component in managing users and resources in enterprise environments. As an IT administrator, you often need to retrieve and analyze user details, such as their account status, department, and last logon date. In this article, I will walk you through a simple yet effective PowerShell script to fetch Active Directory user details and export them into a CSV file. PowerShell Script to Retrieve AD User Details The following PowerShell script retrieves all users from the CCM.LOCAL domain, including their display name, account status, department, email address, and last logon date. The results are formatted in a table and optionally exported as a CSV file for further analysis. --------------------------------------------------------------------------------------------------------------------------   # Define the search base for the Omega group in the CCM.LOCAL domain $searchBase = "DC=CC...

 The SQL query provided in this post is designed to extract a wealth of information from your SCCM database. Here’s a breakdown of what it does: Hostname and Model Information: Retrieves the NetBIOS name (hostname) and the model of each PC. Operating System Details: Fetches the OS version and build number, which is essential for ensuring compliance and identifying systems that need updates. Processor Information: Gathers details about the processor, including its name, number of cores, and logical processors. Memory Configuration: Concatenates information about all RAM slots, including capacity, type, and bus speed, providing a complete picture of the system’s memory configuration. Storage Details: Retrieves information about the type and model of each drive, as well as the total and free space on each logical disk. Total Memory and Disk Size: Ca...

 The following SQL query retrieves key details that most customers commonly request: Computer Name and Organizational Unit (OU) Client Status (Active/Inactive) Processor and Memory Details Last Logged-On User Last Hardware Scan Date Operating System Version and Build Logical Disk Details (Total and Free Space)   SELECT DISTINCT     s.Name0 AS ComputerName,     MAX(v_RA_System_SystemOUName.System_OU_Name0) AS 'Computer OU',     CASE         WHEN cs.ClientActiveStatus = 1 THEN 'Active'         ELSE 'Inactive'     END AS 'ActiveClient',     cp.name0 AS [Processor Name],      v_GS_COMPUTER_SYSTEM.UserName0 AS 'Last Logged-On User',     v_GS_WORKSTATION_STATUS.LastHWScan,     os.Caption0 AS 'OS Version',  ...