This could happened because of not supported versions to fix this you need to apply a patch KB2489044. (I ran into this problem today at a customer place and fix is below)
Friday, May 20, 2011
Asset Intelligence Sync Public Certificate Expired
You may see in AIUpdateSvc.log has entries of “WebException trying to enroll: Status = ProtocolError” and “Exception attempting sync - The request failed with HTTP status 403: Forbidden.”
this could because of your SCCM Public certificate expired. yes by default Microsoft will install a public certificate that will expires on 3 years i.e., 4/25/2011.
To resolve this you need to Update the Certificates for Asset Intelligence
- Configuration Manager 2007 Service Pack 2: Install hotfix KB2483225. This hotfix installs the updated public certificate for System Center online authentication and no further action is required. As part of the hotfix installation, the updated certificate is configured for the Asset Intelligence synchronization point and your specific certificate will be automatically renewed. For more information about this hotfix, see http://support.microsoft.com/kb/2483225/en-us.
- Configuration Manager Service Pack 1: Obtain a certificate file and manually configure the Asset Intelligence synchronization point to use the updated public certificate for System Center online authentication. Use the following steps:
- Email ai-cert@microsoft.com to request a certificate file that contains the updated public certificate for System Center online authentication. Please note that this alias is for certificate distribution only and not for support questions.
- Store the certificate file in a location that is accessible to the site server.
- In the Configuration Manager console, navigate to System Center Configuration Manager / Site Database (<site code> - <site name>) / Site Settings / Site Systems.
- Click the Asset Intelligence Synchronization point site system computer name.
- Select the Asset Intelligence synchronization point, and click Properties.
- On the General tab of the Asset Intelligence Synchronization Point Properties, specify the path to the new System Center Online authentication certificate (.pfx) file, and click OK.
Thursday, May 19, 2011
old version of SCCM Clients Collection
Some times old version could cause of some issues… below is a quick query to find the old version of systems
select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where ((DATEDIFF(hh, SMS_R_SYSTEM.AgentTime, getdate()) < 23) and AgentName = "SMS_AD_SYSTEM_DISCOVERY_AGENT") and ( SMS_R_System.ClientVersion is null)
Patching Collections
All computers that are in a state of pending restart:
select SMS_R_SYSTEM.ResourceID, SMS_R_SYSTEM.ResourceType, SMS_R_SYSTEM.Name, SMS_R_SYSTEM.SMSUniqueIdentifier, SMS_R_SYSTEM.ResourceDomainORWorkgroup, SMS_R_SYSTEM.Client from sms_r_system AS sms_r_system inner join SMS_UpdateComplianceStatus as c on c.machineid=sms_r_system.resourceid where c.LastEnforcementMessageID = 9
All computers that failed to install an update:
select SMS_R_SYSTEM.ResourceID, SMS_R_SYSTEM.ResourceType, SMS_R_SYSTEM.Name, SMS_R_SYSTEM.SMSUniqueIdentifier, SMS_R_SYSTEM.ResourceDomainORWorkgroup, SMS_R_SYSTEM.Client from sms_r_system inner join SMS_UpdateComplianceStatus on SMS_UpdateComplianceStatus.machineid=sms_r_system.resourceid where SMS_UpdateComplianceStatus.LastEnforcementMessageID = 11
All computers that are waiting for another installation to complete:
select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from sms_r_system AS sms_r_system inner join SMS_UpdateComplianceStatus as c on c.machineid=sms_r_system.resourceid where c.LastEnforcementMessageID = 3
SCCM Advertisement Status Failed systems Collection
To create a collection based on failed advertisement systems.
