OSD – Install IE 11 in the ref image like a pro using a PowerShell wrapper

The Deployment Bunny - Tue, 01/27/2015 - 05:01

One of the best ways to get ready for Windows 10 is to deploy Internet Explorer 11 in your current environment, if you can make IE 11 work there is a huge chance that you will have no or just a few issues when Windows 10 is about to be deployed.

The best way to do that is to add IE 11 to the reference image when you are replacing, refreshing or perform a bare-metal deployment and the next best thing is to deploy it using any software distribution engine, like WSUS, ConfigMgr, Intune or something like that.

Even if you distribute it as a software, you should still update your reference image and here it is.

Step No:1 – Download IEAK

The best way to deal with IE11 is to create a configuration only package for all Windows versions that already have IE11 installed (Like Windows 8.1 or Windows Server 2012 R2) and create a full install package for all the other versions of Windows you are using in your organization and that is done by Internet Explorer Administration Kit (IEAK), just download it from and install on a computer WITH IE11 already installed.

Step No:2 – Create all packages

Start IEAK and create all your packages for each version and each language of IE you would like to have

  • Windows 7 SP1 x86/x64
  • Windows 8.1 x86/x64

(Create both full install package as well as as configuration packages)

Step No:3 – Download the PowerShell script

After creating all the packages, with the customized settings you will have a folder structure with full packages as well as configuration only for one or more language and instead of creating one application for each of these packages you can create one application in the deployment workbench that will figure out which package that should be installed.

  1. Download the PowerShell script from
  2. UnZip it and browse to the folder “Install – Internet Explorer 11\Sorurce”
  3. Copy the content of you “build” folder that was created when using IEAK into the folder named “Source”, it should contain folder names like “BrndOnly”,”FLAT” and “Ins”

This is the tree structure after copying the files.

Step No:4 – Create the Application in the Deployment Workbench

No you need to create the application, follow these steps and you are done.

  1. Open Deployment Workbench and browse to the Application node
  2. Create a new application named “Install Internet Explorer 11” with the Command Line “PowerShell.exe -ExecutionPolicy ByPass -File Install-InternetExplorer11.ps1”

The properties of the “Install – Internet Explorer 11” application in the Deployment Workbench.

Step No:5 – Add the application to the Task Sequence

Open your task sequence and add the application to the task sequence.

Install Internet Explorer 11 is added to the Task Sequence.

Happy OSD


    Categories: MDT

    Hyper-V Script to move everything off of a physical disk

    Virtual PC Guy's WebLog - Mon, 01/19/2015 - 20:08

    Hyper-V storage migration makes it very easy to move virtual machines wherever you need them, while they are running.  And in the past I have showed you how easy it is to use PowerShell to storage migrate all the virtual machines on your computer to a new location.

    However, over the winter break I had a specific challenge.  I needed to services some of the storage arrays in my home configuration – and to do this I needed to empty specific physical disks of virtual machines.  I did not want to move all the virtual machines on the system – just the ones that were on the storage array that I was about to take offline.

    To do this – I wrote the following script:

    $sourcePath = "F:\" $destinationPath = "D:\"   (Get-ChildItem $sourcePath -Recurse | ?{$_.Attributes -ne "Directory"}).count   Get-VM | %{   $VM = $_   # Check the configuration path $currentVMPath = $_.ConfigurationLocation   if ($currentVMPath.StartsWith($sourcePath)) { $newVMPath = ($destinationPath) + ($currentVMPath.TrimStart($sourcePath)) Move-VMStorage -VM $VM -VirtualMachinePath $newVMPath}   # Check the snapshot path $currentSnapshotFilePath = $_.SnapshotFileLocation   if ($currentSnapshotFilePath.StartsWith($sourcePath)) { $newSnapshotFilePath = ($destinationPath) + ($currentSnapshotFilePath.TrimStart($sourcePath)) Move-VMStorage -VM $VM -SnapshotFilePath $newSnapshotFilePath}   # Check the smart paging file path $currentSmartPagingFilePath = $_.SmartPagingFilePath   if ($currentSmartPagingFilePath.StartsWith($sourcePath)) { $newSmartPagingFilePath = ($destinationPath) + ($currentSmartPagingFilePath.TrimStart($sourcePath)) Move-VMStorage -VM $VM -SmartPagingFilePath $newSmartPagingFilePath}   # Go over each hard drive $_.HardDrives | %{ # Check the hard drive $currentHardDrivePath = $_.Path   if ($currentHardDrivePath.StartsWith($sourcePath)) { $newHardDrivePath = ($destinationPath) + ($currentHardDrivePath.TrimStart($sourcePath)) Move-VMStorage -VM $VM -VHDs @(@{"SourceFilePath" = $currentHardDrivePath; "DestinationFilePath" = $newHardDrivePath})} }   }   (Get-ChildItem $sourcePath -Recurse | ?{$_.Attributes -ne "Directory"}).count

