Jump to content


67_dbc

Established Members
  • Content Count

    36
  • Joined

  • Last visited

  • Days Won

    1

67_dbc last won the day on August 9 2013

67_dbc had the most liked content!

Community Reputation

1 Neutral

About 67_dbc

  • Rank
    Advanced Member
  1. Niall, I know this is a year later response, just been really busy. Anyways, I've taken the USB Boot Media approach for my guys to get around this issue. The SCCM DP on the ESX host is using vmxnet3 NIC. We are on VMware ESXi 5.1.0. I've tried E1000 NIC but I did not see anything change. I've given MS 3-4 months to work on this and they keep telling me its the network but with several pcap logs, nowhere shows the break in communication during handshakes between Primary, the DP or the test VM Client. I've been given a diagram how PXE flows including pictures the network/sccm team drawn using mspaint how this works, silly, yes. At the time before they called it quit, we could agree on "somewhat" is that the series of dots appear at stage when the client verification check at the database reports unknown or known client. After that it gets lost in space, dots start to appear and goes in a loop. Since then, MS decided that my case needs to close with no resolution and asked me to open it up if anything new comes up.... At this point I've taken a break from it all, partly why I am responding to this post so late. I'd love to get back on this topic if anyone else can chime in. Thanks, EC
  2. I am actively working on these Dell Wyse Thin Client WES 7 x32 using SCCM 2012 SP1 today as well. Its been a long journey getting these things to work properly and stable for the matter. Nonetheless getting support from Dell is nearly impossible to whom has experience with this and SCCM. Hoping perhaps if either of you spent time on these enough I could benefit this thread. Would either of you know or seen where these devices go into Service Locking Mode and only the Administrator can log on? I've done some research on it and pointed to possibly the clientstate.dat is the culprit matter but not all the time. I think I've narrowed it down being the ccmsetup.exe for CU4 on the client but until you take action to put the client with Write Filter disabled and leave it for awhile, it will keep popping up. I haven't been able to locate how to Commit with Write Filter enabled, do you know? Also, last question is how do you get GPO to persist, or do you have to remove Write Filter first then apply GPO, wait, reboot, turn Write Filter on, etc.? I am trying to set the GPO policy to Enable the "Disable Machine Password". I've been told that needs to be set or you will start seeing the machines fall off the Domain and we see it already on the old build... T1ml can you update the hyper-link because it appears to be going to the wrong URL. I am curious what is posted. Any help is greatly appreciated.
  3. Update: We decided to open a case with MS and they can't seem to figure out why either as of yet. They been moving my SCCM environment all over the place trying to figure it out. From the community, nobody else has had this issue before?? Anyone? Eric
  4. Thanks for the reply. The Client is on the same subnet as the ESX host as the SCCM server. There is only one router between the host and the client. The Cisco router itself is doing the DHCP handoff. PXE/WDS reside on the same box. The WDS role was setup then left alone as is. I've compared those settings to be sure from a working PXE to this troubled one and didn't find any differences. The WDS setting related admin approval is not checked, so I have to rule that out. Any other thoughts? Thanks, Eric
