Hello,
My apologies for the radio silence on the blog, its been a very busy time, I'll look to update everyone with some System Center R2 stuff once I've sorted my test lab out.
This is my journey on trying to find the Private Cloud, SCCM and all things System Center. Read, Enjoy, Comment.
Tuesday, 20 August 2013
Thursday, 27 June 2013
How to set the Computer Name to a the Serial Number during OSD SCCM 2012 SP1
Hello,
Its 11:30pm on a Thursday, I was falling asleep but I shot out of bed in the realization that I have wanted to post this for a while now, so I just got up and did it!
Scenario
Lets assume you have a bunch of PC's and you want to come up with a naming solution to automatically re-name them as part of the OSD, the serial number is a good idea and its almost guaranteed to be unique, right? Correct. Now some people will advise that you run a script or use WSNAME amongst other solutions, and these solutions do work, but I have recommend this much simpler solution instead for SCCM 2012 SP1.
My client had a requirement that the company's acronym formed the formed the first part of the PC name, followed by a number.
For example, AAAA1234
Now I will assume that you have SCCM 2012 SP1 installed with MDT and you have configured Config Manager integration, if you don't fear not, I have document the entire process here (http://heinrichandsccm.blogspot.co.uk/2013/04/how-to-setup-and-configure-sccm-2012.html)
This is how its done
First we need to edit the task sequence, so you need to add 3steps the first is the "Use MDT Package" step just after your "Apply OS" step
The next step is "Gather" and ensure you set it to "Gather only local data (do not process rules)"
The third step is the "Set Computer Name" step this is done by adding a "Set Task Sequence Variable" this can done by clicking "Add" from the menu above your task sequence and looking for the "Set Task Sequence Variable" option. You can now rename this to Set Computer Name for example.
Make sure you have the following in place as shown below, you will need the sequence variable to set to OSDComputerName. The value can then be set to %SERIALNUMBER%
Once saved you can then alter this slightly to AAAA%SERIALNUMBER% this will then change the Computer Name to AAAA123456 if "123456" was the serial number.
One last important note please make sure you test this before mass roll out, and also that you make 100% sure that you have added these steps after Apply OS and before the Apply Windows Settings step.
Enjoy
Its 11:30pm on a Thursday, I was falling asleep but I shot out of bed in the realization that I have wanted to post this for a while now, so I just got up and did it!
Scenario
Lets assume you have a bunch of PC's and you want to come up with a naming solution to automatically re-name them as part of the OSD, the serial number is a good idea and its almost guaranteed to be unique, right? Correct. Now some people will advise that you run a script or use WSNAME amongst other solutions, and these solutions do work, but I have recommend this much simpler solution instead for SCCM 2012 SP1.
My client had a requirement that the company's acronym formed the formed the first part of the PC name, followed by a number.
For example, AAAA1234
Now I will assume that you have SCCM 2012 SP1 installed with MDT and you have configured Config Manager integration, if you don't fear not, I have document the entire process here (http://heinrichandsccm.blogspot.co.uk/2013/04/how-to-setup-and-configure-sccm-2012.html)
This is how its done
First we need to edit the task sequence, so you need to add 3steps the first is the "Use MDT Package" step just after your "Apply OS" step
The next step is "Gather" and ensure you set it to "Gather only local data (do not process rules)"
The third step is the "Set Computer Name" step this is done by adding a "Set Task Sequence Variable" this can done by clicking "Add" from the menu above your task sequence and looking for the "Set Task Sequence Variable" option. You can now rename this to Set Computer Name for example.
Make sure you have the following in place as shown below, you will need the sequence variable to set to OSDComputerName. The value can then be set to %SERIALNUMBER%
Once saved you can then alter this slightly to AAAA%SERIALNUMBER% this will then change the Computer Name to AAAA123456 if "123456" was the serial number.
One last important note please make sure you test this before mass roll out, and also that you make 100% sure that you have added these steps after Apply OS and before the Apply Windows Settings step.
Enjoy
Sunday, 9 June 2013
SCCM 2012 SP1 Remote Control/Tools Only
Ola,
I was asked provide instructions to install the SCCM console on a few desktops so that the security team can use it for Remote Tools (Control) only ...
I didn't install the console for anyone. And neither should you, instead you just need to complete the following to give your analysts the ability to use Remote Control and nothing else.
So, to do this you will need to do the following.
Firstly make sure that you add the names of the technicians you want to have access to remote tools into the Remote Tools Operators role based security group in the Administration workspace in the SCCM console.
