| Site Name | Site 1 | Comments |
| Discovery | What are The OU's Targeted? In AD | Are they missing any in OU's IN AD ?? |
| From AD | In above Ou's Howmany Computers are there? (From AD) | may be a difference in SCCM vs AD |
| in SCCM | Now List howmany in SCCM | may be a difference in SCCM vs AD |
| Run the AD stale Computers Command | Use this link http://configmgr2oo7.blogspot.sg/2010/09/for-finding-90-days-old-computers-in-ad.html | Computers that are not connected in network or not logged on more than 90 means computer not there in network and SCCM treats as Stale and it will not discover |
| Get the difference of computers(AD-StaleAD-in Totall SCCM) | Totall?? | |
| Now get the Totall non SCCM Clients show in your clients report and fix by using below two tools | ||
| Use these script to install the SCCM Client on remote computers | ||
| -remotly install on many systems once by using these scripts | http://configmgr2oo7.blogspot.sg/2009/01/sccm-client-installation-script-batch.html http://sccmcat.codeplex.com/ | USE SCCM Client action tools ..need to configure the .ini file as per your requirement check the blog |
| - Single computer based tool | http://sourceforge.net/projects/smsclictr/ | If it is a one computer use this tool |
| Catagorise the problems lile | Ping Online & offline computers with this script | to get the status of computes use this scrip may be usefull before you start work |
| WMI & Admin$ issues | http://configmgr2oo7.blogspot.sg/2008/11/wmi-connectivity-check.html | WMI & Admin$ is key to deploy clients |
| Once the clinet installation completed check the log | CCMsetup.log,execmgr.log, Clientidmanager.log | check the logs |
| Check all these case's before start working http://configmgr2oo7.blogspot.sg/2010/03/client-troublshooting-checks-check-list.html |
To download the YouTube Play list all videos at a time…
The link to the page where you can download “Free youtube Download”.http://www.dvdvideosoft.com/products/dvd/Free-YouTube-Download.htm is really superb ..
Enjoy
ITIL Exams:
The Information Technology Infrastructure Library™ (ITIL) offers a systematic approach to the delivery of quality IT services. ITIL was developed in the 1980s and 1990s by CCTA (Central Computer and Telecommunications Agency, now the Office of Government Commerce, OGC), under contract to the UK Government.
Since then, ITIL has provided not only a best practice based framework for IT management, but also an approach and philosophy shared by the people who work with it in practice. ITIL has now been updated twice, the first time in 2000-2002 (V2), and the second time in 2007 (V3).
The ITIL Qualification Scheme uses a system that enables an individual to gain credits for each exam they take. Once candidates have accumulated a sufficient number of credits they can be awarded the ITIL Expert in IT Service Management. There are four levels within the scheme:
§ Foundation Level
§ Intermediate Level (Lifecycle Stream and Capability Stream)
§ ITIL Expert
§ ITIL Master
The process is roughly as below:
1. Client powers on
2. NIC initiates PXE process
3. NIC acquires DHCP address
4. NIC contacts PXE server (WDS)
5. PXE server delivers NBP to client
6. NIC TFTPs boot image (from WDS)
4 This can be couple of different ways. If the DHCP request returned options 66 and 67, then the NIC BIOS will directly use the information in these options to contact the PXE server.
If options 66 & 67 are not specified, then the NIC BIOS will send a broadcast request to find a PXE server.
If the PXE server is not on a local subnet, then something needs to forward the broadcast request to the PXE server: iphelpers (there are other possibilities but this is the primary solution to this).
Once the PXE server is contacted, it sends back the info to the client so the client can directly contact the PXE server.
Steps Involved:
Steps Involved:
Stage 1
Stage 2
Stage 3
Const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _
strComputer & "\root\default:StdRegProv")
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server"
strValueName = "fDenyTSConnections"
dwValue = 0
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
In fact we might get more errors if you have the UAC enabled while deploying the Windows 7, You can include one step in the task sequence as run a command line and fill this below in the command line box
“CMD /C REG.EXE ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f”
Note: Not required any options in the options to configure however you can record with a optional Success Code “0 3010”
How to set the Timezone with in one task sequence… like you have more than one location and all these locations has different time zones…
To do this under the task sequence Apply Windows Settings in the options TS Variable is ADSite name equals is “WhateverTheSite” and in the Properties Time Zone choose the time you wanted…
How to set the Timezone with in one task sequence… like you have more than one location and all these locations has different time zones…
To do this under the task sequence Apply Windows Settings in the options TS Variable is ADSite name equals is “WhateverTheSite” and in the Properties Time Zone choose the time you wanted…
We might get when we are looking for only import permissions for a user or Group..
or
even when we setup the permissions at the end of the wizard we may get this error..
Errors
·You do not have security rights to perform this operation.
·ConfigMgr Error Object:
·instance of SMS_ExtendedStatus
·{
· Description = “User \”*************\” does not have permission of the current site to import machines.”;
· ErrorCode = 1112017920;
· File = “e:\\nts_sms_fre\\sms\\siteserver\\sdk_provider\\smsprov\\sspsite.cpp”;
· Line = 766;
· ObjectInfo = “524288″;
· Operation = “ExecMethod”;
· ParameterInfo = “SMS_Site”;
· ProviderName = “WinMgmt”;
· StatusCode = 2147749889;
};
The actual permissions required at SCCM Console level is:
On the top of the Site ==Properties=> Security Tab => Class Security rights and we must choose here read,Import Computer Entry (below screenshot)
We might get when we are looking for only import permissions for a user or Group..
or
even when we setup the permissions at the end of the wizard we may get this error..
