Jump to content


Established Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


skissinger last won the day on February 3

skissinger had the most liked content!

Community Reputation

5 Neutral

About skissinger

  • Rank

Recent Profile Visitors

648 profile views
  1. Have you used a tool, like Roger Zander Client Center https://github.com/rzander/sccmclictr, or the MS Client Support Center Tool, https://docs.microsoft.com/en-us/configmgr/core/support/support-center ; to examine a client? What I would look for is things like... "is the last scan version matching what my environment says" (in CM Console, Monitoring, Software Updates Point Synchronization Status, the Catalog Version); that'll be the catalog version i'd want my clients to have used. is wuahandler.log scanning successfully? In those tools, you can see what CM believes locally is deserved or installed for updates, as scanned by the CM client. When you say "locally just msrt... but when I go directly to Microsoft, I deserve more" -- are those updates listed locally by the CM client? If not; are those updates even in CM? (EXACTLY those updates, by title and kb article--maybe you're missing a category in your CM SUP rules for what patch info to download)
  2. Am I reading this right? You want this one: https://support.microsoft.com/en-us/help/4054518/windows-7-update-kb4054518 Which if I'm reading that correctly, is a not-released-on-normal-cadence for Windows 7, for December... 2017. 2 years ago. 48 months ago. the monthly rollup for Windows 7 has been superseded by a newer one dozens of times. Are you absolutely SURE that's the one you need? Why wouldn't you deploy something newer than December, 2017? Personally, since today (December 10, 2019) is hotfix Tuesday, I'd wait until the latest Windows 7 update is released today--there probably will be one--and download and deploy the latest one later today.
  3. Stupid idea... but try it. On the deployment properties, is it possible the available and deadline are the same time? try changing the deadline to be different from available time.
  4. Just to understand the ask, you want the results to look something like this? or like what? ComputerName Publisher ProductName Version BobsComputer Nitro Nitro Pro 12.8 MarysComputer Nitro Nitro Reader 5 5.5
  5. Incorrect hash values--sometimes that can be fixed by doing an "update of distribution points" for your software update packages. If that doesn't work, you might need to remove updates from the patch packages, and re-download them. As for summarization in the console, that's a harder question. I stopped believing the console for summarization for updates about 4 years ago. mostly because of where I work, we have so many clients that summarization simply can't finish--so summarization information is often incorrect. So I use SQL reports, and not the console, to confirm if updates are being installed and deploying. What that means to you is that I simply can't help with in-console summarization questions from anyone. I expect it to fail and never work; so when someone says "it doesn't work", I say "yep". Which isn't totally accurate for most companies--but it is for me, lol.
  6. I'm not sure what your question is. is it... "why isn't the console showing summarization info for updates" (possible answer: summarization hasn't run yet). or is it... "I have ADRs to download everything, and those ADRs haven't run, thus downloaded = no and deployed = no, for this underlined update" Or is it... a different question I can't guess based solely on a screenshot?
  7. So you want a report with every single device, in a list, and which ones have and have not done hardware inventory? I'm assuming you just might care about extenuating circumstances... what if the client is offline (it's 2 weeks of vacation, and the human powered it down); do you care that it's offline? I'm assuming you don't want to chase after ghosts. Have you already looked at all the wonderful things in v_ch_clientSummary view? Anyway, making a bunch of assumptions about I think you want, and what I would want if I were you and also assuming you only have a few hundred or thousand boxes to care about... Below is a query. where I 'think' what a human would want to follow up on would be devices which haven't had Hinv in the last 24 hours... BUT HAVE had 'some other kind' of activity (heartbeat, policy request); so the ones at the top of the list would be the ones to follow up on, if needed. The 2s and 3s would be older hinv... but also older activity, so probably not on the network anyway. or they are already current hinv, so are good (under your parameters). So you'd use this is a base for an SSRS report. and then set a subscription using your already working and tested SSRS report Subscription feature to email the report on whatever schedule you like. ;with cte as (select s1.Netbios_Name0 as 'ComputerName', ws.LastHWScan, Case when ws.LasthwScan <= DATEADD(hour,-24, GetDate()) and cs.LastActiveTime BETWEEN DATEADD(hour,-24, GetDate()) and DATEADD(Day,3,GetDate()) then '1 older HINV, but has checked in lately' when ws.LasthwScan <= DATEADD(hour,-24, GetDate()) and cs.LastActiveTime <= DATEADD(hour,-24, GetDate()) then '2 older and has not checked in lately' when ws.LasthwScan BETWEEN DATEADD(hour,-24, GetDate()) and DATEADD(Day,3,GetDate()) then '3 HINV Current' Else 'Dunno' end as 'Age' ,cs.LastActiveTime from v_r_system s1 join v_GS_WORKSTATION_STATUS ws on ws.resourceid=s1.resourceid join v_CH_ClientSummary cs on cs.resourceid=s1.resourceid ) select cte.computername, cte.age, cte.LastHWScan, cte.LastActiveTime from cte order by cte.Age
