anyweb

simply create one collection for each location and deploy whatever task sequences you want to each collection

interesting info, do you know what version the driver was (when crashing) and what prompted you to update it ?

why not just use capture media as described here ? CM12 in a Lab - How can I capture an image using Capture Media in Configuration Manager 2012 ?

you need to include the smsts.log file from your actual deployment, the error you quoted means as follows:- so you are trying to do something that is unsupported \ post the log and we'll take a look cheers niall

I havn't tried it that way, can you not create a simple example.com test lab and verify that?

in my example windowsintunenoob.com does match a public domain name with the same name even though it's just a lab

all i can recommend is you try another domain name, i'm not 100% sure it's the issue but i wanted to mention it at least, the log files don't really tell me enough to determine the source of the failure

"MDMServer2012R2.konfig.local" <----- that might be your problem ! I had to rebuild my lab and use a 'real' FQDN to get things flowing so for example, my working Windows Intune+ConfigMgr lab has CM12 server has an FQDN of CM12.windowsintunenoob.com, the non-working Windows Intune+configmgr lab was sccm.server2008r2.lab.local I think .local FQDN's will cause problems with iOS, I had no success with iOS and .local in my first lab.

let's stick to one problem at a time please - ok i asked you to state WHEN the problem occurred so I can reference it in your logs, can you tell me when that was ? (i.e. you signed in and then it failed at WHAT time) ?

yup like so How can I password Protect a Task Sequence ? Password Protecting a Task Sequence

you didn't say if you tried any other user yet, if not please do try, as regards your logs i've had a look and it's hard to tell when the failure occured so can you please go through the login process again and when you see the failure take note of the exact time, then attach the new logs here stating WHEN the failure occured ok ?

ok is the device managed by any other mobile device management solution (airwatch for example), if so then those MDM certificates need to be uninstalled first before trying the above, also have you tried using any other user ?? have you verified the user you are testing with is in the Windows Intune Users collection ?

well you have to decide what is more important, security or zero touch, if you want zero touch then remove the password on the DP and instead insert it into the task sequence

i'ts possible via switches when you install the client - see http://technet.microsoft.com/en-us/library/gg699356.aspx /skipprereq:<filename> Specifies that CCMSetup.exe must not install the specified prerequisite program when the Configuration Manager client is installed. Examples: CCMSetup.exe /skipprereq:silverlight.exe or CCMSetup.exe /skipprereq:dotnetfx40_client_x86_x64.exe;Silverlight.exe Note This property supports entering multiple values. Use the semicolon character ( to separate each value.

hmm ok, did you try enrolling more than once ? have you tried signing out of the app and trying again ?

setting the PXE password should only prompt for the password once, where are you seeing it prompt for a password again ?

can you post your logs please

did you follow all the steps in my guide above ? what user account did you use, was it a user@yourpublicdomain.com account or a user@yourpublicdomain.onmicrosoft.com account ?

ok i'll try and make it easier, Installation Instructions 1. download the zip above, extract to a temp folder on your computer so that they are like so... 2. copy the the file in tbe folder called "copy this file to the root of the Toolkit package" to the root of your MDT Toolkit package (you must have installed MDT and Integrated it with Configuration Manager prior to this and created your MDT Toolkit and MDT Settings packages. 3. next copy all the files/folders in the folder called "Files to be copied to the root of the Toolkit Package Scripts folder" to the scripts folder in your MDT Toolkit package 4. Then in configuration Manager update the MDT Toolkit package to your distribution points. In the configuration manager console, import the Task Sequence zip file located in the SP1 or R2 folder in the Task Sequences section of OSD. the unattend xml samples need to be stored in a standard package without any program which are in turn referenced in the task sequence Apply Operating System step and USMT xml files are samples for the imported task sequence and can be placed in the root of the respective USMT architecture folders like below don't forget to update whatever package contains the USMT binaries and xml files to your distribution points after this...

i've replied there, p.s. there are two 'L' s in Niall.

