Modern Device Management

If you have been following the messages in the message center in Microsoft 365 Admin portal, then you must have seen the recent message MC316144 for the retirement of IE set for June 15, 2022.  So what does this really mean? If you are still using IE11 in your organization, then all access attempts  made by the end users to the browser will get redirected to Microsoft Edge because IE11 desktop application will no longer be supported. Note: Windows 10 LTSC and Server not affected. As the first step, I will suggest to check the Browser usage report dashboard in Microsoft 365 Admin Portal . This can be accessed by navigating to Reports>Usage. The usage report will give you insight into how many users are still accessing legacy browsers. If you have a requirement for running sites in IE legacy mode and if you haven't already configured E nterprise IE mode , then you can head over to the my previous post  Configure the Enterprise Site List mode the modern way ...

Ever since Windows 10 was released as a service ie. WaaS (Windows as a Service), it changed the way Windows versions were going to be upgraded in the future. The release cadence may have changed a couple of times from the time first Windows 10 build came out, but the basic principle remains the same. That is to keep the builds up to date in order to ensure OS remains supported for monthly security and quality updates. Something that enterprises have to take very seriously in order to safeguard their environment and data from security attacks. Recently I worked on a project that involved upgrading Windows 10 OS version to 20H2 on devices encrypted by Symantec Encryption Desktop. Now, Microsoft security solutions like Defender, Bitlocker are natively compatible with newer Windows 10 OS versions and support In-place upgrades out of the box. However, with 3rd party security solutions, one will need to check for compatibility. This is where things get interesting. It took me some man hours ...

If you have CMG (Cloud Management Gateway) configured and have enabled MFA, then this blog post may just help you. I recently came across an issue involving Azure sign-in failures against CMG native\client app  under the name ConfigMgr-Client app in one of my customer's tenant. The failures created alerts in through Qradar (By IBM), a Security information and event management tool aka  SIEM.  On checking further, I could see the following sign-in failures. If you look closely, the Authentication requirement field shows Multi-factor Authentication , which must satisfy for successful sign-in. On checking the Conditional Access  tab, I can see which CA policy is failing.  The CA policy in question is Enforce MFA for Admins , which has been setup to enforce MFA for specific Directory roles across All Cloud Apps . If you think of it then the CA policy is doing what it is suppose to do, but since it is targeting all cloud apps, it is also taking  CMG cloud App...

I recently encountered an issue in a customer's envrionment where SQL Server Reporting service in ConfigMgr had broken down. On launching the Report Manager url and then running a report resulted in the following error. Similar errors were noticed when trying to run the reports from the ConfigMgr console. The error indicated that the issue is with the report service account credentials so that is where I started looking. It appears that the customer had updated the password of the report service account in AD, but the same was not updated in ConfigMgr. So the first thing I tried was to update the password and test the connection.  Well that was pretty easy. Atleast so I thought. The moment I clicked on Apply to commit the changes, I was presented with another error indicating an issue with the report server database. On checking further, I noticed entries in the SQL dump logs related to Transaction log being full due to SQL backup. library!ReportServer_0-1!5338!01/04/2022-23:16:38...