  8. When that has happened to me before--and it has--it's almost always 'something' in the configuration.mof file. My suggestion for you is to take a copy of your current \clifiles.src\hinv\configuration.mof file, and save it ELSEWHERE. then on your primary site (or cas, if you're cursed with a cas), go to <installed location>\Data\HinvArchive In there will be multiple backups (usually 5) of previously used configuration.mof files. Hopefully you have one backup from prior to your upgrade--aka, a known good one. Grab a copy of it (or if you're super paranoid, copy every file in \hinvarchive to another location, just in case), but copy a "I think it's good" configuration.mof.bkxxx file, rename it to just configuration.mof, and drop it into \clifiles.src\hinv, replacing the one you mofcomp'd and it was a success... but I'll bet there's still something wonky with it. Once you've copied in an old one, monitor dataldr.log on the primary site, make sure it's not rejected. Then a couple of policy refreshes on a client, and carefully watch policyagent.log on that client--make sure it doesn't error on getting a new policy. If policyagent.log says all is good... go check if the inventory action is back in the control panel applet. If so, your clients should start sending inventory again. Once you have inventory working again, then use your favorite text comparison tool, and compare the one you restored, vs the one you pulled out--and see what's different. I could be as simple as a special character somewhere in the mof file which although passes a "syntax" check (mofcomp -check), still is not able to be processed at the clients and compiled.
  9. maybe I'm speaking out of turn here... but I am completely lost as to why you are trying to use a script to install software from a network share. Why wouldn't you create applications, to install Visual C++ 2005, and another one for 2015... etc? i.e., use CM like it's supposed to be used? the scripts node to me doesn't make sense as a way to do this.
  10. It's been a while since I did this... but long long ago... I used to work with SMS (yeah, it was SMS, not CM yet) in a disconnected environment, so I had to sneakernet patches over. So this is 10+ years old memory.. but it went something like this. You manually downloaded the File--and you can tell what File it wants because you right-click properties on that individual update, and went to "Content Information", and looked at the information there. So let's say it wanted http://www.hp.com/downloadme/SuperImportant.v1.1.1.exe So you grabbed that yourself, outside of CM using Internet Explorer or Firefox or something, and have it. and put it on \\YourServer\ManuallyDownloaded right-click that update, download... select the CM package to store it in, next. Now, for "Download Location", do NOT just click "next", where it's saying "Download software updates from the internet". You want to change that to download software updates from a location on my network; and browse or type in \\YourServer\ManuallyDownloaded next/next/finish. And... hope that I kinda sorta maybe remembered all the steps I had to do. I probably forgot something critical.
  11. My guess--and it's just a guess. I'm assuming that since it's the client that picked up the script to run, it'll be similar to the same context that other scripts run in, when picked up by policies, like Configuration Item Scripts, or Scripts used for Detection Logic for Applications--which is NT Authority\System, of the individual device. So if you want all your Domain Computers to have rights to some remote share, you'll want to make a share, and grant (I think) "Domain Authenticated Users" both NTFS modify to that location, and that the Share also has Modify rights to Authenticated Users. I think that might work... I see you're trying to use s$... that would be an Admin share. I wouldn't use that. Make a real Share, which you can permission properly.
  12. TEST TEST TEST I don't have a naming convention like this, but this "MIGHT" work--I suggest testing. A lot. Assumptions: There are EXACTLY 5 numbers between the LIB-AU and the - for the Lab machines and then exactly 2 numbers after the - There are EXACTLY 5 numbers for the LIB-AU ones where they don't have a - for employee machines Labs: Select * from win32_ComputerSystem Where Name like 'LIB-AU[0-9][0-9][0-9][0-9]-[0-9]-[0-9][0-9]' Employees: Select * from win32_ComputerSystem Where Name like 'LIB-AU[0-9][0-9][0-9][0-9][0-9]' Why this might work.... the [0-9]; that's a WQL/SQL query trick. So you're saying... after the LIB-AU, that next character has to be a number between 0-9 Then the next character has to be 0-9 ... up to 5 characters (for Employees) For Lab, it has to be LIB-AU, then 5 numbers, then a -, then 2 numbers.
  13. Why not use Installed Software, ProductName = iTunes ? I'd feel more confident about that vs. the two different ARP ones. Are you sure you HAVE iTunes older than v12? Can you look at a box you *know* has an older version? maybe it's not called exactly 'iTunes'; but is instead called something like ... 'Apple i Tunes The Media Player' or something... not 'iTunes'
  14. Suggestion: google "run cmd prompt as system using psexec", and on a test system, get to a cmd prompt as system. then run your powershell script (or your batch file, etc.) If that doesn't help you figure out the issue, presuming it doesn't violate any of your practices, if you'd post your posh script here, perhaps one of us could help you add logging to it, or a more verbose exit code if there's an error.
  15. I think what you are describing is a 'migration scenario'. You may want to check out the documentation on that: https://docs.microsoft.com/en-us/sccm/core/migration/planning-for-migration You wouldn't 'transfer roles' -- at least not how I think of a Role in ConfigMgr. You would be able to migrate data from your 2012 primary, to your Current Branch primary.
  • Create New...