Next, from the file directory where the SCCM console is installed (C:\Program Files\Microsoft Configuration Manager\AdminConsole\bin\i386) copy the following files into a New Folder (Name it whatever you like)
1. 00000409 (Its a folder, copy the entire folder)
2. CMrCVieiwer (Application)
3. RdpCoreSccm.dll
Place these files onto a pen drive or somewhere sensible on the technicians PC, next you can launch the CmRcViewer application, enter the PC name of the target PC, and away you go.
Enjoy - Any questions please let me know.
I was asked provide instructions to install the SCCM console on a few desktops so that the security team can use it for Remote Tools (Control) only ...
I didn't install the console for anyone. And neither should you, instead you just need to complete the following to give your analysts the ability to use Remote Control and nothing else.
So, to do this you will need to do the following.
Firstly make sure that you add the names of the technicians you want to have access to remote tools into the Remote Tools Operators role based security group in the Administration workspace in the SCCM console.
Next, from the file directory where the SCCM console is installed (C:\Program Files\Microsoft Configuration Manager\AdminConsole\bin\i386) copy the following files into a New Folder (Name it whatever you like)
1. 00000409 (Its a folder, copy the entire folder)
2. CMrCVieiwer (Application)
3. RdpCoreSccm.dll
Place these files onto a pen drive or somewhere sensible on the technicians PC, next you can launch the CmRcViewer application, enter the PC name of the target PC, and away you go.
Enjoy - Any questions please let me know.
Tuesday, 4 June 2013
The Desktop Team - Path to Windows 8
One and all,
I have some good news, I have recently been invited to join the Desktop Team as a blogger.
I am however sad to say that I haven't had the time to actually start putting anything on the new blog as of yet.
But, we are hosting a brilliant event on the "Path to Windows 8". Its going to be a brilliant day away from the office discussing all things System Center and Windows 8. I promise you a line up MVP's and wonderfully talented people sharing their knowledge.
Details on the event can be found here ... https://thedesktopteam.com/events/
I hope to see some of you in London.
I have some good news, I have recently been invited to join the Desktop Team as a blogger.
I am however sad to say that I haven't had the time to actually start putting anything on the new blog as of yet.
But, we are hosting a brilliant event on the "Path to Windows 8". Its going to be a brilliant day away from the office discussing all things System Center and Windows 8. I promise you a line up MVP's and wonderfully talented people sharing their knowledge.
Details on the event can be found here ... https://thedesktopteam.com/events/
I hope to see some of you in London.
Friday, 24 May 2013
SCCM 2012 SP1 How to boost PXE boot speed
This is a very simple trick I picked up to boost PXE boot, from the distribution point complete the following
From HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\DP
Add a QWORD value (for 64bit Server OS , I'm using Server 2012) and call it RamDiskTFTPBlockSize
Give it a Hexadecimal value of "4000" or a decimal value of "16384".
I wouldn't advise you go higher than this, but you can drop it if need be.
PXE boot again and you will see a increase in speed.
Enjoy
:)
From HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\DP
Add a QWORD value (for 64bit Server OS , I'm using Server 2012) and call it RamDiskTFTPBlockSize
Give it a Hexadecimal value of "4000" or a decimal value of "16384".
I wouldn't advise you go higher than this, but you can drop it if need be.
PXE boot again and you will see a increase in speed.
Enjoy
:)
Thursday, 16 May 2013
SCCM 2012 SP1 Management Point error "Call to HttpSendRequestSync failed for port 80/443 with status code 500, text: Internal Server Error"
Tell you what, I have to blame my sales team for this error. Let me explain, they like to push the latest and greatest and that's fine, until you forget old trick of the trade as you have been working with Windows Server 2012 since before it was officially launched ...
So, SCCM 2012 SP1 Management Prole on Windows Server 2008 R2, you need to register ASP.NET v4 with IIS. If you don't you will see the error below in your mpcontrol.log or in the System State Messages in the monitoring workspace.
P.S you don't have to run this on Windows Server 2012 as it used .NET v4 by default.
Solution:
Run the following elevated command prompt on the affected Management Point.
Enjoy.
So, SCCM 2012 SP1 Management Prole on Windows Server 2008 R2, you need to register ASP.NET v4 with IIS. If you don't you will see the error below in your mpcontrol.log or in the System State Messages in the monitoring workspace.
Call to HttpSendRequestSync failed for port 80/443 with status code 500, text: Internal Server ErrorNow I would like to point out that with SCCM 2012 pre SP1 this was never an issue as it uses .NET 3.5.
P.S you don't have to run this on Windows Server 2012 as it used .NET v4 by default.