  5. Hi, I've been experiencing an issue where my PXE Boot client is unable to contact the server. The strange thing is that, the Contacting Server step could be 20 minutes or up to an hour trying to attempt. There has been cases where I will sit there and watch it and it will eventually locate the BootImage and allow me to hit F12 to start the TS. Now, PXE is configured in SCCM the same way on my other 30+ DPs and I have 2 that have this same behavior. Please see attached problem. I've removed the PXE option from the DP, I've removed WDS, rebooted the server, re-set everything back up and have no luck. I've tested this on a physical client and on a VM client, same behavior. My WDS role and SCCM are all on the same SCCM box/subnet, therefore i believe IPHelpers is Not required. My SCCM machine is on a ESX farm which is currently on the same subnet pool as the client through testing. I have several SCCM DPs on an ESX farm on different subnets with SCCM/PXE configured and I don't have this issue. Any thoughts?
  6. Just to share, if helps any.... Here is the same machine with an uninstall and re-install of the client. CHRNOO-WT-T430 Running query 'SELECT * FROM CCM_Service_HostedApplication WHERE Type="Server"' against namespace: '\\CHRNOO-WT-T430\ROOT\CCM\Policy\Machine' 5/12/2014 12:45:00 PM 1212 (0x04BC) CCMExec is currently NOT hosting a server application. 5/12/2014 12:45:00 PM 1212 (0x04BC) Machine: CHRNOO-WT-T430 5/12/2014 12:45:00 PM 1212 (0x04BC) OS Version: 6.1 Service Pack 1 5/12/2014 12:45:00 PM 1212 (0x04BC) SCCM Client Version: 5.00.7711.0000 5/12/2014 12:45:00 PM 1212 (0x04BC) 'RDV' Identity store does not support backup. 5/12/2014 12:45:00 PM 1212 (0x04BC) CCM Identity is in sync with Identity stores 5/12/2014 12:45:00 PM 1212 (0x04BC) PopulateRegistrationHint: Client has an SMSID, certificates, and has no CCM_ClientIdentificationInformation=@ instance, setting the hint. 5/12/2014 12:45:00 PM 1212 (0x04BC) Retrieved Certificate options successfully 5/12/2014 12:45:00 PM 1212 (0x04BC) Begin validation of Certificate [Thumbprint B223D6AF8470280E04B08F12724532183AF9BA2A] issued to 'SMS' 5/12/2014 12:45:00 PM 1212 (0x04BC) Client is set to use HTTPS when available. The current state is 224. 5/12/2014 12:45:00 PM 1212 (0x04BC) Completed validation of Certificate [Thumbprint B223D6AF8470280E04B08F12724532183AF9BA2A] issued to 'SMS' 5/12/2014 12:45:00 PM 1212 (0x04BC) PopulateRegistrationHint: Using the CertificateID to set the hint. 5/12/2014 12:45:00 PM 1212 (0x04BC) PopulateRegistrationHint: Registration hint successfully populated. 5/12/2014 12:45:00 PM 1212 (0x04BC) Deleted Certificate ID from registry successfully 5/12/2014 12:45:00 PM 1212 (0x04BC) [RegTask] - Executing registration task synchronously. 5/12/2014 12:45:19 PM 6340 (0x18C4) Read SMBIOS (encoded): 50004B0031004D004E0057004200 5/12/2014 12:45:19 PM 6340 (0x18C4) Evaluated SMBIOS (encoded): 50004B0031004D004E0057004200 5/12/2014 12:45:19 PM 6340 (0x18C4) No SMBIOS Changed 5/12/2014 12:45:19 PM 6340 (0x18C4) SMBIOS unchanged 5/12/2014 12:45:19 PM 6340 (0x18C4) SID unchanged 5/12/2014 12:45:19 PM 6340 (0x18C4) HWID unchanged 5/12/2014 12:45:21 PM 6340 (0x18C4) RegEndPoint: Event notification: CCM_RemoteClient_Reassigned 5/12/2014 12:45:22 PM 3360 (0x0D20) RegEndPoint: Received notification for site assignment change from '<none>' to '002'. 5/12/2014 12:45:22 PM 3360 (0x0D20) GetSystemEnclosureChassisInfo: IsFixed=TRUE, IsLaptop=TRUE 5/12/2014 12:45:22 PM 6340 (0x18C4) Computed HardwareID=2:248A45301BA45B9BAFB7AE235DF66DB6CD1447B7 Win32_SystemEnclosure.SerialNumber=PK1MNWB Win32_SystemEnclosure.SMBIOSAssetTag=No Asset Information Win32_BaseBoard.SerialNumber=1ZSR23AC17Z Win32_BIOS.SerialNumber=PK1MNWB Win32_NetworkAdapterConfiguration.MACAddress=<Not used on laptop> 5/12/2014 12:45:22 PM 6340 (0x18C4) [RegTask] - Client is not registered. Sending registration request for GUID:ba439da0-d47c-453f-813e-7eff5d77209f ... 5/12/2014 12:45:22 PM 6340 (0x18C4) [RegTask] - Client registration is pending. Server assigned ClientID is GUID:ba439da0-d47c-453f-813e-7eff5d77209f 5/12/2014 12:45:23 PM 6340 (0x18C4) [RegTask] - Sleeping for 60 seconds ... 5/12/2014 12:45:23 PM 6340 (0x18C4) [RegTask] - Client registration is pending. Sending confirmation request for GUID:ba439da0-d47c-453f-813e-7eff5d77209f ... 