These are the steps that definitely fixed the issue for me:

Delete the computer from the WSUS console
On the affected client, stop the Windows Update service
On the affected client, rename the folder C:\Windows\SoftwareDistribution
Start the Windows Update service
Run the following command in and administrative prompt:

wuauclt /detectnow /reportnow /scannow /resetauthorization

After 15 minutes or so the client will reappear in the WSUS console and report correctly

 

I had a related issue with MDT deployed machines not detecting any updates.

I ran this script on the PC.

https://www.tenforums.com/tutorials/24742-reset-windows-update-windows-10-a.html

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Extract the ISO to a folder and run from the root folder

setup.exe /admin

to open this

Go through all the options especially above for the CD Key information and accepting License and Display Level None

Once this is done , Save this as an MSP file with any name in the UPDATES folder of the CD ( The installer runs all the MSP’s in here ) 

 

Next create a config.xml file in the same directory as setup.exe with the below config

<Configuration Product="PrjPror">
<!-- <Display Level="full" CompletionNotice="yes" SuppressModal="no" AcceptEula="no" /> -->
<!-- <Logging Type="standard" Path="%temp%" Template="Microsoft Office Project Professional Setup(*).txt" /> -->
<!-- <USERNAME Value="Customer" /> -->
<!-- <COMPANYNAME Value="MyCompany" /> -->
<!-- <INSTALLLOCATION Value="%programfiles%\Microsoft Office" /> -->
<!-- <LIS CACHEACTION="CacheOnly" /> -->
<!-- <LIS SOURCELIST="\\server1\share\Office;\\server2\share\Office" /> -->
<!-- <DistributionPoint Location="\\server\share\Office" /> -->
<!-- <OptionState Id="OptionID" State="absent" Children="force" /> -->
<!-- <Setting Id="SETUP_REBOOT" Value="IfNeeded" /> -->
<!-- <Command Path="%windir%\system32\msiexec.exe" Args="/i \\server\share\my.msi" QuietArg="/q" ChainPosition="after" Execute="install" /> -->
<Display Level="None" CompletionNotice="No" SuppressModal="No" AcceptEula="Yes" />
<Setting Id="SETUP_REBOOT" Value="Never" />
< /Configuration>

 

Next use IntuneWinAppUtil.exe to package the App Up

c:\TempPath\Intune-Win32-App-Packaging-Tool-master>IntuneWinAppUtil.exe
Please specify the source folder: “F:\Project2010\”
Please specify the setup file: setup.exe
Please specify the output folder: C:\TempPath\Project2010

 

Intune Settings

Install Command : setup.exe /config config.xml

Unintall Command : Setup.exe /uninstall 90140000-00B4-0409-0000-0000000FF1CE

Detection Rule  ( Check File ) : C:\Program Files (x86)\Microsoft Office\Office14\WINPROJ.EXE

VN:F [1.9.22_1171]
Rating: 10.0/10 (1 vote cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Seems one of the only ways to copy files to PC’s in Intune seems to be to create an MSI file to deploy them. However this can also be done using Windows app (Win32)

Copy.bat File

rem Copy Files
copy off.ini c:\Windows\System32\off.ini
copy BSPECIAL.DLL c:\Windows\System32\BSPECIAL.DLL
copy BSPECIAL.DLL c:\Windows\SysWOW64\BSPECIAL.DLL
rem Set Permissions
icacls "c:\Windows\System32\BSPECIAL.DLL" /grant Everyone:M
icacls "c:\Windows\SysWOW64\BSPECIAL.DLL" /grant Everyone:M

 

del.bat file

del c:\Windows\System32\off.ini
del c:\Windows\System32\BSPECIAL.DLL
del c:\Windows\SysWOW64\BSPECIAL.DLL

 

Next run the IntuneWinAppUtil.exe File

c:\TempPath\Intune-Win32-App-Packaging-Tool-master>IntuneWinAppUtil.exe
Please specify the source folder: F:\Config Files
Please specify the setup file: copy.bat
Please specify the output folder: C:\TempPath\BuildsoftAppps

Create a new Windows app (Win32) App in Intune , upload the copy.intunewin and use the commands below

Detection Rules

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Following on from this great article

The Powershell Script History and logs are stored in the following registry location

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IntuneManagementExtension\Policies

You will need to navigate to a subtree in their GUID

How do I get the GUID for my Intune Script?

