Deploying Box for Office Integration using SCCM – Part 1

This is likely something that’ll be rolled out in our organisation soon which is why I wanted to try this out in my lab beforehand.

We’ll start off with a high level overview of how I plan to meet the pre-requisites for this application and then proceed to implementing that in SCCM. This will probably be a pretty long post so I won’t be providing step by step instructions. Part 2 will cover creating the Box for Office Integration application, setting the application dependencies and testing our deployment.

Let’s take a look at the Box for Office integration pre-requisites:

Now, let’s take a look at how we plan on meeting these prerequisites for the deployment:

  • We’ll create three device collections to identify computers with office 2010 or higher, each limited to Windows 7, Windows 8.1 and Windows 10 computer collections respectively. This will allow us to deploy the application to one collection at a time. Each collection will only contain computers with Windows 7 or higher AND Office 2010 or higher.
  • We can safely disregard the Windows Installer requirement since the installer version is greater than 4.5 on all our operating systems in our collections by default
  • We’ll create separate applications for the .NET Framework 4.0 and the Visual Studio 2010 Tools for Office Runtime in SCCM. For each application we’ll set the detection rule to check for the presence of specific registry keys/values in order to detect if the application is installed or not.

This will effectively meet all the prerequisites and we can proceed with deploying the application in Part 2. Now, let’s get onto implementing this in SCCM.

1) Create the Collections to Deploy the Application To

We’ll start off by creating separate device collections for Windows 7, Windows 8.1 and Windows 10 computers. We’ll then create three collections with Office 2010 or higher installed and limit each to the Windows 7, Windows 8.1 and Windows 10 device collections respectively.

a) Create a device collection each for Windows 7, Windows 8.1 and Windows 10:


The WQL queries to use for each OS version is provided below:

Windows 7 Continue reading

Deploy Microsoft .NET Framework 4.0 using SCCM

I’m planning on writing an article on deploying the Box for Office Integration client package using SCCM which requires the .Net Framework to be pre-installed (amongst other pre-requisites) so I thought I’d first write this post on deploying the framework so I can refer to it in the upcoming post.

We’re going to deploy this as an application and not a package since you can only have dependencies on applications.

Download the .NET Framework 4.0 Standalone Installer

To start off download the .NET 4.0 standalone installer from Microsoft and save it to your SCCM software repository.

I briefly mentioned the importance of having a clear and easy to understand folder structure to store your images, software and packages in the repository. Personally, I have a dedicated folder called “.NET Frameworks” with subfolders for each version that I’ll be deploying.


Make a note of the UNC path where you save the installer.

Create the .NET Application in SCCM

Again, I suggest you create a dedicated folder for .NET Frameworks under Application Management > Applications and create subfolders for each .NET framework version that you’ll be deploying.

Right-click on your chosen folder under Applications and select “Create Application”.

Continue reading

Customizing Internet Explorer 11 using the IEAK

I was having a discussion with my manager about Internet Explorer 11 and its “Enterprise Mode” recently when I had the idea for a couple of posts on this subject. I thought I’d start off with customizing IE using the IE Administration Kit (IEAK) and then move onto configuring Enterprise Mode using Group Policy in a follow-up post.

There’s not really much to the admin kit and customizing IE is a pretty straightforward process. Let’s take a look at the process here.

Install the IE Administration Kit (IEAK)

Download the IEAK from Microsoft and proceed with the installation. The installation wizard is pretty self-explanatory. Be sure to select the correct licence type as shown below:


Download the Prerequisite Updates for IE11

Download the prerequisite updates from Microsoft and save them all in one directory. Extract each update package one by one using something like 7-Zip which will give us the .cab cabinet file which we’ll bake into our IE11 installer later on.

Here’s an example of an update package after it’s been extracted. Note that we need the cabinet file with the same name as the update.


Customize IE using the IEAK

Launch the Internet Explorer Customization Wizard from Start > Windows IEAK 11

A lot of the screens in the wizard are self-explanatory so I won’t provide screenshots for them all here.

1) Select the destination folder where you want the final IE11 installer to be saved


Continue reading

Quick Fix: Get-MDTComputer by Description Broken in the MDT PowerShell Module

The short story:

Launch SQL Server Management Studio, expand the MDT database > Views > right-click on dbo.ComputerSettings and click on “Design”, tick the “Description” column in the CI table in the View.

The long story:

During my experiments with using PowerShell to automate Windows imaging and deployment tasks I’ve been working with the MDT database module, provided by Michael Niehaus from Microsoft.

I was disappointed to find the Get-MDTComputer cmdlet is broken somewhat, as in you can’t retrieve a computer record from the database matching a description. This is what the error message says when you try:


I thought I’d take a look at the Get-MDTComputer function in the PowerShell module and saw that the function was doing nothing more than building a SQL statement and querying the MDT database. Specifically, it was querying the “ComputerSettings” table as shown below:


This, along with the error message we saw earlier mentioning “Invalid column name ‘Description'”, led me to fire up the SQL Server Management Studio to examine the “ComputerSettings” table, only to find there isn’t a table with that name but there was a “View” called “ComputerSettings”.

I right-clicked the “ComputerSettings” View and selected “Design” and immediately saw what the issue was here. It was apparent that the problem was that the “ComputerSettings” View didn’t include the “Description” column from the ComputerIdentity table.

So the solution is to tick the checkbox next to the “Description” column in the CI table in the View:



And here you can see the Get-MDTComputer cmdlet working with the –Description parameter:


Group Policy Order of Precedence FAQ

I’ve had a few queries from friends about group policy since my last post so I thought why not answer these queries here on my blog? And, yes, a few of them were about group precedences, hence this short FAQ.

What is the order of precedence in group policy?

I’ve prepared an illustration which I hope will help to understand the order of precedence for Group Policy.

gp order 2

While this illustration may be self-explanatory (at least I hope it is) there’s actually more to the story…

What is the order of precedence in an OU hierarchy?

Continue reading

Disabling the Windows 10 First Log-in Animation using Group Policy

If you’re not a fan of the first log-in animation on Windows 10 computers then you can disable this very easily using Group Policy. I decided to test this in my lab as I was curious to see what the first log-in experience would be like after having the animation disabled.

Here’s a quick rundown on how to do this:

  • Create/Open your GPO and browse to Computer Configuration > Policies > Administrative Templates > System > Logon
  • Double-click on Show first sign-in animation and select “Disabled”


If, like me, you’re curious what the first-login experience is like after disabling the animation then I’ve got a before and an after video below for you to check out. Continue reading

Applying an Unattend.xml Answer File in a SCCM OSD Task Sequence

There are times when you might need to customize Windows by using an unattend.xml answer file during the OS deployment. Yes, many of these customizations can be baked into the OS image itself or scripted but using an answer file is easier in many situations. For example, if you had offices in UK and USA and wanted to customize the keyboard language depending on the location, then it’s easier to maintain two answer files than two OS images.

Once you create an answer file how do you use it in a OSD task sequence? Long story short, you create a package for the answer file and then reference it in the Apply Operating System step in the task sequence.

Read on if you want the long story…

1) Create a Package for the Answer File

First thing’s first, copy the unattend.xml answer file into the SCCM software repository. Make a note of the answer file name and the UNC path where it’s stored.  Continue reading