--Systems Part of What Collections
SELECT v_R_System.Name0, v_Collection.Name FROM v_FullCollectionMembership INNER JOIN v_R_System ON v_FullCollectionMembership.ResourceID = v_R_System.ResourceID INNER JOIN v_Collection ON v_FullCollectionMembership.CollectionID = v_Collection.CollectionID WHERE (v_R_System.Name0 = 'Systemname')
For finding the 90 days old computers in the AD
DSQUERY COMPUTER "DC=MydomainName,DC=COM" -STALEPWD 90 -LIMIT 5000 >> C:\output.csv
for finding the 90 days old computers in the AD & action to delete with the output
DSQUERY COMPUTER "OU=COMPUTERS,DC=LANDESK,DC=COM" -STALEPWD 90 -LIMIT 5000 | DSRM -NOPROMPT >C:\Output.csv
you can find here http://tinyurl.com/289ho4y
Multicasting is a new feature of R2 in SCCM and is a welcome addition to the OSD feature. Multicast allows for image deployment with a much reduced network load. If, for example, you are deploying a 500 MB image to 20 workstations that have just arrived from the OEM then with normal OSD imaging you would see network traffic equal to around 10 Gig! Using multicasting would result in a significant decrease in network utilization. Depending on the configuration, as little as about 500 MB of traffic required to deploy to all 20 machines! This is the same amount of network traffic you would consume deploying to just a single imaging system using typical OSD imaging before multicast!
How do you setup multicast? Let's walk through the configuration that is required step by step.
First, we need to enable multicasting. Multicast requires a distribution point and the 'transport server' component of WDS installed on a Windows 2008 server. From there select the properties of the distribution point site system role and make sure the option for BITS, HTTP and HTTPS transfer is selected as shown
Note the new multicast tab that is added when R2 is installed. Select the multicast tab and enable multicasting.
There are two options when using multicast - autocast and scheduled multicast.
To enable autocast just select to enable multicast. In this configuration the multicast session starts as soon as the first machine powers up and requests the image. As additional machines are also booted up for imaging they will 'join' the current multicast session already in progress and consume the remainder of the stream. When the stream ends it will start again and the systems that joined late will consume the parts they missed. While autocasting isn't as efficient as scheduled multicast it is still significantly more efficient that standard OSD image delivery.
Scheduled multicast allows for more control of the multicast session. Here you choose either a time delay before starting the multicast session or a minimum number of clients that must join the session before it starts. The multicast session will start whenever either of the two requirements are met. The idea here is to allow the administrator time to get all of the systems started and ready and then all systems can load the image simultaneously - providing the best usage of network resources. Scheduled multicast is enabled by selecting the 'enable scheduled multicast' check box.
There are other configuration options on this screen but no extra configuration is required unless by your network. The 'out of the box' settings work fine for most environments.
In addition, while DHCP and Windows 2008 based WDS (transport component as noted earlier - the PXE boot piece does not need to be on the same server) are needed, there is no special configuration requirement for either to make use of multicasting.
The next step is to configure the image package to be deployed by multicast. In properties of the imported image, select the 'distribution settings' tab as shown
Select the option to allow the package to be deployed by multicast and optionally select the other two options. In my testing I tried to select to only allow the image to be transferred via multicast but this didn't seem to work. When I disabled multicast the image would still deploy, even with this option set.
in addition to enabling multicast for the image, you can also enable multicast on any package that is part of the image deployment. On each package select properties and then select the 'distribution settings' tab. the same options are available here as were on the image package as shown
As shown on both the image and the package, multicast is something that takes place in Windows PE only. So, setting these options per package will not result in the package being delivered via multicast through normal software distribution.
Finally, enable the task sequence advertisement to deliver the image via multicast. On the properties of the advertisement select the 'distribution points' tab as shown.
To enable multicast MAKE SURE you have selected to 'download content locally when needed by running task sequence'. This requirement isn't documented and I spent hours trying to understand why my multicast sessions weren't starting up before realizing this setting was required.
Thats it - we are now ready to go for delivering images via multicast. Let's walk through a couple of scenarios using autocast and scheduled multicast. In our scenarios we will use PXE booted systems but multicast also works fine when booting from media - the experience is just slightly different when in Windows PE.
