Jump to content


Established Members
  • Posts

  • Joined

  • Last visited

Posts posted by Djackson

  1. The desktop team I work with said after the latest update to SCCM they download the latest MS patches and approve them and they get deployed to all pcs even if they specify only a set collection.  I do not have the issues with my servers.  I think they said they get deployed even if they don't deploy them.  Anyone seen something like this?

  2. Nevermind I was doing something wrong. Here is it if anyone needs it


    1. Run Process Explorer (Procexp.exe) as the SYSTEM account by using PSEXEC: psexec -s -i C:\Pathtofile\procexp.exe

    2. Double-click MsMpEng.exe to bring up the properties window

    3. Go to the services tab

    4. click the Permissions button

    5. Give Full Control to the Administrators group and click OK

    You should now be able to stop and start the service through the service management console or the command prompt with net stop/start

  3. I have a question. I have 6 different AD security groups that I have created 6 queries on to tell me what users are a part of them. I want to do a query that references those 6 and will tell me what users have none of those groups. Is there a way to do that with how I have it setup or do I need to do a query that has all those groups listed in one query and do a subnet to tell me who is not a part of them?

  4. Hello,


    I have noticed after we upgraded to SP1 I have had a few server 2008 r2 boxes go out and install MS updates. Nothing has been deployed to these servers other that a Endpoint Definition Update. Anyone else seen this? It happened a few weeks ago and has not happened in a few weeks then it happened last night. I had a 2008 r2 update package with the latest updates but had not deployed it to anything. Could it be seeing them even though there is no deployment.

  5. My co-worker is not a full admin to SCCM but has all the security to the workstations and all groups minus the Full Administrator. Since upgrading to sp1 he can't update the images with patches using offline updates. He gets the error that is attached. I am a full admin and have no issues with updating them. I know it is a permission or scope issues but not sure which one. Anyone else run into this? This worked fine before Sp1. Thanks for any help

    updates (3).bmp

  6. Hello,


    I usually deploy updates over a month to all the pcs. I am being asked can I do it in one night. I have 2000 pcs with multiple applications in the environment. I have never been a fan of patching everything at once but more of a controlled deployment. I only do critical patches. Any thoughts on doing them all in one night?

    • Like 1
  7. I have the same question I think. I have a user collection based on user AD security group. I wanted to build a device collection based on that collection. I had a OU built with each department having a seperate OU and pcs were being moved to those. Now it is becoming to much work with pcs being moved and not being notified. I have remote sites that I can do per subnet so that part is covered. It is the main location that I am having issues with. We are in the process of breakin up floors by VLANs so soon this will not be an issue but I would like to create a device collection based on user security group. Is this possible?

  8. Here is my issue. I have a forest domain with 2 child domains. These all work with no issue with SCCM. I have a non-trusted domain that I am having issues with. These share no trust or DNS. What I did is edit the host file on the test machine in this non-trust and ented my site server, DP, and MP. I can ping my servers from this machine. I did the same on my SCCM servers. I can ping the machine in the non-trusted domain. I did the command line install for the client. That worked. I can't manage the machine, All I want to do to thse machines is deploy MS patches and Endpoint. Any ideas?? Thanks in advance for the help. If I had hair it would be gone.

  9. I was trying to add a non trusted forest and I created an account for this. Of course now I know if will not work this way but I wanted to delete this account out. I have deleted the new forest out but the account is still there. When I try to delete it it will not let me and the option is greyed out. Is there a way for me to delete it our will it hurt anything to let it stay?





  10. I have SCCM 2012 running in a Forest domain with 2 child domains on main VLAN. This all works fine. My issue is I have a domain setup that runs our Accudose cabinets that dispense drugs. These are on another VLAN. I have installed the client manually on a test machine but it does not find the site. I tried to do it manually but no luck. I have entered the server names in the host file due to this domain does not get DNS. It does not show up in SC. Any help would be great.

  • Create New...