Jump to content


Robert R.

Established Members
  • Posts

    16
  • Joined

  • Last visited

Posts posted by Robert R.

  1. Creating a master VM for VDI should always be done with the machine off the domain (i.e. WORKSTATION context). In our organization we use Microsoft RDS and have the broker create the pool of VM's, which during the task, joins each machine created to the domain.

     

    In my previous response to your question I left out one other detail. I created a startup script for the VM's in the pool to do a NET STOP CCMEXEC, pause for about 30 seconds, then NET START CCMEXEC. I found by doing this it will prevent the VM's from reusing the GUID from the master VM. All 60 or so VM's that I manage for RDS have unique GUID's.

  2. In our environment, these are the steps that I do:

     

    * Run TS

     

    * When the TS is done, login as the local admin

     

    * Open administrative cmd prompt, do a NET STOP CCMEXEC to stop this service

     

    * Open the certificate console for the local computer, delete the two certs displayed in the SMS node (MMC > Certificates > Local Computer)

     

    * Delete the smscfg.ini from C:\windows\

     

    * Lastly, sysprep the VM. Since we use Windows 8.1 for our VDI farm, I use the cmd sysprep.exe /generalize /oobe /shutdown /mode:vm

     

    It's too bad there is no complete automation of this process in SCCM. Hopefully the next version has some support for creating a master VDI disk.

     

    -Robert

  3. Hello -

     

    Anyone here experience this during the installation of .NET 3.5 during an OSD task sequence for Windows 8.1?

     

     

    Failed to run the action: Run Command Line - Install .NET 3.5.
    Unknown error (Error: 800F081F; Source: Unknown)
    The execution of the group (Install .NET 3.5) has failed and the execution has been aborted. An action failed.
    Operation aborted (Error: 80004004; Source: Windows) TSManager 11/5/2013 3:53:35 PM 2784 (0x0AE0)
    Failed to run the last action: Run Command Line - Install .NET 3.5. Execution of task sequence failed.
    Unknown error (Error: 800F081F; Source: Unknown) TSManager 11/5/2013 3:53:35 PM 2784 (0x0AE0)

     

    I've tried the method that was outlined on this site last year (which worked just fine in our Windows 8 TS). Also tried pointing the source of .net to a network share instead of copying the package contents to a local folder on the system (My cmd on the TS was DISM.exe /Online /Enable-Feature /FeatureName:NetFx3 /All /LimitAccess /Source:"\\SF-MIS\MIS\Appswinnt\.net 3.5\SXS") - still failed

     

    I attached the smsts.log where the error occurred.

     

    Any advice will be appreciated

     

    Cheers

     

    -Robert

    smsts.log

  4. I've run into issues re-imaging previously bit-lockered systems too. To get around our issues, we needed to:

     

    * Go into BIOS, clear TPM. In Lenovo notebooks, it's Clear Security Chip

     

    * Remove HDD and blow out all volumes and reformat. Always kick off your task sequences with a 'clean' drive.

     

    - Robert

  5. Found solutions to my problem:

     

    * For an OSD TS, I appended an 'https://' to the SMSMP client installation property (ex. SMSMP=https://SCCM.HDCCO.COM). We setup our MP to communicate to the client using HTTPS and require a cert from our PKI. According the the client installation properties reference page on TechNet, specifying the MP in this fashion is required if you're not running SP1. Once I did this, updates are detected and downloaded.

     

    http://technet.micro...y/gg699356.aspx

     

    * For a Build & Capture TS, I was running into a similar issue as well. Updates would be detected but IIS would refuse to let the client download the BITS. I had a case opened on Premier to address this and they discovered in the IIS logs that NTLM wasn't being accepted as a way to pass credentials of the NAA. They had me insert a step in my TS to install KB2522623 to address this, and when the software updates ran, they were promptly detected and downloaded.

     

    http://support.micro....com/kb/2522623

  6. i did the workaround outlined in the KB - it worked as expected. However I'm still concerned that this workaround even needs to be implemented, as this functionality was working just fine in CM2007. I'll open up a case on Premier so we can get to the bottom of this. If there a resolution to this, I'll post it on this thread.