    This goes through each virtual machine and checks the configuration path, checkpoint path, paging file path and virtual hard disks.  If it finds any component of the virtual machine on the disk that is about to be removed – it moves it to the new location.

    Also, to help ensure that everything is going according to plan, it shows you how many files are present on the source disk before and after the script runs.  Assuming that you only have virtual machines on your source disk – it should report zero files remaining at the end of the script.


    Categories: MDT

    Make WMI more robust to large volumes of queries - Mon, 01/12/2015 - 18:32

    Ever had a machine where WMI stopped working properly and needed to be rebuilt?  Was it running something that does high volumes of WMI calls (like System Center agents, or Tivoli, or HP OpenView (to name a few regular problem children – I’m sure you can think of more)?

    Here’s a PS script I run to increase memory per WMI process (and globally across the machine) available to WMI, as well as modifying it in the boot order (if you rely on RSOP, WMI’s default configuration means it’s possible it won’t be completely loaded properly when Group Policy runs, and can cause RSOP issues, amongst other things).

    $oWMI=get-wmiobject -Namespace root -Class __ProviderHostQuotaConfiguration $oWMI.MemoryPerHost=768*1024*1024 $oWMI.MemoryAllHosts=2048*1024*1024 $oWMI.put() Set-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\Winmgmt -Name 'Group' -Value 'COM Infrastructure' winmgmt /standalonehost


    This script increases VA available to WMI to 768MB per WMI process, and 2GB per machine.  It sets WMI to run in it’s own svchost (useful for debugging purposes), and moves it to run in the “COM Infrastructure” group so that it starts closely after RPCSS (versus waiting until the end of service processing to start), which can improve boot times as well.

    This isn’t a silver bullet, by any means – I still recommend installing WMI hotfixes when available from Microsoft, but this can improve WMI reliability by quite a bit.

    Categories: MDT

    Hyper-V Reporting Script

    Virtual PC Guy's WebLog - Wed, 01/07/2015 - 01:46

    Serhat AKINCI, a Hyper-V MVP, has just posted this very useful script:

    In his own words:

    It can be difficult to monitor and assess resources in large Hyper-V environments. This PowerShell based script helps you to understand virtualization inventory, capacity and general resource availability in your Standalone or Clustered Hyper-V Environment.

    • More than 2600+ lines of PowerShell, HTML and CSS code examples.
    • Creates a plain but detailed and user-friendly HTML report which is compatible with all modern browsers.
    • Provides more detailed information via tooltips in the HTML report. (cells with asterisks and highlights)
    • Checks and installs required runtime environment prerequisites like Hyper-V and Clustering PowerShell.
    • Collects information by using standard Hyper-V and Clustering PowerShell cmdlets and custom WMI queries.
    • Shows alerts in the report for certain situations (utilizations, VM checkpoints, replication status, etc.)
    • Can be used directly from command-line or as a scheduled Windows task.
    • Supports report delivery via e-mail with advanced options. (authentication, TLS/SSL, multiple recipients)
    • Includes a mode that reports only alerts in the Hyper-V environment. (aka Highlights Only mode)
    • Advanced error handling and logging. (Console messages and log file)

    You can see an full example report here:

    Very neat stuff!


