Jump to content


Search the Community

Showing results for tags 'sccm'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Cloud
    • Azure
    • Microsoft Intune
    • Office 365
    • Windows 365
  • General Stuff
    • General Chat
    • Events
    • Site News
    • Official Forum Supporters
    • Windows News
    • Suggestion box
    • Jobs
  • MDT, SMS, SCCM, Current Branch &Technical Preview
    • How do I ?
    • Microsoft Deployment Toolkit (MDT)
    • SMS 2003
    • Configuration Manager 2007
    • Configuration Manager 2012
    • System Center Configuration Manager (Current Branch)
    • Packaging
    • scripting
    • Endpoint Protection
  • Windows Client
    • how do I ?
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows Vista
    • Windows XP
    • windows screenshots
  • Windows Server
    • Windows Server General
    • Active Directory
    • Microsoft SQL Server
    • System Center Operations Manager
    • KMS
    • Windows Deployment Services
    • NAP
    • Failover Clustering
    • PKI
    • Hyper V
    • Exchange
    • IIS/apache/web server
    • System Center Data Protection Manager
    • System Center Service Manager
    • System Center App Controller
    • System Center Virtual Machine Manager
    • System Center Orchestrator
    • Lync
    • Application Virtualization
    • Sharepoint
    • WSUS

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Location


Interests

  1. I have been getting lot of sms software inventory processor errors. I turned off the Software Inventory from client settings but that hasn't fixed the issue, I still keep getting these error messages. BADSINV folder is getting filled up with huge number of files, the size of the folder has reached 25 GB now. Error message is: Software Inventory Processor failed to process software inventory file "C:\Program Files\Microsoft Configuration Manager\inboxes\auth\sinv.box\abc.SID," and has moved it to "C:\Program Files\Microsoft Configuration Manager\inboxes\sinv.box\BADSinv\xyz.SID." Is there any solution for this? It was all working fine and just started happening few weeks ago. I can see on what date we started getting these errors, I didn't make any changes on that day. There is other SCCM Admin but he's not sure what might have lead to this as he's been making lot changes. Also, how do I clear the BADSINV folder? Thanks, Bunny
  2. Can anybody here assist me to fix this issue? I have been struggling to fix this issue. SCCM Infrastructure: SCCM CB v1910 Standalone Primary Site Issue SMS Distribution Manager shows error to process package distribution on Primary Site Server - FAILED TO TAKE SNAPSHOT I am unable to process any package content for distribution. D:\SCCMContentLib Folder is EMPTY. DISTMGR.Log details for one Software Update Package are stated below: Retrying package FG100***(SourceVersion:2;StoredVersion:2) SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:41 AM 9388 (0x24AC) Start updating the package FG100F75... SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:41 AM 9388 (0x24AC) CDistributionSrcSQL::UpdateAvailableVersion PackageID=FG100F75, Version=3, Status=2300 SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:41 AM 9388 (0x24AC) Taking package snapshot for package FG100F75 SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:41 AM 9388 (0x24AC) GetContentLibLocation - ABC.DEF.GHI.com SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:41 AM 9388 (0x24AC) Finished GetContentLibLocation - ABC.DEF.GHI.com SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:41 AM 9388 (0x24AC) Snapshot processing content with ID 18155987 ... SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:41 AM 9388 (0x24AC) Taking snapshot for content 8384e0c7-bee0-4686-ad50-00488870f2bb from source \\ABC.DEF.GHI.com\SoftwareUpdates_Srv\SCDS Windows Standard MS Patches - April 2021_\8384e0c7-bee0-4686-ad50-00488870f2bb SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:41 AM 9388 (0x24AC) Sleep 825 seconds... SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:42 AM 9356 (0x248C) GetTempFileNameA failed; 0x80004005 SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:42 AM 9388 (0x24AC) CContentDefinition::CreateNewContentDefinition failed; 0x80004005 SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:42 AM 9388 (0x24AC) TakeContentSnapshot() failed. Error = 0x80004005 SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:42 AM 9388 (0x24AC) The source directory doesn't exist or the 'Configuration Manager' service cannot access it, Win32 last error = 16389 SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:42 AM 9388 (0x24AC) STATMSG: ID=2361 SEV=E LEV=M SOURCE="SMS Server" COMP="SMS_DISTRIBUTION_MANAGER" SYS=ABC.DEF.GHI.com SITE=FG1 PID=20616 TID=9388 GMTDATE=Fri May 14 13:31:42.701 2021 ISTR0="\\ABC.DEF.GHI.com\SoftwareUpdates_Srv\SCDS Windows Standard MS Patches - April 2021_\8384e0c7-bee0-4686-ad50-00488870f2bb" ISTR1="8384e0c7-bee0-4686-ad50-00488870f2bb" ISTR2="8384e0c7-bee0-4686-ad50-00488870f2bb" ISTR3="30" ISTR4="62" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=1 AID0=400 AVAL0="FG100F75" SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:42 AM 9388 (0x24AC) Failed to take snapshot for Content with ID 18155987 SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:42 AM 9388 (0x24AC) Failed to take snapshot of one or more contents in package FG100F75 SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:42 AM 9388 (0x24AC) CDistributionSrcSQL::UpdateAvailableVersion