do you have internet access on that ios device ? it doesnt look like it in the screenshot, have you tried shaking the ios device and reading the logs ?

have you verified that at this point that it has an IP address and can ping the FQDN of your MP ?

can you post the smsts.log ?

you can install the MBAM client and any associated registry keys at the end of the task sequence and once installed MBAM will take control of your bitlocker environment, in the CM12 HTA I do just that here. CM12 in a Lab -The CM12 BitLocker FrontEnd HTA - video CM12 in a Lab - The CM12 BitLocker FrontEnd HTA

Yesterday Microsoft released 11 security bulletins fixing 24 vulnerabilities in Windows, Windows Server, Exchange Server, Microsoft SharePoint Server, Office Web Apps, Lync, ASP.NET SignalR, and Visual Studio Team Foundation Server 2013. Five of the bulletins address at least one vulnerability rated Critical. Another recently-reported zero-day was not fixed. Microsoft says that four of the bulletins (MS13-096, MS13-098, MS13-104 and MS13-106) contain a vulnerability which is being exploited in the wild. Of particular concern is MS13-098 which could undermine code signing, one of the more important fundamental protections available today. MS13-096: Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution (2908005) — This update fixes a vulnerability that was being exploited in the wild. The bug was in TIFF parsing and and affected an odd assortment of Windows and Office versions. MS13-097: Cumulative Security Update for Internet Explorer (2898785) — Seven vulnerabilities, five of them rated critical, are fixed in the latest cumulative update. MS13-098: Vulnerability in Windows Could Allow Remote Code Execution (2893294) — The WinVerifyTrust function, which is involved in verification of code signatures, has a critical vulnerability which could allow a malicious actor to inject malicious code into a signed executable. Microsoft says that this vulnerability is being exploited in the wild. MS13-099: Vulnerability in Microsoft Scripting Runtime Object Library Could Allow Remote Code Execution (2909158) — A critical vulnerability in Windows Script 5.6, Windows Script 5.7, and Windows Script 5.8 could allow a malicious web site to take control of a user's computer. MS13-100: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2904244) — Multiple SharePoint page content vulnerabilities, collected as CVE-2013-5059, could run arbitrary code in the security context of the W3WP service account. SharePoint Server 2010, 2013, and Office Web Apps 2013 are affected. MS13-101: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2880430) — Five vulnerabilities could allow elevation of privilege. An attacker must have valid logon credentials and be able to log on locally and would have to run a malicious program to exploit this vulnerability. MS13-102: Vulnerability in LRPC Client Could Allow Elevation of Privilege (2898715) — Malicious code could elevate privilege by spoofing an LRPC server and sending a specially crafted LPC port message to any LRPC client. MS13-103: Vulnerability in ASP.NET SignalR Could Allow Elevation of Privilege (2905244) — By reflecting specially-crafted JavaScript back to the user, an attacker could elevate privilege at the user in the context of Visual Studio Team Foundation Server 2013. MS13-104: Vulnerability in Microsoft Office Could Allow Information Disclosure (2909976) — By getting a user to open an Office document on a malicious web site, the attacker could ascertain access tokens used to authenticate the current user on a targeted SharePoint or other Microsoft Office server site. Strangely, Microsoft says both that functional exploit code for this vulnerability is unlikely, and that they are aware of limited, targeted attempts to exploit it. MS13-105: Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2915705) — This describes four vulnerabilities in Exchange Server, 2 of them in a bundled component from Oracle. MS13-106: Vulnerability in a Microsoft Office Shared Component Could Allow Security Feature Bypass (2905238) — Loading a shared Office component as an ActiveX control in IE could allow it to bypass ASLR. The vulnerability has been publicly disclosed and Microsoft is aware of attempts to exploit it. Microsoft also released many non-security updates today.] via Zdnet - http://www.zdnet.com/microsoft-patches-4-zero-day-vulnerabilities-in-major-patch-tuesday-event-7000024145/