SELECT sys.ResourceID,sys.ResourceType,sys.Name,sys.SMSUniqueIdentifier,sys.ResourceDomainORWorkgroup,sys.Client FROM sms_r_system as sys inner join SMS_ClientAdvertisementStatus as offer on sys.ResourceID=offer.ResourceID
WHERE AdvertisementID = ‘CEN12345' and LastStateName = "Failed"
Windows Vista Service Pack 1? SP1 support ends on July 12, 2011
if you are running with Windows Vista Service Pack 1? SP1 support ends on July 12, 2011
Wednesday, May 18, 2011
SCCM Status MessageID for Patching for easy troubleshooting
11700 101 Failed Scan Tool for this update is not available
11701 101 Failed Scan Tool for this update failed
11702 101 Failed The contents hash for this update provided in policy does not match with the contents downloaded
11703 101 Failed The contents for this update could not be located
11704 101 Failed Contents size for this update exceed free cache size available
11705 101 Failed Contents size for this update exceed total cache size available
11706 101 Failed Failed to download contents for this update
11707 101 Failed This Update cannot be attempted due to invalid commandline
11708 101 Failed This Update application failed
11709 101 Failed This Update did not finish in allocated time
11710 101 Failed Creation of process failed for this update
11711 101 Failed Failed to get installer path for this update
11712 101 Failed Failed to monitor process for this update after service restart
11713 101 Failed SMS internal error occurred for this update
11714 101 Failed Bundle update failed to get content for this update
11715 101 Failed Bundle update failed to install this update
11716 101 Failed Bundle update failed to evaluate the applicability of its leaf updates
11717 101 Failed No current or future maintenance window is available to accomodate this update with max runtime
11750 101 Failed Updates enforcement job failed for this assignment
11751 101 Failed Updates failures occured during enforcement of this assignment
11752 101 Failed Some updates are still non-compliant after enforcemet completion of this assignment
11753 101 Failed Post restart updates compliance checking failed
11754 101 Failed Failed to initiate enforcement of this assignment
11755 101 Failed Failed to initiate updates evaluation for this assignment
11756 101 Failed Updates evaluation job completed with failure for this assignment
11757 101 Failed Invalid policy received for this assignment
11758 101 Failed Failed to initiate updates advance download for assignment
11759 101 Failed Updates advance download job completed with failure for assignment
11760 101 Failed No maintenance window is defined to accommodate at least one update in the deployment
Who is installed Software's ?
Collection for computers that failed to run an advertisement
http://blog.coretech.dk/confmgr07/collection-for-computers-that-failed-to-run-an-advertisement/
Who is installed Software's ?
http://blog.coretech.dk/confmgr07/config-mgr-inventory-and-reporting/audit-software-installations/
Troubleshooting SCCM Software Updates
http://www.myitforum.com/myITToolbar/frame-click.asp?
VB Script to Clear SCCM Client Cache (C:\Windows\System32\CCM\Cache)
-------
on error resume next
dim oUIResManager
dim oCache
dim oCacheElement
dim oCacheElements
set oUIResManager = createobject(“UIResource.UIResourceMgr”)
if oUIResManager is nothing then
wscript.echo “Couldn’t create Resource Manager – quitting”
wscript.quit
end if
set oCache=oUIResManager.GetCacheInfo()
if oCache is nothing then
set oUIResManager=nothing
wscript.echo “Couldn’t get cache info – quitting”
wscript.quit
end if
set oCacheElements=oCache.GetCacheElements
for each oCacheElement in oCacheElements
oCache.DeleteCacheElement(oCacheElement.CacheElementID)
next
set oCacheElements=nothing
set oUIResManager=nothing
set oCache=nothing
----------
Do you want to collect all clients LOG files to send it to some one ?
