Jump to content


Fraeco

Established Members
  • Posts

    15
  • Joined

  • Last visited

Posts posted by Fraeco

  1. Hi!

    I'm trying to get compliance going because of an ongoing audit on our servers. One of the requirements is that a certain GPO is applied. I figured I'd query the ROOT\RSOP\COMPUTER namespace for RSOP_GPO. This class has the GPO name and it's enabled/disabled state.

     

    I tried my WMI query and below powershell snippet returns me the GPO's that are listed in a GPRESULT on the server.

    $query = "Select name,enabled from RSOP_GPO where enabled = true"
    $namespace = "ROOT\RSOP\COMPUTER"
    Get-WmiObject -Query $query -Namespace $Namespace | select name,enabled
    

    I then created a CI with the following settings

    • Setting type: WQL query
    • Data type: string
    • Namespace: ROOT\RSOP\COMPUTER
    • Class: RSOP_GPO
    • Property: name
    • WQL query WHERE clause: enabled = 'true'

    The hard part is getting the rule to comply. I tried the following rules: "one of: GPO name", "Contains: GPO Name", "Equals: GPO Name".

    When I look up the report on my client I can see that the GPO rule is non-compliant I get the following results.

    expression           current value            rule type
    Contains GPO Name    Default Domain Policy    Value
    Contains GPO Name    Local Group Policy       Value
    Contains GPO Name    Some other GPO           Value
    Contains GPO Name    Another extra GPO        Value

    Strange thing is though that the GPO I'm querying against isn't in the list but I know for certain that it's applied and active.

    I don't really know how to advance from here on out so I was hoping any of you guys had an insight I'm missing.

    Thanks in advance!

  2. Hey,


    We're an MSP that supports a whole lot of clients and we have to (re)image systems on a weekly basis. Right now this is done manually and with a few basic scripts. But it's still a babysitting job. Start install, wait for 20 minutes, click a button, ...


    Same with updates after install of the embedded image. Install first set of updates, wait, reboot, install next set, wait, ...



    At my previous place we used SCCM to do all these tasks. That was a normal internal environment.


    I was thinking that SCCM could be an asset here. You create one OS image, import the drivers for the different types of portables (all HP) and be done with it. Levering the SUP you can slipstream updates into your image and don't have to worry about that as well.



    My question is, is this feasible for an MPS? The systems would not be domain joined because they go out to our clients. There's no need for the Config Mgr client on the system as well because they won't be able to connect to our site.



    Thanks any feedback!


  3. Hey,

     

    I'm having some issues with PC's rebooting outside maintenance Windows even when they're not configured to do so.

    These are the settings I have configured for restart behaviour.

     

    dqYacOq.png

     

    Alas today, after patch Tuesday I'm getting reports from users that they're getting SCCM prompts telling them that the system needs to be rebooted, and will do so in 15 minutes.

     

    Are my settings wrong, or are they not being respected by the clients? And what can I do about it?

  4. Hey,

     

    I'm trying to build a 2008R2 install for later capture using SCCM.

    I created a task sequence for installing from the install.wim provided on my Server 2k8R2 iso.

     

    The install failes on "Applying system settings" with the following error.

    Windows could not parse or process the unattend answer file for pass [specialize]. The settings specified in the answer file cannot be applied. The error was detected while processing settings for component [Microsoft-Windows-Shell-Setup].
    

    I tried recreating the TS to no avail. The boot image i'm using works for other deployments and I can manually install from the iso where I extracted the install.wim.

     

    What am I doing wrong here?

     

    Kind regards!

  5. Hey guys

     

    We have a small inhouse developed application that is frequently updated.

    It's installed on every device and now we manually update the clients that need the new features. This leaves us with quite some fragmentation.

     

    I've found a few approaches online. Creating a new application and superseding the old one. Or creating a new deployement type and setting this with a higher priority.

     

    So we'd like to distribute this app through SCCM but I'm wondering what would be the best approach on updating this application?

    Ultimately we'd like to be able to update the application to all clients when there's a new build. How do we accomplish this?

     

    Kind regards!

  6. Ok. Given the fact that we have a virtualized environment I'm not going to taunt Murphy and keep my services on seperate boxes.

     

    However, would it be possible to keep all the databasing on one and the same SQL server? I could juice up that box if need be, but then I wouldn't have an explosion of SQL Server instances on my network.

     

    edit: According to this thread it should be possible to recycle the SQL server, as long as I create new instances when required

    http://social.technet.microsoft.com/Forums/systemcenter/en-US/4bcf4269-c603-4207-a2db-ac20dd8e1346/all-dbs-on-a-sql?forum=setup

  7. Hi,

     

    I currently run a small scale SCCM 2012 setup for our environment (~150 devices).

    We're going to try out Service Manager for our helldesk setup. More importantly we'd like to start with request management and incident management. It would be nice to leverage the info CM gathered from our assets in SM. That's why we're looking to SM firstly.

     

    My question, is it smart, or possible to install CM and SM on the same server? This server already setup with the SQL server and such. Or do I install the SM logic on a new server, and point it to the database on the SCCM box?

     

    Thanks in advance!

  8. Hey,

     

    We've got quite a pool of different dell systems in our network.

     

    I was wondering what the proper way is to get them all in SCCM12 OSD.

     

    I've got a Task Sequence in place that does the basic stuff. Defines the keyboard layout, installs a few applications, install a package, ...

    But I was wondering how I would go about with the drivers. Only IT installs PC's from PXE.

     

    I was thinking of setting a variable in the system that contains the vendor/type, and have a series of tasks in my TS that responds to the right variable, and dumps the correct driver package. Is this an acceptable way of doing things, or would it be more appropriate to copy the TS and select the right TS (depending on what PC you're imaging) from the available Task Sequences?

  9. I've uploaded the relevant driver to my server. Created a driver package and distributed it.

    Referenced the driver in the boot x64 image. The hardware is getting an IP.

     

    The reason I'm working with a physical device was that this is going to be our new hardware for a while to come. I figured I'd create on there, because that's what we'll be using. However, if there are no downsides to creating the image on a VM I'd be happy to give that a whirl.

     

    Let me cook up a VM :-)

  10. I'm at a serious loss here. I've been trying to get the Build & Capture tasks to work. After hitting a few roadbumps I finally managed to get to the capturing part.

     

    When it starts the capture I get an error that says:

    Task Sequence: Build and Capture - Windows 7 x64 NL has failed with the error code 0x80070056

     

    I've setup a Network Access Account and the folder where the WIM needs to go is writable by this account.

    The client is a physical device, I had to deploy a network driver for it to connect in a decent way but it has an IP prior to starting the capture TS.

    The client can ping the hostname of the SCCM server.

    For the sake of testing I've made the folder where the WIM needs to go writable by "Everyone".

     

    No luck.

    Any ideas as to what is going wrong?

    smsts.log

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.