PackageID=FG100F75, Version=2, Status=2302 SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:42 AM 9388 (0x24AC) STATMSG: ID=2302 SEV=E LEV=M SOURCE="SMS Server" COMP="SMS_DISTRIBUTION_MANAGER" SYS=ABC.DEF.GHI.com SITE=FG1 PID=20616 TID=9388 GMTDATE=Fri May 14 13:31:42.750 2021 ISTR0="SCDS Windows Standard MS Patches - April 2021_" ISTR1="FG100F75" ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=1 AID0=400 AVAL0="FG100F75" SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:42 AM 9388 (0x24AC) Failed to process package FG100***after 38 retries, will retry 62 more times SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:42 AM 9388 (0x24AC) Exiting package processing thread for package FG100F75. SMS_DISTRIBUTION_MANAGER 5/14/2021 6:31:42 AM 9388 (0x24AC) Validations: Despool.log has nothing relevant to note. I have checked these things already and ANSWER is YES to all of these questions : Can you ping the affected SERVERNAME if the path is a UNC path? Does the site server computer account have permissions to access the path? Can you access the affected path using the FQDN/NetBIOS/IP address when using the SYSTEM account from the site server? Can you access the affected path using the FQDN/NetBIOS/IP address when using the logged in user's account from the site server? Is there a firewall between the site server and the affected server? Are relevant ports (RPC/SMB) open?
  3. I am deploying Windows 10 to HP Z840 and Z8 PC's using OSD in Config Manager 2010. Some of the Z8's are brand new, but most of the systems are running Windows 7 and are managed by SCCM. Some of them have single SATA or SSD drives. Some have multiple SATA or a mix of SATA and SSD drives. In systems that have an SSD and a SATA drive, I want to ensure the OS gets deployed to the SSD. In systems with multiple SATA drives, I want to ensure the OS gets deployed to the smaller drive and the larger one will be used for data storage. How best to accomplish this?
  4. Hello, We do have site wide client push set up to install the client to Workstations only. For servers, we have chosen to deploy the SCCM client in a "control way". I have an AD group "Server client deploy". I created a collection based on this AD group. My team would add selected servers to this AD group. I pushed out the client to this "Server client deploy" collection. However, every time new members are added to the AD group and show up in the SCCM Collection, the client is not installed automatically. I have to manually push out the client to the collection again. How do I deploy SCCM client to a specific collection so that whenever a new member is added, the client is installed automatically? Thank you in advance for your help/advise!
  5. I had a client that was unable to download the Endpoint Protection Policy. I browsed to the Windows\System32\GroupPolicy\Machine folder and delete the file: Registry.pol then rebooted. It seems to be fixed, but it won't report back to the SCCM server. His EnpointProtectionAgent.log states <![LOG[Endpoint is triggered by message.]LOG]!><time="13:28:00.005+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="fepsettingendpoint.cpp:58"> <![LOG[File C:\Windows\ccmsetup\SCEPInstall.exe version is 4.1.522.0.]LOG]!><time="13:28:00.243+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="epagentutil.cpp:519"> <![LOG[EP version 4.1.522.0 is already installed.]LOG]!><time="13:28:00.243+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="epagentutil.cpp:232"> <![LOG[Expected Version 4.1.522.0 is exactly same with installed version 4.1.522.0.]LOG]!><time="13:28:00.244+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="epagentutil.cpp:251"> <![LOG[Re-apply EP AM policy.]LOG]!><time="13:28:00.244+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="fepsettingendpoint.cpp:107"> <![LOG[Apply AM Policy.]LOG]!><time="13:28:00.244+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="epagentimpl.cpp:1192"> <![LOG[Create Process Command line: "c:\Program Files\Microsoft Security Client\\ConfigSecurityPolicy.exe" "C:\Windows\CCM\EPAMPolicy.xml".]LOG]!><time="13:28:00.542+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="epagentutil.cpp:607"> <![LOG[Applied the C:\Windows\CCM\EPAMPolicy.xml with ConfigSecurityPolicy.exe successfully.]LOG]!><time="13:28:02.786+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="epagentimpl.cpp:659"> <![LOG[save new policy state 1 to registry SOFTWARE\Microsoft\CCM\EPAgent\PolicyApplicationState]LOG]!><time="13:28:02.870+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="epagentimpl.cpp:267"> <![LOG[state 1 and ErrorCode 0 and ErrorMsg and PolicyName Antimalware Policy and GroupResolveResultHash 22278829C8D241E822FD474BA669DF7F1BF12767 is NOT changed.]LOG]!><time="13:28:02.871+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="epagentimpl.cpp:339"> <![LOG[skip sending state message due to same state message already exists.]LOG]!><time="13:28:03.014+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="epagentutil.cpp:1239"> <![LOG[Firewall provider is installed.]LOG]!><time="13:28:03.022+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="epagentutil.cpp:779"> <![LOG[installed firewall provider meet the requirements.]LOG]!><time="13:28:03.074+360" date="02-12-2014" component="EndpointProtectionAgent" context="" type="1" thread="7052" file="epagentutil.cpp:800"> It seems that the issue is that it won't send a state message because it already exists. How do I force it to send the message?
