anyweb

This post is not finished yet, work in progress... The following task sequence can be used to deploy Server 2008 R2 with ADDS, deploy server 2008r2.xml note: leave out Windows Powershell from the TS otherwise Roles and Features will be ignored.

The German government has warned web users to find an alternative browser to Internet Explorer to protect security. The warning from the Federal Office for Information Security comes after Microsoft admitted IE was the weak link in recent attacks on Google's systems. Microsoft rejected the warning, saying that the risk to users was low and that the browsers' increased security setting would prevent any serious risk. However, German authorities say that even this would not make IE fully safe. Thomas Baumgaertner, a spokesman for Microsoft in Germany, said that while they were aware of the warning, they did not agree with it, saying that the attacks on Google were by "highly motivated people with a very specific agenda". "These were not attacks against general users or consumers," said Mr Baumgaertner. "There is no threat to the general user, consequently we do not support this warning," he added. Microsoft says the security hole can be shut by setting the browser's security zone to "high", although this limits functionality and blocks many websites. However, Graham Cluley of anti-virus firm Sophos, told BBC News that not only did the warning apply to 6, 7 and 8 of the browser, but the instructions on how to exploit the flaw had been posted on the internet. "This is a vulnerability that was announced in the last couple of days. Microsoft have no patch yet and the implication is that this is the same one that exploited on the attacks on Google earlier this week," he said. Computer expert Alan Stevens: "It's like having a window left open in your house" "The way to exploit this flaw has now appeared on the internet, so it is quite possible that everyone is now going to have a go." Microsoft traditionally release a security update once a month - the next scheduled patch is the 9th of February. However, a spokesman for Microsoft told BBC News that developers for the firm were trying to fix the problem. "We are working on an update on this issue and this may well involve an out of cycle security update," he said. full story > http://news.bbc.co.uk/2/hi/technology/8463516.stm

The Cumulative Update 974144 is available at the following URL It resolves the following issues: # The Product Knowledge tab is displayed as the Company Knowledge tab after you import a language pack for System Center Operations Manager 2007 R2. # An agent cannot be removed successfully from a Windows Cluster service node. # The Heathservice.exe process on a Windows Cluster service passive node may have excessive CPU utilization. # The Healthservice.exe process may crash when it uses the OLE DB module. # The workflows that use the OLE DB data source may unload themselves if the underlying provider returns a null string or an empty string. # An instance of the MonitoringHost.exe process may cause a memory leak in nonpaged pool memory. # The notification subscriptions do not work if they are configured to parse a CustomField field or an AlertOwner field. # The Operations console loses the status as the current object that is in focus when a search filter is applied. # The SRSUpdateTool.exe process returns an error that states “Failed while updating registry entry for reporting code MSI component” when you try to upgrade SQL Reporting Services 2005 to SQL Reporting Services 2008. # The Operations Manager UI may crash when the Connector column and the Forwarding Status column are added to an Alert view. # The agents may re-process old Windows event log entries and then incorrectly generate alerts for these events that are not new. # Health state reliability fixes and improvements. # The Operations Manager Audit Collection Service (ADTServer.exe) does not start on an ACS Collector if the operating system is upgraded to Windows Server 2008 R2. # In a performance report that is exported, the list of object instances is not displayed. Support for Windows Server 2008 R2 and Windows 7 is also included in this CU. Here is the recommended installation order : 1. Root Management Server (RMS) 2. Manual update of the Operations Manager database together with the included stored procedure file that is discussed later 3. Manual import of the Management Pack library that is discussed later 4. Secondary Management Servers 5. Gateway Servers 6. Deploy the agent update to the agents that used a discovery-based installation 7. Operations console role computers 8. Web Console server role computers 9. Audit Collection Service role computers 10. Apply the agent update to manually installed agents via > http://myitforum.com/cs2/blogs/fdufour/archive/2010/01/17/cumulative-update-1-for-system-center-operations-manager-2007-r2-kb974144.aspx

show me a screenshot of what section you are referring to

double check

well if it's not accepting the key then the key is not matching the media, ie: the windows 7 ISO you are using is NOT the MAK version, contact microsoft to obtain the correct version or correct key. cheers niall

thanks, spread the word !

if you leave the license key out and deploy it what happens ?

no in the upgrade it doesnt do it for you, you have to do it manually after the event here's how

if you look at the zticonfigure.log file you should see references to the unattend.xml file being merged (or not) with your one, so what does it tell you ?

did you use the hotfix ?