5/12/2014 12:46:23 PM 6340 (0x18C4) [RegTask] - Client is registered. Server assigned ClientID is GUID:ba439da0-d47c-453f-813e-7eff5d77209f. Approval status 1 5/12/2014 12:46:23 PM 6340 (0x18C4) 'RDV' Identity store does not support backup. 5/12/2014 12:46:23 PM 6340 (0x18C4) Raising event: [sMS_CodePage(437), SMS_LocaleID(1033)] instance of SMS_RemoteClient_Reassigned { ClientID = "GUID:ba439da0-d47c-453f-813e-7eff5d77209f"; DateTime = "20140512174623.125000+000"; LastAssignedSite = ""; MachineName = "CHRNOO-WT-T430"; NewAssignedSite = "002"; ProcessID = 6580; SiteCode = "002"; ThreadID = 6340; }; 5/12/2014 12:46:23 PM 6340 (0x18C4) Read SMBIOS (encoded): 50004B0031004D004E0057004200 5/12/2014 12:46:23 PM 2340 (0x0924) Evaluated SMBIOS (encoded): 50004B0031004D004E0057004200 5/12/2014 12:46:23 PM 2340 (0x0924) No SMBIOS Changed 5/12/2014 12:46:23 PM 2340 (0x0924) SMBIOS unchanged 5/12/2014 12:46:23 PM 2340 (0x0924) SID unchanged 5/12/2014 12:46:23 PM 2340 (0x0924) HWID unchanged 5/12/2014 12:46:23 PM 2340 (0x0924) GetSystemEnclosureChassisInfo: IsFixed=TRUE, IsLaptop=TRUE 5/12/2014 12:46:23 PM 2340 (0x0924) Computed HardwareID=2:248A45301BA45B9BAFB7AE235DF66DB6CD1447B7 Win32_SystemEnclosure.SerialNumber=PK1MNWB Win32_SystemEnclosure.SMBIOSAssetTag=No Asset Information Win32_BaseBoard.SerialNumber=1ZSR23AC17Z Win32_BIOS.SerialNumber=PK1MNWB Win32_NetworkAdapterConfiguration.MACAddress=<Not used on laptop> 5/12/2014 12:46:23 PM 2340 (0x0924) Persisted hardware IDs in CCM_ClientIdentificationInformation=@: HardwareID1=2:248A45301BA45B9BAFB7AE235DF66DB6CD1447B7 HardwareID2=4126910701B800FE 5/12/2014 12:46:23 PM 2340 (0x0924) It now displays that the client = Yes but I don't see any difference between the before and after client behaviors. I know this seems easy to say just repair to fix the issue, but on a global 300-400 machines behaving like, is there away to mass un-install then I will use site-wide install? Suggestions is appreciated, thanks. Eric
  7. PolicyAgent.log on CHRNOO-WT-T430 I don't see anything wrong. Requesting Machine policy assignments 5/12/2014 9:33:11 AM 7132 (0x1BDC) Requesting Machine policy from authority 'SMS:002' 5/12/2014 9:33:11 AM 7132 (0x1BDC) Raising event: instance of CCM_PolicyAgent_AssignmentsRequested { AuthorityName = "SMS:002"; ClientID = "GUID:ba439da0-d47c-453f-813e-7eff5d77209f"; DateTime = "20140512143311.695000+000"; ProcessID = 3744; ResourceName = "CHRNOO-WT-T430"; ResourceType = "Machine"; ThreadID = 7132; }; 5/12/2014 9:33:11 AM 7132 (0x1BDC) Processing Machine assignments from 'SMS:002'. The new cookie is ''. 5/12/2014 9:33:11 AM 6992 (0x1B50) Raising event: instance of CCM_PolicyAgent_AssignmentsReceived { AuthorityName = "SMS:002"; ClientID = "GUID:ba439da0-d47c-453f-813e-7eff5d77209f"; DateTime = "20140512143311.726000+000"; ProcessID = 3744; ReplyType = "Full"; ResourceName = "CHRNOO-WT-T430"; ResourceType = "Machine"; ThreadID = 6992; }; 5/12/2014 9:33:11 AM 6992 (0x1B50) Already processed Machine assignments from 'SMS:002' with the cookie ''. 5/12/2014 9:33:11 AM 6992 (0x1B50) I've deleted the machine out of SCCM Console, ran System Discovery, still the same results. I think the only thing that is helping presently is uninstalling the client one-by-one and do a client push after.... Eric
  8. Resolved this by clicking each and every one container, unchecking the Enable ADSD option, then enable ADSD and add the containers all over again.... Must be a bug. Eric