    Categories: MDT

    Intune Extensions will not install

    Coretech Blog » Kent Agerlund - Fri, 01/02/2015 - 04:36
    It’s a common issue, but still worth mentioning. Being a Full Administrator is NOT the same as having full control of all features in the ConfigMgr console. An example is enabling new Intune Extensions like the one released in late December. As usual you are prompted when new Extensions are available. In this example I’m […]
    Categories: MDT

    Managing WIFI certificates for iOS devices with ConfigMgr MDM

    Coretech Blog » Kent Agerlund - Tue, 12/23/2014 - 08:09
    This will be the last Christmas blog post from Coretech in 2014. A huge thanks to all of you who has reading our blogs in December. @Coretech we wish you and your loved ones a Merry Christmas and a Happy New Year – We look forward to service you again in 2015 with knowledge, inspiration […]
    Categories: MDT

    System Center 2012 ConfigMgr Dashboard– Because we want you to look smart

    Coretech Blog » Kent Agerlund - Tue, 12/16/2014 - 05:59
    Do you know the feeling when it feels like you have lost your head and can’t find the information your need? You start browsing the 468 canned reports and quickly spend a couple of hours still without finding exactly what you need. @ Coretech we know the feeling, but instead of keep being frustrated we […]
    Categories: MDT

    “Disabling” IPv6 – breaking down the DisabledComponents registry value - Mon, 12/15/2014 - 21:47

    I’ve gotten an elevated number of requests recently on “how do I disable IPv6″ or “what’s the best way to configure IPv6 in my environment”. I’m not entirely certain of why I’ve gotten so many recently, and I’m not sure if it’s a coincidence or if there’s more to it. However, what I’ve found is that most IT departments I’ve come across over the years simply go and set IPv6 to completely disabled via setting the disabledcomponents registry value to 0xffffffff. While this does indeed disable IPv6 entirely, I have to warn everyone I come across with this set that Microsoft doesn’t test this setting at all, and support for resolving issues with this set have usually resorted to setting disabledcomponents back to 0x0 and retesting, where things magically work, and that’s the extent of what is done for obvious reasons. This can (and sometimes does) also break functionality in Windows, and the one that most customers eventually run across is DirectAccess (with Remote Assistance in second).

    With the advent of a lot of my enterprise customers recently starting to roll out DirectAccess to their Windows 7 and (increasingly) Windows 8.1 clients, this of course is now being revisited for best practices (or at least best recommendations from the Microsoft guy), as DA requires IPv6 enabled in most cases, at least in some way, and especially on Windows 7. I made a handy breakdown of the disabledcomponents settings to satisfy a request for just this question recently, and figured I’d repost here my recommendations, and why.

    There’s 8 bits to the disabledcomponents registry value, and each bit represents a feature or configuration of a functionality of the IPv6 stack in Windows.

    • Bit 0 controls ALL of the IPv6 tunnel interfaces, which includes Teredo, ISATAP, 6to4, and IP-HTTPS. Setting this to 1 will disable ALL of the tunnel interfaces, which will also break DirectAccess full stop. This should *always* be 0 if you’re using IPv6 transition tunnels (and each tunnel interface can be controlled separately, which is the right way to handle them).  I generally don’t recommend this ever be set to 0 even if you aren’t using them, as they can each be configured separately.  Maybe it’s OCD, maybe it’s good practice, I dunno – but I don’t ever change this from 0 if I can help it because there are other levers for this, and I don’t like to paint in broad brushes when it comes to configuration, as it can sometimes be hard to track down the setting that’s keeping one I’m trying to enable from working in the future.
    • Bit 1 controls 6to4
    • Bit 2 controls ISATAP
    • Bit 3 controls Teredo
    • Bit 4 controls IPv6 for non-tunnel interfaces, which would include actual physical (or virtual, in a VM) network interfaces, dial-up/PPP interfaces, etc.
    • Bit 5 controls preference of IPv6 or IPv4 in the prefix table – setting this to 1 will cause IPv4 to be preferred when creating a new network connection, and I do recommend setting this in mixed IPv4/IPv6 networks, at least on the client-side (server-side is a bit murkier, and I generally don’t recommend messing with IPv6 on the back end at all if at all possible).
    • Bit 6 is listed as “reserved”, so…. yeah, don’t touch it.
    • Bit 7 controls IP-HTTPS

