Jump to content


All Activity

This stream auto-updates     

  1. Today
  2. I know this is old but there are surprisingly few resources related to this task, which I would have thought would be very valuable in a replacement scenario. However, this script is kind of difficult to utilize for large numbers of computers. Instead, I think something that would copy collections from ALL source computers in the computer association list to all destination computers in the list would be a lot better for mass replacement scenarios. I don't suppose anyone has a starting point or any work related to a script that would copy collections from all source to all destination computers in the association list in SCCM? Thanks
  3. if you have no good backups then you are out of luck, i assume by encrypted you mean it has Ransomware encryption of some sort that has run rampant over your two (or more) servers, encrypting random files. If so you need to start fresh and make sure to focus on security this time, do you have any idea why it got infected before ? and why are there no good backups, that's a recipe for disaster by starting fresh i mean a complete server reinstall for each affected server, you must be 100% sure that there are no infected files lingering or you will be back to square one... whatever you do, don't pay the ransom, doing that would mean that the authors will profit at your expense and they will build even worse ransomware which you may get infected with again in the future.
  4. Also we do not have any good backups. Apparently the last backup restored of the cas sql database has some sort of windows update error when booting that saying it has over a hundred items in it's pending.xml file.
  5. So We have a CAS and Primary at one physical location and a primary at the other. The CAS and and it's sq server is completely encrypted at the main location and the other primary is also completely encrypted. The primary at the main site can be logged into but is in read only mode and has encrypted files as well, but not the whole system, seems to be a mix of SCCM and System Files. We want to start from scratch but want to be able to remove everything properly, even if it is a completely manual process. Need some good links / instructions. Most of what we found has the servers in good working order. I heard there is a site maintenance tool, but not sure if that is the route we need.
  6. Yesterday
  7. I resolved the issue by doing the following: 1.Under the Application properties select: Allow this application to be installed from the Install Application task sequence action instead of deploying it manually.2.Go to the User Experience tab and verify that the application will Install for system, whether or not a user is logged on.
  8. I have done a couple of these. We made sure automatic site assignment was not enabled and that site wide client push was not enabled. We then managed the subnets from both servers and did a client push from the CB server to effectively migrate them to the new environment.
  9. have you found a solution for this ? I am in the same boat. We need to run the new CB along with the current 2012 CM. But i am concerned about the overlapping boundaries. What if automatic site assignment is not configured, in that case, can we run side by side 2 config mgm in the same domain ? any help is much appreciated. thx Sarav
  10. Last week
  11. Hello Community So, I am configuring the UDI Front End that is part of MDT SCCM integrated setup. The issue I am running into is that when trying to configure the option: "Add Software To Group Wizard". As required I created a collection and deployed the software to that collection. BUT when I go back over into the UDI designer and search for the desired application, it shows up but is grey's out. I don't understand why. Since "OK" is also grey's out, I can't move past this point. Any advice would be greatly appreciated.
  12. I m having same problem in trust domain where multiple guid is created for same hardware id Tried above sql queries things dint worked out for me can anyone help me out.
  13. I resolved this by increasing the SMSCACHESIZE in the setup config manager client step in the OSD Task Sequence
  14. ok can you grab the app*.xml files and setup*.log stored in the $windows.~bt\Sources\Panther location after the windows upgrade failure, zip them up and attach them here i'll take a look.
  15. Everyone who attends the webinar has a chance of winning a VMware VCP course (VMware Install, Config, Manage) worth $4.5k! Climbing the career ladder in the IT industry is usually dependent on one crucial condition: having the right certifications. If you’re not certified to a specified level in a certain technology used by an employer, that’s usually a non-negotiable roadblock to getting a job or even further career progression within a company. Understanding the route you should take, and creating a short, medium, and long term plan for your certification goals is something everyone working in the IT industry must do. In order to do this properly you need the right information and luckily, an upcoming webinar from the guys at Altaro has you covered! Fast Track your IT Career with VMware Certifications is a free webinar presented by vExperts Andy Syrewicze and Luke Orellana on November 20 th outlining everything you need know about the VMware certification world including costs, value, certification tracks, preparation, resources, and more. In addition to the great content being discussed, everyone who attends the webinar has a chance of winning a VMware VCP course (VMware Install, Config, Manage) worth $4.5k! This incredible giveaway is open to anyone over the age of 18 and all you need to do to enter is register and attend the webinar on November 20 th ! The winner will be announced the day after the webinar via email to registrants. VMware VCP Certification is one of the most widely recognized and valued certifications for technicians and system administrators today however the hefty price tag of $4.5k puts it out of reach of many. The chance to get this course for free does not come along every day and should definitely not be missed! Register for the webinar and VCP Giveaway
  16. well it could be that your error is a hard block, did you check the appcompat logs to see if it was listed as a hard block ? you can't ignore hard blocks..
