SkoaNOW Technologies https://www.skoanowtechnologies.com Bringing IT services to your doorstep Thu, 21 Nov 2024 04:44:50 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.1 https://www.skoanowtechnologies.com/wp-content/uploads/2020/04/cropped-SkoaNOW2-32x32.png SkoaNOW Technologies https://www.skoanowtechnologies.com 32 32 0x800b0109-A Certificate chain processed but terminated in a root certificate which is not trusted by the trust provider https://www.skoanowtechnologies.com/0x800b0109-a-certificate-chain-processed-but-terminated-in-a-root-certificate-which-is-not-trusted-by-the-trust-provider/ https://www.skoanowtechnologies.com/0x800b0109-a-certificate-chain-processed-but-terminated-in-a-root-certificate-which-is-not-trusted-by-the-trust-provider/#respond Thu, 21 Nov 2024 04:31:51 +0000 https://www.skoanowtechnologies.com/?p=2608

Issue:

  • Windows updates are failing to install on the endpoints when deployed from SCCM
  • Error message is “Failed to install updates” and the error code is 0X800B0109.
  • The description of the error code is “A certificate chained processed, but terminated in a root certificate which is not trusted by the trust provider”.

Cause:

  • WSUS certificate may have expired a new one has been generated by SCCM.
  • The new WSUS certificate has been uploaded automatically to the Software Update Point that is being used to code-sign the updates from Microsoft.
  • Since the WSUS certificate has not been deployed to the endpoints then they do not trust the software updates coming from WSUS server.

Solution:

  • Navigate to the Trusted Root Certificate location on the SCCM server and export the WSUS certificate to a desired location.
  • Copy the WSUS certificate and deploy it to the endpoints using GPO.
  • Once the endpoints have received WSUS certificate in the Trusted Root Certificate Authority and Trusted Publishers in the Certificate console, then the endpoints will trust the updates code-signed using that certificate.
]]>
https://www.skoanowtechnologies.com/0x800b0109-a-certificate-chain-processed-but-terminated-in-a-root-certificate-which-is-not-trusted-by-the-trust-provider/feed/ 0
servicenow Platformupgrade process https://www.skoanowtechnologies.com/servicenow-platformupgrade-process/ Mon, 14 Oct 2024 10:38:56 +0000 https://www.skoanowtechnologies.com/?p=2588 servicenow Platformupgrade process Read More »

]]>

Content

  • Test or Developer Instance Upgrade
    • Check the existing ServiceNow instance and note if there are any issues.
    • Select and review the desired instance to upgrade to.
    • Save local updates sets that have not been moved to from the developer to the production environment
    • Create clone of Production over Test or Developer environment
    • Resolve MID Server integration Issues in ServiceNow
    • Resolve LDAP Integration for ServiceNow DEV
    • Resolve SCCM/SCCMDB integration Issues in ServiceNow
    • Create a request to upgrade ServiceNow developer/pilot/test environment
    • Upgrade MID Server with current ServiceNow platform
    • Review skipped logs
    • Test the ServiceNow Application modules
    • Upload the update sets back in the ServiceNow test/Dev environment
  • ServiceNow Production Instance Upgrade
    • Create a request to upgrade ServiceNow production environment
    • Upgrade MID Server with current ServiceNow platform
    • Resolve LDAP Integration for ServiceNow production environment
    • Resolve any issues for SCCM/SCCMDB integration in ServiceNow
    • Ensure that SMTP Office 365 integration in ServiceNow is working correctly
    • Review skipped logs
    • Test the modules

Test or Developer Instance Upgrade

Check The Existing ServiceNow Instance and Note If There Are Any Issues

  • Test the various modules including Incident, Change, Problem, Service Catalog, Service Portal, Configuration Management Database and others.
  • Check to make sure that there are no issues and if there are issues, then try to resolve them before starting the upgrade process.

Select And Review The Desired Instance To Upgrade To

  • Review the desired instance you want to upgrade to and check to make sure there are no reported issues with that platform.
  • Select a more stable ServiceNow instance to upgrade to.

