SCCM

SCCM 2012 – Set BITS throttling on client

If you manage a System Center Configuration Manager solution in your enterprise, you may have branch sites with slow bandwidth. When you deploy an Application, users in this remote site complain of slow network connections because of SCCM’s downloads.

Several solutions can be used to solve this issue, as BranchCache or deploy a Distribution Point on site. Using BranchCache needs to modify configuration on Windows Servers and Clients, like role installation and GPO. Moreover Distribution Point needs infrastructure on site, so budget allocation. Fortunately, Microsoft allows us to easily manage BITS transfer using SCCM.

BITS Throttling

BITS Throttling

Let’s see how to do deploy this configuration on remote sites.

Continue reading

SCCM

SCCM 2012 – Change OSD IT Organization

When you deploy a computer with System Center Configuration Manager 2012 using OSD, the WinPE phase displays a name like “IT Organization“. It is possible to change this name by your real corporation name.

WinPE IT Organization

WinPE IT Organization

Let’s see how to do that.

Continue reading

Windows 8.1

Security – Local Administrator Password Solution LAPS

Since Windows Server 2008, we can use Group Policy Preferences to set a password for Local Administrator on all workstations in an OU. In May 2014, Microsoft released a patch to remove this feature. KB2962486

In fact, the password was stored insecurely. It was crypted using a key which is now public MSDN. This is a security leak, password are sent in “clear” and several time by day, using GPO application. If KB2928120 is installed on your system, you can’t no more use GPO to define password for:

  • Drive Maps.
  • Local Users.
  • Scheduled Tasks.
  • Services.
  • Data Sources.

With the Security patch, Microsoft provided a Powershell script to change local password remotely.

Since few days, Microsoft released a new tool: Local Administrator Password Solution (LAPS). With this tool, computers are able to randomly change password for local administrator and store it in Active Directory attribute.

Continue reading