Jump to content


Established Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Garrett804

  1. here is a brief from the smspxe log Client boot action reply: <ClientIDReply><Identification Unknown="0" ItemKey="16781236" ServerName=""><Machine><ClientID>GUID:aaa58477-fccf-4d18-babd-452c5397bce9</ClientID><NetbiosName/></Machine></Identification><PXEBootAction LastPXEAdvertisementID="" LastPXEAdvertisementTime="" OfferID="BRK200A2" OfferIDTime="5/20/2016 2:40:00 PM" PkgID="BRK001A0" PackageVersion="" PackagePath="http://YOURDPNAME/SMS_DP_SMSPKG$/BRK00161" BootImageID="BRK00161" Mandatory="0"/></ClientIDReply> SMSPXE 5/24/2016 11:52:37 AM 2808 (0x0AF8) 00:15:5D:64:8A:05, A67763BA-C065-4F16-B2A5-0E3712709BEE: found optional advertisement BRK200A2 SMSPXE 5/24/2016 11:52:37 AM 2808 (0x0AF8) Looking for bootImage BRK00161 SMSPXE 5/24/2016 11:52:37 AM 2808 (0x0AF8) So to break it down you can see it first recognizes the client as ResourceID 16781236 and then pulls the server to see if any advertisements are deployed to that resource. It finds one named BRK200A2 and looks to that advertisement to see what boot image it is set to use which is BRK00161 for the boot image. It then proceeds to send the download path and downloads the file. I'm not sure if that helps you much but its pretty easy to read through in the logs.
  2. sounds like the /qn isn't the right switch If its displaying. You don't have to set the deployment to hidden if you already have a silent switch running and are using a "n" for no display for instance. If you only use a /q or /s or /silent /quiet whatever that app developer put in place it generally will then either not show any progress bar status or it will just show a progress bar status. As far as your command I don't see anything wrong with it but if it is prompting you then it leads me to believe that the /qn is not valid.
  3. Try to remove PXE role, Uninstall WDS, Remove RemoteInstall folder and reboot. Once rebooted Install WDS but do not configure it. Then install the PXE role again on the server.
  4. Something supposed to be shown to us?
  5. I'm trying to set a schedule for offline updates on the new Windows 10 Build 10586. The issue is that nothing shows up on the list of updates available. In looking at the dbo.SupportedProductsForOfflineServicing table we see the following: Notice how the Windows 10 version it validates against is 10.0.10240 and not what we have currently 10.0.10586. I've tried manually changing the version number in SQL which didn't resolve the issue. I don't have a support contract with MS so I can't go to them unfortunately. I am going to open a TechNet issue though and see if I can get some traction on the FREE route. Server OS: Server 2012 R2 SQL: 2012 CU4 SCCM: 2012 R2 1603 (5.0.8355.1000) Update: TechNet link https://social.technet.microsoft.com/Forums/en-US/41c3d0ea-b9a3-4a4c-b645-502b1344bc93/schedule-updates-windows-10-build-10586-no-updates-shown?forum=configmanagerosd
  6. Yeah trying to keep up with every single driver update on every single model is just insane. If I were to do it though I would simply just make a package for the update files and deploy it out. I wouldn't bother trying to do it via SUP. I try and keep my SUP and packages separate which is why I don't prefer to use SCUP for the exact reasons you experience with it messing up your SUP.
  7. You can do one ADR since your criteria is the same even if you did more than one. Then just do separate deployments with different available and deadline times. Makes less groups to manage and packages as well. For instance I deploy immediately when the ADR runs for my monthly workstation patches with a deadline of 3 days for my pre-production group. That is one deployment. I then have another deployment that goes off at the same time but is set to make available 1 month from the time the ADR runs (patch Tuesday) and a 7 day deadline after its made available. This goes to my production which is all systems.
  8. Just make a Hyper-V VM if that is what you have and install whatever OS you want to capture. Create Capture Media and mount the ISO for it while you are in windows. Then just execute the capture and it will sysprep and do everything it needs to do for you.
  9. I tried multicast once but with how long it was taking I decided to just drop it and go with direct downloads as it is way faster.
