Posts

OneDrive KFM (Known Folder Move) allows you to redirect common Windows folders (Desktop, Documents and Pictures) to the users personal OneDrive. OneDrive Known Folder Move is the modern replacement for the well known folder redirection group policy. The deployment with Microsoft Intune allows you to trigger or automate the OneDrive KFM configuration for your end users. Updated on 04.08.2019: Added administrative template configuration This post is based on a great article from Oliver Kieselbach about Deep dive ADMX ingestion to configure SilentAccountConfig with OneDrive....

Hello. Long time no see. Finally I’m back with a new post. This time I created a nice little list with Windows 10 1803 New MDM Policy CSP Settings for the next Windows 10 release. If you’re not familiar with Policy CSP Settings - that are GPO Settings configureable over an Intune OMA-Uri Policy. Here’s a great introducation to Policy CSP Settings. My favorite policy CPS’s available with Windows 10 1803 The following CSP’s are available on Windows 10 1803 and later:...

Recently I had to troubleshoot a sticky Surface Hub Miracast Connection error for a customer. They were unable to connect to the surface hub from domain joined devices but a newly installed device from a blank Windows image was working as expected. I started Troubleshooting the Surface Hub Miracast Connection Error and checked all the points mentioned in the official Troubleshoot Miracast on Surface Hub post from Microsoft. Default Configuration On a Windows 10 1709 device exists a default firewall rule to allow Miracast connections to wireless displays:...

After Upgrading to Windows 10 1709 (Fall Creators Update) I couldn’t access my Synology NAS anymore. Therefore I started troubleshooting the Windows 10 1709 Cannot Access SMB2 Share Guest Access error: An error occurred while reconnecting X: to \\nas\data Microsoft Windows Network: You can’t access this shared folder because your organization’s security policies block unauthenticated guest access. These policies help protect your PC from unsafe or malicious devices on the network....

Recently I was troubleshooting ADFS connection issues when I discovered a nice little Cmdlet called “Test-NetConnection”. With this Cmdelet you can verify TCP connectivity, in my case from a client to the ADFS server. The Test-NetConnection cmdlet displays diagnostic information for a connection. It supports ping test, TCP test, route tracing, and route selection diagnostics. Depending on the input parameters, the output can include the DNS lookup results, a list of IP interfaces, IPsec rules, route/source address selection results, and/or confirmation of connection establishment....

If you imagine that your users or administrators have uncontrolled local administrator rights it’s a nightmare. They have (certainly) full control over their computer, and could do a lot of harm. So managing local administrator rights is definitely a must. Manage Local Administrator Rights The Active Directory Group Policies offer a great possibility to manage local groups on clients or servers. All the magic happens with “Restricted Groups”. Adding a group or users to a local group If you want to add a certain group to a built-in group add the group to the restricted groups under the “This group is a member of” sections: When the GPO is no longer applied, the restricted group is being removed from the clients....

Recently I was working on a PowerShell script with many custom functions. When I started to use PowerShell custom objects I wanted to be able to pass them to a function. So I faced the challenge of validating my object for all required properties and came up with this solution, using the ValidateScript block to test the object: Customizing the ValidateScript As you can see I use a ValidateScript for the parameter validation to test the object for the required properties....

Managing printers with PowerShell instead of VBScript? Sometimes it’s necessary to add and remove specific printers to a computer. For example during a client deployment or when a user logs on. This post covers how to manage printers with PowerShell. The following PowerShell commands are supported with PowerShell version 4 and newer. Installing a local network printer Installing a local printer (without a printserver) consists of the following steps: Add the printer driver to your system’s driverstore Install the printer driver from the driverstore Add a printer port to communicate with the printer Last but not least add the printer Add the printer driver to the driverstore Before you can install the printer driver you need to import the printer driver to your system’s driverstore....

Disable Java Auto Update without registry modification? Recently i had to install Oracle Java on a Terminal server and was curious, if it’s possible to configure the package that the auto update feature is disabled without any registry configuration? Custom configuration On the Oracle website i found a great article about the possibility to pass a configuration file to the installer: Here’s the syntax to install Java silently with a custom configuration:...