anyweb

In Part 1 of this mini series we integrated Windows Intune with System Center 2012 R2 Configuration Manager. In Part 2 we added Support for iOS devices (Iphone, iPad). In Part 3 we learned the difference between App Package for iOS (*.ipa file) and applications from the Apple App Store. We learned how to deploy them to iOS devices and configured the deployment type so that the applications were made available to the user based on the iPhone or Ipad operating system version, in addition we also checked device Ownership information and deployed the application based on those requirements. In Part 4 we learned how to use and configure compliance settings in order to enable or disable certain configurable features on iOS devices. We enforced a Password requirement and enforced a minimum password length as this is a common requirement for organizations. In Part 5 we enabled support for Windows 8.1 devices (both Windows RT 8.1 and Windows 8.1 Enterprise) so that they could be managed via System Center 2012 R2 Configuration Manager integrated with Windows Intune. In Part 6 we deployed Windows 8.1 apps (appx) to Windows 8.1 devices. In Part 7 we looked at how to make Windows 8.1 store apps available in the Company Portal and how to make them featured apps with their own categories. Now we will add support for Android and learn how to deploy mobile device settings to Android devices. As security of company data is so important these days, being able to encrypt files on a device is a great asset, and we will use mobile device settings (Compliance Settings) to enable File encryption on these Android devices. Users can download the Android company portal app from Google's Android store (Google Play) and that allows them to enroll Android devices. With the Android company portal app, you can manage compliance settings, wipe or delete Android devices, deploy apps, and collect software and hardware inventory. If the Android company portal app is not installed on Android devices or if you are using Configuration Manager SP1, then you will not have all the management capabilities, such as inventory and compliance settings, but you can still deploy apps to Android devices. Step 1. Enable Android support In the System Center 2012 R2 Configuration Manager console, browse to Administration, expand Cloud Services and right click on the Windows Intune Subscriptions, select Properties like in the screenshot below Select the Android tab, and place a checkmark in Enable Android Enrollment like in the screenshot below click Apply, then ok, and that's it, you are done. Step 2. Create an All Android Devices Collection Create a new collection called All Android Devices liimited to All Mobile Devices, we will use this collection to house our Android devices and to target them with Android specific deployments. with a membership query for Android devices select SMS_R_System.ResourceId, SMS_R_System.ResourceType, SMS_R_System.Name, SMS_R_System.SMSUniqueIdentifier, SMS_R_System.ResourceDomainORWorkgroup, SMS_R_System.Client from SMS_R_System where SMS_R_System.OperatingSystemNameandVersion like "Android%" continue through to the end of the Create New Collection wizard. Step 3. Create a Configruation Item to configure mobile device settings for Android Next we will configure mobile device settings for Android. This is done in a few parts, first we create the configuration item containing the settings, next we add them to a configuration baseline, and finally we deploy the configuration baseline to our previously created All Android Devices collection. The following page on Technet explains the settings available for Android (for devices with the Android company portal app installed) and other mobile platform types, but to summarize the following 9 settings are currently available for the Android Platform (as of March 2014). In Assets and Compliance, select Configuration Items, right click on it and choose Create Configuration Item. Give it a suitable name such as Android Mobile Device File Encryption Settings and create a new category called "All Android - Enable file encryption" like in the screenshot below. As File encryption requires a passcode being set on the Android device, select Password and Encryption from the settings groups available For the Password screen, select a Minimum Password Length of at least 6 characters (6 characters containing at least one letter), like in the screenshot below, making sure to sure to set a checkmark in Remediate noncompliant settings otherwise the Password setting won't be forced For the setting, File Encryption on Mobile Device change the drop down menu to On, make sure to set a checkmark in Remediate noncompliant settings otherwise it won't Encrypt anything, Note: The Storage Card Encryption option is not currently available for Android so don't bother selecting it. In fact, the only option applicable to Android on this screen is File Encryption on Mobile device. For Supported Platforms de-select All, and only select Android as in the screenshot below If you did everything like I've shown above, then the Platform Availability screen will be blank, and that's ok, if you selected an additional option previous to this that was not compatible with the Android platform you'll see it here, if so click back and remove it, continue the wizard through to completion. Step 4. Create a Configuration Baseline Right click on Configuration Baselines and choose Create Configuration