Solution:
Run the following elevated command prompt on the affected Management Point.
cd /d %windir%\Microsoft.Net\Framework64\v4*Any questions please ask.
aspnet_regiis –i –enable
Enjoy.
Wednesday, 15 May 2013
SCUP for Windows Server 2012 (SCCM 2012 SP1)
Good news, Microsoft have finally update their documentation to show that Windows Server 2012 and SCUP can now play ball together.
I have also managed to integrate this with SCCM 2012 SP1 and its working like a charm.
http://blogs.technet.com/b/configmgrteam/archive/2013/05/14/support-announcements-for-may-2013.aspx
Enjoy
I have also managed to integrate this with SCCM 2012 SP1 and its working like a charm.
http://blogs.technet.com/b/configmgrteam/archive/2013/05/14/support-announcements-for-may-2013.aspx
Enjoy
Labels:
SCCM SP1,
SCUP,
System Center 2012,
Windows Server 2012
Location:
London, UK
HTTP Error 500.19 - Internal Server Error - SCCM 2012 SP1 - Windows Server 2012 - WSUS x64
Hello,
I noticed that I was getting a lot of red crossed under my site components and that my default website was chucking out the following error after a WSUS install on the local SCCM server.
HTTP Error 500.19 – Internal Server Error
The requested page cannot be accessed because the related configuration data for the page is invalid.
This was also the case when trying to access http://localhost/ccm_client and application portals.
I had a look at the ApplicationHost.config file and noticed that suscomp.dll was installed by WSUS.
Resolution
1. Go to C:\windows\system32\inetsrv\config and locate the ApplicationHost.config file
2. Open it with notepad and look for the following lines below
I noticed that I was getting a lot of red crossed under my site components and that my default website was chucking out the following error after a WSUS install on the local SCCM server.
HTTP Error 500.19 – Internal Server Error
The requested page cannot be accessed because the related configuration data for the page is invalid.
This was also the case when trying to access http://localhost/ccm_client and application portals.
I had a look at the ApplicationHost.config file and noticed that suscomp.dll was installed by WSUS.
Resolution
1. Go to C:\windows\system32\inetsrv\config and locate the ApplicationHost.config file
2. Open it with notepad and look for the following lines below
scheme name=”xpress” doStaticCompression=”false” doDynamicCompression=”true”3. The following command needs to be run to disable the suscomp.dll that was installed when the WSUS server role was installed, Im not 100% sure but from what I could see compression schemes are in every application pool and when WSUS x64 was installed the suscomp.dll chucks out the 500.19 error when its trying to load the x86 application pool. So from an elevated command prompt running the following.
dll=”C:\Windows\system32\inetsrv\suscomp.dll” staticCompressionLevel=”10″
dynamicCompressionLevel=”0″ />
%windir%\system32\inetsrv\appcmd.exe set config -section:system.webServer/httpCompression /-[name='xpress']4. If you need to re-enable this just change it slightly and run this command.
%windir%\system32\inetsrv\appcmd.exe set config -section:system.webServer/httpCompression /+[name='xpress',doStaticCompression='false',dll='%windir%\system32\inetsrv\suscomp.dll']
Wednesday, 8 May 2013
Cumulative Update 1 for System Center 2012 Configuration Manager Service Pack 1
Hello,
Just to make everyone aware that CU1 for SCCM 2012 SP1 is available from here (this is also the source of the blog post) http://support.microsoft.com/kb/2817245
I would only ever recommend installing the update if you are affected by any of the issues below.
The following cmdlets are added to the PowerShell module:
As some more and more of the issues become visible after the installation I will document these as I find them
Just to make everyone aware that CU1 for SCCM 2012 SP1 is available from here (this is also the source of the blog post) http://support.microsoft.com/kb/2817245
I would only ever recommend installing the update if you are affected by any of the issues below.
What Microsoft Fixed
Administration Console- A Discovery Data Record (DDR) that contains organizational unit (OU) paths that are longer than 220 characters are not processed. The DDM.log file on the site server contains event messages that resemble the following:
- CDiscoverySource::ValidateSchema - array property User OU Name cannot expand size so rejecting.
- CDiscoverDataManager::ProcessDDRs - Unable to update data source
- The "Allow clients to use a fallback source location for content" option is missing from the "Distribution Points" tab of the package properties
- Replication Configuration Manager incorrectly reports the link status as Degraded, and then reports the status as Active one minute later
- Site replication fails after a site database is restored to a new server. Additionally, the Rcmctrl.log file contains the following error message:
- ERROR: Received unhandled SQL exception, printing info and throwing it again. This will be retried in next cycle.