  6. Hi I have an issue whereby my Windows 10 IPU task sequence is downloading all driver packages specified in the TS (Download Package Content) allthough the correct driver packages already exist in the CCM cache on the PC running the TS. I have used the following guide to create a PreCache task sequence: https://www.imab.dk/windows-as-a-service-sharing-my-precache-and-in-place-upgrade-task-sequences-part-1/ (credit to Martin Bengtsson for the excellent guide) and it works very well. A PC which has successfully run the PreCache TS downloads the correct drivers (using a WMI query) and other packages specified that are needed and then places the computer in a collection to where the actual IPU task sequence is deployed. The problem is that the IPU task sequence which is deployed with the setting "Download all content locally before starting the task sequence" (the setting found under the "Distribution Point" tab) starts to download driver packages for other hardware models that are specified in the TS (despite using WMI queries in this TS also). Because of the current Covid-19 pandemic the majority of our users are working from home so we obviously want to keep the amount of data transfered to a minimum, it seems stupid to cache driver content that´s not needed to work around the problem. I thought that the IPU TS would evaluate the queries before downloading (i read somewhere that this was only possible for upgrade packages/language packs but in later versions of current branch also included other packages). We are running CB 1910. Hope this makes sense, if anyone has experienced this and can suggest a workaround or confirm how it´s supposed to work it would be greatly appreciated. Regards Emile
  7. I am trying to build a collection based on the Last Online time (within an arbitrary number of days). I know typically this is done using the Heartbeat, ClientActivity, or Hardware scan property. but I would like to see all machines, to identify which machines may not have the client installed. I cant for the life of me find where the column in the collections view populates from. I have the queries to filter out machines based on Last Hardware Scan shown below. I am looking for something very similar, but as I said, i cant find the property for "Last Online Time"
  8. Hello, We have created Automatic Deployment Rules and collections for our Software Updates for our servers. In the Software Update collections, we have defined a specific Maintenance Window, which relates to Microsoft's Patch Tuesday as shown in attached graphic. However, we are finding that as soon as we populate our collection, the updates are being download and installed! (i.e. Outside the Maintenance Window) Obviously this isn't right. One concern I have is that a particular server can be a member of multiple collections which might have different Maintenance Windows, so any tip on how these conflicting windows "add up" would also be helpful. Can someone give a tip on whether there is a particular log or setting in the infrastructure we can refer to to investigate this?
  9. Hello, is it possible to directly load and boot into the Windows Recovery Environment over PXE? To apply repair-tools or diagnosis for example. Our company is trying to accomplish this to support our technicians whenever a user is having some kind of trouble booting his standard image. The technician then can apply the RE over PXE and try to repair the users system. However I'm not sure how to make a winRE deployment over SCCM. What I have done is creating a task sequence where the according .wim file is loaded as a boot-image. When testing the task sequence just runs through and shuts down or restarts the computer. What I want is for the computer to remain inside the Recovery Environment and to be able to apply repair options etc. With WDS it's pretty easy to accomplish this. I haven't figured out how to do it with SCCM, as you are only able to apply task sequences and not boot-images directly. Im glad for any help.
  10. Hello sorry for my english i'm french . I have been trying for several days to install an SCCM push client, but remotely through a FortiGate. So the problem is that the clients seem to have settled into the machine: Capture task manager Capture of SCCM files present: Capture of the ccmsetup.log LOG File: And then I put the Configuration Manager capture where I don't see the PC as clients: Do you have any ideas how to solve the problem?