  17. yes i did but it keeps failing , here is part of the log: Windows upgrade progress: 0% OSDUpgradeWindows 04/11/2019 17:41:54 9176 (0x23D8) Windows upgrade progress: 12% OSDUpgradeWindows 04/11/2019 17:42:34 9176 (0x23D8) Process completed with exit code 3247440392 OSDUpgradeWindows 04/11/2019 17:43:30 10132 (0x2794) ExecuteWithTimeout returned Windows Setup process hexadecimal exit code 0xC1900208 (decimal 3247440392) OSDUpgradeWindows 04/11/2019 17:43:30 10132 (0x2794) Could not read Windows Setup progress regkey value 'SetupProgress' at 'HKLM\SYSTEM\Setup\MoSetup\Volatile'. Stopping UI progress. (0x800703fa) OSDUpgradeWindows 04/11/2019 17:43:34 9176 (0x23D8) Windows upgrade progress: 14% OSDUpgradeWindows 04/11/2019 17:43:34 9176 (0x23D8) Waiting for Windows Upgrade Setup process to return ... OSDUpgradeWindows 04/11/2019 17:43:34 9176 (0x23D8) Wait for event returned 0 OSDUpgradeWindows 04/11/2019 17:43:34 9176 (0x23D8) Windows setup completed with exit code hexadecimal 0xC1900208 (decimal 3247440392) OSDUpgradeWindows 04/11/2019 17:43:34 9176 (0x23D8) Saving exit code of Windows upgrade - hexadecimal 0xC1900208 (decimal 3247440392) - to Task sequence environment variable '_SMSTSOSUpgradeActionReturnCode', as decimal string OSDUpgradeWindows 04/11/2019 17:43:34 9176 (0x23D8) Windows setup in 'scanOnly' mode returned exit code hexadecimal 0xC1900208 ( decimal 3247440392) . Failing task sequence step. OSDUpgradeWindows 04/11/2019 17:43:34 9176 (0x23D8) See the list of error codes to identify the type of upgrade compatibility issue found. OSDUpgradeWindows 04/11/2019 17:43:34 9176 (0x23D8) upgrade.Run(), HRESULT=80004005 (upgradewindows.cpp,1779) OSDUpgradeWindows 04/11/2019 17:43:34 9176 (0x23D8) [ScanOnly]: Exiting with code 0x80004005 OSDUpgradeWindows 04/11/2019 17:43:34 9176 (0x23D8) Process completed with exit code 2147500037 TSManager 04/11/2019 17:43:34 7388 (0x1CDC) smsts.log
  18. you can adjust the Upgrade Operating System step there's a switch you can add to ignore these types of warnings, have you tried setting this step
  19. Earlier
  20. Thanks for the scripts and screen shorts. thanks again for lot of time you took creating them. I have tried the scripts but i am hitting a brick wall, please help. how can i confirm this using the script or what can i do to pass thru this stumbling block? see attached. N.B. this confirmation window pops up when upgrading manually. if there is a script to eliminate this problem, it will be greatly appreciated! Regards
  21. Just in case my solution helps anybody suffering from this issue (0x80072ee2 error code). And without reinstalling WSUS. In my case I have 3 SUPs. Updates Deployments are usually going well for almost all the machines. However yesterday I had to deploy urgently a KB from 5 months ago to some machines that supposedly already should have been installed. Since most of the computers were able to deploy updates I thought of a specific problem on those PC's. I checked the SCCM client logs but nothing. Then I checked the C:\windows\windowsupdate.log (they are W7). There I found the infamous 0x80072ee2 error code. Nothing useful on the Internet. Tried to verify if there was a connection issue. Nope, the client can reach the WSUS/SUP TCP ports. Then I started realising that always the same SUP server was referenced where the error appeared. I logged into that server and restarted the "WSUS Server" service and tried running the updates scan again. Nothing seemed to happened, but then I read carefully the error description: SendRequestUsingProxy failed for <http://sup01.domain.com/Content/7A/BDB34A0FD82AA65E1E173D46371ACB9BAD142FDB.txt>. error 0x80072ee2. That URL didn't work from any computer, but switching to another SUP server it worked (http://sup02.domain.com/Content/7A/BDB34A0FD82AA65E1E173D46371ACB9BAD142FDB.txt). Went back to the "SUP01" server, opened IIS Manager, browsed to "SUP01\Sites\WSUS Administration" and clicked on the "Content" dir. Well, I must admit that I previously had a bad time with that folder because of our multiple SUP servers configuration so it was familiar. And there it was: At some moment the address of the network folder where WSUS Content dir was located was changed by SysAdmin requirements, and somehow that address was updated on