SqlException number: [8115]
ERROR: Exception message: [Arithmetic overflow error converting expression to data type int.~~The 'spGetChangeTrackingMinValidVersion' procedure attempted to return a status of NULL, which is not allowed. A status of 0 will be returned instead.]
- System Center 2012 Configuration Manager does not support the Mac OS X 10.8 Mountain Lion client. To obtain the Mac OS X 10.8 client, go to the following Microsoft Download Center website: http://www.microsoft.com/en-us/download/details.aspx?id=36212
- The Configuration Manager client cannot be installed on devices that contain newer ARM processors. Additionally, the following error message is logged in the DmClientSetup log file:
- Fail to get the CAB file name because of unsupported processor type: 0
- The Allow clients to share content with other clients on the same subnet option in the properties of a Software Update Group Deployment is ignored. Additionally, the DataTransferService.log file contains the following message:
- Not using branch cache option.
- When a custom port is configured for software updates, an Internet only client may append the custom port to the URL for the Windows Update service. Additionally, when the custom port is set to 880, log entries that resemble the following may be logged in the DataTransferService.log file:
- UpdateURLWithTransportSettings(): OLD URL - http://download.windowsupdate.com/msdownload/update.cab
- UpdateURLWithTransportSettings(): NEW URL - http://download.windowsupdate.com:880/msdownload/update.cab
- The Schedule Updates Wizard does not list content for Windows Server 2012. For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base: http://support.microsoft.com/kb/2793237
- FIX: The Schedule Updates Wizard does not list content for Windows Server 2012 in System Center 2012 Configuration Manager Service Pack 1
- The MicrosoftPolicyPlatformSetup.msi file is now correctly signed.
- The selection of multiple targeted applications in Software Center will fail if the calendar region is set to Arabic (Saudi Arabia). Additionally, Software Center displays the following error message:
- Software Center cannot be loaded. There is a problem loading the required components for Software Center. You can try launching Software Center at a later time. If the problem continues, you can contact your helpdesk.
- The hardware inventory on a computer that is running a 32-bit version of Windows Server 2003 R2 may cause the Wmiprvse.exe process to exit unexpectedly. Additionally, when you view the results of the fault, the details of the fault resemble the following:
- Faulting application wmiprvse.exe, version 5.2.3790.4455, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x00056b1d
- PXE support is added for IA-32 EFI computers.
- When the Clear-CMPxeDeployment cmdlet is run, you receive the following error message:
- The method or operation is not implemented.
- When the Update-CMDistributionPoint –DeploymentTypeName cmdlet is run, you receive the following error message:
- Key not Found Exception.
- When the New-CMDeviceCollection cmdlet is run, the refreshschedule parameter is not defined in the NewByLimitName parameter set.
- When the New-CMDeviceCollection cmdlet is run together with the LimitingCollectionName option, the cmdlet is unsuccessful. Additionally, you receive the following error message:
- Unable to cast object of type 'Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlArrayItems' to type'System.Management.ManagementBaseObject'.
- When the .GetType method is used for the object that is returned by the New-CMSchedule cmdlet, the method is unsuccessful. Additionally, you receive the following error message:
- The adapter cannot get property "GetType" for instance of SMS_ST_RecurInterval.
- When the Import-CMComputerInformation -CollectionName "All Systems" -ComputerName "Computer01" -MacAddress "xx:xx:xx:xx:xx:xx" command is run, the command is unsuccessful. Additionally, you receive the following error message:
- WARNING: The collection All Systems does not exist or is not suitable for adding the new device.
The following cmdlets are added to the PowerShell module:
- Add-CMDistributionPoint
- Import-CMAntiMalwarePolicy
- Import-CMDriver
- New-CMAppVVirtualEnvironment
- New-CMMigrationJob
- New-CMPackage
- New-CMSoftwareUpdateAutoDeploymentRule
- New-CMTaskSequence
- New-CMTaskSequenceInstallUpdateAction
- New-CMTaskSequenceMedia
- New-CMUserDataAndProfileConfigurationItem
- Remove-CMTaskSequenceInstallUpdateAction
- Set-CMTaskSequenceGroup
- New-CMTaskSequenceGroup
- Remove-CMTaskSequenceGroup
- Set-CMApplicationCatalogWebsitePoint
- Set-CMAppVVirtualEnvironment
- Set-CMClientPushInstallation
- Set-CMClientSetting
- Set-CMDistributionPoint
- Set-CMDriver
- Set-CMEndpointProtectionPoint
- Set-CMEnrollmentPoint
- Set-CMEnrollmentProxyPoint
- Set-CMHierarchySetting
- Set-CMManagementPointComponent
- Set-CMOperatingSystemImageUpdateSchedule
- Set-CMOutOfBandManagementComponent
- Set-CMReportingServicePoint
- Set-CMSite
- Set-CMSoftwareUpdateAutoDeploymentRule
- Set-CMSoftwareUpdatePointComponent
- Set-CMStateMigrationPoint
- Set-CMStatusSummarizer
- Set-CMSystemHealthValidatorPointComponent
- Set-CMTaskSequence
- Set-CMTaskSequenceInstallUpdateAction
- Set-CMUserDataAndProfileConfigurationItem
- Start-CMDistributionPointUpgrade
As some more and more of the issues become visible after the installation I will document these as I find them
Thursday, 2 May 2013
How to unisntall SCCM 2012 SP1 agent/client
Got a mail asking how to uninstall the SCCM agent, this is how ...