Autocast - single machine
To test multicast generally you will use a single machine. So, what is your indication that multicast is actually working? When the image begins to deploy you will see that a multicast session is requested, the image is downloaded locally via multicast and then reassembled as shown in the following three screenshots.
Autocast - two machines
As mentioned, in autocast the first requesting machine will start the multicast as shown above. Any subsequent machines that boot up during the existing multicast session will join in progress and then loop back to the start and request the initial bits again. The screenshots below show two sysems - the one on the left was started ahead of the one on the right but both are downloading the same image. The one on the right started mid-stream.
After downloading the image the one on the left proceeds to extract while the one on the right finishes up getting the image.
Scheduled multicast works similarly except here the multicast session will not start until either time has expired or the minimum number of machines have joined the multicast session. The screenshot below shows a system waiting for either more systems to join or the timeout to expire.
So, while this is all going on - what is happening in the background to make this all work? The SMSTS log varies slightly in each scenario but the core details are the same. The SMSTS log section below is from a machine participating in an autocast multicast session.
In the log snip below we see the imaging system flag the multicast enabled distribution point that it wants to use for the multicast session, construct details for the multicast session request and then send the request to the multicast point
Continuing in the log we see the request information submitted to the multicast point followed by a reply with information the imaging system needs to join the multicast session. Once we get the proper information back from the multicast point we then request and establish the multicast session
Next we see the response from the multicast server, the session get setup and the download begin
Once downloaded we begin to reconstruct the wim file and start applying the image.
When initially setting up the multicast session we say reference to sending information to the multicast point. If we look in the mcsisapi log we see the request received, processed and the resulting reply sent back to the imaging agent as shown
There is certainly more 'behind the scenes' detail that takes place but this give a good picture, end to end, of how to configure, use and understand the process of using multicasting in R2.
one more virtual software
SUN V BOX :: http://www.virtualbox.org/wiki/Downloads
http://www.comptechdoc.org/os/windows/win2k/index.html
People can go through with the left side list from 1 to 75
1. Why not me?
2. Am I nice?
3. Am I doing what I really want to do?
4. What am I grateful for?
5. What’s missing in my life?
6. Am I honest?
7. Do I listen to others?
8. Do I work hard?
9. Do I help others?
10. What do I need to change about myself?
11. Have I hurt others?
12. Do I complain?
13. What’s next for me?
14. Do I have fun?
15. Have I seized opportunities?
16. Do I care about others?
17. Do I spend enough time with my family?
18. Am I open-minded?
19. Have I seen enough of the world?
20. Do I judge others?
21. Do I take risks?
22. What is my purpose?
23. What is my biggest fear?
24. How can I conquer that fear?
25. Do I thank people enough?
26. Am I successful?
27. What am I ashamed of?
28. Do I annoy others?
29. What are my dreams?
30. Am I positive?
31. Am I negative?
32. Is there an afterlife?
33. Does everything happen for a reason?
34. What can I do to change the world?
35. What is the most foolish thing I’ve ever done?
36. Am I cheap?
37. Am I greedy?
38. Who do I love?
39. Who do I want to meet?
40. Where do I want to go?
41. What am I most proud of?
42. Do I care what others think about me?
43. What are my talents?
44. Do I utilize those talents?
45. What makes me happy?
46. What makes me sad?
47. What makes me angry?
48. Am I satisfied with my appearance?
49. Am I healthy?
50. What was the toughest time in my life?
51. What was the easiest time in my life?
52. Am I selfish?
53. What was the craziest thing I did?
54. What is the craziest thing I want to do?
55. Do I procrastinate?
56. What is my greatest regret?
57. What has had the greatest impact on my life?
58. Who has had the greatest impact on my life?
59. Do I stand up for myself?
60. Have I settled for mediocrity?
61. Do I hold grudges?
62. Do I read enough?
63. Do I listen to my heart?
64. Do I donate enough to the less fortunate?
65. Do I pray only when I want something?
66. Do I constantly dwell on the past?
67. Do I let other people’s negativity affect me?
68. Do I forgive myself?
69. When I help someone do I think “What’s in it for me”?
70. Am I aware that someone always has it worse than me?
71. Do I smile more than I frown?
72. Do I surround myself with good people?
73. Do I take time out for myself?
74. Do I ask enough questions?
75. What other questions do I have?
Discovery Methods
Six methods of discovery are available in Configuration Manager 2007:
As Configuration Manager 2007 discovers resources, it creates records in the Configuration Manager database. This record is called a data discovery record (DDR) and the file generated has a .DDR extension. The specific information contained in each record varies depending on the resource "discovered," but it can include data such as the NetBIOS name of a computer, IP address and IP subnet of a computer or device, operating system, MAC address, and so on.