  11. Hi All, Since yesterday i can't open SCCM console (from remote machine and from the main server) I'm getting the default screen when the console will not open (Attached) I accidentally changed permissions under the :"SMS_Site Code" Share and i think this is what caused this problem but I'm not sure. Here is the main error i'm getting from SMSAdmin.log file: 1st error : System.Management.ManagementException\r\nProvider load failure \r\n at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode) 2nd Error: Transport error; failed to connect, message: 'The SMS Provider reported an error.'\r\nMicrosoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlQueryException\r\nThe SMS Provider reported an error.\r\n at Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlQueryResultsObject.<GetEnumerator>d__0.MoveNext() 3rd Erorr: Transport error; failed to connect, message: 'The SMS Provider reported an error.'\r\nMicrosoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlQueryException\r\nThe SMS Provider reported an error.\r\n at Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlQueryResultsObject.<GetEnumerator>d__0.MoveNext() 4th Error: at Microsoft.ConfigurationManagement.AdminConsole.SmsSiteConnectionNode.GetConnectionManagerInstance(String connectionManagerInstance)\r\nConfigMgr Error Object: 5th Error: Error Code: ProviderLoadFailure \r\nSystem.Management.ManagementException\r\nProvider load failure \r\n at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode) 6th Erorr: System.Management.ManagementException\r\nProvider load failure \r\n at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode) Any help will be appreciated! Thank you!!
  12. Hi! 😃 Recently I made settings for PXE and sccm site configuration (https communication clients), these edits did not help and I returned everything back. But from that moment on, all clients turned gray and errors appeared in the logs: : 1. ERROR: can't retrieve SQL connection. Exception: System.Data.SqlClient.SqlException (0x80131904): A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The target principal name is incorrect.) 2. Failed to authenticate with client [::ffff:192.168.10.230]:60583. 3. ERROR: Don't have SQL connection when get client certificate for client Now everything is configured over http, but apparently somewhere there is a connection over https. Please tell me how you can solve this problem? What settings should I check? Thank you in advance
  13. Hi All, Can anybody help. Currently trying to build a HP probook 650 with Win7 x86, however I get the following error message during the task sequence, when it is applying system settings "windows could not configure one or more system components, to install windows restart the computer and restart the installation" The only option is to click OK, computer restarts and then the error message reappears. SCCM was building fine and then just stopped working an this error message keeps occurring. Unable to F8 and Shift F10 to get any additional info Please Help Thanks
  14. Hi all,Thanks for any help in advance.I am new enough to SCCM and working on Office 365 client updates through ADR. On my test bed currently is O365 v1705 (Build 8201.2294), I am pushing client update v1808 (10730.20438) to it.ADR, Deployment Packages and Software Update Groups are setup and working.The Office 365 update does appear in the Software Center for installation, for testing I have everything set to the most visibility. When selected to install, the process goes through the download and install process according to the info displayed within Software Center but after it completes the Office version has not changed while .The update is downloaded to the ccmcache folder, separate question is that is it supposed to go in there or in the Microsoft Office folder in Program Files?I have eliminated installs inside of business hours being the issue, have turned that option off and also left client overnight.Looking at the updateshandler.log I do see the below:Failed to start WSUSUpdate, error = 0x87d00698When checking the Deployment in Monitoring the clients in that collection indicate as being compliant when they are not, any ideas?Also to add, doing a direct deployment of the client update without using ADRs has the same result. I am aware the versions I am troubleshooting are out dated, its just for testing. I have also tried with 1908 going to 2002 but that does not appear in Software Center at all when the config settings indicate it should. Checking the compliance report for the deployment it says it is Compliant when it is not as 1908 is still installed on the machine. Maybe I am not understanding something here, if 1908 is still supported, will SCCM see it as needing 2002? Thanks
  15. I am new to SCCM and my agent and most other things are set to default. I can install an app from software center but if i schedule it to deploy at 9:30 am and the installation is asap or 9:40 the installation just randomly installs when ever. sometimes hours later. I don't have a maintenance window setup for my collections. I am trying this with installing chrome. Any Help would be appreciated.
  16. Dear Experts, I'm trying to figure out the way, that would leave D:/ Data partition untouched while deploying OS images. We have computers with 1 HDD (Disk 0) with 2 partitions (System Drive C:\ and Data D:\). So when I have to deploy image, I have to backup all data from their computers to somewhere and than deploy image which formats whole Disk 0 and creates new partitions as specified in Task Sequence. So I was wondering how can it be achieved, that Task Sequence could only format OS Partition and leave Data Partition D:\ Untouched. We have BIOS and UEFI computers. I could not find any guide that would fit my case. Your help would be highly appreciated. SCCM Version 2002
  17. Hi, We have this behavior when upgrading the Config Manager client and i'm just curious if someone recognizes it and dealt with it before. This is what happens; After a Client upgrade of the Config Manager client to 1910 some desktops fall into sleep mode, they shouldn't because their powersettings are set with Collection based power scheme. If you reboot the device everthing works again. With the upgrade to 1810 i noticed something similiar, client temporary unaware of settings, with surpressed reboots for workstations on the Deployment of Software Updates. These devices had pending reboots and rebooted directly after the upgrade of the client. It was not supressed at that time. The upgrade of the client is done via the build in Pre-production Client Deployment collection. I'm now thinking of another approach next time. Create a custom deployment of the CCM client with triggered communication between client and server. But you'd expect this as something default... Is there a way to prevent this?