From the command promt type (Start>Run>cmd)
C:\Windows\system32> cd\
C:\>cd windows
C:\windows> cd ccmsetup
C:\Windows\ccmsetup>ccmsetup /uninstall
Keep an eye on the un-installation using the log files from C:\Windows\ccmsetup\ccmsetup.log
Once that's complete delete the following files in bold
C:\Windows\ccmsetup
C:\Windows\ccm
C:\Windows\SMSCFG.ini
My friend Matt also reminded me to remove the Machine Certs from the SMS store
To do this
Start>Run>MMC>Click File>Add/Remove Snap-in...>Certificates>Click Add>Computer Account>Local Computer>SMS
Delete the certificates in the SMS store.
Enjoy
From the command promt type (Start>Run>cmd)
C:\Windows\system32> cd\
C:\>cd windows
C:\windows> cd ccmsetup
C:\Windows\ccmsetup>ccmsetup /uninstall
Keep an eye on the un-installation using the log files from C:\Windows\ccmsetup\ccmsetup.log
Once that's complete delete the following files in bold
C:\Windows\ccmsetup
C:\Windows\ccm
C:\Windows\SMSCFG.ini
My friend Matt also reminded me to remove the Machine Certs from the SMS store
To do this
Start>Run>MMC>Click File>Add/Remove Snap-in...>Certificates>Click Add>Computer Account>Local Computer>SMS
Delete the certificates in the SMS store.
Enjoy
Labels:
Agent,
Config Mgr,
System Center 2012
Tuesday, 30 April 2013
SCCM 2012 SP1 Remote Distribution Point installation Failure with Server 2012 on VMware 5.x or 4.x
Had a strange issue that took a long while to get fixed.
Issue:
I was given a Windows Server 2012 vm running on ESXi 5.1 that had a C:\ for the OS and a D:\ (220GB) for holding distributed data from the primary SCCM server. So for all intended purposes, this was a standard remote distribution point.
I tried to install the DP role onto the new server and it failed every time, tried to access the D:\ remotely from the primary and access was denied, tried setting every permission known to man and it still failed.
Solution:
The D:\ appeared as removable devices instead of your conventional hard drive.
So to resolve this and get the role installed from your CAS/Primary server complete the following.
To disable HotPlug capability by editing the
Issue:
I was given a Windows Server 2012 vm running on ESXi 5.1 that had a C:\ for the OS and a D:\ (220GB) for holding distributed data from the primary SCCM server. So for all intended purposes, this was a standard remote distribution point.
I tried to install the DP role onto the new server and it failed every time, tried to access the D:\ remotely from the primary and access was denied, tried setting every permission known to man and it still failed.
Solution:
The D:\ appeared as removable devices instead of your conventional hard drive.
So to resolve this and get the role installed from your CAS/Primary server complete the following.
- Connect to the ESXi/ESX host or vCenter Server using the vSphere Client.
- Power off the virtual machine.
- Right-click the virtual machine and click Edit Settings.
- Click the Options tab.
- Click General > Configuration Parameters > Add Row.
- Insert a new row with the name
devices.hotplug
and a value offalse
. - Power on the virtual machine.
To disable HotPlug capability by editing the
.vmx
file:- Power off the virtual machine.
- Access the ESXi/ESX service console using an SSH client.
- Open the virtual machine configuration file (
.vmx
) in a text editor. The default location is:/vmfs/volumes/datastore_name/vm_name/vm_name.vmx
- Add the line:
devices.hotplug = "false"
Note: This setting does not interfere with HotPlug CPU/memory.
- Save and close the file.
- Power on the virtual machine.8
- Create a new snapshot of the parent virtual machine:
- In the vSphere Client, right-click the parent virtual machine and click Snapshot > Take Snapshot.
- Give the snapshot a name and description.
- Click OK.
