Jump to content


Established Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


dverbern last won the day on April 14 2014

dverbern had the most liked content!

Community Reputation

2 Neutral

About dverbern

  • Rank
    Advanced Member
  • Birthday 12/29/1979

Profile Information

  • Gender
  • Location
    Melbourne, Australia
  • Interests
    Associated Systems Administrator, Server Health Management, Process Automation, PowerShell, Software Deployment & Packaging, Troubleshooting, Music, Playing Guitar, Science.
  1. We have configured a "Refresh" OSD deployment, kicked off by users from Software Centre, that uses USMT to backup user data. Our company policies are quite liberal and back up potentially large amounts of user data, which can take some time. Does anyone know if there is a script or tool that we might be able to use to inform users, prior to kicking off the OSD Refresh process of just how much data will be captured in terms of file numbers of amount of Gigabytes? It would give users a choice to purge data or back up themselves rather than waiting on SCCM to do it.
  2. I manage windows updates on our server fleet, using SCCM 2012 R2 SP1. Despite having clear-cut Maintenance Windows for our servers, we are still finding cases of individual servers having restarted unexpectedly. In each case, the %Windir%\WindowsUpdate.log shows: The process C:\Windows\system32\svchost.exe (ComputerName) has initiated the restart of computer ComputerName on behalf of user NT AUTHORITY\SYSTEM for the following reason: Operating System: Recovery (Planned) Reason Code: 0x80020002 Shutdown Type: restart As for why it restarted, the same log has the segment: Client ha
  3. Some types of updates can install outside maintenance windows, such as Forefront Definition updates. At least, thats my understanding. Otherwise machines could go a month or more before updating antimalware definitions.
  4. I have installed SCCM client on several workgroup and machines on separate domain to our SCCM infrastructure, with use of ports and certificates. We find that SCCM seems to manage the clients fine, except that the Endpoint Protection appears to die some hours or days later - the definitions seem to fail to come down to the machine and ultimately the Endpoint icon turns red and shows it is turned off. Software Updates via Software Centre are otherwise coming down to the machines without problems - if anyone has any suggestions on what could be causing Endpoint to fail to keep itself active
  5. Hi mehraranjit, thanks for your reply. Yes, I was using a manual client install. I'll follow your suggestion and check if I can discover any machines in that same boundary. Although, because the machines are in another domain I may not be able to discover them. I'll also check whether we have a two-way trust or whether it is just a stub zone we are using.
  6. Hi All, I'm very grateful to Niall Brady for providing excellent assistance on how we can install and manage servers in SCCM that are Workgroup machines: http://www.windows-noob.com/forums/index.php?/topic/8977-how-can-i-remotely-control-workgroup-computers-in-system-center-2012-configuration-manager/ However, I'm now trying to get SCCM to talk to servers that are in a separate domain to our SCCM infrastructure. In this instance, the separate domain has a Stub Zone in DNS, so as long as I provide a FQDN, I can resolve the SCCM servers in our domain. I've added the IP subnet of
  7. Niall, you have saved me! Your documentation spelled out exactly what I was missing - entries in my LMHOSTS file! Once I made the entries, I just had to find an installation command line that worked for our environment. In my case, I had already copied the CCMsetup installation source files over to the workgroup machine and used the following syntax: ccmsetup.exe /mp:{Our MP Server in the DMZ FQDN} SMSSITECODE={Our SMS Site Code} FSP={Our Primary Site Server} After installation, I went into Devices in SCCM Admin Console and voila! Found the Workgroup server in Unapproved state, rig
  8. I might also add, I have a certificate in "Personal" folder of the workgroup machine, issued by our Root Certification server for Server communication - can anyone advise whether such a certificate is required for SCCM to talk to servers outside the domain? We originally installed that certificate for SCOM to manage DMZ servers, but I wasn't sure whether SCCM also needed it.
  9. Sorry for delay in responding, but thanks Peter for your contribution. I'll remove the SCCM client from my workgroup machine and reinstall with the modified command line you suggest and see how I go. If you know of any specific logs that will shed light on why a connection may not be established, that would also be handy.
  10. I'll also add that we have a Boundary and Boundary Group defined for the IP range these DMZ Workgroup servers sit in, so that is another bit that should be fine.
  11. Hi All, I am trying to get SCCM client to install and talk to servers that are Workgroup (non-domain joined) and sitting in a DMZ, i.e. outside our regular domain. We have a MP installed in the DMZ that is intended to communicate with devices in the DMZ, domain-joined or not. The DMZ domain-joined machines SCCM clients work fine, its the DMZ workgroup machines that don't. I am installing SCCM client with syntax like: ccmsetup.exe /mp:{MPserver for DMZ FQDN} SMSSITECODE={our site code} FSP={MP for our regular domain} * I have added the IP and hostname of our MP DMZ server into
  12. Hello, Using SCCM 2012 with a Software Update Point. Can someone advise how SCCM determines the "Update Classification" for each update it pulls down from Internet? I ask because many updates being downloaded in our environment are being put in the Update Classification of "Critical Updates", yet the "Severity" of the updates are set to "None". I've been asked to account for which is the case - are these updates truly "Critical" or this a product of how our environment is set up? I attach an example update and a look at our update classification settings.
  13. Query worked when pasted in for me too, although I definitely needed to add a "DISTINCT" to the initial SELECT statement as I had many, many entries for each system found by the query.
  14. So glad you are deploying IBCM and not an ICBM.
  • Create New...