Diagnosing Failures

A result was coming Failed with the below

��$ : The term '��$' is not recognized as the name of a cmdlet, function, script file, or operable program. 
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At C:\Program Files (x86)\Microsoft Intune Management
Extension\Policies\Scripts\ee7f18e5-b666-4c11-be72-9d5490a49e23_a39275a0-659c-45a9-9f1a-d312ae484eda.ps1:1 char:1
+ ��$

On running the scripts get copied here briefly then run and deleted : C:\Program Files (x86)\Microsoft Intune Management Extension\Policies\Scripts

You have to be fast but you can copy the .ps1 file to e.g. C:\Temp and check what the machine was getting , to resolve this issue I had to recopy the file into Powershell ISE and resave and upload.

 

How to Run the Scripts Manually

Change DownloadCountand ErrorCode to 0 and set Result and ResultDetails to nothing (empty string). After this we just restart the Microsoft Intune Management Extension Service (IntuneManagementExtension) and the script will rerun again on this device

 

Log Directory

C:\ProgramData\Microsoft\IntuneManagementExtension\Logs

 
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently had a user who when outside the office could not connect to 365. Per below her Outlook would just sit on “Trying to Connect”

 

They used OAuth for Outlook and 2fa which means when outside of a “trusted IP” the box should come up asking for the 2fa code , however this prompt was not coming up ever after restart (usually fixes a stuck Oauth box ) .

Fix

Go into credential manager and delete all the ADAL for the user , then restart Outlook

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Default MDT Rules

[Settings]
Priority=Default
Properties=MyCustomProperty

[Default]
OSInstall=Y
SkipCapture=NO
SkipAdminPassword=YES
SkipProductKey=YES
SkipComputerBackup=NO
SkipBitLocker=NO
EventService=http://%server%:9800

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

I had a segment a network recently into a few Vlans. This meant the new Vlan was on a different subnet to the WDS server so machines were not getting the PXE Traffic.

  1. Make sure the WDS is routable from the Vlan ( Create a route enable firewall) 
  2. Enable a second IP Helper Address with the WDS server. You might already have an IP Address if your DHCP server is on a different Subnet, but you can have multiple.

PXE does not come with a dedicated boot protocol. It is simply DHCP packets extended with additional DHCP options. It’s formerly known as the bootstrap protocol. If a PXE-enabled network card sends out an DHCP discover package, it will add DHCP option 60, which includes the string “PXEClient:Arch:xxxxx:UNDI:yyyzzz”. Then it waits for DHCP offers.

It will only respond if it gets a DHCP offer including option 60 which means: I am PXE capable and able to send out boot server and boot file information.

The DHCP offer can be splitted into two independent packages, coming from different servers. The DHCP server can send out the DHCP offer containing the clients IP address and the PXE server can send out the DHCP offer containing the option 60.

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently I had to tag some Access points to a new Vlan on a Cisco switch , the cisco support website is the worst readability so notes for future reference

Find the Port of the Access point by getting the Mac address then listing all the Macs on the switch via

show mac address-table

Tagging port

Ok next we change the port from an access port on the default Vlan ( 1 ) to a trunk to it can carry multiple Vlans in this case 1,5. Warning this will drop the network device for a few pings

conf t

int gi1/0/21

Switchport mode trunk
Switchport trunk allowed vlan 1,5 

If it doesn’t work you can always wipe the config via

default interface gi1/0/21

To untag a port on vlan 5

 switchport access vlan 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently during a scheduled power shutdown, Vmware Hosts were brought back up however no NFS Datastores were listed in Storeage. 

Enabling SSH and running 

esxcli storage nfs list

Listed no NFS Datastores either 

esxcli storage nfs add -H %IP-OF-SAN% -s /NFSNAME -v /NFSNAME 

brought up the Name was already in use. Removing and re-adding brought up an error that the IP of the NFS Share could not be access

esxcli storage nfs remove -v /NFSNAME 

Trying to Ping the Storage Server IP from the host did not reply a any pings

Login to the EMC and reboot the primary Storage Processor

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)