Enabling/Disabling Fast Startup and Hibernation

Enable Hibernation: powercfg -h on

Enable Fast Startup: REG ADD “HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power” /V HiberbootEnabled /T REG_dWORD /D 1 /F

Disable Hibernation: powercfg -h off

Disable Fast Startup: REG ADD “HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power” /V HiberbootEnabled /T REG_dWORD /D 0 /F

Microsoft Intune was not able to retrieve all the data

Microsoft Intune is setup and you are browsing through the Admin section. You notice the below message on a number of pages:

Microsoft Intune was not able to retrieve all the data

You save and review the log file. The second line reads:

Error occurred while retrieving JWT token, check that current user has an Intune license and try again.


You need to assign a Intune A Direct license through the Office365 Admin Center. Ensure you have appropriate Administrative permission in Office 365.



Enable BitLocker on Azure AD Joined windows 10 Device

Windows 10 devices will automatically encrypt the local drive when joining to Azure Active Directory (AAD). The device must be InstantGo capable.

InstantGo (formerly known as Connected Standby) is a very low power state that some devices support. It’s very like your mobile phone, it’s almost switched off but still can receive text messages, e-mails and switch to a different power state when receiving phone calls.

How do you check this?

Open a command prompt, type powercfg /a

Devices that have InstantGo support will return “Network Connected”:


 Where do I find the recovery key?

Users can retrieve their recovery key by going to http://myapps.microsoft.com, select Devices and select the device for which they would like to get the recovery key:


Error Installing Intune Client – 0x80043010

So you have just joined your Windows 10 device to Azure AD with Azure AD Join and the device has auto enrolled into Microsoft Intune (MDM). We done.

Now you want to install the Intune Client to get all those Intune console features you seen and heard about.

Sorry, no go:

Device is registered to be managed by MDM service. Please unregister the device from MDM service before installing Microsoft Intune, 0x80043010

There are two different ways that Intune can manage a Windows 10 system:

  • Enroll it as “mobile device” using the MDM agent built into Windows 10. Use Policy configuration service provider (OMA-DM) Future technology.
  • Install the Intune client agent. All the cool configuration policies you see in the Intune console.

These are mutually exclusive though. Each has its pros and cons. The long term goal is for the built-in MDM agent to be the end-all be-all for managing Windows 10 and it does a good job today but it doesn’t cover everything like Defender management or software updates. The full Intune agent is generally preferred today because it does provide these things but it depends upon your scenario.

MDT 2013 – Windows 10 – KB2267602 Freeze during build

Had this issue during the building of a Windows 10 reference image using build 1607.

During the Windows Update Pre-Application Installation the build would stop and progress no further. The update was the Definition Update for Windows Defender – KB2267602 (Definition 1.63…)


Looking at the ZTIWIndowsUpdate.log the download did not start and the progress was at 0%.

I have included the update KB######### to allow the Windows 10 1607 build to communicate with the local WSUS server.

I have added the Definition Update to the exclusion list in the customsettings.ini property using WUMU_ExcludeKB as shown below:


After kicking off a new reference build the task sequence continued on with no issues.

Office 365 ProPlus – Configuration XML Editor

Here is the new Office Click-To-Run Configuration XML Editor. It make the configuration and deployment simple and easy.

Administrators can modify the Configuration.xml file to configure installation options for Click-to-Run for Office 365 products using this tool.

The Click-to-Run Configuration.xml file is a necessary component of the Office Deployment Tool. Click-to-Run customizations are performed primarily by starting the Office Deployment Tool and providing a custom Configuration.xml file. The Office Deployment Tool performs the tasks that are specified by using the optional properties in the configuration file.


Configuration Manager 2012 adding Custom Security Role – Importing Computers

Great post by John Vintzel (ExEDS GM Account) on adding a cust Security Role into Configuration Manager. By default there is no built-in security role (apart from Full Administrator) to import devices into CM.

