Hi,
How to stop Patch update in Particular Machine our Full Collections.
Wt are the things want to do in Client and Server ?
Regards, Hari Prasad.D
↧
How to stop Patch Update in Particular Machine in Collection
↧
SQL Server sysadmin rights
Hi all
I have this error when doing the Prerequisite installation check. I dont have any experience with SMS2003. Our company just decide to buy SCCM because of the Office 2007 deployment. I create a virtual server for itself. Install SQL server 2005 on that virtual server as well. But when i do the prerequisite installation check, I have this error "SQL Server sysadmin rights"
Either the user account running Configuration Manager Setup does not have sysadmin SQL Server role permissions on the SQL Server instance targeted for site database installation or the SQL Server instance could not be contacted to verify permissions. Setup cannot continue.
I have no experience with SQL that's why dont know how to solve it.
And I put MSCM as a SQL Server name because that is a server name for that server. What do I need to put in the Management point?
Thank you.
enz
↧
↧
Enabling BitLocker TPM with a script on first startup
Hi,
I want to enable BL with TPM and RK in AD after the first boot. This because we want Dell to setup the TS we made, and we allready made the machines join the domain at first startup when it's connected to the network. The next step will be to enable BL after that.
Is there a script we can use to do this automaticly? We want this for our laptops, and since we can't enable bitlocker in the TS since it's not joined to our domain we have to do this after it joins. I've had a look at "BitLocker Sample Deployment Script" at the gallery, but I'm not sure this is the right one to use. Since I'm kinda new to this, it would be great to get some info on how to do this.
- Daniel
↧
SCCM 2007: robust way to correct faulty clients (IE8 update failing, issue on pc's are root cause)
Hi,
We have a roll-out of IE8 on SCCM 2007. We discovered 20 some clients just don’t get the update. When we check, different issues occur like “Unable to find or read WUA Managed server policy.”
Now, we don’t have the time to investigate each case so we would like a robust way to trigger a correction on each pc (deploy package for correction on each pc).
So the question is, have you had something similar and what diid you do? Iow what would be the best option to fix each pc with least impact (preventing reboot). F.e. this wmrepair I found somewhere(?)
Please advise. J.
echo on
cd /d c:\temp
if not exist %windir%\system32\wbem goto TryInstall
cd /d %windir%\system32\wbem
net stop winmgmt
winmgmt /kill
if exist Rep_bak rd Rep_bak /s /q
rename Repository Rep_bak
for %%i in (*.dll) do RegSvr32 -s %%i
for %%i in (*.exe) do call :FixSrv %%i
for %%i in (*.mof,*.mfl) do Mofcomp %%i
net start winmgmt
goto End
:FixSrv
if /I (%1) == (wbemcntl.exe) goto SkipSrv
if /I (%1) == (wbemtest.exe) goto SkipSrv
if /I (%1) == (mofcomp.exe) goto SkipSrv
%1 /RegServer
:SkipSrv
goto End
:TryInstall
if not exist wmicore.exe goto End
wmicore /s
net start winmgmt
:End
Jan Hoedt
↧
SCCM 2007 SP2 Mixed mode. Failed to send reqistration request message 0*80040231
Hello!
I have one primary site and two secondary (with installing MP-role). AD extended (all ok).
Clients of one secondary are all fine.
But all clients of other secondary cannot send requstration requests.
In logs I found next:
ccmexec.log
Error registering hosted class
Failed in WinHTTPSendrequestAPI, Error code=0*2efd
clientIDManagerStartup.log:
Failed to send registration request message 0*80040231
IIS logs - all ok (200)
Ping from clients to Secondary site (with MP role) - ок
http://<mp site>/sms_mp/.sms_aut?mplist - ок
I founded, that in AD, problem secondary site doesn't have attribute ServiceBindinformation...
What is problem?
↧
↧
Custom MDT Script in TS Fails?
I was hoping that you could be so kind and tell me if I am on the wrong path with my custom MDTscript that I use in a SCCM task sequence.
I have done some custom scripts before that is working so I thought I had the concepts clear, but I am running into strange issues and time is running out as always.