use this script below …
1. Create a folder and place the following batch files and txt file on it: Collect.bat, TestAll.bat, TestPC.bat, and Computers.txt. The codes for the batch files are given below. Place the name or ip address of the machines in computers.txt (one computer name/ip address per line)
2. Run TestAll.bat
3. A folder named “Result” will be created inside the folder where the batch files are located. This folder will contain the log files of the machines that you entered in computers.txt
A. Collect.bat
MD .\Result\%1
MD .\Result\%1\CCMLog
MD .\Result\%1\CCMSETUPLog
xcopy \\%1\admin$\system32\ccm\logs\*.* .\Result\%1\CCMLog /E /Y
xcopy \\%1\admin$\system32\ccmsetup\*.log .\Result\%1\CCMSETUPLog /E /Y
B. TestAll.bat
rd /Q /S .\Result_OLD
Move /Y .\Result .\Result_OLD
rd /Q /S .\Result
MD .\Result
del FailPing.txt
del FailConnect.txt
del Succeed.txt
for /f %%i in (computers.txt) do call TestPC %%i
C. TestPC.bat
@echo off
REM usage: TestPC PCName
if not %1. == . goto INSTALL
Echo Usage: TestPC PCName
goto END
:INSTALL
REM @echo on
Echo Now test %1
Echo Now try to ping %1
ping %1 -n 1 | find /i “ttl=” && Goto ONLINE
Goto OFFLINE
:ONLINE
Echo can ping %1
Echo Now try to connect to \\%1\Admin$
Dir \\%1\Admin$ >nul
If ERRORLEVEL=1 goto ConnectionFailed
Echo Connection test succeeded for %1. Can connect to \\%1\admin$.
Echo %1 >>.\result\Succeed.txt
Echo Now collecting data
call Collect.bat %1
goto END
:OFFLINE
echo cannot ping %1
Echo %1 >>.\result\FailPing.txt
goto Failed
:ConnectionFailed
Echo cannot connect to \\%1\admin$.
Echo %1 >>.\result\FailConnect.txt
goto Failed
:Failed
Echo Connection test failed for %1
:END
Echo.
D. Computers.txt
Hydration – Microsoft Free Test Lab for POC (Proof of Concepts)
Source:- http://blog.coretech.dk/mip/set-up-a-sccm-test-environment-in-no-time/
You can download it from Microsoft Connect here https://connect.microsoft.com/pocjumpstart, just scroll down to the bottom and look for PoC – Jumpstart 10 Day – Hydration Kit. And be aware that license terms of the different software is still in effect..
Here is a download for deploying a few different servers in a datacenter, all fully automated. The servers are two domain controllers, one deployment server with WDS, and one ConfigMgr 2007 SP2 R2 server...
Big thanks to Ben Hunter and Michael Niehaus (Both Microsoft) who started the Hydration Era more five years ago by creating hydration structures and scripts... Microsoft DDPS partners knows this, rest of the world - probably not (until now :) )...
Screenshot of the server roles and configuration
The Task Sequence for the CM01 - ConfigMgr 2007 SP2 Server
View the Video that shows the setup
Play (Stream) or Download (MP4)
Downloads
Download the Hydration solution (72 kb)
Hydration installation instructions
Step 1 - Download the necessary software
On your Hyper-V host, create the C:\Downloads folder and download the following software:
-
ConfigMgr 2007 R2
-
ConfigMgr 2007 with SP2
-
ConfigMgr 2007 Toolkit V2
-
PowerShell Management Library for Hyper-V
(http://pshyperv.codeplex.com/releases/view/38769) -
SQL Server 2008 R2 Enterprise x64
-
SQL Server 2008 R2 Express x64 with Management Tools
-
Windows Server 2008 R2 Enterprise
Step 2 - Prepare the Hydration environment
- Configure Execution Policy in PowerShell, by typing the following in a PowerShell prompt:
Set-ExecutionPolicy Unrestricted
- Extract the HydrationMDT2010.zip file to C:\HydrationMDT2010
- Edit the C:\HydrationMDT2010\HydrationSource\Applications\ConfigMgr 2007 SP2\ConfigMgrUnattend.ini and add the real PID (AAAAA-BBBBB-CCCCC-DDDDD-EEEEE is the place holder), To find out what PID you have, start the ConfigMgr 2007 Setup on a Server, and a few steps into the setup wizard the PID will be displayed. Please note that the setup needs to be executed on a domain member server, otherwise you will only be able to install the ConfigMgr console, and the PID will not be displayed.