- Recompose the affected pools to this new snapshot:
- In the View Manager console, select a pool and open it.
- Click View Composer > Recompose, and select the newly created snapshot.
- Click Next.
- Configure the Schedule and Warnings options.
- Click Next.
- Review the confirmation information.
- Click Finish and verify that the recompose operation successfully completes.
- Repeat the recompose procedure for all affected pools.
Tuesday, 16 April 2013
SQL Service Broker (SCCM 2012 SP1)
Afternoon
Had a nightmare installing SCCM 2012 SP1 on a remote SQL 2012 SP1 instance. The default ports were changed around in SQL
The SQL Server Service Broker (SSB) is used to replicate data between database sites. You will need to specify a port that needs to be used by SCCM. So remove the dynamic ports (leave then blank and not at "0") and specify the port at 1433 (only if its changed).
You can view what port the SSB is using by running the following query on the SCCM SQL server.
SELECT name, protocol_desc, port, state_desc FROM sys.tcp_endpoints WHERE type_desc = 'SERVICE_BROKER'
Enjoy.
Had a nightmare installing SCCM 2012 SP1 on a remote SQL 2012 SP1 instance. The default ports were changed around in SQL
The SQL Server Service Broker (SSB) is used to replicate data between database sites. You will need to specify a port that needs to be used by SCCM. So remove the dynamic ports (leave then blank and not at "0") and specify the port at 1433 (only if its changed).
You can view what port the SSB is using by running the following query on the SCCM SQL server.
SELECT name, protocol_desc, port, state_desc FROM sys.tcp_endpoints WHERE type_desc = 'SERVICE_BROKER'
Enjoy.
Friday, 5 April 2013
WSUS - SCCM 2012 SP1 Communication Ports on Windows Server 2012
I had a question regarding WSUS ports in SCCM 2012 SP1.
These have changes slightly, older versions of WSUS used ports 80 and 443. In Server 2012 the new ports are 8530 for HTTP and 8531 for HTTPS. I did have to change these manually after applying SCCM 2012 SP1, so please check these after an upgrade.
Hope this answers it.
These have changes slightly, older versions of WSUS used ports 80 and 443. In Server 2012 the new ports are 8530 for HTTP and 8531 for HTTPS. I did have to change these manually after applying SCCM 2012 SP1, so please check these after an upgrade.
Hope this answers it.
WSUS and SCCM 2012 SP1 - How to ease the pain
Hello,
I have been asked a few times now if I have seen the recent influx of problems with SCCM 2012 SP1 and WSUS. The error that's mentioned most often is the "Site component manager failed to install this component, because it either can’t find or can’t configure Windows Server Update Services (WSUS). Possible cause, WSUS service is not installed or running" error.
You will also see errors 1016 and 4968 in the "WSUS Control Manager Component" the cause of these errors are due to some missing patches. Please apply the missing patches mentioned below, as without these the errors will keep appearing and you wont be able to add additional Software Update Points.
KB2734608: http://support.microsoft.com/kb/2734608
KB2720211: http://support.microsoft.com/kb/2720211
These patches do work, I installed them on my test lab and they solved the problem.
*Please note that these aren't available if you are on Windows Server 2012
I have been asked a few times now if I have seen the recent influx of problems with SCCM 2012 SP1 and WSUS. The error that's mentioned most often is the "Site component manager failed to install this component, because it either can’t find or can’t configure Windows Server Update Services (WSUS). Possible cause, WSUS service is not installed or running" error.
You will also see errors 1016 and 4968 in the "WSUS Control Manager Component" the cause of these errors are due to some missing patches. Please apply the missing patches mentioned below, as without these the errors will keep appearing and you wont be able to add additional Software Update Points.
KB2734608: http://support.microsoft.com/kb/2734608
KB2720211: http://support.microsoft.com/kb/2720211
These patches do work, I installed them on my test lab and they solved the problem.
*Please note that these aren't available if you are on Windows Server 2012
General access denied error when trying to mount ISO's on Hyper-V
Had massive issues trying to mount ISO's from a network share on a Hyper-V cluster a few weeks back and I wanted to take the time to pass on how I managed to solve this pain in backside...
So if you don't set up delegation for the host's you get that lovely "General access denied error" everytime you try and mount a file from a network share, this is what you need to do from Active Directory
From the DC complete the following,
So if you don't set up delegation for the host's you get that lovely "General access denied error" everytime you try and mount a file from a network share, this is what you need to do from Active Directory
From the DC complete the following,
- Launch Active Directory Users and Computers
- Locate the Hyper-V host and open it (don't forget to search for "Computers" and not users.)
