modernEndpoint
  • managed.
  • collaborative.
  • a modern mission.
  • managed.
  • collaborative.
  • a modern mission.

managed.

Microsoft Endpoint Manager - Intune - Conditional Access

Managing Language Packs in an MEMCM Task Sequence with UI++ and Unattend.xml

1/28/2020

2 Comments

 

The Challenge


I was recently asked to create a simple process to change the primary language of Windows 10 during OS Deployment. Due to regional expectations we also had to be able to select a different keyboard layout based on user preferences. One of the challenges we face is that we have support personnel in different regions, but not in all offices. Our remote offices did not have a centralized imaging solution, which meant that we needed to provide a solution and streamline the process.

My goal was to provide a solution that would be easy to understand, simple to execute, and easy to maintain across different regions. My personal preference is a simple task sequence that minimizes the number of conditional steps needed to execute.

In this case I wanted to provide our technicians with a clean user interface. I wanted to avoid using DISM to inject languages during the task sequence, which in turn prevents me from having to manage additional content used in the task sequence. The task sequence should be lite-touch, prompting for basic information like site code, form factor, language settings, and additional applications.

Microsoft Endpoint Manager 1910 added support for language settings to the “Apply Windows Settings” step. This would be a great solution if you have a small number of configurations to support, but in an environment with a multitude of possibilities it could be difficult to manage. I will cover using these settings in a future blog post as I think they are an excellent addition to Configuration Manager, they just don’t meet my needs for this project.

Most of the other documentation that I found required integration of MDT with SCCM. The posts that did not use integrated MDT used some elements of MDT or other scripts to set these values. I considered that option but wanted to see if I could get by without the additional steps.
When I saw that language support had been added to the task sequence I decided to test whether or not I could set the language settings without the use of a script. This may have worked prior to version 1910, but I have not tested it. I suspect that this functionality is a direct result of the settings being added to the task sequence directly.

After looking at different possible solutions I determined that the best way to create a technician-facing UI was UI++ by Jason Sandys of ConfigMgrFTW. UI++ gives me the ability to create a simple UI that can be easily customized and ported to other locations. I can use one deployment package for all my locations and point to a different XML file based on the region.
​

Read More
2 Comments

Welcome to the Community: Build Your Network to Combat Impostor Syndrome

1/22/2020

0 Comments

 
This is the final blog post in my series on battling Impostor Syndrome among IT Pros. It has been an enlightening journey. You can start the series here:

​Do I belong at this table?
Full disclosure: I had written a post that I thought articulated my final point on Impostor Syndrome well. It was a rough draft, so it was subject to change – but I was confident enough to share it with Don Jones. I was hoping he would have a small insight to help drive my point home, instead he pulled out several points and gave me a different perspective. This post is similar, but far different from my original post. 

 "That’s the real crux of impostor syndrome: we tend to compare ourselves to our heroes, and unless we mentally  'measure up,' we deem ourselves  'unworthy.' It’s a no-win scenario, because we never think about what someone else might admire in ourselves. Breaking impostor syndrome is, in a small way, about being less selfish: don’t worry about what you think of you. Your value as a professional  cannot be set by yourself; it can only be set by someone you’ve provided value to.” – Don Jones 

When I started writing this post, I was trying to sum up the one thing that has helped me to get over my own Impostor Syndrome. Throughout the last several years I have developed a love for Microsoft Endpoint Manager. Microsoft’s Enterprise Mobility and Security suite has brought me joy – I love the tools that are available to us. Microsoft has provided a suite of tools that allow us to empower end users and drive organizational change. Business is being revolutionized, and the tools that we manage are pivotal in changing the way our organizations do business. This is exciting to me. This drives me. This is my passion.  
​

The original premise was that my passion is the reason I had a spot at the table – but Don pushed back on that premise. Passion is an overused word. I knew that when I was writing the first draft, but I believed that I could drive my point home despite that. He asked me, “Is it excitement? Joy? Does it create a sense of internal fulfillment? Is it something that’s worked so well for you, you want to share it with others?” His questions were all valid – and his concerns mirrored my own feelings about the original post. It felt forced and watered down – I just couldn’t figure out why. 

Read More
0 Comments

Soft Skills are the New Tech Skills: Building a Skill Set to Excel in the Modern Workplace

1/18/2020

1 Comment

 
This is my latest post on the challenges faced by IT pros in the Modern Workplace, where I examine how changes in technology and business impact Modern Endpoint Managers and other technical professionals. The first post in the series can be found here.
A Modern Workplace requires empowered modern administrators for products like Microsoft Endpoint Manager.