- Create the Hydration Deployment Share by running the 1_CreateHydrationDeployment.ps1 script
- Copy the following folders C:\HydrationMDT2010\HydrationSource to C:\Hydration, replace any existing files.
Applications
Control
Operating Systems
Scripts
- Copy the ConfigMgr 2007 Toolkit V2 installation files (ConfigMgrTools.msi) to the C:\Hydration\Applications\ConfigMgr 2007 Toolkit V2\Source folder.
- Copy the ConfigMgr 2007 SP2 installation files to the C:\Hydration\Applications\ConfigMgr 2007 SP2\Source folder.
- Create the C:\Tmp\PreReqs folder, and run the C:\Hydration\Applications\ConfigMgr 2007 SP2\Source\SMSSETUP\BIN\I386\Setup.exe file with the /Download C:\Tmp\PreReqs command line option.
- Move the content of the C:\Tmp folder to the C:\Hydration\Applications\ConfigMgr 2007 SP2\Source\PreReqs folder
- Copy the ConfigMgr 2007 R2 installation files to the C:\Hydration\Applications\ConfigMgr 2007 R2\Source folder
- Copy the C:\Hydration\Applications\ConfigMgr 2007 SP2\Source\SMSSETUP\BIN\I386\EXTADSCH.exe to C:\Hydration\Applications\Extend ConfigMgr 2007 Schema\Source
- Copy the SQL Server 2008 R2 installation files to the C:\Hydration\Applications\SQL Server 2008 R2\Source folder
- Copy the SQL Server 2008 R2 Express installation (en_sql_server_2008_r2_express_with_management_tools_x64.exe) files to the C:\Hydration\Applications\SQL Server 2008 R2 Express\Source folder.
- Copy the Windows Server 2008 R2 Enterprise files to C:\Hydration\Operating Systems\Windows Server 2008 R2 x64
- Create the HydrationServers media item by running the 2_CreateHydrationMediaItem.ps1 script
- Copy the C:\HydrationMDT2010\Media001\Control folder to C:\HydrationServers\Content\Deploy, replace existing files
- Update the HydrationServers media item by running the 3_UpdateHydrationServersMedia.ps1 script
Step 3 – Create and deploy the virtual machines
- Install the PowerShell Management Library for Hyper-V by running the install.cmd script, ignore any errors about .NET Framework
- Verify that the files are not having any alternative data streams, if they do, remove it (using explorer or streams from Sysinternals).
- Create the virtual machines by running the 4_CreateVirtualMachines.ps1 script.
- Using Hyper-V Manager
- Start the DC01 virtual machine, and wait until the setup is complete
- Start the DC02 virtual machine, and wait until the setup is complete
- On DC01, verify that AD replication works with DC02.
- Start the MDT01 virtual machine, and wait until the setup is complete
- Start the CM01 virtual machine, and wait until the setup is complete
Done... Good luck with your hydrations...