Baseline. A Configuration Baseline can contain one or more Configuration Items. give the baseline a useful name like All Android Mobile Device Management Baseline and click on Add, select the previously created Android Mobile Device Encryption Settings CI like in the screenshot below, and then select the All Android - Enable File Encryption category Step 5. Deploy the Configuration Baseline Now we are ready to deploy our mobile device settings for Android to a collection. In this example, we will deploy it to our previously created collection called All Android Devices. Note: You can deploy compliance settings for Mobile Devices to a user or device collection. If you deploy the baseline to a user collection, the compliance settings are applied to all the enrolled devices for those users. Right click on the All Android Mobile Device Management baseline configuration baseline created above and choose Deploy. select the option to Remediate and browse to the device collection called All Android Devices, select your desired compliance evaluation schedule, every 1 day is sufficient in a lab, perhaps every 7 days in production is better. Step 6. Enroll an Android Device On an Android 4.0, 4.1 or 4.2 device start up Google Play (Play Store) and search for Company Portal, you should see Windows Intune Company Portal listed, select it and choose Install click Accept to the App Permissions and click Open once installed, you'll be prompted to sign in using your organizational account, do so by clicking on Add this device enter your credentials and click on Sign In, it should say adding your device.... and after a delay you should be prompted to Active device administrator, click on Activate and then it continues adding your device, after which you'll be displayed with the Company Portal Step 7. Check the status of your Android devices in the console In the Configuration Manager console, check All Mobile devices, your Android devices should appear here first (once they have enrolled successfully) You should also check the All Android Devices collection next, if your device doesn't appear here yet try Update Membership After hardware inventory data has been uploaded you can start Resource Explorer and see what details it provides, including if the device is a Jailbroken or rooted device or not Lastly you can monitor the Deployment status of your Configuration Baseline by clicking on View Status to see how compliant your Android devices are for the deployed baseline. To view status, click on the Configuration Baseline, select Deployments, and right click on the deployment, then select View Status like in the screenshot below. Step 8. Verify the settings on an enrolled device Now everything is in place for your changes to take place, on a targeted Android you should see that notifications arrive for the two major changes we initiated namely Device Passcode File Encryption The following screenshot shows what the notification will look like on a Samsung Galaxy 4 when entering the new Password you'll be prompted to enter at least 6 characters and you'll be reminded that it must contain at least one number, exactly as we set in the Mobile Device Compliance Settings The File Encryption screenshots are shown below, when clicking on the Encrypt Device in the Android notification screen. Tip: Enforcing Compliance on the Android device requires user interaction. The user is prompted via notifications and the user must consent prior to the change taking place. Clicking on Encrypt Device will prompt for your password and one final screen before the encryption begins... Once it does begin the device will restart (a few times) while it encrypts the file system Once Encryption is complete you can verify the compliance of the device in the Console, by clicking on More Details That's it, Job done ! Thanks to my eldest son Christopher for lending me his Samsung for this guide. Recommended Reading CM12 in a Lab - How can I manage modern devices using System Center 2012 R2 Configuration Manager ? - Part 1 CM12 in a Lab - How can I manage modern devices using System Center 2012 R2 Configuration Manager ? - Part 2 CM12 in a Lab - How can I manage modern devices using System Center 2012 R2 Configuration Manager ? - Part 3 CM12 in a Lab - How can I manage modern devices using System Center 2012 R2 Configuration Manager ? - Part 4 CM12 in a Lab - How can I manage modern devices using System Center 2012 R2 Configuration Manager ? - Part 5 CM12 in a Lab - How can I manage modern devices using System Center 2012 R2 Configuration Manager ? - Part 6 CM12 in a Lab - How can I manage modern devices using System Center 2012 R2 Configuration Manager ? - Part 7 Summary Android devices are becoming common place in our workplaces and homes, from sophisticated phones to feature rich tablets, they are gaining market share rapidly. In this post we learned how to enable support for Android devices in System Center 2012 R2 Configuration Manager with Windows Intune integration. We also saw how to enroll those devices, and how to deploy Mobile Device Settings to control up to 9 different settings on these devices. We also looked at the Company Portal and in our next post we'll look in more detail at it's features and how to deploy Apps. Downloads For Offline reading you can download a Microsoft Word copy of this guide below. How can I manage modern devices using System Center 2012 R2 Configuration Manager Part 8.zip Continue on to Part 9.