  18. Introduction This multi-part guide will show you how to install the latest baseline version of Configuration Manager from Microsoft. The latest available baseline version at the time of writing is System Center Configuration Manager (Current Branch) version 1902. SCCM 1902 is the latest baseline version and contains many bugfixes (and quality fixes) as detailed here. I blogged how to upgrade to 1902 here. Baseline media is used to install new ConfigMgr sites or to upgrade from supported versions. For more information about what baseline versions are and why you need them, I'd recommend you read my blog post here. This guide is aimed a new installations of SCCM. This lab is one of many hosted on my new hyper-v host, which is a very nice Lenovo P1 running Windows Server 2019 with data deduplication to make storage amazing. Note: The SCCM 1902 Current Branch media is available on MSDN or VLSC. If you don't have access to either of those you can download the baseline media ISO from the Microsoft evaluation site here. This is the same media that is on MSDN and VLSC. Once downloaded, extract the media to C:\Source\SCCM1902. This series is broken down into the following parts:- Part 1 - Get the lab ready, configure ADDS (this part) Part 2 - Join CM01 to Domain, add users, create the Systems Management container, delegate permission Part 3 - Role and Feature installation, installation of WDS and ADK Part 4 - Configure and install SQL Server 2017 Part 5 - Configure and install SCCM 1902 Current Branch Part 6 - Create device collections Part 7 - Configuring discovery Part 8 - Configuring boundaries You can use this multi-part guide to get a hierarchy up and running on Windows Server 2019 using SQL Server 2017. The concept behind this is to guide you through all the steps necessary to get a working Configuration Manager Primary site installed (for lab use) using manual methods or automated using PowerShell. This gives you the power to automate the bits that you want to automate, while allowing you to manually do other tasks when needed. You decide which path to take. PowerShell knowledge is desired and dare I say required if you are in any way serious about Configuration Manager. I will show you how to do most steps via two methods shown below, it's up to you to choose which method suits you best but I highly recommend automating everything that you can, using PowerShell. Method #1 - Do it manually Method #2 - Automate it with PowerShell Downloads The scripts used in this part of the guide are available for download here. Unzip to C:\Scripts. The scripts are placed in the corresponding folder (Part 1, Part 2 etc) and sorted into which server you should run the script on (DC01 or CM01). Scripts.zip Step 1. Get your lab ready In this guide I assume you have already installed two WorkGroup joined servers with Windows Server 2019 Standard (Desktop Experience) installed. You can install the operating system on those servers in whatever way you want. If you want a PowerShell script to help you create hyper-v virtual machines you can use this one. Please configure the servers used in this guide as listed below, the SmoothWall (Linux firewall) is optional. Server function: Domain Controller Server name: DC01 Server info: Workgroup joined IPv4 Address: 192.168.9.1 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.9.199 DNS: 192.168.9.1 Server function: Configuration Manager Primary site Server Name: CM01 Server info: Workgroup joined IPv4 Address: 192.168.9.2 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.9.199 DNS: 192.168.9.1 Server function: (optional) Linux firewall Server name: smoothwall Server info: Uses 2 legacy nics eth0: 192.168.9.199 eth1: x.x.x.x (internet facing ip) You will also need the following media. Windows Server 2019 Standard SQL Server 2017 System Center Configuration Manager 1902 Current Branch Step 2. Configure Active Directory Domain Services (ADDS) To setup Active Directory Domain Services you could manually click your way through the appropriate wizard in Server Manager or automate it using PowerShell. For your benefit I'll show you both methods below, all you have to do is choose which one suits you. Method #1 - Do it manually On the DC01, open Server Manager. Click on Add roles and features On the Before You Begin screen click Next. For Installation Type select Role-based or Feature-based installation For Server Selection select Select a server from the server pool and choose DC01 For Server Roles select Active Directory Domain Services, when prompted to add features that are required for Active Directory Domain Services select Add Features select DHCP Server,when prompted to add features that are required for DHCP Server, accept the changes by clicking on Add Features Select DNS Server, when prompted to add features that are required for DNS Server, accept the changes by clicking on Add Features Continue the the wizard by clicking Next On the Features screen click Next On the AD DS screen click Next On the DHCP server screen, click Next On the DNS Server screen click Next On the Confirmation screen click Install and then click on Close Configure Post Deployment Configuration After it's finished, perform the Post Deployment Configuration by clicking on Promote this server to a domain controller select the Add a new forest option, give it a root domain name such as windowsnoob.lab.local Next, depending on your requirements set the Forest functional level and Domain functional level, I've selected the default options below however you may want to configure it differently for your hierarchy, For the password field use P@ssw0rd, Click Next when ready, for DNS options, click Next, Next verify the NetBIOS name and click Next To specify the location of the AD DS database, log files and so forth, either accept the defaults, or change them to something that suits