SCCM Computer hardware classes can be used to create dynamic query based device collection. There are different classes such as Computer System , PC_BIOS , System Enclosure , TPM etc which can be used for queries. A collection or query created in Configuration Manager uses WMI Query Language (WQL) to request objects from the SMS Provider WMI Schema, which in turn retrieves the data from site database.
Step by Step Guides
To identify a device with Windows Autopilot, the device’s unique hardware identify (hardware hash) must be captured and uploaded to the service. This is usually first step when you want to provision a machine using Windows Autopilot. The hardware hash can be uploaded by manufacturer / raeseller for new devices. However, hardware hash need to be collected manually for the devices which are already in corporate environment and not already enrolled into Microsoft Intune.
Windows kiosk is a lockdown mechanism to restrict device access to pre-defined applications. The applications appears on the desktop and user can only use those applications. Kiosk are mostly placed in public area to allow access to specific applications to authorized users or guests. For example, a self check-in kiosk at airport. We can use Microsoft Intune to deploy a Device configuration profile to configure Windows Kiosk on Windows 10 / 11 device as single app or multi-app kiosk.
A dynamic collection in Configuration Manager is based on WMI Query Language ( WQL ) queries. The membership of these collections updated dynamically based on the rules provided in WQL …
The cloud management gateway (CMG) provides a simple way to manage Configuration Manager client over internet. In the first part of this blog post series, we discussed about CMG prerequisites and requirements.
In this post, we will discuss about web server authenication certificate requirements for CMG. We will issue PKI certificate from Microsoft PKI, enroll that to SCCM primary site server and export the same to .PFX format to use during CMG setup.
The SCCM cloud management gateway (CMG) provides a simple way to manage Configuration Manager client over internet. CMG does not require any additional on-premises infrastructure. The CMG services are hosted …
Provisioning package method can be used for bulk enrollment of Windows devices to Microsoft Intune. A provisioning package add devices in bulk to Azure Active Directory (AAD) and automatically enroll those devices into Microsoft Intune. This method can be used for corporate owned devices. This enrollment method requires a provisioning package which can be created using Windows Configuration Designer.
Google Chrome is the most popular and widely-used desktop web browser. As of May 2022, Google’s Chrome is the leading internet browser in the world with a global market share of 64.91%. Hence Google Chrome deployment and management is a must for almost all organizations.
The Chrome browser for the enterprise, sometimes referred to as Chrome Enterprise, is the same Chrome browser used by consumers. The difference is in how the browser is deployed and managed. Chrome Enterprise offers extra deployment and management features that cater to the sector’s increased needs for control and security.
Win32 apps provide us greater control over the deployment of application. We can deploy 32 bit and 64 bit application through Microsoft Intune Win32 apps. The Win32 apps support deployment of multiple files via IntuneWin wrapper / Intune WinAppUtil (intuneWinAppUtil.exe). The IntuneWin Wrapper can be used to deploy multiple files such as MSI with transform (MST). The Win32 app also support the deployment of .EXE file by converting them to .intunewin format. IntuneWinAppUtil help you to prepare win32 app installation source for Microsoft Intune deployment.
Microsoft introduced Intune administrative templates for Google chrome settings with Microsoft Intune Service release 2203. We can now avoid complicated process of using custom OMA-URI settings and use Intune administrative …