Jump to content


brink668

Established Members
  • Content Count

    36
  • Joined

  • Last visited

Everything posted by brink668

  1. We have some Windows 10 machines deployed in the field and I have done a lot of research about updating Windows 10 via SCCM 2012R2. Most cases say it is still possible to update Windows 10 via SCCM 2012R2. I have been able to deploy updates. However what I am noticing is that the build versions are not changing for example. How do I upgrade machines via SCCM 2012R2 to go from 10240 to 10586? Is this possible or do I need to use SCCM version 1151?
  2. Sounds like you have a scan policy set if a client machine misses a scheduled scan to scan the next time the machine is on or force it as soon as possible. I think the setting was something like "If you miss 2 consecutive scans to force a scan". you may want to look at that property. Edit the actual setting is called " Force a scan of the selected scan type if client computer is offline during two or more scheduled scans."
  3. You could also set the boundaries to automatically look for them based on what is setup in your DHCP/DNS configuration and then apply them to the correct boundary groups. Anything not set in a boundary will automatically be considered to be on a slow network. Also any firewalls? Hardware and software based? Also, try connecting to this URL: http://mysccmservernamehere/sms_mp/.sms_aut?mplist do you see any content or any version info?
  4. What is your site code? is your site code PRI? This is my command line for an DMZ system CCMSETUP.EXE FSP=SERVERNAME-SCCM1 SMSMP=mydomain.com SMSSLP=SERVERNAME-SCCM1 SMSCACHESIZE=5000 CCMLOGMAXHISTORY=2 SMSSITECODE=AR1 DNSSUFFIX=mydomain.com Also make sure your site code is in DNS, for example my site code is AR1, this value should exist in your DNS.
  5. Is it possible to allow local administrators or users of a specific group to disable the system center endpoint protection and/or just real-time scan? Is there anyway to disable this policy on a more granular scale if necessary from the client end rather then moving the machine into a collection which grants the policy to all users to disable the real-time scan? I saw some items referring to group policy but that was only for SCCM 2007 version not the latest System Center Endpoint Protection 2012 version.
  6. Does that machine need all those updates? If it doesn't need all those updates it will just ignore them and only install the updates that are pertinent to that machine. In terms of troubleshooting how many systems do you have in total and how many operating systems are in your SCCM 2012 system. Please tell me all of them and how many machines there are. Not just in the collection you pushed to.
  7. This is what I have in my Client Push properties SMSSITECODE=AR1 FSP=TESTLAB-SCCM1 FSP = ComputerName value for us
  8. Did you update to CU2? This should resolve any Distribution/Content updating issues.
  9. Is this behavior normal to see FEP Updates clients required for update = 0, other updates show Required machines but ForeFront does not show this. Update Settings:
  10. I have the exact opposite problem I am trying to get my systems to restart during the maintenance window after installing updates. Users are getting prompted to Restart the machines but I want to force the restart on them. I will detail my environment for you to possibly help you get yours to not-restart as this is the case for me.
  11. From the logs it looks like it is communicating with the site/server; pulled some messages from the log The server is our site we only have 1 From WindowsUpdate.log 2013-05-23 13:15:38:023 448 478 AU # Policy Driven Provider: HTTP://MBAMK-SCCM1.XXXXXX.COM:8530 2013-05-23 13:15:39:282 448 eac Agent * Found 0 updates and 4 categories in search; evaluated appl. rules of 24 out of 67 deployed entities 2013-05-23 13:15:39:462 448 eac Agent * Found 15 updates and 23 categories in search; evaluated appl. rules of 68 out of 110 deployed entities 2013-05-23 13:15:39:490 448 eac Agent * Found 3 updates and 11 categories in search; evaluated appl. rules of 38 out of 110 deployed entities 2013-05-23 13:41:08:882 448 260 Agent * Endpoint Provider: 00000000-0000-0000-0000-000000000000 2013-05-23 13:41:08:882 448 260 Agent * WSUS server: HTTP://MBAMK-SCCM1.XXXXX.COM:8530 2013-05-23 13:41:08:882 448 260 Agent * WSUS status server: HTTP://MBAMK-SCCM1.XXXXX.COM:8530 2013-05-23 13:41:09:060 448 1fe0 PT +++++++++++ PT: Synchronizing server updates +++++++++++