your hierarchy and click Next. Next you can review the options (clicking view script will save your actions to a PowerShell script for use later if you wish). Click Next when done. Next, click Install to begin Once it is complete making the changes it will automatically reboot the server After the reboot, open Server Manager again to do the Post-deployment Configuration for DHCP Server. Click on Complete DHCP Configuration use the defaults for DHCP Server Authorization Click on Commit, Click Close when done. That's how to configure ADDS and DHCP manually. Method #2 - Automate it with PowerShell To configure ADDS, DNS and DHCP automatically, use the ConfigureADDS.ps1 PowerShell script. Note: I'd recommend that you reboot the server before running the script in case any pending operations like Windows Update are in progress as it may effect the results of the script below - I have not (yet) added in any detection for pending operations. 1. Copy the script to C:\scripts on DC01 2. Edit the variables in lines 17-32 as desired before running. 3. Start Windows PowerShell ISE as Administrator and run the script by clicking on the green triangle. Once the script is run, it will automatically reboot the server, and after you logon, it will complete the DHCP server installation. Summary Using PowerShell to automate things is the proper way to do things as a server admin. Please join me in Part 2 of this multi-part guide where you will continue setting up your new Windows Server 2019 lab with SCCM 1902 Current Branch.
  19. Hello! Win 10 on devices, SCCM version is 1810, SCCM clients on devices are actual version. I've used the SCCM SI to find devices with the certain .EXE files in order to delete these files. Something like "c:\Somestuff\111.exe", "c:\Install\Somestuff\111.exe" OK, ~40 devices were found, files (and folders containing them) were deleted and I run the report again. Surprisingly, ~10 devices still showed that these folders and files are exist (let's call them "bad"). For quick check I've wrote the SQL query (it's working fine for "bad" and "good" devices) and started experiments. 1. First of all I've checked that the whole Software Inventory "chain" works OK on both Client and Server sides. It does!. No errors in logs, no bad files in sccm_Inbox. 2. Tried to run Full SI instead of Delta (you know, deleting this 00000000-0000-0000-0000-000000000002 class and rerun). 3. Tried to re-install SCCM client with complete uninstall and deleting all Windows\CCM folders (and reboot after every action). 4. Tried uninstall SCCM Client, remove device from console (SQL query showed zero results), add device back to SCCM, install the client (and reboot after every action). 5. Step 4 with checking WMI classes (and reboot after every action)... -------- Well, after all the efforts the SQL query still shows me these damned, non-existing "c:\Somestuff\111.exe", "c:\Install\Somestuff\111.exe"!! The only one way I've succeeded was the reinstall of Windows on one of "bad" device. After that these obsolete files disappeared from DB and all other .exe were listed correct. I'm sure for 101% that the problem is hidden somewhere in Windows. Does anyone have an idea where the information "is stuck" in OS and what can I try to get rid of it without reinstall of Windows? Thank you for your time and ideas. Sincerely, Maestro PS. And moreover! I don't see neither these folders nor files in Resource Explorer! I'm completely stuck here...
  20. I am running into an extremely odd issue. I have several task sequences that are failing to apply image during OSD. When I check the smstslog I see the following error "Failed to run the action: Apply Operating System. Error 255" I can find no mention of error 255 anywhere on the internet. When I check the status messages for the deployment ID I see the following: "The task sequence execution engine failed executing the action (Apply Operating System) in the group (Install Operating System) with the error code 255 Action output: ... Downloading file /SMS_DP_SMSPKG$/P0100051/sccm?/Windows%2010%202019%20LTSC_REF2020.wim range 6442450941-7214257158 Downloaded file from http://SVD-SCCM.WCPS.K12.VA.US:80/SMS_DP_SMSPKG$/P0100051/sccm?/Windows%2010%202019%20LTSC_REF2020.wim to C:\_SMSTaskSequence\Packages\P0100051\Windows 10 2019 LTSC_REF2020.wim VerifyContentHash: Hash algorithm is 32780 Content successfully downloaded at C:\_SMSTaskSequence\Packages\P0100051. Opening image file C:\_SMSTaskSequence\Packages\P0100051\Windows 10 2019 LTSC_REF2020.wim Image file P0100051 version "" will be applied Starting to apply image 1 from Windows 10 2019 LTSC_REF2020.wim to C:Wiping C:Set "C:\_SMSTaskSequence" to not be wiped Set "%OSDStateStorePath%" to not be wiped Set "%_SMSTSClientCache%" to not be wiped Set "%_SMSTSNewClientCachePathToCleanup%" to not be wiped Skipping C:\_SMSTaskSequence for wipe Calculating expected free space. Reporting deletion progress. Successfully wiped C:Applying image to C:Applying image 1. The operating system reported error 255: The extended attributes are inconsistent. I have tried redistributing the image and I still get the same issue. I was able to successfully deploy the image to a VM bu when I try on a physical PC I get the failure. I have tested on two different pieces of hardware. Thanks for the help! smsts.log
  21. Team, In a recent Security Audit at my workplace , it was found that SSLv3 was enabled on IBCM server. We need to disable SSLv3 , TLSv1 & enable TLSv1.2 . Did anybody done this… Kindly share your Observations.. Also, Any Support article, guide will be of great help. I have done the changes as per reading on Internet under... HKey_Local_MachineSystemCurrentControlSetControlSecurityProviders SCHANNELProtocols Now, my Internet Based clients are not communicating to IBCM server at all. No Policy since the changes made.. Kindly suggest..
