Jump to content


Edenost

Established Members
  • Posts

    186
  • Joined

  • Last visited

Profile Information

  • Gender
    Male

Recent Profile Visitors

2139 profile views

Edenost's Achievements

Newbie

Newbie (1/14)

2

Reputation

  1. Hi all, It's been a little while since I posted on here! Hope everyone is doing good! I'm after some advice on SCCM and Default Apps being reset on deployment... it's a bit of a weird one, so bear with me! I'm running the latest SCCM CB version (1902 w/o the hotfix). I've been deploying Windows 10 Pro 1809 with it. This is a custom image from the Windows 10 ISO, installed, apps all installed, then used the SCCM Capture Media to take a copy and deploy. Following the deployment (lack of user testing as well), we've now started to notice the users custom settings are not being honoured when logging back in. For example, if you set the default browser to Chrome, log off and back on, it's set back to Edge. Same for Adobe with PDF's, and also Default Printers as well... Now, the weirdest part is that this doesn't happen right away. A freshly imaged machine, log on, set your preference, log off, log back on, and you're good. Log off, wait 10-15 mins, log back on, and it's reset, and any subsequent logins reset it too (you can see it in the shell event logs where it's resetting). This is leading me to believe that SCCM is doing some kind of configuration to the machines post deployment. If I create a machine using the .wim from the Windows disk, and install Chrome during OSD, same results as above. If I create a machine manually, without SCCM, install Chrome manually, this actually works as expected, and no resets are seen. I've installed a machine with SCCM, then removed the client from it, still does the same thing, so it looks like something is being enforced during the OSD itself. If I take the machine out of the OU's with the group policy's, it still resets (regardless of whether a Domain Admin or Domain User logs on, it will reset that users preferences. I'm at the point where I need to call M$ to see what's going on, and see if they can work it out, but I thought I'd try here first! Just to add, I've also tried Windows 10 Pro 1903 as well, and it has the same result :(. Banging my head against a wall here :(. I have no GPO's enforcing default Apps (with or without the XML settings we're now forced to use). There is nothing on SCCM showing as it would cause this... Any help would be appreciated. Thanks Phil
  2. Does anyone have any ideas? This is still happening. It happened twice over the weekend, each lasting around 18 hours, and it's just happened again this morning Cheers Phil
  3. Hi there, I have a fairly new SCOM install up at the moment. It consists of: 2 Management Servers 2 Gateway servers on other domains using certificates 1 SQL Server with two instances, one for OperationsDB and one for WarehouseDB. Ever since I installed it a couple of weeks ago, I get the following error every now and then, and it can last for up to 2 days at a time: OpsMgr Management Configuration Service failed to execute 'SnapshotSynchronization' engine work item due to the following exception Microsoft.EnterpriseManagement.ManagementConfiguration.DataAccessLayer.DataAccessOperationTimeoutException: Exception of type 'Microsoft.EnterpriseManagement.ManagementConfiguration.DataAccessLayer.DataAccessOperationTimeoutException' was thrown. at Microsoft.EnterpriseManagement.ManagementConfiguration.DataAccessLayer.DataAccessOperation.ExecuteSynchronously(Int32 timeoutSeconds, WaitHandle stopWaitHandle) at Microsoft.EnterpriseManagement.ManagementConfiguration.CmdbOperations.CmdbDataProvider.GetConfigurationSnapshotNextBatch(SnapshotProcessWatermark watermark) at Microsoft.EnterpriseManagement.ManagementConfiguration.Engine.TracingConfigurationDataProvider.GetConfigurationSnapshotNextBatch(SnapshotProcessWatermark watermark) at Microsoft.EnterpriseManagement.ManagementConfiguration.Engine.SnapshotSynchronizationWorkItem.TransferData(SnapshotProcessWatermark initialWatermark) at Microsoft.EnterpriseManagement.ManagementConfiguration.Engine.SnapshotSynchronizationWorkItem.ExecuteSharedWorkItem() at Microsoft.EnterpriseManagement.ManagementConfiguration.Interop.SharedWorkItem.ExecuteWorkItem() at Microsoft.EnterpriseManagement.ManagementConfiguration.Interop.ConfigServiceEngineWorkItem.Execute() Now when this is happening, I also get a whole bunch of others: Once the original error above clears, the others also resolve, so I'm only interested in said error I'm assuming. I have been running the following query