  9. I've been dealing with about 400 machines out of 1500 that report that the client in the console shows No. I've gone to several clients only to find that they do have it installed, listed in Control Panel, MP registration is valid and assigned to the one and only Site on our Domain. This occurs on multiple subnets not just 1 and I have several machines in different subnets that do report with Yes Client. SO here I am trying to locate the disconnect... Machines on different subnets, each have a valid boundary and boundary group assigned to a DP, with the check box on Site Assignment of my site, etc, which is apart of the same Domain and 1 MP that the other 1000 machines report Yes fine on. So just for sakes, because I looked around Google for so long without answers, I wanted to pass by and pose this question here. I think below should prove validity that my clients are truly there but the Console says No... ClientIDManagerStartup.log [----- STARTUP -----] 5/8/2014 9:02:02 AM 2932 (0x0B74) Running query 'SELECT * FROM CCM_Service_HostedApplication WHERE Type="Server"' against namespace: '\\CHRNOO-WT-T430\ROOT\ccm\Policy\Machine' 5/8/2014 9:02:02 AM 2932 (0x0B74) CCMExec is currently NOT hosting a server application. 5/8/2014 9:02:02 AM 2932 (0x0B74) Machine: CHRNOO-WT-T430 5/8/2014 9:02:02 AM 2932 (0x0B74) OS Version: 6.1 Service Pack 1 5/8/2014 9:02:02 AM 2932 (0x0B74) SCCM Client Version: 5.00.7711.0000 5/8/2014 9:02:02 AM 2932 (0x0B74) 'RDV' Identity store does not support backup. 5/8/2014 9:02:02 AM 2932 (0x0B74) CCM Identity is in sync with Identity stores 5/8/2014 9:02:02 AM 2932 (0x0B74) 'RDV' Identity store does not support backup. 5/8/2014 9:02:02 AM 2932 (0x0B74) Deleted Certificate ID from registry successfully 5/8/2014 9:02:02 AM 2932 (0x0B74) Client is set to use HTTPS when available. The current state is 224. 5/8/2014 9:02:02 AM 2932 (0x0B74) [RegTask] - Executing registration task synchronously. 5/8/2014 9:02:14 AM 1328 (0x0530) [RegTask] - Client is already registered. Exiting. 5/8/2014 9:02:14 AM 1328 (0x0530) Read SMBIOS (encoded): 50004B0031004D004E0057004200 5/8/2014 9:02:14 AM 4068 (0x0FE4) Evaluated SMBIOS (encoded): 50004B0031004D004E0057004200 5/8/2014 9:02:14 AM 4068 (0x0FE4) No SMBIOS Changed 5/8/2014 9:02:14 AM 4068 (0x0FE4) SMBIOS unchanged 5/8/2014 9:02:14 AM 4068 (0x0FE4) SID unchanged 5/8/2014 9:02:14 AM 4068 (0x0FE4) HWID unchanged 5/8/2014 9:02:15 AM 4068 (0x0FE4) GetSystemEnclosureChassisInfo: IsFixed=TRUE, IsLaptop=TRUE 5/8/2014 9:02:15 AM 4068 (0x0FE4) Computed HardwareID=2:248A45301BA45B9BAFB7AE235DF66DB6CD1447B7 Win32_SystemEnclosure.SerialNumber=PK1MNWB Win32_SystemEnclosure.SMBIOSAssetTag=No Asset Information Win32_BaseBoard.SerialNumber=1ZSR23AC17Z Win32_BIOS.SerialNumber=PK1MNWB Win32_NetworkAdapterConfiguration.MACAddress=<Not used on laptop> 5/8/2014 9:02:15 AM 4068 (0x0FE4) Persisted hardware IDs in CCM_ClientIdentificationInformation=@: HardwareID1=2:248A45301BA45B9BAFB7AE235DF66DB6CD1447B7 HardwareID2=411A9E0701B800FE 5/8/2014 9:02:15 AM 4068 (0x0FE4) [----- STARTUP -----] 5/8/2014 11:02:50 AM 13524 (0x34D4) Running query 'SELECT * FROM CCM_Service_HostedApplication WHERE Type="Server"' against namespace: '\\CELPUE-WT-T430\ROOT\ccm\Policy\Machine' 5/8/2014 11:02:50 AM 13524 (0x34D4) CCMExec is currently NOT hosting a server application. 5/8/2014 11:02:50 AM 13524 (0x34D4) Deleted Certificate ID from registry successfully 5/8/2014 11:02:50 AM 13524 (0x34D4) Read SMBIOS (encoded): 5200390056005A00370035004E00 5/8/2014 11:03:06 AM 16152 (0x3F18) Evaluated SMBIOS (encoded): 5200390056005A00370035004E00 5/8/2014 11:03:06 AM 16152 (0x3F18) No SMBIOS Changed 5/8/2014 11:03:06 AM 16152 (0x3F18) SMBIOS unchanged 5/8/2014 11:03:06 AM 16152 (0x3F18) SID unchanged 5/8/2014 11:03:06 AM 16152 (0x3F18) HWID unchanged 5/8/2014 11:03:08 AM 16152 (0x3F18) GetSystemEnclosureChassisInfo: IsFixed=TRUE, IsLaptop=TRUE 5/8/2014 11:03:08 AM 16152 (0x3F18) Computed HardwareID=2:22A450B7C8AA61C4C0BB7677A3C296C9F3E6F29B Win32_SystemEnclosure.SerialNumber=R9VZ75N Win32_SystemEnclosure.SMBIOSAssetTag=No Asset Information Win32_BaseBoard.SerialNumber=1ZPAX2BB2SJ Win32_BIOS.SerialNumber=R9VZ75N Win32_NetworkAdapterConfiguration.MACAddress=<Not used on laptop> 5/8/2014 11:03:08 AM 16152 (0x3F18) Persisted hardware IDs in CCM_ClientIdentificationInformation=@: HardwareID1=2:22A450B7C8AA61C4C0BB7677A3C296C9F3E6F29B HardwareID2=4FC66007010200FE 5/8/2014 11:03:08 AM 16152 (0x3F18) Any thoughts what I am not verifying? Any help would be appreciated! Thanks, Eric