  22. Hello, hoping for some help from with a strange issue I have on a customer site I am currently unable to build Dell Optiplex 5040 devices with Windows 10 1909 x64 Enterprise from an Endpoint manager 1910 MDT integrated task sequence. The task sequence fails when trying to execute the Invoke-MbamClientDeployment.ps1 script. I have detailed the high level tasks below and attached the SMSTS.log. BIOS upgraded to latest version BIOS Reset to factory settings BIOS Password Set BIOS Standard config applied UEFI Boot enabled TPM Cleared & activated TPM Converted from 1.2 to 2.0 TPM Cleared again and reactivated OS Deployed Drivers deployed MBAM TPMPassTheHash step completed DOTNET Enabled C++ Redists applied Security Patches Applied The MBAM Group MBAM_XTS_AES256 applied to reg PreBoot Input Protectors for Tablets applied to reg MDOP MBAM 2.5 SP1 Installed MBAM Client Hot Fix KB4505175 Applied Sleep 2 mins DisableRootAutoUpdate (Certificate applied) Restart Set PowerShell Execution Policy Set to bypass Set PowerShell Execution Policy powershell.exe -command Initialize-TPM Is run **THE STEP THAT FAILS** Invoke-MbamClientDeployment.ps1 with the below parameters Parameters - -RecoveryServiceEndpoint "https://MBAM:443/MBAMRecoveryAndHardwareService/CoreService.svc" -StatusReportingServiceEndpoint "https://MBAM:443/MBAMComplianceStatusService/StatusReportingService.svc" –IgnoreEscrowOwnerAuthFailure -EncryptionMethod "XTSAES256" **The Post Steps** Reset TPM Policy EnableRootAutoUpdate The TPM status is Enabled, Activate & NOT owned The above works on all other models tested but fails on the 5040 The actual error message received is contained in the smsts.log file attached and the extract is below. The device is also in a staging OU that receives no Group Policy. The device does register in MBAM if continue on error is checked on the offending task and the computer object moved to the correct OU but will not encrypt. The same task sequence works on the other Dell models tested e.g. 5050 I have logged in after and BitLocker throws a internal error if you try to run it manually. **THE ENVIRONMENT**** A single site deployment of Endpoint Manager 1910 with two distribution points deploying Windows 10 1909 x64 enterprise with a MDT Integrated task sequence. The Dell command tool kit has been integrated into End Point Manager and drives the BIOS/TPM config steps in the task sequence. The Dell TPM conversion tool is used to convert the TPM to 2.0. The devices been build are production Windows 7 and are been repurposed as Windows 10 x64 Enterprise 1909
  23. Version française Bonjour, J'ai un petit problème quand je veut afficher un rapport de logiciel . Il m'est impossible de sélectionnez le mois et l’année affin de générer le rapport : Version english Hello, I have a little problem when I want to view a software report. I am unable to select the month and year in order to generate the report:
  24. I have done the cleaning up of WSUS Database and Re-add the classification but the problem still persist. The IIS application pool service is running and the SCCM is not able to connect to the WSUS server. What should i do? I think SCCM is having some other issues. Im encountering some errors in the component which is in critical status. I have also tried uninstall the WSUS and SUP but still no luck. Critical SMS_WSUS_SYNC_MANAGER SCCMSERVER.SCCM1.LOCAL Monitored Thread Component SCC Online Critical SMS_WSUS_CONTROL_MANAGER SCCMSERVER.SCCM1.LOCAL Monitored Thread Component SCC Unknown Critical SMS_WSUS_CONFIGURATION_MANAGER SCCMSERVER.SCCM1.LOCAL Monitored Thread Component SCC Online The logs