Problem #: I am trying to do something as simple as using the built in SerialNumber MDT variable in my custom script. I am using a scripttemplate that references the ZTIUtility.vbs and in the script I search for computers in Active Directory with the serialnumber
as part of the computername. The ADsearchstring looks like this, but when I run the script in my Task Sequence oEnvironment.Item("
objCommand.CommandText = "SELECT distinguishedName FROM 'LDAP://ou=CLIENTS,dc=Contoso,dc=com'WHERE objectCategory='computer' AND name='*" & oEnvironment.Item("SerialNumber" ) & "*'"
I have a use toolkit package and gatherstep before running my custom script so the SerialNumber property should be populated as I understand it?
If I start a CMD (F8) window in the running Task Sequence , cd to the MDTscriptsfolder and run ZTIGather manually and after that start my custom script it works as intended and theoEnvironment.Item("
Can you see something wrong with my concept?
↧
Create DP a local site and ship to remote site
Quick question:
If I have eight remote sites that are branch DPs, and I'm shipping replacement devices (workstations) to each location, can I stand up the servers locally, create the DP in ConfigMgr, distribute the content (packages), and then ship the machine to the
remote site? When it comes online at the remote location, will it work as required? I'm already accounting for putting the DPs in the correct boundaries and whatnot. These will be branch DPs.
Seems like it should work fine but I wanted another set of eyes on it. Thanks.
-Nick O.
↧
Create SCCM Report to show TPM status
Hi all,
am trying to generate report on SCCM 2007 R3 to show TPM status whether existed or not. can anyone help me with this.
Thanks,
Kareem Behery
↧
Remove Central site from SCCM 2007 hierarchy
Hi
Here's my hierarchy:
R01 - Reporting Site (Actually Central site but we dont have clients assigned here, used only for reporting)
C01 - Central Site
5 Child Primary Site
I want to get rid of R01 and have C01 has the top most server in my hieararchy. Whats the best practice for this?
I plan on going to C01 console - Properties of the site - Set Parent Site -- Select Central Site.
After that I plan on going to R01 server and uninstalling SCCM from control panel, and clean up R01 site from AD.
Do I need to do anything else? Do I need to clean up registry keys off of C01 and child primary sites? Addresses?
Thanks for the help
↧
↧
SCCM child primary giving performance issue
what to be check and where to look when one of the sccm child Primary site giving performance issue.
↧
Child Site disconnected from Parent
I have a pretty simple question but cant manage to find the answer.
I am wondering how long could a Child Primary site be disconnected from its parent without having any issues once it comes back up. Could someone refer me to a Microsoft document stating the answer.
Thank you,
George S.
↧
Uninstalling SCCM Client
hallo,
how can i uninstall the SCCM Client ? I cannot see a option in ADD/Remove Programs.
thx
Oliver
↧
Failed to extend the Active Directory schema for SCCM
<02-25-2012 14:03:45> Modifying Active Directory Schema - with SMS extensions.
<02-25-2012 14:03:46> DS Root:CN=Schema,CN=Configuration,DC=BOA,DC=CO,DC=IN
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-Site-Code. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=mS-SMS-Assignment-Site-Code. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-Site-Boundaries. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-Roaming-Boundaries. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-Default-MP. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=mS-SMS-Device-Management-Point. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-MP-Name. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-MP-Address. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=mS-SMS-Health-State. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=mS-SMS-Source-Forest. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-Ranged-IP-Low. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-Ranged-IP-High. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=mS-SMS-Version. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=mS-SMS-Capabilities. Error code = 8224.
<02-25-2012 14:03:46> Failed to create class cn=MS-SMS-Management-Point. Error code = 8202.
<02-25-2012 14:03:46> Failed to create class cn=MS-SMS-Server-Locator-Point. Error code = 8202.
<02-25-2012 14:03:46> Failed to create class cn=MS-SMS-Site. Error code = 8202.
<02-25-2012 14:03:46> Failed to create class cn=MS-SMS-Roaming-Boundary-Range. Error code = 8202.