​“Hello … IT. Have you tried turning it off and on again?” Roy and Maurice from the IT Crowd earned a special place in pop culture as the nerdy but lovable IT duo who personified a stereotype in the early 2000s.

It wasn’t that long ago that the information technology field, particularly systems engineering and administration, were dominated by the Roys and Maurices of the world. We never would have expected that Cosmo would run a column titled, “FYI, there are some pretty cool IT jobs out there.” Jobs that were once stereotyped as being the realm of unkempt, socially awkward guys working in dark, cluttered offices are now in-demand and sought after.

In the article, “How the IT Guy Became the ‘It Guy’: The Evolving Portrayal of Tech Professionals in Movies and Television,” Christina Wang discusses the changing image of IT pros in pop culture. She tracks the changing image from Dennis Nedry in Jurassic Park, to Roy and Maurice, and finally to Felicity Smoak in Arrow. In a lot of ways, this evolution mirrors reality. In the mid-90s the typical systems admin was expected to be a jack-of-all-trades with deep technical skills. IT teams were leaner, so deeply technical admins were regularly called upon for end user support – which led to confrontation and the stereotype of the IT guy as impatient and aloof, talking down to end users.

Roy and Maurice marked the first major evolution in the changing face of the IT pro. Throughout the series of the IT Crowd, we saw them being called to the president’s office and interacting with end users. They were looked at as advisors – not just technical assets. Roy was still a bit impatient with end users, but he worked to understand their needs and requirements. Maurice tried hard to fit in, even if he really didn’t understand the pop culture topics of the day. This first evolution tracked closely with the advent of Windows Server. Systems administration became more accessible to more people. While sysadmins were still expected to have deep technical skills, they could specialize more in different areas. End users became more knowledgeable, but many still had to call support frequently as the technology was not as stable nor easily accessible.

Read More
1 Comment

Change Your Mind: Addressing Impostor Syndrome

1/14/2020

0 Comments

 
This is part 4 in a 5-part series on Impostor Syndrome among IT Pros. You can find the rest of the series here:
​
Do I belong at this table?
I hope they don't notice: Why We Experience Impostor Syndrome 
From the Help Desk to the Board Room: Defeating Self-Doubt
“What people want is to walk into the room feeling like an impostor and to walk out of the room not feeling like an impostor. 

That’s not how it works. In fact, feelings are the last to change. 


So now, before I even get to the solutions, I make sure my audience understands that people who don’t feel like impostors are no more intelligent or capable than the rest of us. … The only way to stop feeling like an impostor, is to stop thinking like an impostor.” – Dr. Valerie Young, 10 Steps You can Use to Overcome Impostor Syndrome

The last line of this excerpt from Dr. Young is arguably the most important piece of advice you can offer to someone who is fighting with Impostor Syndrome. The problem is that while it’s important, it’s not very actionable. It’s hard to quantify what helps someone overcome how they feel. There is no way we could come up with a set list of actions that would cure Impostor Syndrome in the general population. If we could, Dr. Young wouldn’t have to give seminars, I wouldn’t have a reason to write this blog series, and countless others would never have spoken up. I can’t give you a formula to change your inner dialogue or silence the doubt. 

So, what can I offer you? I can tell you what helps me. As an IT Pro who is writing a blog targeted at my peers, I believe that what works for me is likely to work for others. There are a couple housekeeping items that I want to get out of the way first: 

First (and most importantly) – Impostor Syndrome shares a lot of traits with depression. If you feel like you are experiencing deeper feelings of anxiety and low self-esteem, I would strongly encourage you to talk with a professional about how you feel. I’m not a doctor, have never played one on TV, and can’t even remember the last time I stayed in a Holiday Inn Express. In the past there has been a lot of stigma surrounding mental illness, but that has changed. If you need help, seek help. ​

Read More
0 Comments

Building Better Conditional Access Policies with the What If tool

1/11/2020

1 Comment

 
Have you ever deployed a Conditional Access policy, only to later discover that users had found a way to circumvent it? It is surprising to discover that someone found a way around your carefully designed and tested policy.

