SCCM – Create a device collection for Core server

There is a lot of resources available on Internet to create System Center Configuration Manager device collection based on the operating system but none are helpful to create a device collection to identify all Windows Core servers, especially Windows Server 2016 Core as there is no more switching between Core and UI. So after digging around I found this MSDN resource which explains how to identify a core server (https://msdn.microsoft.com/en-us/library/hh846315(v=vs.85).aspx).…

Read More

Windows Server 2016 – First Windows Server Insider build available

After announcing last June that Windows Server 2016 will also have his own Insider program and builds, Microsoft has released the first Windows Insider build (build 16237). As for Windows 10, Preview builds are not aimed to be production ready, so you may expect some glitch. To start running your own Windows Server preview you need first to register to the Windows Insider for Business program here or to the…

Read More

ADFS 4 – Enable device authentication method

With ADFS 4, you can easily enable device authentication as authentication method. This authentication method was already available in ADFS 3 but only as additional authentication method; with ADFS 4 this becomes also available as primary authentication method.   Upgrade Active Directory Federation schema This step is required if already have deployed a previous version of ADFS within your Active Directory and/or if your are not yet running Active Directory…

Read More

ADFS 4 – Enable Azure MFA as authentication method and/or multi factor authentication for ADFS

One of the improvements with ADFS 4 (on Windows Server 2016) is the integration of Azure MFA as multi factor authentication method as well as primary authentication method; you can still use the certificate based or the Azure MFA Server (see http://blog.hametbenoit.info/Lists/Posts/Post.aspx?ID=618) for the multi factor methods. If you want to enable Azure MFA with ADFS 4, you need to follow these steps: generate a certificate for your Azure MFA…

Read More

Windows Server 2016 – ADFS 4 idpinitiatedsignon is disabled by default

As you may know, a quick way to test your ADFS deployment is to access the idpinitiatedsignon sign page. As usual, I tried it after deploying my new ADFS 4.0 server and… got this error message The resource you are trying to access is not available. Contact your administrator for more information.   And the following event is logged Log Name:      AD FS/Admin Source:        AD FS Date:          2/10/2016 7:22:24 AM…

Read More

Windows Server 2016 – ADFS 4.0 now support certificate authentication on port 443

You may already know that ADFS 3.0 (on Windows Server 2012 R2) already supports certificate authentication BUT using a different communication port than 443 (in fact 49443). With ADFS 4.0 (on Windows Server 2016), the certificate authentication can now use the 443 communication port, making thing easier to implement multi factor authentication using user certificate. To be take advantage of this new capability, you need to update your ADFS certificate…

Read More

Windows 10 – BitLocker Recovery Key for Azure AD Joined devices

This procedure applies only for Windows 10 devices which have been configured as Azure AD Joined. From time to time, you may need to access advanced recovery options for your Windows 10 device but these options may failed to work because you are using BitLocker to encrypt your drive. You may already know the procedure to recover BitLocker keys when using your Microsoft Account or when your device is an…

Read More

System Center Configuration Manager – Integrate your Windows Store for Business

The latest update for System Center Configuration Manager 2012 R2 (build 5.00.8412.1000 – released on August 2nd, 2016) has added the ability to integrate your Corporate Windows Store into SCCM. The ability to deploy Universal Apps using SCCM has been introduced some time ago but you were obliged to use the Offline Licensing and create an application in SCCM prior to the deployment. Your client device must run Windows 10…

Read More

Windows 10 – Windows Store for Business

As you know, since Windows 8.x Microsoft has introduced the App Store, which is mainly used with your Microsoft Account. It has been fairly complicated so far to have an efficient way for enterprises to be able to manage their own App Store. This now possible and quite frankly, it is not so bad Create and Configure your Corporate App Store First thing is you need to login to https://businessstore.microsoft.com…

Read More

Microsoft Azure – Enterprise State Roaming in public preview

As you may already know, since Windows 8.x, user settings can synch to OneDrive (consumer) allowing end-users to sync their settings and universal apps data across different devices when they logon with their Microsoft account. Now, this settings is also available in public preview for enterprise users using Windows 10 (at least build 10586) and Azure Active Directory Premium. The devices must be either AD domain joined with automatic registration…

Read More

Windows Mobile – A new build of the Windows Mobile 10 is now available

A new build (10.0.10586.29) of Windows Mobile 10 has been released and is now available through Windows Update As part of the improvements: You will see additional improvements in upgrade experience, including devices with limited free space, map rendering on update, and RCS enabled device settings. Improved application backwards compatibility for Windows Phone 8.1 Silverlight applications. Edge performance and stability has been improved. Auto-completion has been updated to allow user…

Read More

Windows 10 – Black Screen on startup Part 2

Some days ago, I made a post about getting black screen on startup with Windows 10 and I was saying I may have found this was due to the Graphics Tools feature (see http://blog.hametbenoit.info/Lists/Posts/Post.aspx?ID=722) Today, I made new discovery. In fact, it seems it has nothing to do with the Windows features but with the Azure AD Domain Joined and Bitlocker. Indeed, after posting my first post I have been…

Read More

Windows 10 – Black screen after starting

UPDATE – September 24th – see http://blog.hametbenoit.info/Lists/Posts/Post.aspx?ID=729 Since last September 11th, I have been running into a major issue with Windows 10. No matter what, always got black screen after startup. I tried all recovery methods – including what was found on the internet and which was mostly related to the preview builds. The only solution was a factory reset but after the first 2 updates, the black screen comes…

Read More