every SUP (IIS) server but the SUP01. Once I set the proper path (via the Basic Settings button) I clicked on "Test Settings" to verify everything is correct. A new window with two green checks should be listed. Now you can clic on the virtual "Content" dir and all the folder content will be listed. There's one thing more to do: You need to restart the "WsusPool" Application Pool (it may take some time). Maybe you should want to restart the "WSUS Server" service. After that you should be able to browse the http://sup01.domain.com/Content/7A/BDB34A0FD82AA65E1E173D46371ACB9BAD142FDB.txt URL from anywhere, and of course, run a updates scan action. To sum it up: Find the failing SUP server from windowsupdate.log Try to browse the URL windowsupdate.log reported the 0x80072ee2 error code for. Login to that SUP server and open IIS Manager (not IIS 6 Manager, please). Browse to "SUP01\Sites\WSUS Administration" and click on "Content". If the content of this folder is not expanded, then there's a problem with IIS accessing to this folder, which translates to SUP not working. With the focus on the "Content" folder click on the "Basic Settings" in the "Actions" pane. Make sure the specified "Physical path" exists and it's the one you specified when you set up WSUS. Click on "Test Settings". If both check actions don't return a green check, please make sure the server IIS account or the alternative user account you may have specified in "Connect as" button has the proper rights specified by the WSUS documentation. Once the "Test Settings" button returns two green checks, save the changes and try to browse the virtual "Content" dir from the IIS Manager. If the browsing succeeded, go to "Application Pools" and restart (I did Stop/Start) the "WsusPool". Finally, maybe you would like to restart the "WSUS Server" service on the SUP server. This post is provided AS-IS with no warranties or guarantees and confers no rights. Use these information at your own risk.
  22. that's actually a good idea! will standalone media work for joining PC to AD? (the PC has full network access to AD etc, only the primary server will be offline)
  23. you can use StandAlone media which doesn't require a network connection and therefore doesn't need to speak to the management point https://docs.microsoft.com/en-us/configmgr/osd/deploy-use/create-stand-alone-media
  24. first things first do you have any details of what files were over written/infected ? and do you have valid virus free backups of the database and all other software
  25. We were hacked and have the ryuk virus on our sql server. What would you recommend as the steps to do a rebuild. How do we clean up anything that remains in AD as well as making sure we have a clean install and avoid any issues with discovery, clients, AD containers, policies, ect. Are there any articles to deal with this situation. We did not have an redundancy. . We have a 2 primary and 1 cas. Also is the cd.latest on the primary server server usable for reinstallation if it wasn't infected?
  26. hello, is it possible to proceed with OS deployment while the primary server is offline? this is assuming the deployment is taking place within a boundary that is served by a secondary site. is there any way to make the deployment work while primary server is offline? thanks!
  27. Google Chrome decided to spook its users this Halloween by issuing an update that fixes 2 new use-after-free vulnerabilities "CVE-2019-13720" and "CVE-2019-13721", of which CVE-2019-13720 is already exploited in the wild. Use-after-free flaw, which in the least could result in a crash or could be leveraged by an attacker to run arbitrary codes or even enable remote code execution. CVE-2019-13720 - affects the Chrome's audio component. CVE-2019-13721- affects the PDFium library. Google also announced, "Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed." Resolution: To stay secure against the aforementioned vulnerabilities, kindly update your systems to the latest chrome version 78.0.3904.87 by deploying the following patches using Patch Connect Plus, an integration software for third-party patching for SCCM: Patch ID: 311540 (64 bit) 311539 (32 bit) Happy patching! Stay secure!
  1. Load more activity
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...