  12. My FEP Clients have stopped downloading updates from the SCCM Server, they are only updating from Windows Update. It seems that something is very amiss as my FEP clients are downloading from Windows Update even though in the policy I have this set to Disabled Alternate Sources set to TRUE. How can I easily determine if the FEP client is updating to the SCCM Server or Windows Update which logs shows this? 2. I noticed also when I click on the about section of FEP the policy applied does not match with what is actually applied to the client / collection. Could this be a result of a corrupted policy?
  13. SOLVED. The problem is 2 things need to be set correctly. ADR Rule Deployment's User Experience must be set to the following to force Restart/Software Installation even with a maintenance window Software Installation (CHECKED) Suppress Software Restart on Workstations (UNCHECKED) When deploying the software group you essentially have to check the same fields otherwise it may not work. I cant seem to figure out why you have to do this twice it seems like wasted work to have to perform this step twice for an Automatic Deployment Rules.
  14. I feel like I keep posting questions. I tried to do a search on this but everything was bringing me to the exact opposite of what I am trying to do. It seems that even though I have maintenance window set for 18 hours on a collection every day for my testing. The machines install the updates but the user's are prompted to restart instead of just restarting the computers. I can't seem to figure out how to force the computers to restart, RESTART Suppression is only set for servers.
  15. Great thanks for the info! I found the deployments location by accident today while trying to troubleshoot another issue. Monitoring > Deployments
  16. I edited my ADR after creating it, and it stopped creating the Deployment Package. I had to delete my ADR and create a new one from scratch to make it work again. How do you do the following: Edit the location of downloads of the ADR for the Package, I can't find this location for the ADR after I create it. If someone deletes the source folder for the Package is there anyway to re-create it without having to re-make the entire ADR rule? When creating the ADR Rule I can see this section below can I get to this section after I am finished making the ADR? My ADR Rule says: ADR 0x80004005 Unspecified Error My Log says: Content download failed. Message: Failed to download one or more content files. Source: SMS Rule Engine. If I remake the rule it works fine... but why do I have to do this...
  17. I don't know about the Start Menu but it definitely gets add to All Programs on Windows XP, 7, 8 and servers.
  18. Check to see if you have to install any service packs for the SQL instance. I had the same problem and I had to reinstall the SQL service pack onto the Database Instance. This is a protection feature of Microsoft even if you upgrade the whole server you will need to re-install the service pack on the actual database instance for Reporting Services possibly.
  19. Where is this time being computed from? 5/3/2013 at 6:04am? My maintenance windows are set from 11:15pm to 5:00am. The ADR was originally set for 2 weeks out, but after making some changes it is now set to "as soon as possible" the change does not seem to take effect to either machines that just received the update information or after the updates were downloaded.
  20. Thanks for the information! I am reviewing this now (I also have SCCM 2012 built) so I may harness the power of that as well plus I heard the task sequences are a bit easier than MDTs version.
  21. Is it possible to do the following like how WSUS works when a client checks for updates locally. For example on Windows 8: This client is part of an ADR Deploy Collection and is saying there are no updates available. From the intranet source. However, in software center it says there are updates needed. How WSUS use to work if you approved an update it would show up here for the client. Is there anyway to get this feature enabled in SCCM 2012? If I click "Check online for updates" it shows a lot of other updates that are available In both the SCCM Synchronization master list and the ADR group all the updates are checked except for drivers. Why do the updates not show up in the screenshot above? Is there a setting that can enable this functionality or is this by design of SCCM? The idea behind this is too help troubleshoot issues and allow IT admins to install updates directly from a client box rather than waiting on a SCCM Push if the priority is high.
  22. Sweet! Thanks for the post that worked well! I had an old version. Link to tools! http://psrightclicktools.codeplex.com/
  23. How can you quickly figure out what collections are associated with a Computer? I am trying to figure out what policies are being given higher priority by viewing what collections they are associated with. Does anyone know how to find this information?
×
×
  • Create New...