Jump to content


Leaderboard

Popular Content

Showing content with the highest reputation since 02/24/2020 in Posts

  1. Hi, I reviewed the Task Sequence (for which thanks a million!) and I believe the reason for 'error 87:parameter is not correct' in two of the steps you disabled for the time being is the wrong dism parameter: DISM.exe /image:%OSDisk%\ /Set-UILanguage:%OSDUILanguage% that should be-> DISM.exe /image:%OSDisk%\ /Set-UILang:%OSDUILanguage% Similarly Set-UILanguageFallback should be changed to Set-UILangFallback. I did not have enough time to test that one myself yet but according to DISM documentation Set-UILang is the parameter name that exists.
    2 points
  2. I was able to Solve my authenticate issue. While running the site install Powershell script, I had to give the group names as the Pre-Windows 2000 as they differed slightly.
    2 points
  3. Thanks for your guidance, it is a very helpful! I did all the steps on my test infrastructure, though I had a reduced set of virtual machines. It seems to me that there is an error in section 5 (maybe my comment will help other people) You suggest to execute the command: certutil -f -dspublish "E: \ ROOTCA_windows noob Root CA.crt" RootCA Where RootCA , as you write, is the host name of offline Root CA, however certutil helps us: CertUtil [Options] -dsPublish CertFile [NTAuthCA | RootCA | SubCA | CrossCA | KRA | User | Machine] ... CertFile - certificate file to
    2 points
  4. Make sure the MW is ENABLED. If you have these configured, but the checkbox is not checked, the MW is disabled and ignored. I was able to find this by running this report : Monitoring=> Overview=> Reporting => Reports =>Software Distribution -Collections => Maintenance windows available to a specified Client Here I saw that the MW was DISABLED, et voila, I had the explanation why my clients ignored the MW.
    1 point
  5. This first thing you are going to what to do is understand where the data that you want existing within CM. These two links will help you with that. https://docs.microsoft.com/en-us/mem/configmgr/develop/core/understand/sqlviews/software-updates-views-configuration-manager https://www.informit.com/store/system-center-configuration-manager-reporting-unleashed-9780134466811 .
    1 point
  6. this site will show you how to create the .ISO then use rufus to put the .iso on boot media.. I use USB drives http://www.sccm.ie/configure-sccm-2012/17-create-a-boot-image-for-os-deployment-without-pxe-environment
    1 point
  7. Introduction This multi-part guide will show you how to install the latest baseline version of Configuration Manager from Microsoft. The latest available baseline version is System Center Configuration Manager (Current Branch) version 1902 as of April the 10th 2019. I blogged how to upgrade to 1902 here. This guide is aimed a new installations of SCCM. Baseline media is used to install new ConfigMgr sites or to upgrade from supported versions, for more information about baseline media please see my blog post here. This series is broken down into the following parts:- Part 1 -
    1 point
  8. This series is comprised of different parts, listed below. Part 1 - Introduction and server setup Part 2 - Install and do initial configuration on the Standalone Offline Root CA Part 3 - Prepare the HTTP Web server for CDP and AIA Publication Part 4 - Post configuration on the Standalone Offline Root CA Part 5 - Installing the Enterprise Issuing CA Part 6 - Perform post installation tasks on the Issuing CA Part 7 - Install and configure the OCSP Responder role service Part 8 - Configure AutoEnroll and Verify PKI health (this part) In part 1
    1 point
  9. Yeh whilst an option i just decided to go the destroy way so we have packages to remove all the unneeded software and as mentioned above modified the office install to attempt to remove office whilst also supressing error codes. PSAPPDEPLOY code is Execute-Process -Path "$dirFiles\setup.exe" -Parameters "/CONFIGURE remove.xml" -ContinueOnError $true -IgnoreExitCodes '*' and remove xml is below - not sure i need the remove all true whilst also calling out products but the reality sometimes doesnt match the documentation with Microsoft <?xml version="1.0"
    1 point
  10. Awesome, I'm glad to hear it ! now make sure you check out the rest of my guides 🙂 There is plenty to learn (such as PKI, Tenant Attach, Bitlocker Management and more)
    1 point
  11. actually everything is now working! your guides worked perfectly, i just needed to back and understand and re-read the scripts! I am new to SQL so my understanding of media, service accounts etc was very very small. After using updated ssm18, new CU22 update, and making sure i am using the domain specified account mentioned my script.....Config Mgr passed with NO errors. Genuinely appreciate the time you dedicated into your guides, respect. -
    1 point
  12. Yes, 66 and 67 must be set to see the actual situation of the device When the number of VLANs is relatively small or when the switch setting does not support ip helper, You can set a distribution point for each vlan to solve the OSD problem.