A consolidated Report for Patch Deployments
to get the consolidated Report for all your deployments / instead of depending on dashboard you can view this PVT Report
Source:- http://blog.coretech.dk/kea/status-report-for-software-update-deployments/
Select Deploymentname, Available, Deadline,
cast(cast(((cast([Compliant] as float) / (ISNULL([Compliant], 0) + ISNULL([Enforcement state unknown], 0) + ISNULL([Successfully installed update(s)], 0) + ISNULL([Failed to install update(s)], 0) + ISNULL([Installing update(s)], 0) + ISNULL([Waiting for another installation to complete], 0) + ISNULL([Pending system restart], 0) + ISNULL([Downloading update(s)], 0)))*100) as Numeric(10,2)) as varchar(256)) + '%' AS '%Compliant',
[Compliant],
[Enforcement state unknown],
[Successfully installed update(s)],
[Failed to install update(s)],
[Installing update(s)],
[Waiting for another installation to complete],
[Pending system restart],
[Downloading update(s)]
From
(select
a.AssignmentName as DeploymentName,
a.StartTime as Available,
a.EnforcementDeadline as Deadline,
sn.StateName as LastEnforcementState,
count(*) as NumberOfComputers
from v_CIAssignment a
join v_AssignmentState_Combined assc
on a.AssignmentID=assc.AssignmentID
join v_StateNames sn
on assc.StateType = sn.TopicType and sn.StateID=isnull(assc.StateID,0)
group by a.AssignmentName, a.StartTime, a.EnforcementDeadline,
sn.StateName) as PivotData
PIVOT
(
SUM (NumberOfComputers)
FOR LastEnforcementState IN
( [Compliant],
[Enforcement state unknown],
[Successfully installed update(s)],
[Failed to install update(s)],
[Installing update(s)],
[Waiting for another installation to complete],
[Pending system restart],
[Downloading update(s)])
) AS pvt
Software Updates Status messages
Software Updates Status messages are three major types and these are
and each of these are again sub categorized as below.. we can see these message when we ran the software updates reports in SCCM.
Monday, May 16, 2011
POC New released from MS
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=26301cd1-cc72-4dd8-819e-12ef48322743
The PoC Jumpstart provides resources to deploy a desktop PoC with Windows 7, Office 2010, Internet Explorer 8, and Application Virtualization with Microsoft Desktop Optimization Pack technology.
Overview
This self-contained, self-service kit will help you complete a Proof-of -Concept (PoC) at your organization, allowing you to quickly evaluate the new Microsoft desktop technologies, including Windows 7, Office 2010 Pro Plus, Internet Explorer 8, and Application Virtualization with Microsoft Desktop Optimization Pack technology App-V. It will also familiarize you with some of the important deployment tools provided by Microsoft to assist with your broader deployment efforts. This PoC is not meant to be comprehensive training mechanism but rather an introductory set of modules to familiarize you with tools and technologies.
• Microsoft Windows Server 2008 Enterprise Edition – A platform that helps IT Professionals increase the flexibility and reliability of their server infrastructure.
• Microsoft Assessment and Planning Toolkit (MAP) – A tool to assess your hardware readiness for Windows 7 and Office 2010.
• Microsoft Application Compatibility Toolkit (ACT) – A tool to assess your software readiness for Windows 7 and Office 2010.
• Microsoft Office Migration and Planning Manager (OMPM) – A tool to assess and upgrade Office versions and files.
• Microsoft Office Environment Assessment Tool (OEAT) – A tool to assess Office add-ins.
• Microsoft Office Code Compatibility Inspector (OCCI) – A tool guide remediation of Office VBA code.
• Microsoft Security Compliance Manager (SCM) – A tool guide management and customization of group policy settings
• Microsoft Deployment Toolkit – A tool to create, configure, and deploy custom images, applications, and components.
• Windows 7 Enterprise 90-day Trial image – This evaluation edition forms the base image for deployment on client computers.
• Microsoft Office Professional Plus 2010 – Evaluation version - both MSI and App-V sequenced package.
• Microsoft Visio Premium 2010 – Evaluation version.
• Microsoft Project Professional 2010 – Evaluation version.
• Office 2010 with Application Virtualization – This system is deployed virtually to streamline and centralize operations.
• Microsoft SQL Server 2008 R2 Evaluation Edition – This database system is used to store tool results.
The PoC Jumpstart is intended to show you that an upgrade to new Microsoft Optimize Desktop technologies can be seamless, feasible, easy and cost-effective. The PoC Jumpstart will also shed light on the deployment process (tools and technologies) and give your organization confidence for undertaking a broader deployment motion. After completion of the PoC, you should have a test environment setup that will allow you to evaluate the various features of the Microsoft Optimized Desktop and help you make informed decisions to meet your business needs.
Good talking about Client Health common issues that we encounter in real world.
| ||
Subscribe to:
Posts (Atom)