<02-25-2012 14:03:46> Failed to extend the Active Directory schema, please find details in "C:\ExtADSch.log".
<02-25-2012 14:03:46> DS Root:CN=Schema,CN=Configuration,DC=BOA,DC=CO,DC=IN
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-Site-Code. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=mS-SMS-Assignment-Site-Code. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-Site-Boundaries. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-Roaming-Boundaries. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-Default-MP. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=mS-SMS-Device-Management-Point. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-MP-Name. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-MP-Address. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=mS-SMS-Health-State. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=mS-SMS-Source-Forest. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-Ranged-IP-Low. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=MS-SMS-Ranged-IP-High. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=mS-SMS-Version. Error code = 8224.
<02-25-2012 14:03:46> Failed to create attribute cn=mS-SMS-Capabilities. Error code = 8224.
<02-25-2012 14:03:46> Failed to create class cn=MS-SMS-Management-Point. Error code = 8202.
<02-25-2012 14:03:46> Failed to create class cn=MS-SMS-Server-Locator-Point. Error code = 8202.
<02-25-2012 14:03:46> Failed to create class cn=MS-SMS-Site. Error code = 8202.
<02-25-2012 14:03:46> Failed to create class cn=MS-SMS-Roaming-Boundary-Range. Error code = 8202.
<02-25-2012 14:03:46> Failed to extend the Active Directory schema, please find details in "C:\ExtADSch.log".
↧
↧
Error 1913. Could not update the ini file SMSCFG.INI and the .ini file is missing
Hello all,<o:p></o:p>
I'm trying
to install the client Win7 Pro 64bit. I am getting the following error in event
viewer
Configuration Manager Client -- Error 1913. Could not update the ini file
SMSCFG.INI. Verify that the file exists and that you can access it.
ccmsetup log shows the following error.
MSI could not update the ini file SMSCFG.INI. Verify that the file exists and
that you can access it.
Installation failed with error code 1603.<o:p></o:p>
client
installation has failed to many times. CCMSetup will now abort.<o:p></o:p>
Request
failed: 404 not found.<o:p></o:p>
I do not
see the smscfg.ini file in the windows directory. I've tried uninstalling then
reinstalling the client, verifying everything that is SCCM related is cleaned
(reg and all).<o:p></o:p>
this is a
brand new system, never had SCCM on it before. <o:p></o:p>
only system
with this issue. have tried letting the GPO install SCCM like normal.. same
issue, tried client push.. Same issue, tried cmd line install.. Same issue,
tried my client repair/install .bat file... same issue, all install attempts are
being done using an account hat has the appropriate rights for everything. this
is the only system in my entire network(50,000 +) that i have ever hit this on.<o:p></o:p>
Nothing is
working.<o:p></o:p>
i saw a
post like this before and the answer marked was to delete the .ini file reboot
and install, well my system never gets the .ini created on it.<o:p></o:p>
any ideas
how to fix this?<o:p></o:p>
thanks,<o:p></o:p>
↧
Delete orphan/stale site servers from parent server
Hi,
I have a parent server with a few stale site servers that are offline and were not removed from the system. I would like to delete them from the parent server. Can someone give me a method to remove them from the parent server?
↧
SCCM Console deployment
Simple question the answer is elusive.
Purchased SCCM and need to deploy additonal consoles, Do I need to purchase additional SCCM's or can I deploy the console from the original purchase in more 2 or more times?
