Configuring the LanmanWorkstation Policy CSP

I got a great question this week. Just wondering how you got the LanmanWorkstation\EnableInsecureGuestLogons policy working. For the OMA-UTI I put ./Device/Vendor/MSFT/Policy/Config/LanmanWorkstation/EnableInsecureGuestLogons with the string <enable/> and it doesn’t seem to work Anonymous Contributor I went directly to the Microsoft website to see what it says about setting the policy. https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-lanmanworkstation Indeed, the documentation is […]

Using PSEXEC to Manually Test System Context Installs

MDMs and PCLM tools typically install applications in the System Context to allow all users of the PC to utilize the installed application. In order to accurately test (we call this a pre-flight test) packages prior to deploying them with your MDM, you will want to leverage PSEXEC. This will ensure that the manual installation […]

3 Simple Steps to Deploying Win32 Applications with your MDM

Application management for Windows is hard. There is so much variation in the types of application packages that need to be deployed, moving from a PCLM tool to a modern tool like Workspace One can feel like TOO big of a job to do all at once. Never fear! All problems can be solved if […]

Create a Custom ADMX Policy

If your MDM does not provide a method for running scripts, you may want to create a Custom ADMX Policy to apply registry settings to your Windows 10 devices for situations where there are not CSPs available. There are some limitations to what registry settings you can apply via Custom ADMX Policy. Policies are not […]

Using CDATA within an MDM Policy

There is a lot written on MDM policy including references to using CDATA. Here is a real life example of a policy ( InternetExplorer\AllowAddons ) written with CDATA vs. encoded: CDATA ENCODED CDATA is much easier to read so if your MDM supports it, obviously you would want to use it. My personal experience is […]

Create a Local Administrator Account

It is common to use a local Administrator account to provide Administrative access for technicians when they are imaging or configuring PCs. It would be bad form, security-wise to leave this type of account in place so it is typically deleted at the end of the build process. If you ever find yourself in a […]