Skip to main content

Posts

Jamf Pro DEP Enrollment Sync failed: Communication error. Awaiting next sync

 This error catches me out every so often when a customer of mine gets new iPads and I have to enrol them.  It's often been some time since I've last done this job and sometimes the MDM Server token needs to be refreshed (for want of a better term) before sync can re-commence between Apple School Manager and the customer's MDM (in this case Jamf Pro). Here are the list of steps to take: Log in to Apple School Manager (ASM) in one browser tab, and your MDM in another tab. In ASM, click your account name on the bottom left, and click "Preferences". Under "Device Management Services" click on your MDM service (Jamf Pro in my case). Click "Download Token" and allow the p7m file to download. In your MDM service, you'll need to upload the p7m file into its "Server token file" area. In Jamf Pro, click into "Settings" and then go into "Automated device enrollment", which is in the "Global Management" area. Cl...
Post a Comment
Read more
Recent posts

Turn off "BitLocker waiting for activation"

This can be a pain when attempting to "sysprep" a PC's storage drive (usually the C: drive) or take an image of it using something like Acronis SnapDeploy.  In such cases, the software will complain about this BitLocker status. I keep forgetting about this every time I go to take an image! It isn't immediately obvious how to get around the issue... do you go for "Turn on BitLocker" and then turn if off when it has finished encrypting the drive?  Well you probably could if you had the time, but there's an easier way. Using the "manage-bde" tool via an administrative command line gives lots more options, and allows this to be turned off. Tip: handy way to open an admin command line is to hit  W  + R, then type "cmd" and then hit CRTL + Shift + Enter. Typing "manage-bde -status" will show you some more detail, but the command you need is: manage-bde -off c: This may take some time, depending on how much of the drive has already...
Post a Comment
Read more

Re-arm ESXI Evaluation License

Needed to get a little more time out of my ESXI trial so that I could migrate it to Hyper-V. This pair of commands came in very handy and gave another 60 days: rm -f /etc/vmware/vmware.lic /etc/vmware/license.cfg reboot To use them, you need to: Put your ESXI server into Maintenance Mode Enable Secure Shell access (SSH) Enable Console Access Then ssh to the server (in Windows 11 you can just type ssh username@serveripaddress and then enter password) Otherwise, you could use something like PuTTY ( https://www.putty.org/ ) Hope this helps.  
Post a Comment
Read more

Print Management Console Missing

I've encountered a few Windows 11 machines lately, some brand new, that haven't had the Print Management Console installed. Trying to run it from the Run menu using "printmanagement.msc" didn't work either. The fix is to run this from a command prompt:  dism /Online /add-Capability /CapabilityName:Print.Management.Console~~~~0.0.1.0
Post a Comment
Read more

DNS Dynamic Updates & DNS Scavenging

I was encountering an issue at a customer's site where the DNS records of their client PCs often would be behind or out of sync with the records in DHCP.  Usually the IP address would be older in DNS and this was causing issues with scripts executing and network tools correctly resolving client PC hostnames to their correct IP addresses. I realised I needed to make some changes to their dynamic DNS updating configuration.  After a lot of reading through Microsoft's documentation and various online forums, this is what I ended up configuring.  Hopefully this may help someone, some day: - Make the DHCP server a member of the "DnsUpdateProxy" group -  Create a new user account, in the "Users" OU, called "dnsdynamicupdates"   - This new user only needs to be a member of the "Domain Users" group - no special privileges   - Make the password strong and set it to never expire - Set this new user as the credentials used by the DCHP server in IPv4...
Post a Comment
Read more

Resolve WSUS Server issue that gives "Cannot save configuration because the server is still processing"

This is a pretty infuriating error and can sometimes crop up as a result of running a "wsusutil reset" command. First of all, give the server some time, and then a bit more...  but you've probably already done this. These steps may help to resolve the situation: - Install Microsoft SQL Management Studio (free download) - Run SQL Management Studio and start to connect to the WSUS database - Enter this in the "Server Name" box:  \\.\pipe\MICROSOFT##WID\tsql\query - Expand the "Databases" tree - Right-click on "SUSDB" and choose "New Query" - Paste this query in:     UPDATE tbSingletonData     SET ResetStateMachineNeeded = 0 - You should see a message like "1 row affected", which is good - Quit SQL Management Studio - Open "Services" and restart the "WSUS Service" - Now, open WSUS
Post a Comment
Read more

Convert Ruckus AP from Unleashed to ZoneDirector-managed

Here is the method to convert a Ruckus Unleashed AP to one which can be managed by a Ruckus ZoneDirector controller: - Login to https://support.ruckuswireless.com/ - Click "Downloads" - Choose the correct product, e.g. Ruckus R550 - Choose a "standalone" version along the lines of 118.2.0.0.875.bl7 or something similar - Agree to terms and download the software - Connect to the AP's IP address - It should open the setup wizard, showing "Unleashed Installation" - Click "Local Upgrade" - Choose the firmware image file you just downloaded - It will upload, process, and then be ready for upgrade when you click "Yes" - After this, the ZD should detect the new AP - The new AP will then need to be approved - The new AP will then be upgraded to the correct software by the ZD - The new AP will then reboot and should be ready to use - Don't forget that, for the ZD to even detect, let alone manage the new AP, it must have enough licenses
Post a Comment
Read more