welcome to the site Jake, good to see you here !

or just standardize on 64 bit

HTA=hypertext application, a web page basically, more info here

i'm not saying you can't mix two os's i'm just saying i wouldn't, it would involve more than just the os, as drivers are dependant on os also, not to mention things like .net35 features for Windows 8.x

I wouldne combine capture and deploy into the same ts and neither would i combine two different os's into one ts, however if you have different versions of one os (like a thin and fat image) then you could combine them into the one ts for simplicity and use variables in a HTA frontend to decide which image gets installed, works great for PXE but could be troublesome for Prestaged or standalone media

i'll fix the dup

did you have a valid ip or not ?

Microsoft is pushing forward with it's plans to gain presence and dominate in the mobile and cloud space with the following email from Satya Nadel which makes clear that the new mission statement is all about a mobile-first, cloud-first world with flagship products like Office 365 (for viewing and producing content) and Onedrive (for storing your content) being key components of that evolving landscape. After 22 years at Microsoft, Satya has commented that at the end of all exploring you arrive where you started and that Microsoft's customers want to know where the company is going, and the company is going mobile-first and cloud-first. With that some top leaders have left the company and others (Scott Guthrie, Phil Spencer and Stephen Elop once the Nokia deal goes through) have been promoted to top spots, this is a good thing as leadership change will hopefully refresh what we expect from Microsoft. As proof of the changing times, In the webcast we got a demo of Office 365 for the iPad, which is a great step forward for anyone who has tried to read Word documents on their iPad. In addition we get to see the unique touch features added to Powerpoint that you can use for the iPad such as highlighting or laser pointer, anyone with an iPad can download Office 365 for free and read and present content. If they want to edit or create content then they'll need to subscribe to Office 365. "Office 365 subscribers have the full experience on all their devices" That's the promise from Microsoft. And quite a statement it is too. Hopefully with that comment we will see similar releases for Android and other platforms or did they just mean iOS and Windows 8.x devices ? that remains to be seen. Windows Intune was mentioned as the Mobile Device Management platform along with a demo of the company portal for Android but noticeably missing was Office 365 for Android. This is a new area for Microsoft and I hope they take the bull by the horns and continue to deliver an Office suite that covers all major players and not just versions for iOS and Windows. With Android share increasing (and iOS share decreasing) what we also need to see from Microsoft is Office 365 for Android. That step would certaintly confirm Satya's vision above and cement Microsoft's place as a key player in the mobile and cloud space. You can see the entire webcast covering the above and more here cheers niall

and it's covered here, look at the 'install programs' section of Part 18 CM12 in a lab - Part 16. Integrating MDT 2012 RC1 with Configuration Manager 2012 CM12 in a lab - Part 17. Using MDT 2012 RC1 with Configuration Manager 2012 CM12 in a lab - Part 18. Deploying a UDI Client Task Sequence

your capture is failing because you have dns or network issues, look at the following lines repeated over and over.... verify you have a valid ip address when trying to capture (press f8, do ipconfig), if not, add the network drivers for your hardware to your boot wim and try again.

