Jump to content


Established Members
  • Posts

  • Joined

  • Last visited

Everything posted by zophar

  1. Hey everyone, I can't figure out what is going wrong I always get an access denied (error -2143485947) when I want to 'evaluate' the Bitlocker Policy When I check the service URL it is accessible ... Reading on internet I found that is has to do with the setspn - but I see that application pool for MBAM is running with service account - tried different approaches - same issue cmd : Setspn -a http/<FQDN> domain\computername$ SCCM Environment PKI enabled (IBCM) SQL separated I don't have a portal - question - is this needed ? Any help is much appreciated PS: everything else (deploying software as example) is going well
  2. Marc in another thread ? Thanks for the screenshot - I see that also here assigned management is not filled in or is that just when a client connects to 'Currently intranet' ? But that does not resolve my issue for bitlocker Unable to find suitable Recovery Service MP. Forcing policy non-compliant
  3. Hey Niall, Thanks for answering ... Can I have a printscreen of your 'General' ? FQDN is automatically filled in ? Do you use CMG ? OUrs is a DP MP reachable from 'internet'
  4. Hello Windows-Noob I have implemented already 2 years ago IBCM - PKI infrastructure - however when I try to execute Bitlocker I 'm still getting following error Unable to find suitable Recovery Service MP. Forcing policy non-compliant. I always thought everything was going well - no issues with deploying software - no issues with policies/ configuration baseline - no issues with windows updates BUT we have a SCCM HTTP (lab) and there I saw that the client indicates his 'Assigned Management Point' and that is not the case with our non domain/workgroup machines. In LocationServices LOG there is the following error 1 internet MP errors in the last 10 minutes, threshold is 5. So my guess is there is something wrong !! I saw blogs on the internet for IBCM PKI enabled where Assigned Management Point entry is filled in. Anyone ?
  5. Yes... startup litetouch.vbs within Windows and click capture ...
  6. Hey everyone, I'm facing the following problem. I like to capture (clientreplace.xml) - basic no additions made to the tasksequence - from a Windows 8 machine. Likely due to UEFI he's sorting with the following error. Other machines with legacy boot no problems to run this task sequence Event 41002 sent: FAILURE ( 5456 ): Unable to determine Destination Disk, Partition, and/or Drive. See BDD.LOG for more information. Logs files attached https://www.dropbox.com/sh/s6hw77pr96c5dqx/AAD5f8Km-zBGhuuloQXCfOHpa?dl=0 MDT 2013 ADK 8.1 USMT 5 Thanks
  7. OK update, This 'Package_for_KB2533552 neutral amd64' was breaking MDT deployment ... Deleted this one and he continuous deploying ... MDT ignores the WUMU_ExcludeKB1=2533552 setting. I'm aware that this one does not solves the reboot but I managed to do approximately 130 offline updates. To be continued ...
  8. Goooooodmorning To reproduce the problem I have to be patient and there it was. Reboot, but I searched the event viewer and discovered the Windows Updates is causing a reboot and after this there is no automate login. Event Viewer 10/07/2014 04:02:24 - The operating system is shutting down at system time 10/07/2014 03:50:49 - Restart Required: To complete the installation of the following updates, the computer will be restarted within 15 minutes: I've copied the windows updates from C:\Windows\SoftwareDistribution\Download and discovered that there where 11 windows OS updates installed that are not included in the offline windows updates (packages) in our MDT. The problem is that I already see 'Package_for_KB2533552 neutral amd64' and I known that this one breaks the deployment. I guess there are multiple solutions to this problem (Isolated GPO, Disable WSUS, no domain injection, ... ) Can anybody help me with finding the best solution .... Many thanks PS: I know that it is possible to exclude KB's in the custom.ini but my doubt is that MDT ignores this setting WUMU_ExcludeKB1=253355, when googling I find different ways to set this option WUMU_ExcludeKB1=2533552 WUMU_ExcludeKB01=2533552 WUMU_ExcludeKB001=2533552 Which is thé right one and is it possible to integrate this option in database rules ? OK, coffeebreak