on the OperationsDB on SQL: Select WorkItemName, b.WorkItemStateName, ServerName, StartedDateTimeUtc, CompletedDateTimeUtc, DurationSeconds, ERRORMESSAGE from cs.WorkItem a , cs.WorkItemState b where a.WorkItemStateId= b.WorkItemStateId and WorkItemName = 'SnapshotSynchronization' Which returns the following: On one which was succeeded, the day before, the time shows 302. I have increased the timeouts on the config files on both Management servers and restarted the services (even the servers themselves), but still nothing helps. Pulling my hair out with this a bit! All machines are Windows Server 2012R2. We do run them on VMWare with DRS enabled, but they haven't migrated for some time, so it's not a host/network thing as far as I can see. OpsMgr is running as normal mostly, still monitoring things and reporting, but I cannot add new objects to monitor until this clears. The Management Servers and others also show this in the even log: "OpsMgr's configuration may be out-of-date for management group <Management Group>, and has requested updated configuration from the Configuration Service.", but I don't see successful update of the cookie until this issue resolves itself. Any help is much appreciated! Cheers Phil
  4. Hi All, I just wanted to drop a quick message to let you know about an old error I came across this morning when configuring the client install through WSUS. After installing WSUS and the SUP on my Server 2012R2 install with SCCM CB, I was getting error 80244019 from the Windows Update client on the client machines. After some investigation, I found that the "Content" directory within IIS was inaccessible by IIS. I could manually reach it by going there myself, or using the run command. I could access it by the share name, and directly on the host itself, from multiple locations with multiple accounts. But when I right clicked on it and chose "Explore", it told me the directory could not be found/access (or something along those lines, sorry no screenshots! ). Following on from that, I decided to check the permssions of course, which were all correct. I removed and reinstalled WSUS and SUP a couple of times, but doing the same process each time I installed it. In the end, I removed both WSUS and SUP from the SCCM Server. Rebooted. Reinstalled WSUS, but rather than storing the updates using the UNC path, I pointed it to the local path, so "E:\Sources\Windows Updates" for example, rather than "\\SCCM\Sources\Windows Updates". I told SCCM to STOP installing the client through WSUS. Waited for the rule to finish to remove it from the deployment (you can confirm this by going back in to the setting and both boxes will be empty (nothing is published). Told it to publish by WSUS again, then waiting a few more minutes. After a short while, I checked the Windows Updates folder again, and there it was, CCMSetup.exe was present. I then checked the "Content" directory in IIS and it was accessible this time by clicking "Explore". I went back to one of my servers. Told it to check for updates, and it worked! Just in case anyone else comes across this in the future as I did search online, but nothing really pointed to this being an issue. To me, it looks like it doesn't like to use the UNC paths! But I'm sure someone will correct me if I'm wrong.
  5. Hi All, First of all, apologies if this has been answered somewhere already. There is just such a vast amount of information about System Center on here, it's difficult to find something as specific as this I believe. Anyway, I am an Infrastructure Engineer at the moment, tasked with installed SCCM 2016 along with SCOM 2016. The company I'm working for currently (just started with them) have nothing really in place for remote/DC management or monitoring (hence installing SCCM and SCOM). I have worked with SCCM 2012 in the past, implementing it in to a school a couple of year back now, but I haven't used it since moving on from that job, but I know it fairly well from that and I have installed a couple of labs checking out the updates between then and now. I have never used SCOM other than a quick lab, but I didn't really use it... just installed it to check the process out and make sure I understood it. I've been working for a week on the project now, where I have got myself my own VLAN and installed a test domain with: 2 DC's (2 different domains as I have never done cross domain management with SCCM before, nor SCOM of course - One of them has the Gateway role installed for SCOM). 