Save The Local Updates Sets That Have Not Been Moved From The Developer To The Production Environment

  • Navigate to System Update Set>>>Local Update Set>>>select the update set and change the State from In Progress to Complete.
  • Download the local update sets in XML format and save it.

Create Clone Of Production Over Test Or Developer Environment

  • In your ServiceNow production instance, navigate to System Clone>>>Request Clone;https://devXXXXXX.service-now.com/now/nav/ui/classic/params/target/clone_instance.do%3Fsys_id%3D-1%26sysparm_stack%3Dclone_instance_list.do%26sysparm_view%3Dclone_request, and fill out the form; Profile (System Profile); Target Instance (Select the Developer or Test instance you want the clone to overwrite); Clone Scheduled Start Time (select the date and time for the clone); Email Upon Completion (add or select email group or individuals you want information on the start and end of the clone should be sent to).
  • After filling out the form, click Submit and on the log in screen that pops up, log in with an ServiceNow local account in the Developer/Test environment which has Admin role assigned to it.
  • Once the request has been submitted, ServiceNow will send you and email with the Request ID. Another email will be sent when the clone has been completed.

Resolve MID Server Integration Issues in ServiceNow

  • During the cloning process, it will try to update the MID server for the DEV environment which may break the connection between the MID server and the ServiceNow DEV portal.
  • Navigate to MID Server>>>Downloads; under Windows Downloads and download the MSI version of the MID Server or navigate to the bottom and check-mark the Download MID Server as ZIP archive and download the Windows ZIP file.
  • Use the downloaded item to resolve the connection issue between the MID server and ServiceNow portal.

Resolve LDAP Integration for ServiceNow DEV

  • During the cloning process, it will try to update the LDAP server information for the DEV environment which may break the connection between the LDAP server and the ServiceNow DEV portal.
  • Navigate to System LDAP>>>LDAP Servers; select the custom LDAP integration in ServiceNow and make sure the MID Server field has the MID server for the ServiceNow DEV environment.
  • After that, scroll down and click on Test Connection to test the connection between the LDAP servers and the ServiceNow DEV environment.
  • Once the connection has been established, the LDAP server under the LDAP Servers URL will change from red to green.

Resolve SCCM/SCCMDB integration Issues in ServiceNow

  • During the cloning process, it will try to update the MID server for the DEV environment which may break the connection between the MID server and the ServiceNow DEV portal.
  • Navigate to MID Server>>>Downloads; under Windows Downloads and download the MSI version of the MID Server or navigate to the bottom and check-mark the Download MID Server as ZIP archive and download the Windows ZIP file.
  • Use the downloaded item to resync the MID server to the ServiceNow portal.

Create A Request To Upgrade ServiceNow Developer/Pilot/Test Environment

  • Navigate to Support.ServiceNow.com and sign in.
  • Another way to access the upgrade portal is to navigate to Upgrade Center>>>Upgrade Monitor>>>click on the Schedule Upgrade button to redirect you to the Support.ServiceNow.com.
  • Select the ServiceNow version you want to upgrade to and schedule the date and time for the upgrade.

Upgrade MID Server With Current ServiceNow platform

Review Skipped Logs

Navigate to Upgrade Center>>>Upgrade Monitor; review the skipped logs and select Review and Merge, Review and Maintain and Review and Revert.

Upload The Update Sets Back In The ServiceNow Test/DEV environment

Once the upgrade of the ServiceNow DEV environment has been completed, navigate to System Update Sets>>>Local Update Sets and import the XML files, that were initially exported, back into ServiceNow.

Test The ServiceNow Application Modules

  • After completing upgrade of the ServiceNow DEV environment, test the application modules in ServiceNow including Incident, Change, Problem, Service Catalog, Service Portal and Knowledge Base to make sure that everything is working as desired.