I would say that you need to go first to SP1, and then to R2 and finally CU1 which is a hotfix for R2, the following should help http://www.windows-noob.com/forums/index.php?/topic/7437-using-system-center-2012-configuration-manager-part-11-upgrading-the-hierarchy-to-service-pack-1 http://www.windows-noob.com/forums/index.php?/topic/8451-how-can-i-install-system-center-2012-r2-configuration-manager/ http://blogs.technet.com/b/configmgrteam/archive/2014/03/24/configuration-manager-servicing-update.aspx http://www.niallbrady.com/2014/03/31/system-center-2012-r2-cu1-hotfix-available/

I've added an update to explain the change and added info about OSDPreserveDriveLetter variable in Step 8a

so basically you are having issues with Windows on D: after build and capture ? that's a well known problem solved with Set OSDPreserveDriveLetter to False before the Apply Operating System step in your build and capture task sequence, this variable wasn't present until SP1 but i'll update the guide to reflect this. update: i've updated the original guide and added Step 8a. hope this helps.

start with this list and if you still have questions ask away ! http://www.windows-noob.com/forums/index.php?/topic/4045-system-center-2012-configuration-manager-guides/

sure thing, try it

which smsts.log are you looking at ? post it here

In Part 1 of this mini series we integrated Windows Intune with System Center 2012 R2 Configuration Manager. In Part 2 we added Support for iOS devices (Iphone, iPad). In Part 3 we learned the difference between App Package for iOS (*.ipa file) and applications from the Apple App Store. We learned how to deploy them to iOS devices and configured the deployment type so that the applications were made available to the user based on the iPhone or Ipad operating system version, in addition we also checked device Ownership information and deployed the application based on those requirements. In Part 4 we learned how to use and configure compliance settings in order to enable or disable certain configurable features on iOS devices. We enforced a Password requirement and enforced a minimum password length as this is a common requirement for organizations. In Part 5 we enabled support for Windows 8.1 devices (both Windows RT 8.1 and Windows 8.1 Enterprise) so that they could be managed via System Center 2012 R2 Configuration Manager integrated with Windows Intune. In Part 6 we deployed Windows 8.1 apps (appx) to Windows 8.1 devices. Now we will look at how to make Windows 8.1 store apps available in the Company Portal and how to make them featured apps with their own categories. Step 1. Enable Windows Remote Management on a device In order to add links to Windows 8.1 Store apps we need to be able to browse a Windows 8.1 device from the console using Windows Remote Management (WinRM) and that device should have the source Windows store app installed that you want to make a link available for in the Company Portal. The easiest way you can achieve this is by using a domain joined Windows 8.1 device and then enabling the Windows Remote Management service on that device by opening an Administrative command prompt and typing the following command:- WinRM quickconfig Answer yes to the questions provided as in the screenshot below. Next, add the user (for example, SMSadmin) you are running the CM12 console with to the administrators group on the remote machine like in the screenshot below Finally test the connection from your CM12 server to the remote machine by typing the following in a command prompt winrm id -remote:w81 the output should look like below, if it doesn't make sure you've run the steps above. Step 2. Add a link to a Windows Store app In the Configuration Manager 2012 R2 console, select Software Library, Application Management, Applications and expand our previously created folder structure, expand to Windows 8.1 Store and right click, choose Create Application in the Specify settings for this application screen choose Windows App Package (in the Windows Store) as per the screenshot below for Location click on Browse In the Browse Windows App Packages screen, enter the computer name of the computer you used in Step 1 above and click on Connect After some moments you should see a screen filled with the Windows App Packages installed on that remote computer , select the Application you want to make available in the Company Portal as a link to the Windows store and click Ok. In the example below I have selected an App called FastBall, it's a free Windows store game with excellent music. The select app appears in the location field, notice that it is greyed out