cumbrianblues

HI Everyone I'm testing a new deployment of Windows 10 1803, everything works fine, except when I first logon, i get the 'Preparing Windows' screen it looks to be attempting to log in then, without warning we are back to the login screen. Try again and I get logged in straight away. I have updated the Unattend XML with the following OOBE settings, as I was trying to get rid of the ever helpful cortana - lets get connected etc. <OOBE> <HideEULAPage>true</HideEULAPage> <HideLocalAccountScreen>true</HideLocalAccountScreen> <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> <HideOnlineAccountScreens>true</HideOnlineAccountScreens> <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> <ProtectYourPC>2</ProtectYourPC> </OOBE> I've tried with the following - <SkipUserOOBE>true</SkipUserOOBE> <SkipMachineOOBE>true</SkipMachineOOBE> but as you well know these have been depracated in 1803 so as expected it didn't make a difference. I can;t find any obvious errors. Thoughts?

Hello all Just want your thoughts on using prefered management points. I work for an international company, we are mainly based in the UK, but we also have offices in Australia. we have around 7000 clients - and are growing fairly fast. 5.5k are in the UK, 1.5k in Aus. As most clients are in the UK, this is where our primary site server is in one of our Data Centre's (DC) we have a backup DC where MS suggested a secondary management point for load balancing, and because we have 1.5k client in Aus they suggested a MP in our Aus DC (network latency is 300ms). We have been working on the UK infrastruture, but now we are ready to start the install of the Australian infrastructure. (you can probably tell where im going with this). We have setup the new MP in Australia and now some of the UK clients are using that. So i was all set to add the two UK Management Points to the UK Boundary Groups (for the local branch offices) when I realised an issue - most of the UK Branch offices have a local DP to reduce network bandwidth, the two data centres each have a DP to supply devices using VPN. (in DC 1 this is the primary site server - which runs the DP and MP). The issue is that if I add the Primary site server as a prefered management point it will also be added as a prefered DP which is not what we want as we want clients to use the local DP. So what would you do to fix the issue? 1. Take off the DP role from the primary site server and onto a new server - that way we could use the Primary Site Server and the MP in DC2 as prefered MP's for the UK. 2. Take of the MP role from the primary site server and onto a new server - that way we could use the new MP Server and the MP in DC2 as prefered MP's for the UK. 3. Specifiy the MP in DC2 as prefered managment point for all the local branch office boundary groups, and then have the DC1 boundary groups as the fall back option? (this is the plan for Australia - get them to use local MP and fall back to PS if needed) 4. any other ideas? Attached is a screen shot of the setup as is planned - the onyl server in Aus at the min is the MP. Thanks

Hi We use SCCM CB (1706) to deploy Windows 10 Express Updates, in the most part this is working well, however we have a handful of machines that seem to be swamping the network bandwidth trying to download the express updates. From what I can tell, the client is working through the delta's and requesting files, but when the download kicks in it seems to be trying to download all of the .psf files from the Ditribution Point instead of the ranges needed to update the machine. From the CMBitsManager.log file of a machine not working this then repeats until it moves onto the next one. The total bytes corrolates to the size of one of the psf files, but if you watch the log it changes to the sizes of the others too, So it looks like the client(s) are continuely downloading all the psf files which is killing the network. For reference the Delivery Optimization service on these machines seems to be 'not there' i.e its listed but it cannot be started/stopped or edited. The downloads never complete. On a machine this is downloading the updates correctly we can see in all the SCCM logs the machines is indeed working through the express updates and picking out the ranges it needed. Example from CMBitsManger.log on a working machine The express download on this machine completed as expected, the only difference being is that the Delivery Optimization service looks as you would expect, i.e can stop/start/edit it. We have the Download Mode set to 0 (http only) via GPO. Has anyone come across this before? How can I get the service into a working state on these machines? Thanks

We did this, we had MS in for a chalk and talk and they recommended just setting up a new server and moving the things we needed - albeit we didn;t have that many application in there. So we set it up side by side, setup everything we needed then bsically 'switched' the clients when we were ready (remove site assignment from old SCCM boundary groups/stop client push) then just enable the same on the new server - we could have migrated but MS said that may bring across old problems. Obviously this will be your choice as to which way to do it

Hi The partition step is wrong, the partitions you have specified are for a MBR disk with legacy BIOS. They need to look like this

We are moving from SCCM 2012 R2 + SQL 200R2 both on Windows Server 2008 R2, the new boxes are all Windows Server 2016, using SQL 2016. We are setting up a completly new primary site (albeit in a different 'resource' domain) we could have just joined the new and the old together and migrated everything however the old setup had so many inconsitancies and issues. We also decided to take a look at all the apps and make sure they were setup correctly- drop any old apps, introduce new/updated apps etc. in some cases i have exported apps, however you have to go change the content location, especailly if its in a different place, however thats simple. I've also taken the oppurtunity to redo all our device collections, mainly to help with the user admin/role based admin, as previously all the SCCM users were full admins so we are 'locking it down' this time around. Once we are done we will just drop the boundaries from the old site, add them to the new site and push the new client.

I've just installed CM 1702 Hotfix Rollup (KB4019926) onto my Primary Site server, and added a new distribution point, it is now showing as OK with all content distributed, I've removed and readded another DP and that is now showing as OK too, so I'm currently removing and readding the others now.