    Why is the above important? Well, 6to4, ISATAP, Teredo, and IP-HTTPS are all considered “IPv6 Transition technologies”, which means nothing other than these are the technologies that a DirectAccess server and client can (and will) use to get that tunnel connected when the client does not have an IPv6 address, or is connected to the internet via a NAT tunnel. 6to4 and Teredo both require the DirectAccess server to be connected directly to the internet, which was required prior to using Server 2012’s DirectAccess feature. The likelihood is, if you’re using a 2008R2 or UAG server to serve DirectAccess to your clients, you’re using 6to4 or Teredo, so do not disable these if you want DA to continue working. ISATAP is generally used when doing “manage-out” of DA clients, so if you’re doing that, again, do not disable ISATAP. IP-HTTPS allows DA to work when the 2012 or 2012R2 server is not directly connected to the public internet (and is using a private IP address), and is the only protocol that works in this scenario. I’ve seen a progression to this configuration in new DA installs, which is how this question came up in the first place – if you’re using DA servers situated behind a firewall or not connected to the public internet in any way, how do you configure IPv6 so that things work the way you need them to without leaving other IPv6 transition capabilities in place?

    It’s questions like these that keep me coming back to this simple chart, when determining for someone what the best value for the disabledcomponents registry value is.  As is the case with most things, one size does not fit all.  Also, knowledge is power, so knowing what each bit controls will help you determine what (if anything) to set if you’re going to modify IPv6 behavior in a Windows environment.  Again, Microsoft’s best practice is to keep things configured as default, and if you’re capable of doing that, then that’s always the best recommendation.  However, if you really do feel that you need to change things, simply disabling IPv6 entirely is a bad idea – controlling it in a manageable way is far better.


    So, without any further rambling, here are some examples I’ve used in the recent past that should help explain for the more visual among us how to configure disabledcomponents for certain configurations.  Remembering to list your binary from right to left (bit 7 will be the leftmost bit, and bit 0 the rightmost when you write it out), you would see something like this as your bit field (use the buit-in Windows calculator in “Programmer” mode if you’re bad at converting binary (bin) to hex):

    7 6 5 4 3 2 1 0


    if you wanted to disable IPv6 tunnel interfaces and prefer IPv4 across your network (you’re not using DirectAccess, and have no need for any tunnel creation), you would have a binary number that looked like this:

    1 0 1 0 1 1 1 0  ==  0xAE

    This has bits 7, 5, 3, 2, and 1 “enabled”, thus disabling IP-HTTPS, setting IPv4 preference, and disabling Teredo, ISATAP, and 6to4 as well.  You could set bit 0 as well, but that would be sort of redundant, and I prefer only making the changes I need to if possible, so I don’t generally recommend it.  You would thus put the value “0xAE” into the disabledcomponents registry value to configure this setting.


    Let’s say you’re using DirectAccess with Windows 7 clients, and you needed to have 6to4 or Teredo enabled, but didn’t want ISATAP functionality and were not going to be using IP-HTTPS as your DA servers are attached directly to the internet:

    1 0 1 0 0 1 0 0  ==  0xA4

    This has bits 7, 5, and 2 “enabled”, thus disabling IP-HTTPS, setting IPv4 preference, and disabling ISATAP while leaving 6to4 and Teredo enabled.  You would thus put the value “0xA4″ into the disabledcomponents registry value to configure this setting.


    As a last example, let’s say you are using Server 2012 DA servers behind a firewall, and thus will be using IP-HTTPS to connect your external clients to your DA infrastructure.  You do not need any other tunnel technology (and in fact would want these disabled):

    0 0 1 0 1 1 1 0  ==  2E

    This has bits 5, 3, 2, and 1 “enabled” thus setting IPv4 preference, and disabling Teredo, ISATAP, and 6to4.


    Hopefully this helps someone the next time they come across a request to “disable IPv6!” or help answer the question “which IPv6 settings do I actually need to set?”  Yes, this can be done with PowerShell and Group Policy as well, before the comments blow up about that.

    Happy admin’ing.


    Categories: MDT

    PowerShell is King – Working with Passwords, Secure Strings and Credentials

    The Deployment Bunny - Sat, 12/06/2014 - 15:41

    No, not something new at all, more of a answer on a lot of questions I got from folks. At TechNet Wiki there is a page that describes how to deal with passwords, secure strings and such.