- Open the Delegation Tab
- Click on the Trust this computer for delegation to the specified services only option
- Click the Use any authentication protocol option
- Click Add
- Click Users or Computer
- From the "Add Services" box click Users or Computers and specify the name of the network share that stores the ISO's and click OK
- Choose the cifs service and click OK
- Click OK
How to setup and configure SCCM 2012 SP1 UDI OSD with PXE and MDT 2012 (Windows Server 2012)
Hello,
I took
down a previous post regarding this subject as I wasn't 100% happy with it, I
got a few mails asking to put it back on, so here it is.
I gave it
a facelift and tried to reduce the number of steps.
A couple
of points as always.
- SCCM 2012 SP1 must be installed
- Windows Server 2012 must be installed
This
guide is shaped around a single site installation of SCCM 2012, but can be used
on a multi-server hierarchy. It’s assumed that you have SCCM SP1 installed and
you now wish to add PXE and MDT 2012 for UDI OSD.
NOTE: You will need SCCM 2012 SP1
to deploy Windows 8 (apologies if I'm teaching you how to suck eggs, it’s
just a common mistake)
Login to
your Windows Server 2012 instance that is hosting your SCCM 2012 SP1
environment and complete the following.
- Open Server Manager (click start and type Server Manager) click "Add roles and features"
- Install Windows
Deployment Services feature- accept all the defaults
(NOTE: This must be installed on the SCCM Distribution Point) - Depending on your setup this
step is optional. If you are running the DHCP role on the
same server that's hosting SCCM, you need to configure an extra few step.
3.1 From Server Manager open the WDS console.
3.2 Right click on your Server and select Configure Server - accept the defaults next, next, next etc.
NOTE: If the WDS service fails to start, you can start it manually from either services.msc or right click the server from the WDS console and select Start Service - If your DHCP serve is located elsewhere you will either need to add the distribution point server into the IPheler list or configure DHCP options for PXE for help in setting this up follow this link: http://blogs.technet.com/b/dominikheinz/archive/2011/03/18/dhcp-amp-pxe-basics.aspx
- Install the Microsoft Deployment Toolkit (MDT) Update 1 from this link: http://www.microsoft.com/en-gb/download/details.aspx?id=25175 - accept the defaults, next next finish.
- Launch SCCM, go to Administration, expand Site Configuration and click on Servers and Site System Roles. Under the Site System Roles right click on "Distribution Point" and select properties
- Next under the PXE tab,
select to "Enable PXE support for clients" and check the
appropriate boxes as shown below. Should you wish you set a password for
PXE boots, select "Require a password when computers use PXE"
and set a password.
NOTE: you can view the progress of enabling PXE from by looking at the distmgr.log located in C:\Program Files\Microsoft Configuration Manager\Logs - Next, from the
Administration workspace, click "Sites" (can be located
under Site Configuration) wait for the top ribbon to populate and
click Settings, Configure Site Components and select Software
Distribution as shown below.
This is where you will specify the network account to access the files used for software deployment, this account must have elevated permissions to the Distribution Point and clients. - Select the Network Access Account tab and specify the account that access the network locations. If the account you are using has sufficient privileges and this is not a production environment you could leave it as is.
- Next click on the Software Library workspace, expand the Operating Systems folder and click on Boot Images. Right click on both Boot Images (x86 & x64) and select Distribute Content click add, select Distribution Point, select the relevant Distribution Point and click next, finish.
- Next right click on Operating
System Images (located above the Boot Images) and click Add
Operating System Image. Navigate to the install.wim of your chosen OS.
NOTE: I would recommend that you create a share for your OS images and store them in a central location, ensure that account used has access to the file share where the OS images are located. for help on creating a share use this link: http://www.techrepublic.com/blog/networking/how-to-share-a-folder-in-windows-server-2012/6057 - Once the .wim file has been imported into SCCM, right click on it and distribute the content as explained in section 9.
- From the Start Menu, locate "Configure ConfigMgr Integration" the options should be pre populated with the SCCM site settings as this is taken from WMI. Click Next and Finish.
Well give
yourself a pat on the back as the fiddly configuration is now complete. We will
now create the User Driver Installation (UDI) task sequence.
- From the SCCM console click on the Software Library workspace and expand the Operating Systems folder, click on Task Sequences and choose Create MDT Task Sequence.
- Choose to create a Client Task Sequence template and click Next
- Give the task sequence a name and a description and click Next
- Next is the Details page, do NOT specify to join a domain as we will use MDT to configure this later, under the Windows Settings page specify your Organization Name and License Key (if you have one) and click Next.
- Under Capture Settings, leave this as default as we are not going to sysprep this deployment. Ensure that the option "This task sequence will never be used to capture an image" is selected and click Next.