Setting up Conditional Access policies can get confusing. If you don’t plan your policies carefully, you may end up with holes that you didn’t expect. Most of us start by thinking about the scenarios we want to allow. The problem with this approach is that if you only think about what you want to allow you may forget to block scenarios you don’t approve. Without a policy in place to block unapproved scenarios, a malicious actor can exploit those scenarios by simply providing a user’s compromised credentials.

For example, consider this scenario: You are asked to create a policy that will allow a user to access their email on an iPhone. You will allow a user to use the native mail application with ActiveSync or Outlook if the application is protected by a Mobile Application Management policy. The policy you create is applied to the user, targeted to Exchange Online, and applies to ActiveSync and Modern Authentication clients. Controls are set to grant access if the device is compliant or if a MAM policy is applied.
​
When you test the policy and the device is not registered you are blocked from accessing the application in the ActiveSync client. The Outlook application prompts you to install the Azure Authenticator to access the application. Once the Authenticator app is installed or it is enrolled the user can access their mail in the targeted applications. This policy works as designed; users must meet one of the controls in the policy to use their email as intended. You may consider the policy successful and move it into production. However, there’s just one problem…

Read More
1 Comment

From the Help Desk to the Board Room: Defeating Self Doubt

1/7/2020

0 Comments

 
This is the third post in a planned five-part series on Impostor Series among IT Pros. Previous posts can be found here:

Do I belong at this table?
I Hope they don't find out
"For the first exercise Dr. Gervais asked us if we were interested in having an extraordinary individual experience. We all nodded yes. Then he moved on and asked for a volunteer to stand up. Only no one did … But Dr. Gervais was curious: Why wouldn't everyone jump up? Wasn't this a high performing group? Didn't every just say they wanted to do something extraordinary? … The answers were hard to pull out even though they were just beneath the surface. Fear of being ridiculed; of failing; of not looking like the smartest person in the room …" - Satya Nadella, Hit Refresh, Chapter 1

In the first chapter of Hit Refresh, Satya recounts an early team building exercise with his senior leadership team. He had recently been named the CEO of Microsoft. The senior leadership team was made up of some of the most experienced professionals in our industry. They are all well-known and well-respected leaders whose careers have been nothing short of extraordinary. They were given the opportunity to do something else extraordinary, but none of them volunteered. In the book Satya described the awkward silence, shoe-gazing, and unsure smiles the team exchanged. Eventually the silence was broken when Amy Hood, Microsoft’s CFO, volunteered.
 
Most of us can identify with this situation. Self-consciousness and doubt can be paralyzing. How many times have you not answered a question even though you were confident you knew the answer? Have you avoided volunteering for a demonstration, even though you wanted to take part? 


Read More
0 Comments

Empower End Users by Understanding Their Needs

1/3/2020

0 Comments

 
This is the second post in a series on the principles behind the Modern Workplace. 
​
​The first can be found here:
It's not you, It's me
​
“Change for the sake of change is frivolous. It must be avoided. I know what users want because I’ve been doing this for so long, I know what works!” For a guy who has loudly told the world that he has never read Harry Potter, my (former) coworker sure did an amazing Dolores Umbridge impersonation.

We are caught in a cultural tug-of-war in our technology departments. On one side we have legacy SysAdmins who believe that IT knows what’s best for our users. The other end is anchored by the Modern Workplace evangelists who preach a gospel of agility, data-driven decision making, and user empowerment. End users are caught in the middle, often to the detriment of our organizations.

Brad Anderson touched on this in his blog post announcing Modern Endpoint Manager. He cites a study by Enterprise Strategy Group that shows certain trends amongst end users. The study demonstrates the importance of moving towards modern endpoint solutions. 

Read More
0 Comments

    Author

    My name is Sean Bulger. I am an IT Pro that has worked in the Modern Endpoint Management work space since 2015. I have worked in various environment, ranging from mature enterprise all the way down to a fledgling IT organization looking to find their way in a cloud first world. Before rejoining the technology field in 2014 I had a wide range of careers - from plumber to paramedic - that have helped to shape my perspective on the world. 

    I have developed a passion for endpoint management and believe that we as systems administrators and engineers can be catalysts for change in the modern workplace. 

    Archives

    February 2020
    January 2020
    December 2019

    Categories

    All
    Conditional Access
    ConfigMgr
    Impostor Syndrome
    Intune
    MEMPowered
    Microsoft Endpoint Manager
    Modern Workplace

    RSS Feed

Proudly powered by Weebly