    Working with Passwords, Secure Strings and Credentials in Windows PowerShell

    Here is the most common I use:

    Create SecureString

    Type the password in an interactive prompt:

    $SecurePassword = Read-Host -Prompt “Enter password” -AsSecureString

    Convert from existing plaintext variable

    $PlainPassword = “P@ssw0rd”
    $SecurePassword = $PlainPassword | ConvertTo-SecureString -AsPlainText -Force

    Create PSCredentials

    Assuming that you have password in SecureString form in $SecurePassword variable:

    $UserName = “Domain\User”
    $Credentials = New-Object System.Management.Automation.PSCredential -ArgumentList $UserName, $SecurePassword

    Read the rest of the Wiki here:


    Categories: MDT

    Connecting VMM and Operations Manager

    The Deployment Bunny - Fri, 12/05/2014 - 17:09

    Originally posted on System Center Ramblings:

    When building a fabric domain most want to connect Virtual Machine Manager and Operations Manager to get alerts and information. However many seem to fail with this due to not using the correct credentials.

    First off you need to download and import the SQL MP for OpsMgr. They have been removed from the catalog and can now be found here: Download, extract and import them into OpsMgr.

    Next we need a service account with Admin privileges in OpsMgr. Create the account and add the account to an AD group and add the AD group to the OpsMgr Admins. While you are in the process of creating accounts we will need another account that OpsMgr will use to connect to VMM. This account does NOT need any privileges at all.

    Now go to the VMM console on the VMM server. Go to Settings and then System Center Settings and click…

    View original 157 more words

    Categories: MDT

    PowerShell is King – Using OneGet Package Manager on Windows Server Technical Preview build 9841

    The Deployment Bunny - Fri, 12/05/2014 - 06:38

    PowerShell is great and with the “new” OneGet it get awesome. OneGet is a part of PowerShell v5 and it is a generic package manager. OneGet can get items from a repository, for example from Chocolatey ( Instead of spending a massive amount of time to explain how it works inside, lets just start playing with it. There is a couple of things you need to do to make OneGet to work with Chocolatey in build 9841.

    Lets Install Zoomit! Step 1 – Install the Chocolatey provider Execute the following in an elevated PowerShell prompt:

    #Setup the Webclient
    $webclient = New-Object System.Net.WebClient

    #DL and install Chocolatey
    Invoke-Expression (($webclient).DownloadString(‘′))


    Step 2 – Download the updated and modified OneGet PowerShell Module Execute the following in an elevated PowerShell prompt:

    #DL and unzip the latest OneGet
    $ZipFile = ‘C:\OneGet.Zip’

    After download, unzip the zip folder and execute the RunToUnBlock.CMD inside the folder.

    Step 3 – Import the updated OneGet module Execute the following in an elevated PowerShell prompt:

    Import-Module C:\Oneget.New\OneGet.psd1 -Force -Verbose

    Step 4 – Get the Package Provider to verify that you have the correct version

    (Currently that is

    Execute the following in an elevated PowerShell prompt:

    Get-PackageProvider -Name Chocolatey -ForceBootstrap -Force

    Step 5 – Find the fun stuff Execute the following in an elevated PowerShell prompt:

    Find-Package -Name WinRar,Zoomit,notepadplusplus -Provider Chocolatey

    Step 6 – Install your package Execute the following in an elevated PowerShell prompt:

    Find-Package -Name WinRar,Zoomit,notepadplusplus -Provider Chocolatey | Install-Package -Force


    Categories: MDT

    Setting ‘available time’ on a deployment

    Steve Rachui's Manageability blog - Tue, 12/02/2014 - 02:10
    I’ve had customers over the years use the setting ‘available time’ on deployments. This option is disabled by default.  It is a perfectly fine option to use as long as it is understood.  Often times it isn’t. The ‘available time’ defines the...(read more)
    Categories: MDT

    Veeam Task Manager for Hyper-V

    Virtual PC Guy's WebLog - Mon, 12/01/2014 - 12:07

    A little while ago Veeam released a nifty little tool called the “Veeam Task Manager for Hyper-V”.  You can download it from here:

    So what is it?  What does it do? And why is it useful?

    Well, simply put – it looks like task manager, but instead of showing you processes it shows you virtual machines:

    So why is this useful?  Well, a lot of people do not realize this – but when you open task manager on a Hyper-V system, you only see information about the processes running in the host OS.  You do not see any information about virtual machines.

    This means that you can have a system that is under high load from virtual machines, but task manager in the host OS says that nothing much is happening (which is correct – for the host OS).

    Furthermore – Hyper-V manager only shows you information about virtual machines, not about what is happening in the host OS.

