Tag: PowerShell
-
Everything I Know on Subscription Activation
Overview: Over the past few years, I have had to write far too many blogs on or surrounding the topic of Subscription Activation. Fixed – Enterprise Subscription Activation Broken by KB5036893 & KB5036892Retired: Detecting & Automatically Removing Secondary “Work Or School” Accounts: Part 1Retired: Detecting & Automatically Removing Secondary “Work Or School” Accounts: Part 2Retired: Detecting & Automatically Removing…
-
Technical Deep-Dive on the Workplace Un-Joined Solution (Work and School account Removal)
Introduction: This article pairs with my Everything I Know on Subscription Activation article as is to cover the technical deep dive over how I created the Work or School account detection and removal scripts as part of the “Workplace Un-joined” project. I figured this in-depth information likely didn’t need to go right into the master…
-
Building Golden Images for Hyper-V Lab Testing
Hyper-V is a wonderful thing, as I really don’t like having 16 laptops and chargers around me to perform testing on. No, I much prefer creating a VM, using checkpoints, blowing them up, and recreating them or reverting them as needed. For a long time, I had a simple process to create Golden Images for…
-
Automating Reboot Maintenance Using Intune Proactive Remediations
Intro: One of the age-old issues we in IT face is the employee who thinks rebooting their machine is a quarterly process, or at most a monthly process forced by Windows Updates. As we all know, lengthy up times have a tendency to create system instability and sluggishness, prevent application updates from processing (because much…
-
Automating Disk Space Alerts with Intune Proactive Remediations
Intro: One of the age-old issues we in IT face is a machine running low on disk space. At best, this causes devices to become unstable, struggle to apply patches, and loose overall system (and employee) performance. At worst, it takes the device offline incurring downtime and potentially data loss. Thanks to ever-larger and cheaper…
-
PowerShell DCR Log Analytics Updates: SMBv1 Monitoring & WMI/WMIC Update
SMBv1 – Windows Endpoint Monitoring: I pray that nobody has SMBv1 actually enabled as of June 2024 however, I have an update to share on this subject with regards to the Windows Endpoint Monitoring collector and workbook. Previously, the Windows Endpoint Monitoring script was simply checking whether or not the Windows Feature for SMBv1 was installed. If…
-
Log Analytics for Application Usage Monitoring Part 1.6: Deploying the Script
Introduction: With your data ingesting and workbooks deployed, we are now ready to start deploying the collector via Proactive Remediations in Intune. This will likely be the final article in this series, at least for now. In this section, we will cover… Requirements: This should be pretty obvious, but you need to have completed the setup…
-
Log Analytics for Application Usage Monitoring Part 1.5: Importing the Workbook
Introduction: With your data now ingesting into Log Analytics, granted the collectors not yet deployed, we are ready to begin setting up our workbooks to further confirm data is coming in properly. Note: It would be a good idea to have at least a few devices manually ingest some data before starting this process. In this…
-
Log Analytics for Application Usage Monitoring Part 1.4: Sample Data, Tables, DCRs, Initial Ingestion
Introduction: We have now covered what this solution does and its cost, at least from an ingestion standpoint. Now, we will finally be deploying something! In this article, we will generate our sample data, use it to create our new tables and DCRs, grant the appropriate permissions on those DCRs, and perform an initial ingestion!…
-
Log Analytics for Application Usage Monitoring Part 1.3: Configure Event Auditing
As explained in prior articles, the Application Usage Monitoring makes use of Windows Event logs for data gathering. While the Event Log has a ton of useful information by default, the logs we need to capture for this tool to function are not logged by default and instead must be enabled via policy This article…
Azure to the Max 