Jump to content


Sanchez

Established Members
  • Content Count

    7
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Sanchez

  • Rank
    Newbie

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Thanks for that, Garth. I was aware of the issues around software inventory, but I think your posts have finally persuaded me to turn it off. However, before I do that, I want to figure out why these tables aren't being populated, and why the permissions seem screwy. I agree that inventorying .exe is rather excessive, but I was trying to mirror the settings on the old server (set up long before my time), which was working perfectly well. Oh and sorry for the misunderstanding; I didn't mean I'd configured it just now. I meant "simply". It's been like that since about October last year. Anyway I'm thinking more and more that this is a fault, and not that I've mis-configured something, so I'm going to try re-installing the reporting point, to see if that fixes it. After that, it's a call to Microsoft. Thanks for your help!
  2. Yup, I just configured it to inventory .exe on all client hard disks, including subfolders, excluding "Windows,Compressed". And I think it's unhealthy because on our old 2012 R2 site (which is still active, but has no clients), those same reports produce hundreds of records. As far as I can tell, they're both (the 1810 site and 2012 R2 site) configured the same, as far as SW inventory goes, but the new one produces just one record. And in addition, as I alluded to previously, when I gave NT AUTHORITY\SYSTEM the sysadmin role on the (1810) site database, that report suddenly starting showing lots of records. So I think that somewhere, the permissions are wrong. Besides that, there's the fact that users aren't getting access to reports, as I believe they should. Thanks.
  3. Indeed. As far as I know, I've configured everything required for those reports to work. I suppose I could stick to ARP reports, as you say. I just don't like to leave anything in less than 100% health. Thanks a lot for your advice, Garth. I tried giving NT AUTHORITY/SYSTEM the sysadmin role on the SCCM database, and that seemed to get everything working. But I haven't seen that in any of the documentation or guides I've read, which makes me think that something's just not right. And I've also seen it suggested that it's not good from a security standpoint, so I don't want to leave it like that. There's definitely something wrong with my setup, so it would be good to get to the bottom of it.
  4. Thank you very much! Sorry for the delay; I'd been having trouble logging in! I tend to use "Computers with a specific product" and "Computers with a specific product name and version" quite a lot. I suppose I could just use "Computers with specific software registered in Add Remove Programs", but it's useful to be able to narrow it down by version, and at the end of the day, having issues on a new environment makes me wonder what else might be wrong with it, so I'd rather fix any problems I come across. And it used to work on the old (2012 R2) site, so it should work on the new one. As for the SQL stuff, the site server is actually already a sysadmin on the instance (as explained in your link). It doesn't show up in the "Users" folder for the ReportServer database, but that's how the old (2012 R2) one was, and that one works just fine. I've run SSMS as suggested in your post (from the site server, running as "NT AUTHORITY\SYSTEM", using PsExec), and that all seems fine. I can successfully query both the SCCM and ReportServer databases. So I'm not sure what's going on. Any other suggestions?
  5. Hi. I recently set up a new Configuration Manager 1806 environment (now upgraded to 1810). Its SQL database is on a named instance, on a failover cluster, and Reporting Services is installed on one of its nodes (I know that SSRS is not cluster-aware). The site appears to be mostly fine, but reporting has always seemed a little off. Firstly, while most of the reports work as expected, some of the reports in the "Software - Companies and Products" folder, either produce no results, or only one result. I've read on lots of forums that you shouldn't use reports generated from software inventory, and should stick with hardware inventory, but some of those reports are very useful, and it's a new setup, so I want it to work properly. Secondly, when I go to the reports web site and look at the folders' permissions, it just says "BUILTIN\Administrators", and people who should have access to view those reports, don't seem to. They just get an error saying "You are not allowed to view this folder. Contact your administrator to obtain the necessary permissions.". These are people I've added to the "Read-only Analyst" security role, for example. srsrp.log keeps saying this, and I don't know if it's related: (!) Error retrieving folders - [Cannot open database "CM_MA1" requested by the login. The login failed.~~Login failed for user 'NT AUTHORITY\SYSTEM'.]. The SQL instance is using Windows authentication only. Any help would be greatly appreciated. Thanks.
  6. Hi. I am the sole SCCM administrator for a small company. The current site is running Config Manager 2012 R2, on a Windows Server 2008 R2 VM. It's a simple hierarchy, consisting of one primary site, all managed from a single server, and 3 distribution points. SQL is hosted on a separate cluster. This was all set up long before I joined the company. Now that I'm wishing to upgrade to current branch, I've also decided to put it on a new Windows Server 2016 VM. I could do a side-by-side migration, but am quite tempted to start again from scratch, with a clean slate. My plan is to leave the current site up and running, while I set up the new one, giving me ample time to configure it all, create the deployments, distribute content, etc. Once it's ready, I can push-deploy the new client, and eventually take down the old site. I've already chosen a new site code and name, and new names for all the servers, so there should be no conflicts there. The only thing I'm a little uncertain about at present, is what's going to happen in the System Management container, when I set up the new site. Will its site code and name be added alongside the current one, or will it over-write? In either casem will the clients get confused (if not current ones, then new builds)? Should I maybe not give the new site server permissions on the container, and instead get it to publish to ADDS when everything's ready? As a bonus question, I thought I might as well set up the new SQL Server 2016 database for it, on the same cluster as the current one (since we have a cluster already in place, I prefer to use it). I thought I could just install SQL 2016 on the cluster, set up a new instance, and point the new site at that, but are there any potential pitfalls I'm overlooking / anything else I need to consider? Any guidance would be much appreciated. Thank you.
×
×
  • Create New...