Depending on the discovery method used, resource DDRs are periodically regenerated to keep the discovery data up to date in the database and to verify that the resource is still a valid resource within the Configuration Manager 2007 site.
Now these methods what will discover?.. below are the discover use of each
Active Directory System Group Discovery
Organizational unit Global groups Universal groups Nested groups Nonsecurity groups
Active Directory System Discovery
Active Directory User Discovery
Network Discovery
Heartbeat Discovery :- Heartbeat Discovery is active only on computers that have already been installed as Configuration Manager clients.
It is important to ensure that any schedule you create causes the DDRs to be updated frequently enough so that the original DDR isn't viewed by Configuration Manager as obsolete or deleted from the database.Heartbeat Discovery updates existing DDRs rather than creating new ones. By default, it generates an updated DDR for each client every seven days, although this timing is configurable.
Heartbeat Discovery runs on installed Configuration Manager clients according to the schedule you specify. With this method enabled, the Client Component Installation Manager (CCIM) on the client causes the Cliex32.dll to generate a DDR, which is then written to the management point. This file is the same size as a normal DDR (approximately 1 KB per client), and so it will generate approximately the same network traffic.
Active Directory Security Group Discovery
he Configuration Manager 2007 Active Directory Security Group Discovery method searches for security groups by polling the closest Active Directory domain controller. The Active Directory domain can be in mixed mode or native mode.
Discovery Troubleshooting Flowcharts http://technet.microsoft.com/en-us/library/bb735871.aspx
Log files related to discovery
Adsysdis.log Active Directory System Discovery log file showing when the discovery method runs, and its results. Look for the number of DDRs created and any "bogus" entries.
Adsysgrp.log Active Directory System Group Discovery log file showing when the discovery method runs, and its results. Look for the number of DDRs created.
Adusrdis.log Active Directory User Discovery log file showing when the discovery method runs, and its results. Look for the number of DDRs created.
DISCOVERY HAS A DEPENDENCE OF CLEINT PUSH, IF DISCOVERY IS NOT ENABLED OR NOT DISCOVERED ANY SYSTEMS THEN CLIENT PUSH WILL NOT PUSH ON ANY SYSTEM’S
Scripts:- http://technet.microsoft.com/en-us/library/cc180843.aspx
If you deleted any system from SCCM / SMS console you can initiate the client discovery data cycle then client can be reappear in the console
Third party Discovery Tools :- enhanced discovery tool
The major discovery drop backs in SCCM is it will not do a delta discovery it will do from scratch.. that means it will not discover specific to the changes that has changed from last cycle.. to accomplish this you need to depend on Enhanced discovery tool http://www.systemcentertools.com/esd.html
now with SCCM R3 you can do delta discovery
if client installed it will come in Control Panel
if the client OS version is 32 bit then you can find the applets in the control panel directly, if it is 64 bit OS then you will get in 32-bit Control Panel items (The reason is sccm is a 32 bit application) also client will be installed in windows\ccmsetup for client installation
and for client logs in 64 located in
64 bit client log files location screenshot is below
Above is a example screenshot
There are 3 areas of consideration when troubleshooting access to the SMS provider and the site server.
1. Do you have the necessary privileges to the SMS provider on your site server?
2. Do you have the necessary security rights to the database?
3. Do you have the necessary privileges as far as WBEM is concerned?
4. Is WBEM working?
http://www.myitforum.com/articles/6/view.asp?id=250
http://support.microsoft.com/kb/317872
Verify that this computer has network connectivity to the SMS Provider
http://technet.microsoft.com/en-us/library/bb932213.aspx
Check the adminui.log and smsprov.log and smsdbmon.log
1. Add the Configuration Manager Secondary Site Server Computer account to the Group “SCCM-GROUP”. As mentioned in my previous article this group must be added on to the System Management Container Security tab with Full permissions in active directory users and computers snap in as shown below.
2. Add the computer account of Configuration Manager Secondary site server to the Local Group “SMS_SiteToSiteConnection_INC” which is present on the primary Site server.