     

    I appreciate the advice Peter, thank you.

     

    - Robert

  7. Thanks Peter for responding.

     

    I examined the collection structure and we did have nested sub-collections in our old cm2007 box. Thinking that the software update group would have trouble hitting the collection that the device to be imaged resided in, I created a test collection with a flat hierarchy and confirmed that the task sequence and software update group objects were indeed listed in the properties (see screengrab).

     

    I then re-ran the osd TS and software updates step still failed to execute with same error code as I noted earlier. This time though I scrutinized other log files in C:\windows\ccm\logs. I noticed in the UpdatesDeployment.log that the GUID for the corresponding software update group was detected. To me, something is rejecting the bits from the update package to be downloaded.

    post-8833-0-84813300-1350757705_thumb.png

    Logs.zip

    WindowsUpdate.log

  8. Hello,

     

    A little background, we migrated our CM2007 box to CM2012 last week. There are a few loose ends here and there, but the things that we need to work - client upgrades, application deployment, software updates to clients and reporting are functional.

     

    The issue I'm having right now is with our OSD task sequences. For some reason they are not able to locate the update package in the Software Updates step. I've double-checked our boundaries and boundary groups and they are configured correctly. Dependencies during the execution of the TS are hitting their local DP for content downloads. But when it comes to the updates step, it times out.

     

    From SMSTS.log:

     

     

    Failed to run the action: Install Software Updates.

    This operation returned because the timeout period expired. (Error: 800705B4; Source: Windows)

     

    I kept a cmd window open during the TS so that I can capture the log files.

     

    If anyone here has any thoughts about this, I would greatly appreciate it.

     

    Cheers

     

    - Robert

    smsts.log

    smsts-20121018-143846.log

    WindowsUpdate.log

  9. This should help you out:

     

    select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.ResourceId not in (select SMS_R_SYSTEM.ResourceID from SMS_R_System inner join SMS_G_System_ADD_REMOVE_PROGRAMS on SMS_G_System_ADD_REMOVE_PROGRAMS.ResourceID = SMS_R_System.ResourceId where SMS_G_System_ADD_REMOVE_PROGRAMS.DisplayName = "ENTER NAME AS IT APPEARS IN PROGRAMS AND FEATURES " and SMS_G_System_ADD_REMOVE_PROGRAMS.Version = "ENTER VERSION NUMBER AS IT APPEARS IN PROGRAMS AND FEATURES") and SMS_R_System.Client = 1

  10. Having an issue where during a build & capture TS where the Install Software Updates step seems to get passed over. Viewing the Event Manager show that the step gets initiated then immediately reports back with an 11134 message ID (Successfully completed the action...). Digging deeper in the Event Manage shows this:

     

     

    The task sequence execution engine successfully completed the action (Install Software Updates) in the group (Apply Windows Updates) with exit code 0

    Action output: nstance of CCM_PolicyAgent_SettingsEvaluationComplete

    {

    ClientID = "GUID:77307778-A5D5-4F3E-BA22-AEA0C742F235";

    DateTime = "20111110183401.656000+000";

    PolicyNamespace = "\\\\bcadskjp\\root\\ccm\\policy\\machine\\actualconfig";

    ProcessID = 2584;ThreadID = 2588;

    };

     

    Successfully submitted event to the Status Agent.

    End TS policy evaluation

    Policy evaluation initiated

    Waiting for policy to be compiled in 'root\ccm\policy\machine' namespace

    Policy verification done

    GetIPriviledgedInstallInterface successful

    Refreshing Updates

    Successfully initiated RefreshUpdates operation

    RefreshUpdates operation has already completed

    GetIPriviledgedInstallInterface successful

    Installing all updates targetted for this computer

    InstallSWUpdates(spInstall, spCIAgentCallback, tType, ulCookie, &jobID), HRESULT=80040708 (e:\nts_sms_fre\sms\client\osdeployment\installswupdate\installswupdate.cpp,1004)

    No updates need to be installed on this machine.

    Setting TSEnv variable SMSTSInstallUpdateJobGUID=.