Here are the steps required:

  1. Create XML file with the code at the bottom of the page
  2. Navigate to Administration > Security > Security Roles in the CM Console
  3. Select Import Security Role from the ribbon
  4. Browse to the XML, click OK
  5. You will now see a new custom security role ‘Computer Import Manager’

XML Code:

<SMS_Role CopiedFromID=”SMS00001″ RoleName=”Import Computer Role” RoleDescription=”Add this role to an administrative user. Associate this security role specifically with All Systems.”>
<Operation GrantedOperations=”129″ ObjectTypeID=”1″ />
<Operation GrantedOperations=”524289″ ObjectTypeID=”6″ />


Configuration Manager 2012 Version and Build Numbers

Configuration Manager 2012 version numbers, build numbers and cumulative updates since the SCCM 2012 RTM release.

Get the version number:

  1. Open the Configuration Manager console
  2. Browse to Administration, Site Configuration then Sites
  3. Right-click on the site and select Properties
  4. The site version and build number are shown
Release Version Build Download Link
SCCM 2012 RTM 5.00.7711.0000 7711 N/A
SCCM 2012 RTM – CU1 5.00.7711.0200 7711 KB2717295
SCCM 2012 RTM – CU2 5.00.7711.0301 7711 KB2780664
SCCM 2012 SP1 5.00.7804.1000 7804 N/A
SCCM 2012 SP1 – CU1 5.00.7804.1202 7804 KB2817245
SCCM 2012 SP1 – CU2 5.00.7804.1300 7804 KB2854009
SCCM 2012 SP1 – CU3 5.00.7804.1400 7804 KB2882125
SCCM 2012 SP1 – CU4 5.00.7804.1500 7804 KB2922875
SCCM 2012 SP1 – CU5 5.00.7804.1600 7804 KB2978017
SCCM 2012 R2 5.00.7958.1000 7958 N/A
SCCM 2012 R2 – CU1 5.00.7958.1203 7958 KB2938441
SCCM 2012 R2 – CU2 5.00.7958.1303 7958 KB2970177
SCCM 2012 R2 – CU3 5.00.7958.1401 7958 KB2994331
SCCM 2012 R2 – CU4 5.00.7958.1501 7958 KB3026739
SCCM 2012 R2 – CU5 5.00.7958.1604 7958 KB3054451
SCCM 2012 R2 SP1 5.00.8239.1000 8239 N/A
SCCM 2012 R2 SP1 – CU1 5.00.8239.1203 8239 KB3074857
SCCM 2012 R2 SP1 – CU2 5.00.8239.1301 8239 KB3100144
SCCM 2012 R2 SP1 – CU3 5.00.8239.1403 8239 KB3135680
SCCM 1511 5.00.8325.1000 8325 N/A
SCCM 1602 5.00.8355.1000 8355 N/A


Windows Preinstallation Environment Version and Associated OS Version

WinPE Windows Windows Version Notes
1.0 Windows XP 5.1.2600.x First version of WinPE.
1.1 Windows XP SP1 5.1.2600.x
1.2 Windows Server 2003 5.2.3790.x
1.5 Windows XP SP2 5.1.2600.x Windows PE 2004.
1.6 Windows Server 2003 SP1 5.2.3790.x Windows PE 2005.
2.0 Windows Vista 6.0.6000.x
2.1 Windows Server 2008 6.0.6001.x
2.2 Windows Server 2008 SP2 6.0.6002.x
3.0 Windows 7 6.1.7600.x Windows AIK 2.0.
3.1 Windows 7 SP1 6.1.7601.x Windows AIK Supplement for Windows 7 SP1.
4.0 Windows 8 6.2.9200.x Windows ADK (Windows Kits 8.0).
5.0 Windows 8.1 6.3.9300.x Windows ADK (Windows Kits 8.1).
5.1 Windows 8.1 Update 1 6.3.9600.x Windows ADK (Windows Kits 8.1 Update).
10.0 Windows 10 10.0.10240.16384 Windows ADK (Windows Kits 10.0)