3 SQL Servers (1 for SCCM, 2 for SCOM) 1 SCCM Server 1 SCOM Management Server 2 Windows 10 desktops (1 on each domain, for the purpose of testing more than anything else). I ran in to a snag, where the SCOM Management server decided to loose it's trust with the DC, but I can't get it back, so for speed, I'm just going to kill the 2 SQL servers and the Management server and start that again on Monday morning (shouldn't take long to get back to where I was as I didn't do a lot with it other than install a couple of MP's, and let it sort it self out really). Anyway, I feel that my manager is feeling I'm taking too long on just the testing phase. Given how much data/information there is to know about System Center, and never having used much of it other than SCCM, I want to make sure I get it right. I've done it in the past where I've ticked the wrong option somewhere and killed my install, or didn't install something correctly, so I've needed to just start over... you know? I feel with something as big and deep as System Center, if you're going to do it, you want to do it right first time (in production). I'm happy for SCCM to go live, where I would install it again for production, but SCOM I need to reinstall on the test and make sure I can get it to talk across the two domains (we have a lot of domains, which are not part of the same forest, but there will be two way trusts in place when I'm ready for them - I'm using the Gateway server for ease/simplicity). I'm, thinking, given that I haven't ever used SCOM before, a week, maybe 2 weeks of testing and getting to grips with it is more than fair. When I taught myself SCCM (with this forum as help... THANK YOU ANYWEB!!!), it took me numerous attempts and 3 months to get the testing done until I was comfortable in myself to install it on a live environment (which is also fairly large I might add). I just wanted to get some other people's opinions or experiences on the timelines for getting one of both of these installed on an already live environment which customers are using and relying on, on a daily basis. Thanks for taking the time to read this! Phil
  6. Try this hotfix first: https://support.microsoft.com/en-gb/kb/2801987 You might need to inject it into the image. Otherwise you'll need to take a new image with this hotfix applied already. This hotfix needs to be installed prior to the setup of the client. You could possibly test it by installing it on a client without the CM client installed and then see if you can install it after that.
  7. I realise this is an old thread, but I wanted to just add my "two cents" here for anyone in the future. This is likely to be that the Deny policy is still applying, although the Allow policy is enforced. Generally, Deny is always the one which takes precedence in any state. What you would need to do is either create two OU's (one for the Deny and one for the Allow), and assign each GPO respectively, or the better solution would be to create two groups in AD, adding the relevant users to the groups, removing "Everyone" or "Authenticated Users" from the security on the GPO and adding the relevant groups to the respective policies.
  8. This might sound like a silly question, but following the power outage, are all devices back online? Do you have a server where drives map which may have been missed and still powered off at all? I have often found when Group Policy hangs like this (usually around the 5 minute mark), it's a timeout. This means that it just cannot find what it needs, in this case, maybe the drive location? How are your drives mapped? All through group policy, or do you have scripts which run? ***Edit: I realise now just how old this thread was... apologies for "bumping" this... either way, might be of some use to someone in the future ***
  9. Hey, I haven't forgotten about you. I've just been super busy. Working at a school means summer holidays is only time to get stuff done! We can pick back up sometime in the beginning of September if you like? Phil
  10. I would advise you remove the above post as it has details for TeamViewer on it which is public
  11. Hi, I've sent you a PM to discuss