     

     

    The "No updates need to be installed..." message is completely off, as there are dozens of post-Windows 7 SP1 updates available. These updates appear to have no problem being advertised to client machines and will install successfully when run.

     

    The Install ConfigMgr step parameters are set to: FSP=SMS.HDCCO.COM SMSMP=SMS.HDCCO.COM SMSSLP=SMS.HDCCO.COM PATCH="%_SMSTSMDataPath%\OSD\HDC00066\i386\hotfix\KB2509007\sccm2007ac-sp2-kb2509007-x86-enu.msp"

     

    The FSP, SMSMP, and SMSSLP haven't changed recently, the patch is in place to address the high volume of updates that are usually available to install during a build & capture.

     

    So now I'm left wondering why this process is not working now after running dozens of build & captures over the past couple of years. Any advice would be greatly appreciated.

     

    Thanks

     

    - Robert

    smsts.log

    smsts-20111110-103106.log

  11. Hello -

     

    I have been trying to find a solution with newly deployed clients post OSD TS. For some reason, clients appear to not pull policy for about 1 hour/1.5 hours after deployment. Checking the client logs shows several attempts to register with the MP with this entry: RegTask: Client is pending registration. Sending confirmation request...

     

    I've ruled out that the client is stuck in provisioning mode in the registry, the entries do not exhibit what's described in this TechNet article: Article

     

    Investigating further I came across my MP logs, and there were numerous entries of this (GUID's vary on the MP Reg entries):

     

    A client is trying to re-register with an administrator revoked certificate: SMSID=163e0b25-08d1-410b-8ce3-818ee6ec4675

    MP Reg: Failed to get client(GUID:FED32B33-CD58-473E-B24B-9D4A7CF785BA) public key: 0x80040238

     

    So I just did a deployment a short time ago and the GUID generated on the client system is indeed FED32B33-CD58-473E-B24B-9D4A7CF785BA.

     

    I've attached the MP_RegistrationManager logs

     

    Anyone have any idea on how to approach this?

     

    Thanks in advance for your help

     

    - Robert

    MP_RegistrationManager.log

    MP_RegistrationManager-20110224-160514.log

  12. I created a new program for use in task sequences (the original install program has this commandline which wont work in OSD: [cscript.exe Policies\ApplyPolicy.vbs "FEPInstall.exe /s /q"]).

    Configure it like this for OSD deploy:

    post-2500-0-94704200-1298492380_thumb.png

     

     

    Thank you for taking the time to do screenshots, my program setup was mostly correct - I had inadvertently surrounded the command with quotes.

     

    Lastly, when you apply FEP policy during an OSD TS, do you use one of the default policies? Is there any special command switches I need to use for program setup?

  13. I Install my FEP Client in my build and capture.

     

    Then i run the apply policy step in my deployment sequence.

     

     

    Thank you for the advice.

     

    Now my next issue is that the install of FEP 2010 during the build & capture TS has repeatedly failed. I used this as a reference to setup the install program for the FEP package: http://social.technet.microsoft.com/wiki/contents/articles/how-to-deploy-the-fep-2010-client-via-osd-and-test-deployment.aspx

     

    I even modified the task sequence so that the install packages download first and I still come up this error: An error occurred while preparing to run the program for advertisement "HDC20581" ("HDC002ED" - "Install - WinPE"). The operating system reported error 2147942402: The system cannot find the file specified. Additional program properties:

    Command line: "FEPInstall.exe /s /q "

    Working directory:

    Drive letter (? = any):

     

    Anything come to mind on how I should correct this?

     

    Thanks again

     

    - Robert

  14. Hello -

     

    We just started to deploy the FEP 2010 client to all of our end user systems over the weekend. I am also using this as an opportunity to update our Windows 7 images (both x86 and x64) since it has the older Forefront client bundled.

     

    My question is it safe to include the FEP 2010 client during the build and capture process or to simply include it as a install software step during an OSD task sequence. I guess my concern is about policy and whether its okay to have this incorporated in the master image.

     

    Thanks to all in advance for your thoughts.

     

    - Robert

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.