    1 point
  13. 1 point
  14. i presume the collection is setup using a query, can you share the query so we can see what you are looking for... also, have you checked that the computer is actually present in that specific OU prior to ending up in the collection ?
    1 point
  15. Thanks. Very useful. Usually I use VPN services from this site.
    1 point
  16. That is cuz you are one crazy awesome dude Niall!!! Still have my fingers crossed that we get to have that drink this summer!! Waiting to find out if we are still going to have our CTG Summit in August! 🤙
    1 point
  17. if i had a vote left Marc i'd vote for it, did you tweet it yet ?
    1 point
  18. Added this a week ago: https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/40637050-provide-support-for-bitlocker-management-with-ibcm It could use some attention and more importantly some votes! 🤙
    1 point
  19. Having your Bitlocker Management keys stored on your on premise database (ConfigMgr) is an asset to many customers, and also gives you time to migrate to Intune and see the different ways it can manage your recovery keys, you could create an Azure web app proxy to connect back to the on-premise server handling the requests.
    1 point
  20. Hi Niall, I'm currently running MECM 2002 and I have followed your guides but I want to use the bitlocker encryption certificate so I have followed the Microsoft documentation. I have created the cert but I get and error when trying to produce the policy in MECM. The error is Plain text storage of recovery information required when the Bitlocker Management encryption certificate has not been deployed. Where do I have to deploy it too? I have two management points both on prem one is an IBCM both using HTTPS. Thank you EDIT: I had the policy open while I created the cert. Clo
    1 point
  21. Hi, i hope you didnt take that as a bad vibe. Im just unexperienced and learning sccm now. And since i cant copy paste on the server and also want to understand most of the things i just do it manually
    1 point
  22. Hi Martinez, if you are running a Proxy server in your environment run these command on your Management Point in an admin cmd. netsh winhttp set proxy proxy.fqdn:port "<local>;*.fqdn" bitsadmin /util /setieproxy localsystem NO_PROXY bitsadmin /util /setieproxy localsystem proxy.fqdn:port "<local>;*.fqdn" iisreset I was struggeling with the same problem for a long time. The IIS server has some serious problems when the IEProxy for local system is configured with AUTODETECT. That can result in various errors in Config Manager. The settin
    1 point
  23. Turns out no Software Update point is needed, just needed to add an Operating System Upgrade package and point it to the CORRECT folder...
    1 point
  24. Hello Shashi, you're very welcome and stay safe yourself too. So long Peter
    1 point
  25. 1 point
  26. Make sure you have a valid certificate bound to your IIS default site for the Distribution Point.
    1 point
  27. yup, for anyone wondering, in part 4 of my series you'll see how to do this silently, https://www.niallbrady.com/2019/11/13/want-to-learn-about-the-new-bitlocker-management-in-microsoft-endpoint-manager-configuration-manager/
    1 point
  28. are all packages failing to get to the dp ? or only some packages ? i'm confused about you mentioning PXe, what has that to do with packages getting to the dp, you need to fix the packages getting to the dp first and then concentrate on your other issues
    1 point
  29. you need to provide more detail about this distribution point, was it ever working ? have you tried to reinstall the DP role on this server ? you mention 'during the reimage of the device' what do you mean by that ?
    1 point
  30. did you look at your logs ? there are some errors in there, i've highlighted one for you
    1 point
  31. have you seen this yet ? https://techcommunity.microsoft.com/t5/configuration-manager-blog/cloud-management-gateway-addressing-common-challenges/ba-p/1351262?utm_source=dlvr.it&utm_medium=twitter
    1 point
  32. To answer your questions directly about one or two SQL instances for WSUS. Is that it will cause conflicts between the two WSUS Servers if they share a db. Aka if some deploys an software update (SU) on WSUS, it will get installed on CM clients too (outside of CM control). From the CM standpoint, CM will change that products and classifications existing within WSUS, including declining SU too. Thereby stopping any WSU deployment of that SU.
