$appname = "Microsoft Edge"
((New-Object -Com Shell.Application).NameSpace('shell:::{4234d49b-0245-4df3-b780-3893943456e1}').Items() | ?{$_.Name -eq $appname}).Verbs() | ?{$_.Name.replace('&','') -match 'Unpin from taskbar'} | %{$_.DoIt(); $exec = $true}

• No Comments

Clicking on any website links in Outlook 2010 in Windows 10/2016 would cause this prompt to appear:

Ticking Always use this app doesn’t help as clicking on the link again causes the prompt to re-appear. After doing some digging, I initially thought it was due to this documented issue with Citrix and Microsoft Server 2016 – https://support.citrix.com/article/CTX228597

However after spending more time than I care to admit looking at the above, the fix was something completely unrelated to the above article. Implementing a few simple missing registry keys outlined in this article resolves the problem: https://support.microsoft.com/en-us/help/3094186

TLDR the below keys are missing from Windows 10 which are present in earlier versions of Windows, which is what causes this prompt to constantly re-appear. To address it, create the below two registry keys:

HKEY_CLASSES_ROOT\htmlfile\shell\opennew
HKEY_CLASSES_ROOT\htmlfile\shell\opennew\command

Modify the value of the (Default) registry setting:

Change value of (Default) to rundll32.exe url.dll,FileProtocolHandler %1 to open links in a new tab
Change value of (Default) to “C:\Program Files\Internet Explorer\IEXPLORE.EXE” %1 to open links in a new window

• No Comments

Add-PrinterDriver -Name "HP LaserJet 500 color MFP M570 PCL6 Class Driver"

add-printerport -name "HP500" -printerhostaddress "10.0.100.21"

add-printer -name "HP" -drivername "HP LaserJet 500 color MFP M570 PCL6 Class Driver" -port "HP500"

Set-PrintConfiguration -PrinterName "AAL-MEL-PR-01(HP)" -PaperSize A4 -Color $false -DuplexingMode TwoSidedLongEdge

 

Add-PrinterDriver -Name "Lexmark CX920 Series Class Driver"

add-printerport -name "Lexmark" -printerhostaddress "10.0.100.22"

add-printer -name "Lexmark" -drivername "Lexmark CX920 Series Class Driver" -port "Lexmark"

Set-PrintConfiguration -PrinterName "AAL-MEL-PR-02(Lexmark)" -PaperSize A4 -Color $false -DuplexingMode TwoSidedLongEdge

• No Comments

For a new deployment we needed for Outlook to show the Task’s ToDo List on the Outlook Home Screen

I couldn’t find this documented anywhere so I have to monitor the Outlook.exe during the change to find out what Registry Key it changed

Location

HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Preferences

Item : PinMail

Type : Dword

Value : 4

• No Comments

These are the steps that definitely fixed the issue for me:

Delete the computer from the WSUS console
On the affected client, stop the Windows Update service
On the affected client, rename the folder C:\Windows\SoftwareDistribution
Start the Windows Update service
Run the following command in and administrative prompt:

wuauclt /detectnow /reportnow /scannow /resetauthorization

After 15 minutes or so the client will reappear in the WSUS console and report correctly

I had a related issue with MDT deployed machines not detecting any updates.

I ran this script on the PC.

https://www.tenforums.com/tutorials/24742-reset-windows-update-windows-10-a.html

• No Comments

Extract the ISO to a folder and run from the root folder

setup.exe /admin

to open this

Go through all the options especially above for the CD Key information and accepting License and Display Level None

Once this is done , Save this as an MSP file with any name in the UPDATES folder of the CD ( The installer runs all the MSP’s in here ) 

Next create a config.xml file in the same directory as setup.exe with the below config

<Configuration Product="PrjPror">
<!-- <Display Level="full" CompletionNotice="yes" SuppressModal="no" AcceptEula="no" /> -->
<!-- <Logging Type="standard" Path="%temp%" Template="Microsoft Office Project Professional Setup(*).txt" /> -->
<!-- <USERNAME Value="Customer" /> -->
<!-- <COMPANYNAME Value="MyCompany" /> -->
<!-- <INSTALLLOCATION Value="%programfiles%\Microsoft Office" /> -->
<!-- <LIS CACHEACTION="CacheOnly" /> -->
<!-- <LIS SOURCELIST="\\server1\share\Office;\\server2\share\Office" /> -->
<!-- <DistributionPoint Location="\\server\share\Office" /> -->
<!-- <OptionState Id="OptionID" State="absent" Children="force" /> -->
<!-- <Setting Id="SETUP_REBOOT" Value="IfNeeded" /> -->
<!-- <Command Path="%windir%\system32\msiexec.exe" Args="/i \\server\share\my.msi" QuietArg="/q" ChainPosition="after" Execute="install" /> -->
<Display Level="None" CompletionNotice="No" SuppressModal="No" AcceptEula="Yes" />
<Setting Id="SETUP_REBOOT" Value="Never" />
< /Configuration>