  9. Hey, I'm facing a weird problem. The deployment is going flawless when you can interact with the workstation 'immediately' but when we start a deployment in the evening, the workstation is stucked at CTRL+ALT+DELETE in the morning. The final step in our deployment is a HTA file. The HTA file pops up but stays blank, also the final results wizard stays blank. What i've done so far is 'Disabling Sleep While on Power in MDT 2012' following this article http://mdtguy.wordpress.com/2013/05/08/disabling-sleep-while-on-power-in-mdt-2012/ Questions, Possible GPO ? Normal that after a long period (overnight) the workstation gets stuck @ CTRL+ALT+DELETE Can offline packages (MS updates) be the problem ? Environment MS 2012 ADK 8.1 MDT 2013 Windows 7 SP1 Any help is much appreciated ...
  10. Is there a way to find out what the current installed OS (buildversion) on the workstation is ? Idea, dynamic naming convention for tasksequence based on buildversion like 'scenario 3 for drivers' "windows 7 x64\%manufacturer\%model%" Example Tasksequence for W7x64Pro = 6.1.7600 Thanks for brainstorming !!
  11. Would be really useful to extract afterwards and put file on a user share ... Thanks
  12. These are my commands for scanstate ... /i:WNB.xml /i:MigApp.xml /i:MigUser.xml /i:MigDocs.xml /w:5 /r:5 /v:13 /o /c /uel:90 /efs:skip
  13. Hi folks, When we do a replace scenario we figured out that the user capture is doing local even when UserDataLocation is set to NETWORK. Although it is logic in a replace scenario that the user data stays local but we want to force a mig file on the network. I guess we have to do some scripting in de VBS files but I can figure out what to adapt. Hopefully somebody can help...
  14. Hey everyone, I have a rather strange problem. I have downloaded with windowsupdatesdownloader and download.wsusoffline all possible x64 W7 updates. Filtered them based on http://mickitblog.blogspot.be/2013/02/mdt-installing-windows-7-updates-as.html & other resources. The weird thing that happens is that it has worked !! So I tried to put as many as possible KB's in the package section and now when I'm deploying there is none KB installed. I work with a selection profile and in TS I verified that under 'Preinstall' Apply Patches has the right selection profile. Is there any logging I can check. When the installing broke I read setuperr.log. In the BDD.log I don't find anything related to my problem. So here I'm to ask to the guru's Enironment MDT 2013
  15. Hey tike100, I don't use CS.ini ... Everything is databsedriven. CS-ini contains Priority=CSettings, CRoles, LSettings, Locations, Default
  16. Hey everyone, The following problem occurs when I want to use USMT to replace the workstation. After I select 'Specify whether to restore user data' I found that there is a 'Browse' button which is hidden. I found that when you adapt the DeployWiz_UserDataRestore.xml and more specific the following line Normal <input type="button" id="StatePathBrowse" style="display: none;" onclick="javascript:StatePath.value = BrowseForFolder(StatePath.value);" Value="Browse" disabled /><br/>(Full network path to previously saved USMT data files).<br/> Delete style="display: none;" <input type="button" id="StatePathBrowse" onclick="javascript:StatePath.value = BrowseForFolder(StatePath.value);" Value="Browse" disabled /><br/>(Full network path to previously saved USMT data files).<br/> Then you get this image 'browseforfolder-1.PNG' but when I click 'Browse' the popup rest 'blank' like there is no explorer.exe loading. *'browseforfolder-2.PNG' On the internet I found these 2 answers but they didn't work for me http://reboot.pro/topic/11278-winpe-30-annoying-point-2-browse-for-folder-error/ This is an adaption for DeployWiz_UserDataRestore.vbs http://social.technet.microsoft.com/Forums/en-US/aea2c589-587d-426a-8084-8f99cd1a9bbe/browse-for-folder-in-winpe-mdt-2010?forum=mdt Any help is much appreciated ...