    1 point
  33. This will not be supported and you WILL have problem when you manage WSUS outside of SCCM for non-SCCM computer. There is NO problem having WSUS installed on the CM server with its own clean db.
    1 point
  34. Start with a Clean WSUS server using full SQL server.
    1 point
  35. you can use these guides to get going for server 2016 see below for server 2019 see below
    1 point
  36. you don't want to use an existing WSUS server. You want a fresh one that is use SQL database not WID.
    1 point
  37. Hi - link to the scripts.zip file no longer seems valid. I'm looking to do this can someone provide the link to the files? All sorted - Login first!! What a dummy!
    1 point
  38. A quick update on this — it seems likely that something is wrong with our SQL Server Cluster. I spun up a new one-node Failover Cluster to test this, and found that the PIPE\winreg endpoint did work on this new cluster. I think that makes it fairly clear that this should work and that the problem lies with our SQL Server cluster and not with ConfigMgr. So, we will look at trying to fix the SQL Server Cluster!
    1 point
  39. Introduction In Part 1 I showed you how you can configure BitLocker on Windows 10 devices using Microsoft Intune, but that method relies on the end user actually clicking on the notification in Windows and then continuing through the wizard until completion. In this post I'll show you how you can automate that part of the process, using an MSI that is based upon an MSI that was originally created by Pieter WigLeven. That MSI creates a scheduled task to run daily until the drive is encrypted. Pieter's solution was great but lacked some key features that I wanted such as logging (
    1 point
  40. Thanks for your help anyweb. This ended up highlighting the root cause and fixing my issue: Modified the registry key per instructions: alternatively try this, open regedit and change the following reg key value. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\SRSRP] "SRSInitializeState"=dword:00000000 The value should be changed to 0, then wait for the value to change back to 1. It will change to 2 for a while. You can amonitor the srsrp.log while you wait Once modified I then found these errors in the srsrp.log: System.Web.Services.Protocols.SoapException: An e
    1 point
  41. I got it working here with %windir%\System32\.... Guessing the x64 ServiceUI.exe does not have the virtual mapping for sysnative. I guess the x32 version would work fine, but I like to use x64 on x64 systems, so this change is just fine Thanks for a great solution by the way This looks to be the perfect solution for upgrading our computers to the newest version of W10 on systems with both English and Norwegian System UI as default If you happen to be in Oslo anytime, I'll buy you a beer -Jannis
    1 point
  42. i'll try and do up a blog post on this in the coming weeks, time willing of course
    1 point
  43. Hi all - The title states it all, really. I have created and been maintaining my site's SCCM environment for the past 9 years, with no training or aid beyond what I have gained from reading information presented by a number of patrons of this site and similar (Niall Brady, Garth Jones, Anoop Nair, and Mikael Nystrom to name some), and I was wondering what options there are for gaining some accreditation. I am based in the UK, in case this removes some options from the list!
    1 point
  44. If you open the .smx file in notepad. Or make a copy of it and add xml at the end you can read it more easily in internet explorer. There is a section were the hostname is presented. Go to Microsoft Configuration Manager folder then inboxes\auth\statesys.box\corrupt You will see that it puts the files there. Take the latest message and copy it to another location and add xml then open it in IE or any other browser, otherwise you can open the .smx in notepad directly.
    1 point
  45. Have you set up boundaries and boundary groups and made sure you've added your server in the Content location box?
    1 point
  46. they are not there because they have been removed, see https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/changes/deprecated/removed-and-deprecated-cmfeatures
    0 points
  47. First off SW inventory is NOT reliable, you should be using CI for this. Secondly, if your SW inventory runs for more than 4 hours it will NEVER send up update results. Yes is it very common for SW inventory to run for more than 4 hours runtime (not real time). Third did you review the inventoryagent.log file to see how long it takes for SW? Did it complete? Are you sure?
    0 points
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...