- Under the Boot Image settings, click Browse under Specify an existing Boot Image package, and select the relevant boot image to be used as part of your deployment, so if it’s a 32bit OS, select the x86 Boot Image, and if it’s a 64bit OS select the x64 Boot Image and click Next
- Under MDT Package, select "Create a new Microsoft Deployment Toolkit Files package" next, navigate to your file share location (that you created under section 10) and create 3 new folders (you can name them however you see fit) and create one folder inside the other so it looks like this for example "\\SharedFolderName\MDT TS (new folder)\Toolkit (new folder) and \\SharedFolderName\MDT TS\Settings (new folder)" so if you open the "MDT TS" folder, you will see 2 folders called "Toolkit" and "Settings". Then copy the file path of the Toolkit folder location and paste this into the Create a new Microsoft Deployment Toolkit Files package file location or Browse to your newly created folder and click Next
- Under MDT Details provide a name, version etc ... and click Next
- Under OS Image click Browse under Specify an existing OS image and select the OS you imported into SCCM earlier and click OK and then Next
- Under Deployment Method select Perform a "User-Driven Installation" and click Next
- Under Client Package click Browse under "Specify an existing ConfigMgr client package" and select the "Microsoft Corporation Configuration Manager Client Package". This will install the SCCM agent onto the new machine once its been built using this task sequence. click OK and Next
- Under USMT Package click Browse under "Specify an existing USMT package" and select "Microsoft Corporation User State Migration Tool for Windows" click OK and click Next
- Under Settings Package select "Create a new settings package" and navigate to your Settings folder you created in section 7. Copy the location of the Settings folder into the "Package source folder to be created" under the Create a new settings package option and click Next.
- Under Settings Details, provide a name, version etc and click Next.
- Under Sysprep Package select "No sysprep package is required" and click Next.
- Review the Summary Page and click Next, Finish. Just await conformation and click Finish.
You will
now have a newly created Task Sequence in SCCM and you will also notice the
folders that were created earlier will be populated with all sorts of goodies.
We will now use the UDI wizard to customize our task sequence.
- Navigate to the toolkit folder you created in section 7 and go to the "Scripts" directory file location should look like this \\SharedFolderName\MDT TS\Toolkit\Scripts and copy the location of the scripts folder.
- Next click Start, and launch the UDI Wizard Designer application (you can also type the words UDI Wizard Designer) if it doesn't appear in the start menu
- Once the UDI Wizard Designer is launched click Open on the top ribbon and paste the scripts location you copied in step 1 into the address bar and locate the a file called UDIWizard_Config and click Open. This will now open the MDT task sequence we created earlier.
- Expand the StageGroup: New Computer
- Take the time to have a look at options that available in the wizard, to edit a section of the deployment, just double click it and change the settings within. You can also stipulate to manually join the domain at this screen. You can also remove steps that aren't relevant to you deployment.
- Also, from the top Ribbon click on "Configuration Manager" and enter your site server name and click Validate Site, the site code will them be populated and click OK
- Once you have changed the settings and you have a UDI task sequence you are happy with click the "Preview" option to view what it will look like if was deployed.
- Once you are happy click the Save As button and save your changes.
Now that
you have a custom UDI task sequence you will need to deploy the packages we
created earlier and present the task sequence to your machines via PXE.
- Launch SCCM and go to the Software Library workspace, and expand Application Management and click on Packages.
- Select the 3 MDT packages you created earlier, (Settings, Toolkit and USMT) and click Distribute Content, click Add, select Distribution Point and select your distribution and click Next, Next and Close
- Next, you will need to deploy your task sequence from the Software Library, expand Operating System and click on Task Sequence, select your task sequence and click Deploy.
- The Deploy Software Wizard will now launch, under Collection click Browse and select All Unknown Computers (this will present the task sequence to all new machines that are PXE booted) and click Next
- Under Deployment Settings leave the "Purpose" as Available and under "Make available to the following" select Configuration Manager clients, media and PXE and click Next.
- Under Scheduling make sure you specify when the task sequence is available
- Under User Experience leave the defaults and click Next
- Under Alerts you can specify to suppress alerts, but this is only relevant if you have a SCOM server and click Next
- Under Distribution Points set the Deployment options as "Download content locally when needed by running task sequence" and click Next
- Review the Summary and click Next and Close
And we
are DONE! You can now test a machine via a PXE boot and you should see the
following if the PXE boot is a success.
I hope
you have found this useful, please let me know if I have missed anything or if
you need any help.
H
Subscribe to:
Posts (Atom)