  12. On the second screen shot, enable PXE support for clients. Enable to two options about the DP respoding to PXE requests and allowing unknown computers. It's up to you if you want a password or not. Set the affinity to automatic. Then go to your Software Library > Boot Images Deploy both the x86 and x64 boot images. You then need to enable PXE support for both images by right clicking on them, choosing properties and going to the "Data Source" tab. Select the option at the bottom which says "Deploy this boot image from the PXE service point" Also, for troubleshooting, it's worth going to the "Customization" tab and choose "Enable command support". This allows you to press F8 within WinPE to bring up a CMD window (always helps me!!). When you click Apply/OK, it will warn you that you've made changes and it needs to be redistributed. Allow this (Yes), and wait again a little bit. If you haven't, you also need to enble a Network Access Account for SCCM to use. Go to Administration > Site Configuration > Sites and select your server. Right click it & choose "Configure site components" then "Software Distribution" Go to the Network Access Account tab and "Specify the account that access the network locations". In the "Set" button, select new user and add one that has access to all of the images/software..etc. If it's a test environment, choose a domain admin account. Makes life a little easier, but in practise you're better off creating a specific account in AD for this kind of thing for safety. Point the locaiton below to the location of the software/images and make sure it can reach them all by choosing "Test connection". Create a Task Sequence for OSD and deploy it to the collection you wish to use and give it a go. *I was able to write this small "guide" (if you like) by following some of anywebs guides which are freely available to anyone from this link* **When you enable PXE support, if it's not already installed/configured, SCCM will install WDS on the server in question AND configure it. This will take a little bit of time, as expected, so give it some time before you attempt to PXE boot. You can monitor the "distrmgr.log" file until you see that it has completed (following anywebs guide, I think the line you're looking for is: Run completed for: ServerManagerCmd.exe -i WDS -a").** ***Don't forget to add and deploy an Operating System Image***
  13. Okay, I will describe how to add a PC via mac address for OSD first: On VMWare, right click on the machine in question, choose "Edit Settings". In the "Hardware" tab, choose the network adapter. On the right hand side, you should see "MAC Address"... Make a note of the MAC address, we will add this to SCCM in a few seconds. (You can copy and paste it, so maybe highlight it and "copy" it. On the SCCM Console, go to "Assets and Compliance > Devices". Along the top will be a few options, choose "Import Computer Information" A new window will appear, choose "Import single computer" Give the computer a name (this will be the name SCCM will give the machine once it has been imaged). Insert the MAC Address which we made a note of earlier You can leave the "SMBIOS GUID" section blank. Leave the "Source computer" blank as well. Choose "Next >" You will see a preview Choose Next again. You will now be asked which collection you want to add the computer to. This, by default is "All Systems". You can choose the option underneath to select a collection which has the OSD Deployed to it, if you don't have it deployed to "All Systems". Once you have picked your collection, choose "Next" again, and you should be taken to the summary screen. Make sure everything is correct, and click next. Once it says successful, (should be a couple of seconds), go to the collection in SCCM where you added it to: Choose "Update Membership", this will hopefully speed the process up for SCCM to add the machine to it's database/collections. You may not need to do this step, but I find I have to, to speed it up. Give it a minute or so, and choose refresh and check to see if it's in the collection (with what name you gave it at the begining of adding it to SCCM). If it's there, boot the VM and see if it works . One thing you MAY find, is that if it boots, you'll get to the WinPE screen and it will say "Preparing network connections" and then suddenly restart. If this happens, you will need to add the VMWare network drives to the boot image. If you are able to, maybe try it with Hyper-V on a physical machine which supports virtualization. This is available on Windows 8.1, but I'm not sure about Windows 7...etc. But I have a feeling certain editions of it supported it. The boot image will already have support for Hyper-V on it, so you shouldn't have any issues with it. http://windows.microsoft.com/en-gb/windows-8/hyper-v-run-virtual-machines Good luck, hope this helps.
  14. Okay, I will try to do a small guide for you as to what I mean. I'm not sure that you've followed what I'm saying. Could well just be a simple language barrier . Give me a couple of hours and I'll get back to you
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.