I'm in the process of setting up a new install of SCCM 1702, at the time I used the base 1606 install and upgraded to 1702. I'm now at the point where I'm adding additional Distribution Points at our local branch offices, the install starts and the 4 client packages (boot images deployed after)(content.jpg) error, the install carries on and configures and installs the DP as expected, the 4 client packages are then successfully distributed, and the DP has all nice green ticks on the details tab (moredetail.jpg). However on the Distribution Point Configuration Status node the two DP's I have installed are showing as error, if you look at the dp on the primary site server (ps.jpg) its showing 6 successes, no failed. on the two new DP's (dp.jpg) its showing the same 6 success, but showing failed as -4 and only shows 2 pacakges targed compared to the 6 on the PS. There are no errors in the DP logs, distmgr.log or PkgXferMgr.log files , all content has distributed fine, i can only assume this is a bug in the Distribution Point Configuration node. anyone else come across this? I have managed to find only one post about this **edited to add all the site servers are running Windows Server 2016 content.jpg moredetails.jpg ps.jpg dp.jpg

I think i saw this in my lab, check in the Software Update Groups to see if any of the plans have a superceeded update in them (denoted by the orange arrow) I think for both 1511 and 1607 they released a new upgrade but the plans were showing the original superceeded update.

i'm assuming this is going to be fixed at somepoint? I was wirting a plan for us to upgrade our infrastructure to CB, with the process for servicing windows 10, this has thrown it out of the Window for the time being and is not very helpful at all. Lucky I spotted it in our lab so going to have to re-write the plan for now. Just out of interest how are you assigning machines to CB or CBB? our AD structure is all over the place as we are made up of 30-40 Business Units, each with their own OU that contains 'laptops' and 'workstations'. If we use the GPO to separate the machines it means either having to create a load more OU' ones for CB or CBB or create groups and add machiens to groups manually. Are there any better ways? how are people doing it in the real world??

Have you guys seen this? https://blogs.technet.microsoft.com/windowsserver/2017/01/09/why-wsus-and-sccm-managed-clients-are-reaching-out-to-microsoft-online/ MS now recommend not to set the defer updates GPO as it causes dual scan issues with machines getting update via the internet, see also https://support.microsoft.com/help/4010155

just wondered if anyone had seen this https://blogs.technet.microsoft.com/windowsserver/2017/01/09/why-wsus-and-sccm-managed-clients-are-reaching-out-to-microsoft-online/ MS have released a hotfix for 1610 and the KB article https://support.microsoft.com/help/4010155 now states DO NOT set the defer updates GPO's as this bascially enables machines to use Windows Updates for Business so they will ignore SCCM and go to the internet for updates. There is another article here confirming it as well (comments section) https://blogs.technet.microsoft.com/askpfeplat/2017/02/21/identifying-waas-systems-using-config-manager/ So my question is how do you set up machines to be CB or CBB if you can't use the GPO? Thanks

Hi I've just discovered this as an issue when looking at the latest hotfix for 1610, apparently its a known issue when the defer updates option is set in GPO, Microsoft recomment that you DO NOT set these GPO's as it will cause a dual scan issue. https://support.microsoft.com/help/4010155 is the article related to the hotfix, however I've also come accross these two article as well:- https://blogs.technet.microsoft.com/windowsserver/2017/01/09/why-wsus-and-sccm-managed-clients-are-reaching-out-to-microsoft-online/ https://blogs.technet.microsoft.com/askpfeplat/2017/02/21/identifying-waas-systems-using-config-manager/ So that begs the question, how the hell do you set the machines up for CB and CBB? I've been on it the last two days tryign to work it out but cannot figure it out without setting these GPO's aarrggghhhh!!!

surprisingly we have a CAS already in the UK setup and haven;t had any issues with it (we put one in at the time expecting we may need one in the future) The current setups in the UK and Aus are both on Server 2008 R2 boxes hence the need to move and upgrade. so they want to consolidate and have one to cover all the machines, I can't see any issues with moving it to the resource domain and then publishing to the account forests for management. The only thing I don;t know is the political bits, they haven't said if they want to keep them separate for management/politcal reasons or whether we can just use the same infrastucture - oh and they want it done in a couple of months

how are you adding the app? are you using the proplus.msi to create it but changing the install file to setup.exe?

We import them using the name/no Microsoft use on the files/zip files that way we know which are which, we also keep the previous set of drivers just in case there are issues with the current drivers so we always have 2 version of the driver pack/msi in sccm at any one time

Bare with me on this one, we currently have locations around the world. UK, Australia, Germany and South Africa multiple office location in each country. Each one worked as a separate entity until recently so all had their own forest/domain with UK and Aus having their own sccm 2012 deployments. We have recently added a resource forest to move SharePoint/Lync/exchange into to join up everyone, with their local forest/domain still retaining users/computers etc with a two way trust between them and the resource forest. We need to update sccm to Current Branch in UK and Aus but also want to join then together and roll out to GER and SA. 20,000 clients in total. Our thoughts were to install a new primary site server into the resource forest (based in UK) and install site servers locally (DP's at all the regional offices). Publish it all into the local forests/domains and migrate. Would it work? What are the pros and cons? Any other ideas? Thanks