  17. I founded myself ... Maybe a little buggy but here is the solution When you 'Configure Database Rules' and select on the second screen just the option 'Query for location names on default gateways' you get the following extra in CS.ini [Locations] SQLServer=server.domain DBID=user DBPwd=***** Instance=MSSQLSERVER Port=1433 Database=DEV_MDT Netlib=DBNMPNTW Table=Locations Parameters=DefaultGateway When you search in the DB the table is not Locations but LocationSettings so CS.ini becomes SQLServer=****** DBID=****** DBPwd=****** Instance=MSSQLSERVER Port=1433 Database=***** Netlib=DBMSSOCN Table=LocationSettings Parameters=DefaultGateway SQLShare=***** Working !!! Maybe helpfull
  18. Here i'm again. I'm getting frustrated Situation, i'm about to install MDT 2012 to upgrade our MDT 2010. No the 'problem' is that some off the customsettings features like computername are changed in osdcomputername, some things are deprecated some are new features. So far so good. I have installed the deploymentshare on to DFS and now i like to customize my settings into SQL, based on locations and gateway. Here is my customsettings.ini [settings] Priority=Locations, Default Properties=MyCustomProperty [Default] EventService=http://server:9800 [Locations] SQLServer=server.domain DBID=user DBPwd=***** Instance=MSSQLSERVER Port=1433 Database=DEV_MDT Netlib=DBNMPNTW Table=Locations Parameters=DefaultGateway When i check by following url the connection to my DB everything is going well http://deployment.xtremeconsulting.com/tag/ztigather/ This is my ztigather.log, i have filtered out where the sql section Added new custom property MYCUSTOMPROPERTY Using from [settings]: Rule Priority = LOCATIONS, DEFAULT ------ Processing the [LOCATIONS] section ------ Determining the INI file to use. Using DEFAULT VALUE: Ini file = \\server\CustomSettings.ini Finished determining the INI file to use. Using specified INI file = \\%server%\CustomSettings.ini CHECKING the [LOCATIONS] section Using from [LOCATIONS]: SQLServer = server.domain Using from [LOCATIONS]: Instance = MSSQLSERVER Using from [LOCATIONS]: Port = 1433 Using from [LOCATIONS]: Database = DEV_MDT Using from [LOCATIONS]: Netlib = DBMSSOCN Using from [LOCATIONS]: Table = Locations StoredProcedure key not defined in the section [LOCATIONS] Using from [LOCATIONS]: DBID = user Using from [LOCATIONS]: DBPwd = ******** SQLShare key not defined in the section [LOCATIONS] ParameterCondition key not defined in the section [LOCATIONS] Default ParameterCondition 'AND' will be used for building queries with multiple parameters. OPENING STANDARD SECURITY SQL CONNECTION to server server.domain using login user. <Message containing password has been suppressed> Successfully opened connection to database. About to issue SQL statement: SELECT * FROM Locations WHERE DEFAULTGATEWAY IN ('','fe80::be16:65ff:fe87:d701') Successfully queried the database. Records returned from SQL = 1 Property LOCATION001 is now = Test Added LOCATION value from SQL: LOCATION = Test ------ Processing the [DEFAULT] section ------ Property SLSHAREDYNAMICLOGGING is now = \\server\SLShareDynamicLogging\%OSDComputername% Using from [DEFAULT]: SLSHAREDYNAMICLOGGING = \\server\SLShareDynamicLogging\%OSDComputername% Property EVENTSERVICE is now = http://server:9800 Using from [DEFAULT]: EVENTSERVICE = http://server:9800 ------ Done processing \\server\CustomSettings.ini ------ Correct me if i'm wrong but the sql connection is OK, the select statement results OK but he's not processing the rule from Test that are set in the DB. Can somebody please help me !
  19. I know this site ... It is one off the hits in google but I not capable of copying the mig files to the share The problem is that you find lots of customsettings.ini for MDT but 2012 -2012 This is my current setting UserDataLocation=AUTO UDShare=\\SHARE\MDT\USMT\Migdata UDDir=%OSDComputerName% ComputerBackupLocation=NETWORK BackupShare=\\SHARE\MDT\USMT\Backup BackupDir=%OSDComputerName% ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac SLShare=\\hlpdskha\MDT\USMT\Logs USMTMigFiles001=MigUser.xml USMTMigFiles002=MigDocs.xml SkipAppsOnUpgrade=YES
  • Create New...