and that ms-windows-store is the prefix to the app. click next to view the imported information now you can enter details to your liking or continue through the wizard by pressing next, next. Interestingly you can see that the detection method, requirement rules, and content options are automatically filled in by the wizard close the wizard Step 3. Make the Application a Featured App and categorize it Featured apps can be highlighted in the Company Portal to hopefully catch the attention of your users. In this guide, we will make this Windows Store App a featured app. To do so, right click on the application and choose Properties select the Application Catalog tab and place a checkmark in the checkbox beside Display this as a featured app and highlight it in the Company Portal In addition to making our app Featured, you might want to apply a category to it such as Windows Store Apps. To create a category, click on User Categories, then select Edit, then choose create to create a category click on Ok and Apply and Ok. Step 4. Deploy the App In order for your Windows Intune users to get the app via the Company Portal it needs to be deployed to a collection that they are in. Right click on the app and choose Deploy select a suitable collection such as Windows Intune Users As this is only a link to an app (for example like this -ms-windows-store:PDP?PFN=2580Creamative.FastBall2_dke22g8d7y0pr) there is no content to distribute, therefore the Content options are greyed out, continue through the rest of the wizard to completion. Step 5. Sign in to the Company Portal On a Windows 8.1 device that has been enrolled, login to the Company Portal by signing in. the Company Portal appears, if your featured app doesn't show up, try running mdmagent via a command prompt to speed up policy retrieval or you could wait a day or so for your Windows 8.1 device to refresh policy by itself, once it has the new policy it should look something like this click on Featured Apps to see what that looks like Click back and then click on Browse by Category to see how it was categorized, and you should see your Windows Store Apps category as per the screenshot below Step 6. Install the Windows Store App Start the installation process by clicking on the app itself notice the text View in Windows Store in the top left, click on that, that will open up a split screen, Company Portal on the Left, Windows Store on the right, and our Featured Windows Store app is listed, click on Install and it installs You'll probably want to verify that the app installed successfully by testing it, job done !, well nearly done, click on Play and tell me what you think of the music, cool isn't it ? Recommended Reading Planning to Deploy Windows 8 Apps in Configuration Manager - http://technet.microsoft.com/en-us/library/jj822984.aspx WinRM (Windows Remote Management) Troubleshooting - http://blogs.technet.com/b/jonjor/archive/2009/01/09/winrm-windows-remote-management-troubleshooting.aspx WinRM in mixed environments - http://www.thecodeking.co.uk/2011/02/winrm-with-mixed-domain-environments.html#.Uy9PhIUZNaQ Installation and Configuration for Windows Remote Management - http://msdn.microsoft.com/en-us/library/aa384372%28v=vs.85%29.aspx Summary In this guide we've learned how to deploy links to Windows Store apps to our modern mobile Windows 8.1 devices using Windows Intune Integration in Configuration Manager 2012 R2. In addition, we've learned how to make the app a featured app and how to categorize apps to make them easier to find. Downloads For Offline reading you can download a Microsoft Word copy of this guide below. How can I manage modern devices using System Center 2012 R2 Configuration Manager Part 7.zip Continue on to Part 8.

check where it's storing the boot image, more than likely it's placing it in the bdedrive partition which by default is approx 300mb, we have resized ours to between 1 and 2gb to get around this because refresh (reinstallation) scenarios where it has to disable bitlocker and reboot involve just this procedure, post your smsts.log and we'll take a look to confirm

also one from right here ;-) CM12 in a Lab - How can I install System Center 2012 R2 Configuration Manager ?

define your boundaries and boundary groups correctly and add dp's to the correct groups

and presumably you resta\rted the WDS service after making any changes ? what does your smspxe.log file tell you

ok, take a look at Jorgen's post here does it help ?

check if it actually has a valid IP Address before the capture as i see this in the log which usually translates to no ip address or network/dns issues.

try this