Updating Windows Server 2016 Defender with SCCM

Recently I had to create a VMware deployment template for Windows Server 2016. I started with a vanilla installation but I also had to include a SCCM client.
Using the installation guidelines from a collegue for Windows Server 2012 R2 I installed the SCCM client with ccmsetup.exe and then waited for the SCEP client to install. Nothing happened…

The reason for this is that Windows Server 2016 comes with Windows Defender. To create the connection between SCEP and Windows Defender I had to install the SCEP client manually in the template.

When I deployed a new VM from this template I could see that the SCEP policies were downloaded from the SCCM server (via Help, About). But then I saw another issue; definition updates were not applied.

The reason was the same; Windows Server 2016 comes with Windows Defender. So I had to include this product in the Software Update Point…

So the guidelines for Windows Server 2016 are simple:
– run ccmsetup.exe (see this article)
– run scepinstall.exe (see this article)

And don’t forget to include Windows Defender in the product list…


Recover your Office 365 admin account

While studying for the 70-533 exam (which I passed) I purchased an Office 365 subscription and connected it to my Azure AD.  I added the domain name to Azure AD and also to Office 365.

After the exam I decided to clean up my Azure subscription and accidently deleted my Office 365 admin account…

So what to do? There are several articles about recovering accounts from Office 365 but they assume that you still have administrative access. And I didn’t.

First I tried to create a new user with the same username but that didn’t work. What did work was creating a new global administrator user with the same domain suffix and then recover the deleted user from the Office 365 admin center.