ConfigMgr never ever cares if a system to be managed is joined to a domain.
Certificate enrollment is always a challenge and depends upon a lot of things
but there is no easy answer here.
Web enrollment is one possibility (if the users are local admins which is bad
of course):
To manage internet machines with Azure through the cloud management gateway
do they have to be joined to the domain, or can they be treated as
workgroup clients.
Also how would the client certificate be sent to those machines?
my bad page not found..any other
On Fri, Mar 10, 2017 at 1:13 PM, Chobeaux, Sebastien <
schobe...@csdccs.edu.on.ca> wrote:
> Hi, for Dell (I don’t use Lenovo) you’ll need Dell Command Configure
> (CCTK) and to change the owner tag use the parameter *propowntag*
>
> *(cctk.cmd –propowntag
hi Kevin
the following will do refreshes from PXE even if BitLockered as long as
you've an MBAM back end, do you ?
https://www.niallbrady.com/2016/05/17/introducing-the-windows-10-uefi-bitlocker-frontend-for-system-center-configuration-manager-current-branch/
On Fri, Mar 24, 2017 at 2:25 PM,
What is STEP?
Is your SCEP Client Policy set to install to those Windows Defender
machines, or did you deploy 'SCEP_Install.exe' to them separately?
They still need the 'Install' to be managed. I found this out a month ago
as well.
On Fri, Mar 24, 2017 at 10:40 AM, Stuart Watret
Someone on site did an in place upgrade of server 2012 r2 to 2016 server.
Now defender and step are in a twist.
I removed sccm, step and reinstalled sccm, this got defender back to being
managed.
He just came back to me to say step is back, sure enough defender is back to
unmanaged.
Anyone
How are you deploying the Task Sequence?
Is this set?
[cid:image001.png@01D2A478.228A1070]
If you don't tell it to access content directly it tries to download it on to a
disk, if it's bitLocked it can't download anything.
Niall Brady has some interesting posts on creating a partition for this
We also use BitLocker and have seen similar issues in the past. We now use a
prestart script on our ConfigMgr boot media that offers the imaging technician
the option to wipe the partition table (basically launch diskpart, select disk
0, clean). This seems to have addressed all of the issues
I see the same thing when re-imaging a W10 Bitlockered system, would be
interested in what you find out.
David
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Kevin Johnston
Sent: Friday, March 24, 2017 7:50 AM
To: mssms@lists.myitforum.com
Subject:
I should note that we also have a task sequence where we deploy Windows 7 with
bitlocker.
We have no issues reimaging these machines. We do not get any errors.
It seems weird that on a UEFI system a reimage fails.
Also a note that the out of box Dell we got, was already bitlockered, so when
we
Interesting
The 2nd attempt is within PXE, and I do not have any script to unlock the disk
prior to it being wiped again.
I guess I would have expected others in the blog-o-sphere to have witnessed
this issue before, maybe I just never come across a posting about this. It
never even
Yes the drive is using bitlocker.
Kevin
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Marable, Mike
Sent: Friday, March 24, 2017 7:14 AM
To: mssms@lists.myitforum.com
Subject: [BULK] [mssms] RE: Reimaging a Dell that has UEFI enabled - fails
Is this an MDT integrated TS? If so, that message is from an mdt script….don't
have the exact name off the top of my head. If you click OK, it should perform
the partition and format step, then proceed.
Jeff
Sent from my Windows 10 phone
From: Kevin
Are you encrypting the drive at all?
Mike
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Kevin Johnston
Sent: Friday, March 24, 2017 6:46 AM
To: mssms@lists.myitforum.com
Subject: [mssms] Reimaging a Dell that has UEFI enabled - fails
We have a brand
We have a brand new out of the box Dell E7270 Latitude. The machine comes with
UEFI already configured and we are imaging it with Windows 10.
We PXE boot the machine, go through our SCCM task sequences to image the
machine and everything appears to be great.
We take this same machine we just
Bet it'll be the dual Nic.. You may need to configure IIS on the WSUS server to
"Listen To all IPs".
Rich Mawdsley
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Collin Murphy
Sent: 23 March 2017 17:50
To: Sherry Kissinger
16 matches
Mail list logo