With the release Windows 7, now is a good time to start thinking about doing a Windows 7 pilot deployment. Windows 7 contains many new features in networking (in particular, in BranchCache and DirectAccess), in security (AppLocker and BitLocker being some examples), and in manageability (e.g., power management and PowerShell) that are worth exploring. Note For a complete view of Windows 7 resources, articles, demos and guidance, please visit the Springboard Series for Windows 7 on the Windows Client TechCenter. Phases of Pilot Deployment Process The How to Start a Windows Vista Pilot Deployment gives an excellent overview of how to successfully manage a Windows Vista pilot program that provides the best experience for pilot users and helps to provide positive project justification to business decision makers in your organization. The fundamental standard information technology (IT) best practices described in that document also apply to a Windows 7 deployment and are outlined below. full article > http://technet.microsoft.com/en-us/library/dd744251%28WS.10%29.aspx

Problem: When trying to import Windows 7 drivers (.inf files) you get an error stating: Discussion: This issue is specific to running SCCM 2007 SP2 on Windows Server 2008 (you won't have it on windows server 2008 R2), and for drivers that apply exclusively to windows 7. Solution: You can fix it by either upgrading to Windows server 2008 R2, or call Microsoft support for Hotfix KB 978754. Workaround: Edit the INF files like in the example below and then the driver import will work. Example: e6400 NIC driver for Windows 7 X86 edit a filed called E1Y6232.inf and found the lines change [Manufacturer] %Intel% = Intel, NTx86.6.0, NTx86.6.1.1 to [Manufacturer] %Intel% = Intel, NTx86.6.1.1 References: 1. Importing Win 7 Drivers - .inf files 2. "The selected driver is not applicable to any supported platforms" issue still occur on SCCM SP2+R2 for Win7 Drivers

If you are using SCCM 2007 SP1 (WinPE 2.0 images) you can use intlcfg.exe to set the keyboard layout in WinPE. If you are using SCCM 2007 SP2 (WinPE 3.0 images) intlcfg.exe is deprecated and you have to use Dism.exe to set the keyboard layout in WinPE.

did you update your sccm configmgr client to the sp2 version ?

no don't do that, the boot image that it didn't update, what is it called and what version is it currently, is it an mdt or custom boot image ?

i'd suggest you read this topic while you are at it, it'll show you how to find the right logs good that its working now cheers niall

create a reg file with the value required (simply export that key and save as a reg file) then make a package of that file and run it using the same method i use in this post (look at where i use a reg file for autologin) does that help ?

hmm that log looks fine, are you sure there are no other smsts.log file present, with a name like smsts-20100113-110024.log ?

please just upload it here....

can you post the entire smsts.log file i'd like to see it

is sccm in mixed or native mode ? what are you seeing happening on the client when it pxe boots now ?

did you see this then ? Install multiple applications Select this option to configure the Install Software task sequence step to install multiple applications in sequence. This step specifies the base variable name for a series of task sequence variables that each contain a <packageID: program name> pair separated by a colon. The series of variable names is formed by appending a numeric suffix between 001 and 999 to the specified base name. The variable names and associated values form a dynamic package list. The list of packages ends when no variable name exists with the next sequential numeric suffix. The associated packages will be installed in the order specified in the list. Each package installation will be completed before the installation for the next package begins. When you specify the Package ID always specify the Package ID using uppercase. The program name is case-sensitive and must exactly match the name assigned to the program when it was created. Virtual application packages distributed via the Configuration Manager 2007 R2 application virtualization feature cannot be distributed as part of a list of multiple applications. If the value of a variable is not created in the correct format or does not specify a valid package ID and program name, the installation of the package will fail. If no variables with the specified base name and "001" suffix are found, no packages are installed and the action succeeds. The program you select must meet the following criteria: * It must run under the local system account and not the user account. * It should not interact with the desktop. The program must run silently or in an unattended mode. It must not initiate a reboot on its own. The program must request a reboot using a 3010 return code. This ensures that the Install Software task sequence step will properly handle the reboot. For example, to install a single application by using a task sequence variable called AA001, you specify the following: Variable name: AA001 Variable value: CEN00054:Install To install three applications, you would specify the following additional variables: Task Sequence variable: AA002 Value: Package CEN00107:Install Silent Task Sequence variable: AA003 Value: Package ID: CEN0031:Install ImportantImportant The program specified must have the Allow this program to be installed from a list of software packages in the “Install Software” task sequence step without being advertised option selected or the installation will fail. This option can be selected when adding a program to an existing package in the New Program Wizard. Alternatively, you can specify this option by right-clicking an existing program, selecting clicking Properties, and then clicking the Advanced tab. If an application installation fails, continue installing other applications in the list Check this box to have the Install Software task sequence continue in the event that an application installation in the list fails. If this box is not checked and the installation fails, the task sequence step will end immediately. If the box is checked, the next package or program in the variable list is installed regardless of errors. http://technet.microsoft.com/en-us/library/bb680842.aspx

was the computer domain joined before you did OSD on it ? or did you join the domain during the task sequence...