  10. I swore I wrote a post on this but I can't find myself where it was posted... Anyways, I am trying to remove an AD Container within the Active Directory System Discovery Properties. I am getting the following message when I try to remove it. I've gone to the point of stopping SMS_Discovery services to ensure that its not running while I am trying to remove this old OU entry from ADSD. Reason for removal of course is the fact the container doesn't exist in AD any longer. So my logs are filling up during the discovery interval and reports that the OU doesn't exist. With any attempt, I am getting this from the Site server Console or my own from my machine when I am trying to remove this. If I click Continue, I am can go on, but if I click close, the Console crashes, etc. Any thoughts? SCCM 2012 RTM (no CU or SP) W2k8 R2 SP1 SQL Server 2008 R2 SP2
  11. Figured this all out. You are to be putting the OS on the HDD so it needs to be disk 0 and according to Lenovo, you need to install ExpressCache to get the SSD functionality of it. Its almost transparent, therefore, you install it and doesn't require any additional configurations. Problem is they can't me what tools are available verify that its truly is working but I suppose you can benchmark before and after the software install. http://support.lenovo.com/en_US/downloads/detail.page?DocID=DS035460 Silent install switch is not available in the README. IF you need it, please use /s /v" NOREBOOT=1 /qn" at the end of your .exe
  12. I have a silly question...How do you remove an entry that was added manually in the AD System Discovery Properties? Note: The following AD container doesn't exist any longer, which is the reason for me to remove it from AD system discovery altogether. I am getting the following error when I attempt this. Am I suppose to stop any services prior to removal? Perhaps, do I need to go to my AD side and re-add that OU just so I can remove it from SCCM ADSD??? I prefer not to because that will cause havoc internally with our server group. Anyone else dealt with this before? SCCM 2012 (no CU or SP) Server 2008 R2 SQL 2008 R2 adsysdis.txt
  13. Can someone assist in details on the formatting? I am trying to install OSD via SCCM 2012 on Lenovo X240 series. Currently the configuration hardware is 16GB mSATA and 7200RPM 500GB HDD. I guess what I don't understand is, am I suppose to load the OS on the mSATA, which to me seems logical? The additional drive, how is that being used for additional storage space? From the original poster jhille, I did exactly what was done but my results don't add up as expected. Someone have additional screen shots from Disk Management or TS Volume Properties are suppose to look like? Thanks, Eric
  14. 67_dbc

    MDOP MBAM

    Appreciate the quick response Jorgen. Can you elaborate more on the GPO to force encryption? If you mean, do I have MBAM MDOP GPO configured with services/reporting then yes, I do. My only issue is suppressing that Client UI box, what area of focus am I needing to look at suppressing it so users are not required to click on anything? I just want to silently encrypt drives without user interact. Through SCCM, I am using the UDI Wizard using ZTIBde.wsf from the UDI Wizard, so I am not sure what to use to apply that outside of SCCM via logon script or SCCM deployment, have examples perhaps? I did attempt using this link. - http://blogs.technet.com/b/deploymentguys/archive/2012/02/20/using-mbam-to-start-bitlocker-encryption-in-a-task-sequence.aspx But what I notice is I can't get it to work on MDOP MBAM 2.0 clients, only works on 1.0 clients. Can someone confirm this is true as well? If I am wrong, can I get a sample of how you are suppressing that Client UI pop-up with GPO configured? Eric
×
×
  • Create New...