Thanks
↧
Client Push no longer works using machine account (Site Server's Computer Account)
Client Pushes are working fine using the user account configured in the "Client Push Installation accounts" properties but it is my understanding that if you do not configure a user account or the user account you have configured doesn't have local admin rights on the client, the Client Configuration Manager (CCM) will attempt to use the Site Server's computer account to perfrom the install (Running Advanced Security in Mixed Mode - Schema Extended). This is confirmed by looking at the ccm.log site log. The ccm.log shows the CCM will first try using the user account and if that fails, will try using the site server's computer account (a.k.a machine account) to connect to the administrative share (admin$) on the client but it fails with the following error:
---> Attempting to connect to administrative share '\\xxxxxxx\admin$' using machine account. SMS_CLIENT_CONFIG_MANAGER
---> Failed to get token for current process (5) SMS_CLIENT_CONFIG_MANAGER
---> ERROR: Failed to connect to the \\xxxxxxx\admin$ share using account 'Machine Account' SMS_CLIENT_CONFIG_MANAGER
Also, every 20 minutes (1200 seconds) a Account Cleanup Operation occurs in the ccm.log:
~ Doing Account Cleanup Operation .... SMS_CLIENT_CONFIG_MANAGER
~ Processing domain XXXX SMS_CLIENT_CONFIG_MANAGER
~ Trying each entry in the SMS Client Remote Installation account list SMS_CLIENT_CONFIG_MANAGER
~ Attempting to connect to administrative share '\\\admin$' using account 'xxxx\xxxxxxx' SMS_CLIENT_CONFIG_MANAGER
~ WNetAddConnection2 failed (LOGON32_LOGON_NEW_CREDENTIALS) using account xxxx\xxxxxxx (000004b3) SMS_CLIENT_CONFIG_MANAGER
~ WNetAddConnection2 failed (LOGON32_LOGON_INTERACTIVE) using account xxxx\xxxxxxx (000004b3) SMS_CLIENT_CONFIG_MANAGER
~ Attempting to connect to administrative share '\\\admin$' using machine account. SMS_CLIENT_CONFIG_MANAGER
~ Failed to get token for current process (5) SMS_CLIENT_CONFIG_MANAGER
~ ERROR: Failed to connect to the \\\admin$ share using account 'Machine Account' SMS_CLIENT_CONFIG_MANAGER
~ Failed to connect to Server. Error 5 SMS_CLIENT_CONFIG_MANAGER
~ Account Cleanup Operation Completed successfully. SMS_CLIENT_CONFIG_MANAGER
- Both accounts (Site Server and Client Push User account) have local admin rights on the clients.
- Firewall settings have been properly configured...even turned off the firewall to make sure it wasn't a firewall issue (shotgun troubleshooting)
- On the Site server, opened up cmd.exe under the system account (psexec -s -i cmd.exe) and was able to map a drive to the admin$ on the clients
- Checked NTLM Group Policy settings and DCOM security...all appear to be fine
Like I said earlier, the user account works fine but I have some departments that refuse to allow that user account to have local admins rights on their systems but will allow the Site Server's computer account. (Tighter security using computer account vs. user account.)
↧
↧
Removing Sites\Creating Independant SCCM2007 Structure
Hi I've got a task that I haven't seen much info on: I've got a current SCCM 2007 infrastrucutre that is going to be split; my sites are already in the target domain and we were thinking of removing the relationship with the current Central Site and making a Primary a new Central Site for the new infrastructure.
After thinking about this it seems that the new strucutre will still have all the info (dP's sites etc) from the original -once seperated I can remove the unneeded sites and dp's and that info should now just replicate within the new strucuture.
Is this possible? Will there be any impact on the software repository?
Thanks for any insight into this.
↧
Child site not communication with parent
Hello everyone,
One of my child sites stopped communicating with the parent. However the parent can communicate with the child. For example, I can create a package on the parent and push it to the child site. The child site will receive it and it will install on the DP but the parent shows the DP empty and pending installation. The child is not replicating the data back to the parent. Also all of my clients on the child site is no longer showing up on the parent.
↧
W2k8R2 Client Firewall Port(s) to be open to read Client Log Files from Cfg Mgr Console
Hi all!
Communication seems to work fine between my client servers and my SCCM 2007R2 console, except when I try to read the Client Log files from Cfg Mgr. I know it is because of the client firewall, because if I turn it off, I can read them.
So far, on the client server, ports 80, 137, 139, 443, 445 and 135 (UDP & TCP) are open, in addition to any TCP port specifically for the CCMExec.exe app, yet, can't get to reading the logfiles (error message: There was no reply fromserver-client the folder could not be opened.
Anyone has an idea of which other port is needed?
I check the following, but it doesn't go into the specificity of my problem.
http://technet.microsoft.com/en-us/library/bb632618.aspx
↧