ServiceNow Production Instance Upgrade

  • Repeat the same steps for ServiceNow Production environment including;
    • Create a request to upgrade ServiceNow production environment
    • Upgrade MID Server with current ServiceNow platform
    • Resolve LDAP Integration for ServiceNow production environment
    • Resolve any issues for SCCM/SCCMDB integration in ServiceNow
    • Ensure that SMTP Office 365 integration in ServiceNow is working correctly
    • Review skipped logs
    • Test the modules

]]>
Intune PKCS Certificate deployment https://www.skoanowtechnologies.com/intune-pkcs-certificate-deployment/ Wed, 02 Oct 2024 03:10:25 +0000 https://www.skoanowtechnologies.com/?p=2580

Content

  • Setup a server where the Intune Certificate Connector application would be installed.
  • Setup a onpremise certificate authority
  • test2
]]>
SCRIPT to automatically create System restore points for Winodws devices https://www.skoanowtechnologies.com/script-tocreate-system-restore-point-for-winodws-devices/ Mon, 09 Sep 2024 01:45:48 +0000 https://www.skoanowtechnologies.com/?p=2567 SCRIPT to automatically create System restore points for Winodws devices Read More »

]]>

Content

  • Scripts to enable system restore or system protection
  • Script to add a registry value that allows creation of multiple restore points in a 24 hour period
  • Script to add a task schedule that creates a restore point automatically

Scripts To Enable System Restore Or System Protection

  • This can be done into ways; one is to wrap the powershell script in a batch script and the other is to use WMIC.exe to create a batch script
  • Powershell wrapped in batch script: PowerShell.exe -ExecutionPolicy Bypass -Command “Enable-ComputerRestore -Drive ‘C:'”
  • WMIC.exe batch script: C:\Windows\System32\wbem\WMIC.exe /namespace:\root\default Path SystemRestore Call enable “C:\”

Script To Add A Registry Value That Allows Creation of Multiple Restore Points In A 24 Hour Period

  • By default Windows operating system does not allow more than one restore point to be created within a 24 hour period. To overcome this limitation, you can use this batch script to add a registry value that allows more than one restore point to be created in a 24 hour period; reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore” /v SystemRestorePointFrequency /t REG_DWORD /d 0 /f

Script To Add A Task Schedule That Creates A Restore Point Automatically

  • Monthly Schedule: schtasks.exe /create /tn “Monthly Restore Point” /sc MONTHLY /d TUE /mo FIRST /st 10:00 /rl HIGHEST /ru “NT AUTHORITY\SYSTEM” /tr “PowerShell.exe -ExecutionPolicy Bypass -Command \”Checkpoint-Computer\” -Description \”AUTOMATIC-$(Get-Date -Format \”yyyyMMddHHmmss\”)\” -RestorePointType \”MODIFY_SETTINGS\””
  • Weekly Schedule: schtasks.exe /create /tn “Weekly Restore Point” /sc WEEKLY /d TUE /st 10:00 /rl HIGHEST /ru “NT AUTHORITY\SYSTEM” /tr “PowerShell.exe -ExecutionPolicy Bypass -Command \”Checkpoint-Computer\” -Description \”Weekly System Restore\” -RestorePointType \”MODIFY_SETTINGS\””
  • Daily Schedule: schtasks.exe /create /tn “Daily System Restore” /sc DAILY /st 09:00 /rl HIGHEST /ru “NT AUTHORITY\SYSTEM” /tr “PowerShell.exe -ExecutionPolicy Bypass -Command \”Checkpoint-Computer\” -Description \”AUTOMATIC-$(Get-Date -Format \”yyyyMMddHHmmss\”)\” -RestorePointType \”MODIFY_SETTINGS\””
  • tn=Task name; sc=schedule; d=Day; mo= st=Schedule time; rl=Run Level; ru=Run User; tr=Trigger

Combined Script for Daily Restore Point

@echo off

REM Enable System Protection or System Restore start /wait PowerShell.exe -ExecutionPolicy Bypass -Command “Enable-ComputerRestore -Drive ‘C:'”