Procedure:
Logon to primary Site Server- Open Computer management drill down to Local Users and Groups, Select groups and in that we will find a Local Group named as “SMS_SiteToSiteConnection_INC” as shown below. Go to the properties page and add secondary site server computer account.
3. Create a Sender Address with the Secondary Site Code and Primary Site Information.
Procedure:
Open SCCM2007 Primary Site Server management Console, drill down to Site Management-Site Code- Site Settings- Addresses.
Right Click on Addresses and create a new Standard Sender Address
On the new Standard Sender Address Wizard, enter the Destination Site Code that is the new site code which we will give at the time of Secondary Site server installation. In our case we will give INS.
Give the Site Server name that is the Secondary Site Server Name.
If you leave the Site address account empty, the sender will use Primary Site Computer account to establish communication between both the sites (Primary and Secondary). If you leave the default, Primary site computer account must have full permissions on the secondary site server.
We can also set a windows user account that is having full admin privileges on both the site servers.
In our case we will leave as it is to use the Primary site Computer account.
In our case we selected open from Sunday to Saturday and click next
Leave the defaults and click Finish, you can also modify these settings based on your organization needs.
Once done you will see the newly created connector as shown below.
4. Check the remote installation permissions of the account with which we are installing SCCM2007.
As discussed previously, we are using the Site server system account to establish communication between 2 sites, make sure we add the SCCM-Group into the Local Administrators group on the Configuration Manager Secondary Site Server.
To verify these
Log onto the Secondary site server and add the SCCM-GROUP account in the Local Administrators group of SCCM2007 Secondary site server.
5. The SCCM2007 Primary site server Computer account must have full admin privileges on the Secondary Site Server computer account.
6. The Service account with which we are installing secondary site server must have local admin privileges on the Secondary Site Computer account.
7. Install IIS 6.0 (IIS is used for Management Point and Fallback Status Point)
Installing secondary site is two methods one from SCCM Console and second one from direct media from secondary site. we will run with the second option.
On the installation Prerequisite Check windows select Secondary site and click ok
click OK
Click ok, and
Initiate the Configuration Manager 2007 installation
Click next on the available setup options page
Accept the License agreement and click next
On the site type windows select Secondary site and click next
Provide the installation directory for binary files and click next
On the Site Settings Windows Insert the site code which we entered at the time of Sender creation and provide the site name
In our case site code is INS and Site Name is MacroALLY Secondary Site Server
On the Parent Site Settings window, enter the Primary site code, which are INC and the Parent Site Server Name. Click next to proceed
On the Update Prerequisite Components page leave the defaults and click next
On the Updated Prerequisites path, enter the path to the folder were SCCM will download the updates and put it. Click next
On the settings summary page review the settings, if any changes go back to modify or proceed further with installation by clicking next
Setup will evaluate your system and cross checks all the prerequisites once more, if the status is green proceed further by clicking Begin install.
Setup starts installing the Configuration Manager Secondary site server
Click Finish and restart the server
open the console now after restart
And the Sender will be updated with the necessary information as shown below
Vise Versa in the Secondary site settings-Address, you will also see a sender address created for Primary server as shown below
Configuration Manager Secondary Site is installed Secondary Site Information is updated in the System management Container in AD which is shown below
How confirm that Secondary site is working /Primary to secondary communication is fine:
Verify the Log Files to find out weather Secondary site is communicating with primary server properly.
Log files to monitor
ConfigMgrSetup.Log : Located on the root of system drive (Secondary site server )
Sender.log: Located on the Secondary site server installation directory (c:\Program Files\Microsoft Configuration Manager\Logs\Sender. Log) used to track weather the site is sending site information to the primary parent site.
After ensuring there are no communication problems from the above 2 logs, go ahead to check the despoiler.log on the primary site server to ensure it has received the secondary site information and is processing the secondary site information.
Despoole.log: located on the Primary site server (c:\Program Files\Microsoft Configuration Manager\ Logs\Despool.log)
Hman.log: Logs actions related to the hierarchy structure of the sites, located on the primary server (c:\Program Files\Microsoft Configuration Manager\ Logs\HMan.log).
Sitecomp.log: Logs information related to secondary site information publishing to Active Directory along with the primary site information, Located on the primary Site Server (c:\Program Files\Microsoft Configuration Manager\ Logs\SiteComp.log)
With this you are done with Secondary site Server Installation.