    The Veeam Task Manager shows you both at the same time, which makes it a very useful troubleshooting tool.  For this reason, I have it installed on the majority of my Hyper-V servers.  It also runs on core server installations, and on the free Microsoft Hyper-V server:

    One tip, if you are running on a core installation, consider creating a shortcut or an alias.  In the picture above I am creating a PowerShell alias called “vmtaskmgr” that launches the Veeam Task Manager for Hyper-V.  This just makes it easier for me to use from the command line.


    Categories: MDT

    Why System Center Updates Publisher aka SCUP is still a great tool

    Coretech Blog » Kent Agerlund - Mon, 12/01/2014 - 02:56
    Welcome to the Coretech x-mas blog Calendar where we will give you a little insiders tip every single day in December.   Even if I don’t deploy 3rd party updates with SCUP 2011 I still use the tool for two purposes. I always upgrade my ConfigMgr clients and consoles to the latest CU using the […]
    Categories: MDT

    Upgrading ConfigMgr 2012 R2 Primary site server from Windows Server 2012 to Windows Server 2012 R2

    Coretech Blog » Kent Agerlund - Sat, 11/29/2014 - 14:50
    Maybe my most boring blog post ever, but just finished upgrading the primary site server from Windows Server 2012 to Windows Server 2012 R2. After the upgrade I performed a ConfigMgr Site reset (not required, but just in case). Testing out the different features and all but one looked to be doing just fine. The […]
    Categories: MDT

    Why do my ConfigMgr clients not report having the new CU3 installed?

    Coretech Blog » Kent Agerlund - Fri, 11/28/2014 - 07:27
    Recently I had to deploy CU3 to a lot of clients and I ran into a funny issue. After a couple of days I only saw about 10-15% of the clients reporting the new CU3 being installed although my CU3 packages seemed to be running fine and hitting almost 90% of all clients in the […]
    Categories: MDT

    Device based vs User based MDM policies in ConfigMgr 2012 R2

    Coretech Blog » Kent Agerlund - Wed, 11/26/2014 - 09:02
    With ConfigMgr and Intune you have long been able to manage devices like Android, iOS and Windows with mail profiles, security settings, Wi-Fi profiles and VPN profiles. Deployment of those profiles has undergone a fundamental change with the release of ConfigMgr R2 and CU3. To understand those changes you first to understand how policies were […]
    Categories: MDT

    Using RDCMan v2.7 to Connect to a VM

    Virtual PC Guy's WebLog - Tue, 11/25/2014 - 12:03

    Yesterday, I posted about a new version of RDCMan – where one of the new features was the ability to connect directly to virtual machines.  Since then, I have had a number of people ask me about how to actually make this work.  So here we go…

    The first thing you need is to know the virtual machine ID of the virtual machine you want to connect to.  You cannot find this through the GUI, but it is easy to get using PowerShell.  Here I am grabbing the ID for a virtual machine called “RDCMan Test” by running:

    get-vm “RDCMan Test” | Select ID

    Once you have the virtual machine ID, you can go over to RDCMan.  Here you want to create a new server entry – as though you were going to use Remote Desktop to connect to a physical computer.  You will want to put the address (or name) of the Hyper-V host in the Server name field.  Then you want to check the option for VM console connect and enter the ID for the virtual machine, like this:

    With all this in place – you will be able to connect to the virtual machine screen, just like you can with Hyper-V Manager:


    Categories: MDT

    Update for RDCMan

    Virtual PC Guy's WebLog - Mon, 11/24/2014 - 12:03

    Anyone who is familiar with RDCMan will be thrilled to hear that there is an updated version available!

    For those of you who are new to RDCMan – it is a tool that allows you to easily manage multiple remote desktop sessions:

    The updated version introduces a number of new features.  One of which is the ability to connect directly to virtual machines through Hyper-V.  This is very cool.

    You can download the latest version from here:


    Categories: MDT

    Slides and links from my session @Techdays in Sweden

    Coretech Blog » Kent Agerlund - Sat, 11/22/2014 - 07:17
    As always thanks for attending and for making speaking in Stockholm being a fun thing to do. As promised during the session here are the links to the blog posts I mentioned, the script I used and the slide deck. Autmating the WSUS Cleanup process SQL PowerShell audit script Splitting existing ConfigMgr database […]
    Categories: MDT