for WCM log Checking for supported version of WSUS (min WSUS 3.0 SP2 + KB2720211 + KB2734608) SMS_WSUS_CONFIGURATION_MANAGER 5/18/2020 2:16:34 PM 6688 (0x1A20) Checking runtime v4.0.30319... SMS_WSUS_CONFIGURATION_MANAGER 5/18/2020 2:16:34 PM 6688 (0x1A20) Did not find supported version of assembly Microsoft.UpdateServices.Administration. SMS_WSUS_CONFIGURATION_MANAGER 5/18/2020 2:16:34 PM 6688 (0x1A20) Checking runtime v2.0.50727... SMS_WSUS_CONFIGURATION_MANAGER 5/18/2020 2:16:34 PM 6688 (0x1A20) Failed to create assembly name object for Microsoft.UpdateServices.Administration. Error = 0x80131701. SMS_WSUS_CONFIGURATION_MANAGER 5/18/2020 2:16:34 PM 6688 (0x1A20) Supported WSUS version not found SMS_WSUS_CONFIGURATION_MANAGER 5/18/2020 2:16:34 PM 6688 (0x1A20) STATMSG: ID=6607 SEV=E LEV=M SOURCE="SMS Server" COMP="SMS_WSUS_CONFIGURATION_MANAGER" SYS=SCCMSERVER.SCCM1.LOCAL SITE=SCC PID=6672 TID=6688 GMTDATE=Mon May 18 06:16:34.424 2020 ISTR0="SCCMSERVER.SCCM1.Local" ISTR1="" ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0 SMS_WSUS_CONFIGURATION_MANAGER 5/18/2020 2:16:34 PM 6688 (0x1A20) Remote configuration failed on WSUS Server. SMS_WSUS_CONFIGURATION_MANAGER 5/18/2020 2:16:34 PM 6688 (0x1A20) Here is the wsyncmgr log Read SUPs from SCF for SCCMSERVER.SCCM1.Local SMS_WSUS_SYNC_MANAGER 5/18/2020 2:00:01 PM 3660 (0x0E4C) Found 1 SUPs SMS_WSUS_SYNC_MANAGER 5/18/2020 2:00:01 PM 3660 (0x0E4C)Found active SUP SCCMSERVER.SCCM1.Local from SCF File. SMS_WSUS_SYNC_MANAGER 5/18/2020 2:00:01 PM 3660 (0x0E4C) DB Server not detected for SUP SCCMSERVER.SCCM1.Local from SCF File. skipping. SMS_WSUS_SYNC_MANAGER 5/18/2020 2:00:01 PM 3660 (0x0E4C) Sync failed: WSUS update source not found on site SCC. Please refer to WCM.log for configuration error details.. Source: getSiteUpdateSource SMS_WSUS_SYNC_MANAGER 5/18/2020 2:00:01 PM 3660 (0x0E4C) STATMSG: ID=6703 SEV=E LEV=M SOURCE="SMS Server" COMP="SMS_WSUS_SYNC_MANAGER" SYS=SCCMSERVER.SCCM1.LOCAL SITE=SCC PID=6672 TID=3660 GMTDATE=Mon May 18 06:00:01.071 2020 ISTR0="getSiteUpdateSource" ISTR1="WSUS update source not found on site SCC. Please refer to WCM.log for configuration error details." ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0 SMS_WSUS_SYNC_MANAGER 5/18/2020 2:00:01 PM 3660 (0x0E4C) Setting sync alert to active state on site SCC SMS_WSUS_SYNC_MANAGER 5/18/2020 2:00:01 PM 3660 (0x0E4C)Sync time: 0d00h00m00s SMS_WSUS_SYNC_MANAGER 5/18/2020 2:00:01 PM 3660 (0x0E4C)Skipping Delete Expired Update relations since this is not a scheduled sync. SMS_WSUS_SYNC_MANAGER 5/18/2020 2:00:01 PM 3660 (0x0E4C)Inbox source is local on SCCMSERVER.SCCM1.Local SMS_WSUS_SYNC_MANAGER 5/18/2020 2:00:01 PM 3660 (0x0E4C) I have restart some of the SCCM services in service.msi (couldn't find all services inside) but SCCM is not running correctly. The WSUS is installed in add roles and features Windows Server 2016, but i really doesn't know why it cannot detect my WSUS on which installed in another server. So do i need to reinstall the SCCM console again? May any kind souls please enlighten me. Thank You
  25. We have some Dell Optiplex 7070 computers, and I'm trying to deploy a Windows 10 1909 image to them without changing the default bios configuration, which comes set to "Raid On" in Sata Operation. The default dell image works fine, so I'm not sure why ours does not. I'm imported all of the drivers that I could find for this model and intel storage in general. The task applies the OS and works in winPE fine, but after rebooting just gets a blue screen. How do I get this working? Thanks
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.