Site Status components are at least 51 or more than that are available. And here below of some mentioned may need to come as read / warning in your day to day operations
SMS_LAN_SENDER
SMS_EXECUTIVE
SMS_HIERARCHY_MANAGER
SMS_DISTRIBUTION_MANAGER
SMS_DESPOOLER
SMS_DISCOVERY_DATA_MANAGER
SMS_INBOX_MANAGER
SMS_MP_CONTROL_MANAGER
SMS_MP_FILE_DISPATCH_MANAGER
SMS_INVENTORY_PROCESSOR
SMS_INBOX_MONITOR
SMS_INVENTORY_DATA_LOADER
SMS_DATABASE_NOTIFICATION_MONITOR
SMS_AD_SYSTEM_GROUP_DISCOVERY_AGENT
SMS_AI_KB_MANAGER
SMS_AMT_PROXY_COMPONENT
SMS_SITE_SQL_BACKUP_AUPERPSPSS01
SMS_AD_SECURITY_GROUP_DISCOVERY_AGENT
SMS_AD_SYSTEM_DISCOVERY_AGENT
SMS_COMPONENT_MONITOR
SMS_COMPONENT_STATUS_SUMMARIZER
SMS_CLIENT_CONFIG_MANAGER
SMS_COLLECTION_EVALUATOR
SMS_WSUS_CONFIGURATION_MANAGER
SMS_WSUS_CONTROL_MANAGER
SMS_SOFTWARE_METERING_PROCESSOR
SMS_STATE_SYSTEM
SMS_STATUS_MANAGER
SMS_MP_FILE_DISPATCH_MANAGER
SMS_OUTBOX_MONITOR
SMS_PXE_SERVICE_POINT
SMS_WSUS_SYNC_MANAGER
SMS_COMPONENT_MONITOR
SMS_EXECUTIVE
SMS_SOFTWARE_INVENTORY_PROCESSOR
SMS_OUTBOX_MONITOR
SMS_POLICY_PROVIDER
SMS_REPLICATION_MANAGER
SMS_OBJECT_REPLICATION_MANAGER
SMS_OFFER_MANAGER
SMS_SITE_BACKUP
SMS_SITE_COMPONENT_MANAGER
And out of the regular ones in my case I am seeing these many times in the hierarchy
SMS_LAN_SENDER==================> in the error mentioned site systems are offline or network connectivity problem
SMS_DISTRIBUTION_MANAGER========> Targeted packages are not reached the DP or very frequently updated by some one
SMS_MP_CONTROL_MANAGER==========>
Mpcert http://sccmserverName/sms_mp/.sms_aut?mpcert
MPlist http://sccmserverName/sms_mp/.sms_aut?mplist
For MP function mpcontrol.log file.. You may get 401,403 or 500 errors mostly with IIS & SQL issues. If you see error 200 that means MP working Fine.
Log files location for a server with the sitecode of DC1
SMS_COLLECTION_EVALUATOR========> at this stage we can ignore this error
SMS_WSUS_SYNC_MANAGER===========> Solution: - open the wsyncmgr.log file check for errors and do a more sync if required from below given screenshot
Sample Error:- SMS WSUS Configuration Manager failed to configure proxy settings on WSUS Server "USDC1PSPSS02".
Possible cause: WSUS Server version 3.0 SP1 and above is not installed or cannot be contacted.
Solution: Verify that the WSUS Server version 3.0 SP1 or greater is installed. Verify that the IIS ports configured in SMS are same as those configured on the WSUS IIS website.You can receive failure because proxy is set but proxy name is not specified or proxy server port is invalid.
SMS_OUTBOX_MONITOR============> You need to connect to the Configmgr Service Manager and stop the inbox_monitor component and start it same applies to below one.
SMS_Inboxe_MONITOR=============>
SMS_PXE_SERVICE_POINT===========> Check the WDS Service in Services.msc console if the service is stopped raise a P-4 incident to start the service. MAKE SURE IF THE SERVICE IS IN STARTED STATE AND YOU ARE TRYING TO STOP IT MAY CHANGE THE STATUS TO STOPPING STATUS AND IT NEVER CHANGES IT STATUS TO RUNIING OR STOPPED STATE, AND It will not allow you to even kill the pid The solution is reboot the system (This also happens to SMS executive service also)