  10. I do mine by Months, Quarters, Years. I have an ADR that runs once a month that makes a new group each time it runs. Then when I get past a Quarter I make a Q1 group which has all the updates released or revised between 1/1/2016 and 3/31/2016. etc.. Q2, Q3.. Q4.. I consolidate the months to quarters removing the individual month groups and the same goes to Quarters to make a yearly group. I make sure not to hit over 1000 updates which does cause usually the Q3 or Q4 groups to stick around because of the amount of updates. Once I can consolidate a group down I do though.
  11. There is an issue with "Install applications" that causes the applications to not install. I had the issue as well when I would add a list of applications to install and it wouldn't do them. To get around this I made packages of all the applications I want in my task sequence and added steps for each one. It was more time consuming to have to do this but it works 100% of the time.
  12. You need to upgrade your SCCM version. I had the same issue and upgraded up to 1603 but 1511 will have full native windows 10 support for drivers as well so they will import.
  13. this is what I use for my subnet based collections. select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.IPSubnets in ("") and SMS_R_System.OperatingSystemNameandVersion like "%workstation%"
  14. I recently went from R2 SP1 up to 1603. It was a straight forward upgrade and I haven't had any issues at all. All clients upgraded based on the settings for client upgrade on my system. I still have to change over from my physical dedicated server to our UCS system as a VM in June so I'm still working on a plan of action for that myself. I'm thinking it will basically just be a restore once the VM is setup and a direct copy of the drive data on the existing machine over to the new machine. Or I thought about maybe just a P2V but I'm not sure how that would work with having multiple raid array's for my SQL and source data.
  15. You can share your PS with him just edit out any servername information and put in its place <yourservername> or something along those lines.
  16. @suspect() Yeah I did the same thing in my installation but after hearing and reading now about splitting the CM database into multiple files based on the amount of cores you have I'm curious as to what really performance wise you could expect without also separating each file onto its own dedicated spindles.
  17. If you want anything to install or execute you have to set the application/package to "Required" and give it a deadline time.
  18. I'm curious about the following step you have listed - Configure SQL according to best practice for ConfigMgr, pre-create the ConfigMgr database and split it into the same amount of available vCPU's Can you explain this in more detail? From reading it I'm thinking you split the CM_??? database for configMGR into multiple databases. I split out my tempdb files starting with 8 of them for processing performance in SQL but I never have heard about splitting the configmgr DB.
  19. We are talking about MalwareBytes right? That's the only MBAM I know of....
  20. what I ended up also doing was bringing down my WSUS bandwidth in IIS as well to help with any potential transfers during the day time.
  21. You can set the update time frequency as well as sources in the Antimalware Policies. I for instance have my sources as follows: 1. Microsoft Update 2. Microsoft Malware Protection Center 3. SCCM 4. WSUS Microsoft also released updates 3 times per day so I have my schedule set to 30 minutes after each release. - Starting at 3:30AM and following every 8 hours my endpoint clients look for updates.
  22. open the package and see if some of the older expired or superseded updates are in it still. If they are remove them from it and re-distribute it.
  23. So you are deploying these as "Required" Once the machines pulls the policy for required updates it will kick off a background download of the updates to have them locally to install at the deadline time. I found this out the hard way as well by testing it and saturating our networks as well. I can't find any documentation on this though anywhere but with watching my Meraki traffic and clients traffic I can see it clearly downloading even though the deadlines aren't reached yet. What I've done to solve it is make the deployment available time later in the day so that most of the machines kick off the downloading portion after hours so that network saturation doesn't affect my sites during the day. I started making them available Friday nights at like 7:00pm for the deployments so that all weekend things can download even if someone is on there home network. The machines that come in on Monday that were off the entire weekend will kick off at that time but I find it is far less disruptive to everything so I don't have saturation occurring anymore.
  24. Ok I'll take a stab at this for you. Issue 1 - Have you selected the categories that you are wanting updates for? Check the Wsyncmgr.log on the primary server. Issue 2 - Did you disable Automatic Updates on your network? Do you have maintenance windows?
  25. SCCM updates don't come down from WSUS they are from patching your environment with either a Service Pack(SP) or a Cumulative Update(CU). Forefront (Endpoint) Updates do come down from WSUS and can be selected by the product Forefront Endpoint Protection 2010 (they haven't updated the naming)
  • Create New...