REM Create Daily Restore Point
start /wait schtasks.exe /create /tn “Daily System Restore” /sc DAILY /st 09:00 /rl HIGHEST /ru “NT AUTHORITY\SYSTEM” /tr “PowerShell.exe -ExecutionPolicy Bypass -Command \”Checkpoint-Computer\” -Description \”AUTOMATIC-$(Get-Date -Format \”yyyyMMddHHmmss\”)\” -RestorePointType \”MODIFY_SETTINGS\””

REM Allow creation of multiple restore points in a 24 hour period
start /wait reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore” /v SystemRestorePointFrequency /t REG_DWORD /d 0 /f

Exit

  • If you are packaging this as a WIN32 app in Intune, you can set the detection rule using the presence of the “SystemRestorePointFrequency“registry value.
]]>
Deploy Android APK file in Intune https://www.skoanowtechnologies.com/deploy-android-apk-file-in-intune/ Fri, 23 Aug 2024 03:27:36 +0000 https://www.skoanowtechnologies.com/?p=2544
  • It is common knowledge among many Intune administrators that Line of Business (LOB) is the method for creating Android application using an APK file but this is only true for devices setup with the Targeted Platform as Android Device Administrator or Android Open Source Project (AOSP).
  • This means that LOB method cannot be used to package APK file for Android application deployment for Android Enterprise Personally-Owned Work Profile,Android Enterprise dedicated devices, Android Enterprise Fully Managed or Android Enterprise Corporate-Owned Work Profile; which is what most enterprise level organizations use.
  • To deploy the APK file successfully, you need to use Managed Google Play Private Store to make the available only in the Google Play store associated with the user’s tenant. It takes less time to publish and become available for distribution compared to a publishing it in Google play public store which may take a longer period for Google to vet and approve. This can take as low as 10 minutes to publish, approve and become available for distribution.
  • Navigate to Intune portal>>>Apps>>>click on Android>>>click Add; App Type (Managed Google Play Store) and click on Select.
  • Once you click Select, it will connect to your organizations Google Play Store which has been connected to Intune. Click on the “Lock” icon representing Private Apps to open the Managed Google Play Private Store; Title (My Private App); APK File (Upload the APK file here)>>>the application will indicate Not Available Yet and this make take between 10 to 20 minutes.
  • Once the application has been approved, the Not Available Yet will go indicating that it is available in the Google Play Store.
  • Click Search for Play Store icon and in the search area type the name of the application and click the Search icon.
  • Once the application displayed, click on it to open it, then click the Select button and then click the Sync button on the top-left to add the application to your application list; this may take 10 to 15 minutes to complete.
  • During the process, the message “Managed Google Play Sync in progress. Apps added in Managed Google Play will be created when the sync completes“, will be displayed on the top of your list of applications.
  • When the application is added, click on it and click on Properties on the left side of the page and in the Assignments area, add the desired group for the application to deployed to them.
]]>
ipad os case studies https://www.skoanowtechnologies.com/ipad-os-case-studies/ Sun, 04 Aug 2024 12:25:06 +0000 https://www.skoanowtechnologies.com/?p=2517 Android OS case studies https://www.skoanowtechnologies.com/android-os-case-studies/ Sun, 04 Aug 2024 12:24:36 +0000 https://www.skoanowtechnologies.com/?p=2515
DEPLOY ANDROID APK FILE IN INTUNE
]]>
ios case studies https://www.skoanowtechnologies.com/ios-case-studies/ Sun, 04 Aug 2024 12:21:43 +0000 https://www.skoanowtechnologies.com/?p=2511 macOS case studies https://www.skoanowtechnologies.com/intune-macos-case-studies/ Sun, 04 Aug 2024 12:20:41 +0000 https://www.skoanowtechnologies.com/?p=2509 Intune case studies https://www.skoanowtechnologies.com/intune-case-studies/ Sun, 04 Aug 2024 12:17:01 +0000 https://www.skoanowtechnologies.com/?p=2506