SCCM Technical Preview 1701 now available!

Microsoft System Center Technical Preview update 1701 is available now let’s see in brief all new features available with new SCCM 1701 version. Microsoft has come out with few exciting few in TP 1701 we will be discussing below. All the information about SCCM TP 1701 is available at official siteWhen we install version 1701 your console version will update to 5.00.8482.1000. Let’s discuss SCCM TP 1701 new features:

1) UEFI inventory data:  A new hardware inventory class SMS_Firmware and property UEFI is available to help collect hardware information before we set the UEFI property should be set to value as “True”.



2) Improvement to OSD: The maximum number of the application that can be installed in Install Application Task step increased from 9 to 99.

3) Device health attestation via Management Point:  A new advanced feature in Management point component properties. To configure on-device health attestation service URL, click on ADD button and provide URL.


4)Updated Content Library CleanUp Tool: Command line tool (ContentLibraryCleanUp executable file ) used to remove content which is orphaned from the distribution point.

5) Improvement in Boundary Group for SUP: Configure boundary group to associate one or more host that host a SUP.

6) Host software updates on cloud-based distribution points: This version support cloud-based distribution point to host software updates but with hosting DP on the cloud will introduce additional cost.


Microsoft Security Update Guide (Portal)

Microsoft brings up with Security Update Guide Portal which is something cool and super exciting as this portal will make Patch Admin life much easier. When Microsoft release Patch Tuesday Patch Admin will follow Microsoft Security Bulletins to find out what all updates are released from the security bulletins site, Microsft didn’t have a common dashboard or portal to filter and sort them down based on Operating System and product.

Microsoft Security Bulletins.png

Monthly Patch List admins will compile to filter down patches based on Operating System and product.But using Security Update Guide portal things has become simpler and easier. From new portal we can:

  • Sort and filter security vulnerability and update content, for example, by CVE, KB number, product, or release date.
  • Filter out products that don’t apply to you, and drill down to more detailed security update information for products that do.
  • Leverage a new RESTful API to obtain Microsoft security update information. This eliminates the need for you to employ outdated methods like screen-scraping of security bulletin web pages to assemble working databases of necessary and actionable information.



Security Bulletins will be published till January 2017, from next month onwards we can find all the security updates information on the  Security Updates Portal.


Microsoft Patch Tuesday Jan-2017

Microsoft has released security & non-security updates for client and server version of Windows Operating System. Microsoft has released 4 security updates for January 2017, two bulletins are rated critical. It’s a good start for Patch Admins as MS has released only 4 updates and so far we haven’t heard any noise and issue with below all these updates.

Microsoft also released Windows 10 CU KB3213986, KB3210720, and KB3210721.

Microsoft Patch Tuesday Security Updates:


1) MS17-001 Security Update for Microsoft Edge (3214288) 

This security update resolves a vulnerability in Microsoft Edge. This vulnerability could allow an elevation of privilege if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited this vulnerability could gain elevated permissions on the namespace directory of a vulnerable system and gain elevated privileges.

2) MS17-002 Security Update for Microsoft Office (3214291)

This security update resolves a vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

3)MS17-003 Security Update for Adobe Flash Player (3214628)

This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.

4) MS17-004 Security Update for Local Security Authority Subsystem Service (3216771)

A denial of service vulnerability exists in the way the Local Security Authority Subsystem Service (LSASS) handles authentication requests. An attacker who successfully exploited the vulnerability could cause a denial of service on the target system’s LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests.

Download Excel sheet : ms-patches-2017-001-004

List Servers, Workstations and Users using PowerShell and AD

I am writing a basic PowerShell script function to list all the servers, workstation and users list in your domain. It will be very helpful if your sysadmins ask you to find the count of the machines installed with specific OS version. Ex:  Windows Server 2008 R2.

1) I am writing a custom function to find servers list, the following function will list all the server name out of Active Directory. This could even be modified and fetch whatever property you have like.

Function Get-ServerList{
$Searcher=New-Object System.DirectoryServices.DirectorySearcher
$Searcher.PageSize = 1000

$Results | % {$}

# We will store the count of all the servers in a variable as
$ServerCount = (Get-ServerList).Count

#Will display the count of servers in your environment

#You can even export the list to an excel sheet as well
Get-ServerList >> C:\Server_List.xls

Note: You can even customize if you would like to find List of Servers specific to Windows Server 2008 R2, to achieve it we need to replace the value in function as below:

$Searcher.Filter=”(&(objectcategory=computer)(operatingSystem=*Windows Server 2008 R2*))”

2) Similarly, we can write a function to find the workstation list. Let’s extract the list of all the workstation with Windows 7.

Function Get-WorkStationList_ Windows_7{
$Searcher=New-Object System.DirectoryServices.DirectorySearcher
$Searcher.Filter=”(&(objectcategory=computer)(operatingSystem=*Windows 7*))”
$Searcher.PageSize = 1000

$Results | % {$}

# We will store the count of all the Windows 7 machine in a variable as
$WorkstationCount = (Get-WorkStationList_ Windows_7).Count

#Will display the count of Windows 7 in your environment

#You can even export the list to an excel sheet as well
Get-WorkStationList_ Windows_7 >> C:\WorkStation_Windows_7_List.xls

3) Finally, we can write a custom function to list all the users in your Active Directory.

Function Get-UserList{
$Searcher=New-Object System.DirectoryServices.DirectorySearcher
$Searcher.PageSize = 1000

$Results | % {$_.Properties.samaccountname}

# We will store the count of all the users in a variable
$UserCount = (Get-UserList).Count

#Will display the count of users in your environemnt

#You can even export the list to an excel sheet as well
Get-UserList >> c:\Users_List.xls

Microsoft TechRewards Program Closed

Today  January 6, Microsoft announced they will no longer continue with the TechRewards program officially which includes badges, Points, XP and gift cards.

In an email to the TechRewards Members, Microsoft states that:

As a valuable member of Microsoft TechRewards, we are notifying you of an important change to the program. Microsoft TechRewards will close on January 6, 2017. The program aimed to help Developers and IT Professionals learn, experiment, and build projects with Microsoft technologies. We believe other Microsoft Programs more closely associated with products and services can best support users in their technical journey.

The company already cautioned to all the TechRewards Members they won’t able to redeem any point accumulated in their account after the program shuts down.

Let me know your thoughts in the comment section below 🙂