Configuration-Manager

I just finished updating the script I’ve been using to bulk create collections in Configuration Manager. I know there are already many different examples of this same type of script out there, but I figured I’d share my take on it. The script can be downloaded from my GitHub: https://github.com/ConfigJon/ConfigMgr-Scripts/tree/master/Create-Collections Create_Collections.ps1 This script can be used to dynamically create user collections, device collections, and folder structure based on information in a CSV file. The script should be run as a user account with rights to connect to and create collections in Configuration Manager. The script should be run on a computer with the Configuration Manager Admin Console installed. The script will automatically search for the ConfigurationManager.psd1 file, attempt to import it, and connect to the specific site. ...

I was setting up a Configuration Manager environment in HTTPS mode and I was running into issues with the server selecting a client authentication certificate. I was seeing these messages in the MPControl.log. I was seeing this message in the IIS log. I was getting a 2148204809 error which translates to A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. That told me something was wrong with the root CA trust. Some searching online brought up a few useful posts on the subject. ...

As I spend time working in many different Configuration Manager environments, I find myself regularly needing to create Antimalware Policies. Most of the settings in the antimalware policies can be configured quickly, however the setting that always takes me the most time is the Exclusion Settings. There needs to be different policies with different exclusion settings for different types of devices. Each of these separate policies have 3 different areas for adding file paths, file types, and processes. And for some reason, unknown to me, the dialog window for adding exclusions has a 260 character limit. This means that even if all the exclusion settings are in a list, you can’t just copy the whole list in at once. All this adds up to make this process time consuming and inconsistent. ...