Zero-Touch BitLocker with PowerShell

Context

The majority of IT engineers and architects traverse various forms of security on a daily basis ranging from our complex alphanumeric corporate logon passwords to the increasingly common MFA prompts on our mobiles. You could say that we have become experts in navigating modern security measures required to stay protected. But perhaps you’re not familiar in planning and rolling out that same security, at scale, to your organisation’s Windows laptops in the form of disk encryption.[Keep reading] “Zero-Touch BitLocker with PowerShell”

SCCM 2012 R2 membership rules for mobile devices associated through InTune

Originally posted on Lucian’s blog at lucian.blog.


Microsoft System Centre Configuration Manger (SCCM) 2012 R2 when extended with Microsoft InTune is a powerful EMS or MDM platform. I’ve recently implemented an integration between System Centre 2012 R2 on-prem with InTune Cloud to allow for a hybrid EMS solution at a client.

To allow for a seamless user registration or provisioning process though the Company Portal app, devices should auto enroll with the appropriate device collection which automatically then applies policies to the mobile or external device.… [Keep reading] “SCCM 2012 R2 membership rules for mobile devices associated through InTune”

Azure VM Security using Azure VM Security Extensions, ConfigMgr and SCM Part 2

This post is part of the series. Part 1 can be found here. As I mentioned on previous post, this post to wrap up my session at TechEd Sydney 2014 DCI315 Azure VM Security ad Compliance Management with Configuration Manager and SCM.

Let’s jump to our next focus:

Patch Azure VM

ConfigMgr  is long famous for its capability for patch management. Three points on how the patch management lifecycle is running with ConfigMgr 2012 R2 for our Azure VMs:

  • Scan and Measure
    Scan&Measure
  • Remediate Non-Compliant – Patch the non-compliant
  • Reporting
    reportdefinition

Patch is straight forward and utilize ADR (Automatic Deployment Rules) to set schedule update/patch.… [Keep reading] “Azure VM Security using Azure VM Security Extensions, ConfigMgr and SCM Part 2”

PowerShell Detection Method for SCCM 2012 Application Compliance management

Microsoft System Center Configuration Manager (SCCM) 2012 has a very powerful Application Detection and Delivery model, separate from the existing ‘package and program delivery model’ of previous versions of SCCM & SMS.

The power of this new model is not having to ‘daisy chain’ packages and executables together to achieve a desired outcome.  Using SCCM’s Detection Model reduces the burden in managing a Windows client base in terms of keeping its baseline configuration the same across every client in the Organisation.… [Keep reading] “PowerShell Detection Method for SCCM 2012 Application Compliance management”