by ·0 Comments

CmdLets SCCM

CmdLets SCCM

A SCCM server administration will be generally to add new drivers, images of boot or to installations and applications. This will also be to monitor the State of health of the infrastructure by looking at the logs file.
Using PowerShell with CmdLets SCCM is justified because it is thus possible to script some action and therefore to industrialize the process which some may be “heavy” when there are executed manually.

For this Microsoft provides to people wishing Cmdlets to perform the administration of one or more servers SCCM.

Continue reading

by ·0 Comments

Remote execution

Problem with remote execution

One of my customers wanted recently to run a remote administration using a local account. The firewall on the server was disabled and inactive UAC. However despite these operations, it was not possible for a local account (non-administrator) to perform the remote operation.
Continue reading

by ·1 Comment

Install and configure LAPS

Manage Local Account Password

An element that is rarely changed it’s the password of local accounts. It is common to put the same password for a local administrator on all workstations and servers. This has created an impact of a security breach.
It’s important to have a different password on each machine and server. Thus in case of a compromise of passwords, the other machines / servers are not impacted. However a regular change of password or managing a machine password can greatly complicate the daily administration.

Continue reading

by ·0 Comments

Manage version CB-CBB

What is Windows As A Service ?

Before Windows 10, Microsoft implemented a major version of an operating system through a package service.A new version of the system appeared after several years.It was common to have significant differences in the nucleus of different operating system.
With Windows 10 , a new management of major release appeared. Indeed every 4 months (for Current Branch – CB) or eight months ( Current Branch For Business – CBB), Microsoft provides a new release of Windows 10.
Continue reading

by ·0 Comments

LogoServer

Problem Bitlocker

During a Bitlocker project at a customer I had a problem with the storage of bitlocker recovery key in Active Directory
After you set up group policy which configured the desktop and laptop client (store in AD the recovery key, use tpm,…), I launched the script which enabled BitLocker on the system partition or opther partition. The bitlocker has been actived and partition has crypted, however the recovery key was not stored in the Active Directory. After several tests, I realized that some partition encryption failed (error message when i try to initialize TPM chip) and this randomly.
The project consisted to encrypt partitions systems from a laptop computer to decrypt the partition using the TPM chip.

Continue reading

by ·0 Comments

Problem Active Directory

Problem Active Directory

Migrating Active Directory at one of my clients, it seems interesting to share a solution to a problem. When you update the schema to add the RODC objetcts (adprep /rodcprep), an error 0x3 appears. At the time of depromote domain controller, the error messages appear informing me of a problem.

A surviving domain controller must seize any operations master roles, also known as flexible single master operations or FSMO, that were previously held by the forcibly demoted domain controller. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Continue reading