Next use IntuneWinAppUtil.exe to package the App Up

c:\TempPath\Intune-Win32-App-Packaging-Tool-master>IntuneWinAppUtil.exe
Please specify the source folder: “F:\Project2010\”
Please specify the setup file: setup.exe
Please specify the output folder: C:\TempPath\Project2010

Intune Settings

Install Command : setup.exe /config config.xml

Unintall Command : Setup.exe /uninstall 90140000-00B4-0409-0000-0000000FF1CE

Detection Rule  ( Check File ) : C:\Program Files (x86)\Microsoft Office\Office14\WINPROJ.EXE

• No Comments

Seems one of the only ways to copy files to PC’s in Intune seems to be to create an MSI file to deploy them. However this can also be done using Windows app (Win32)

Copy.bat File

rem Copy Files
copy off.ini c:\Windows\System32\off.ini
copy BSPECIAL.DLL c:\Windows\System32\BSPECIAL.DLL
copy BSPECIAL.DLL c:\Windows\SysWOW64\BSPECIAL.DLL
rem Set Permissions
icacls "c:\Windows\System32\BSPECIAL.DLL" /grant Everyone:M
icacls "c:\Windows\SysWOW64\BSPECIAL.DLL" /grant Everyone:M

del.bat file

del c:\Windows\System32\off.ini
del c:\Windows\System32\BSPECIAL.DLL
del c:\Windows\SysWOW64\BSPECIAL.DLL

Next run the IntuneWinAppUtil.exe File

c:\TempPath\Intune-Win32-App-Packaging-Tool-master>IntuneWinAppUtil.exe
Please specify the source folder: F:\Config Files
Please specify the setup file: copy.bat
Please specify the output folder: C:\TempPath\BuildsoftAppps

Create a new Windows app (Win32) App in Intune , upload the copy.intunewin and use the commands below

Detection Rules

• No Comments

Following on from this great article

The Powershell Script History and logs are stored in the following registry location

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IntuneManagementExtension\Policies

You will need to navigate to a subtree in their GUID

How do I get the GUID for my Intune Script?

Diagnosing Failures

A result was coming Failed with the below

��$ : The term '��$' is not recognized as the name of a cmdlet, function, script file, or operable program. 
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At C:\Program Files (x86)\Microsoft Intune Management 
Extension\Policies\Scripts\ee7f18e5-b666-4c11-be72-9d5490a49e23_a39275a0-659c-45a9-9f1a-d312ae484eda.ps1:1 char:1
+ ��$

On running the scripts get copied here briefly then run and deleted : C:\Program Files (x86)\Microsoft Intune Management Extension\Policies\Scripts

You have to be fast but you can copy the .ps1 file to e.g. C:\Temp and check what the machine was getting , to resolve this issue I had to recopy the file into Powershell ISE and resave and upload.

How to Run the Scripts Manually

Change DownloadCountand ErrorCode to 0 and set Result and ResultDetails to nothing (empty string). After this we just restart the Microsoft Intune Management Extension Service (IntuneManagementExtension) and the script will rerun again on this device

Log Directory

C:\ProgramData\Microsoft\IntuneManagementExtension\Logs

• No Comments

Recently had a user who when outside the office could not connect to 365. Per below her Outlook would just sit on “Trying to Connect”

They used OAuth for Outlook and 2fa which means when outside of a “trusted IP” the box should come up asking for the 2fa code , however this prompt was not coming up ever after restart (usually fixes a stuck Oauth box ) .

Fix

Go into credential manager and delete all the ADAL for the user , then restart Outlook

• No Comments

[Settings]
Priority=Default
Properties=MyCustomProperty

[Default]
OSInstall=Y
SkipCapture=NO
SkipAdminPassword=YES
SkipProductKey=YES
SkipComputerBackup=NO
SkipBitLocker=NO
EventService=http://%server%:9800

• No Comments