Errors
·You do not have security rights to perform this operation.
·ConfigMgr Error Object:
·instance of SMS_ExtendedStatus
·{
· Description = “User \”*************\” does not have permission of the current site to import machines.”;
· ErrorCode = 1112017920;
· File = “e:\\nts_sms_fre\\sms\\siteserver\\sdk_provider\\smsprov\\sspsite.cpp”;
· Line = 766;
· ObjectInfo = “524288″;
· Operation = “ExecMethod”;
· ParameterInfo = “SMS_Site”;
· ProviderName = “WinMgmt”;
· StatusCode = 2147749889;
};
The actual permissions required at SCCM Console level is:
On the top of the Site ==Properties=> Security Tab => Class Security rights and we must choose here read,Import Computer Entry (below screenshot)
Scenario SCCM installed on cm07.test.com & I have a test system with windows XP/7.
I have a User called RBAC and RBAC wanted some permissions on SCCM console.
Steps:-
Install the SCCM console on windows Xp/7
add the RBAC user to SMS Admins Group.
Follow these steps for granting the DCOM rights.
From SCCM Server the Start menu, click Run and type Dcomcnfg.exe.
In Component Services, click Console root, expand Component Services, expand Computers, and then click My Computer. On the Action menu, click Properties.
In the My Computer Properties dialog box, on the COM Security tab, in the Launch and Activation Permissions section, click Edit Limits.
In the Launch Permissions dialog box, click Add.
In the Select User, Computers, or Groups dialog box, in the Enter the object names to select (examples): box, typeSMS Admins and click OK.
In the Permissions for SMS Admins section, select the check box to allow Remote Activation.
Click OK twice, and then close Computer Management.
---for a specific Advertisement status for last 3 Days… if we include the Set @AdvName = '%' line then and remove the above line in red color will show for all advertisements with last 3 days status
-- To include all we need to give % in SQL this is a tip
Declare @AdvName Varchar(256)
Set @AdvName = 'Lync_2010_Full_Install'
---Set @AdvName = '%'
Select adv.AdvertisementName
, adv.AdvertisementID
, s.Host
, LastAcceptanceMessageIDName
, LastAcceptanceStateName
, LastAcceptanceStatusTime
, LastStatusMessageIDName
, LastStateName
, LastStatusTime
, LastExecutionResult
From (
Select AdvertisementName
, AdvertisementID
From dbo.v_AdvertisementInfo
Where AdvertisementName Like @AdvName
) As adv
Join (
Select AdvertisementID
, ResourceID
, LastAcceptanceMessageIDName
, LastAcceptanceStateName
, LastAcceptanceStatusTime
, LastStatusMessageIDName
, LastStateName
, LastStatusTime
, LastExecutionResult
From dbo.v_ClientAdvertisementStatus
Where LastStatusTime >= DateAdd(d,-3,GetDate())
) As cas
On adv.AdvertisementID = cas.AdvertisementID
Join (
Select ResourceID
, Netbios_Name0 As Host
From dbo.v_R_System
Where Client0 = 1
And Active0 = 1
And Obsolete0 = 0
) As s
On cas.ResourceID = s.ResourceID
Order By
AdvertisementName
, Host
select
CS.Name0,
max(AD.AgentTime) as 'Date/Time'
from
dbo.v_AgentDiscoveries ad
JOIN dbo.v_GS_COMPUTER_SYSTEM cs on AD.ResourceID = CS.ResourceId
join dbo.v_FullCollectionMembership FCM on FCM.ResourceID = CS.ResourceId
Where
AgentName = 'Heartbeat Discovery'
and FCM.CollectionID = 'SMS00001'
Group by
CS.Name0
Most of the time some or other application extension would be blocked because of IIS Webdav Settings issue, to stop filtering in IIS Webdav we can change the
setting at the site level, i.e., open inetmgr/ IIS Console and chose the server name and in the right side we need to choose the “WebDav Authoring Rules” and in actions you will see “WebDAV settings” click on the button and you need to configure you Request filtering Behavior as below.
Okey, we may read in the blogs as we need to change in the applicationHost.config file.. if we do above settings it must be appear in the file… okey if you want to see the file how it looks like ……..
<requestFiltering>
<fileExtensions allowUnlisted="true" applyToWebDAV="false">
<add fileExtension=".asa" allowed="true" />
<add fileExtension=".asax" allowed="true" />
<add fileExtension=".ascx" allowed="true" />
<add fileExtension=".master" allowed="true" />
<add fileExtension=".skin" allowed="true" />
<add fileExtension=".browser" allowed="true" />
<add fileExtension=".sitemap" allowed="true" />
<add fileExtension=".config" allowed="true" />
<add fileExtension=".cs" allowed="true" />
<add fileExtension=".csproj" allowed="true" />
<add fileExtension=".vb" allowed="true" />
<add fileExtension=".vbproj" allowed="true" />
<add fileExtension=".webinfo" allowed="true" />
<add fileExtension=".licx" allowed="true" />
<add fileExtension=".resx" allowed="true" />
<add fileExtension=".resources" allowed="true" />
<add fileExtension=".mdb" allowed="true" />
<add fileExtension=".vjsproj" allowed="true" />
<add fileExtension=".java" allowed="true" />
<add fileExtension=".jsl" allowed="true" />
<add fileExtension=".ldb" allowed="true" />
<add fileExtension=".dsdgm" allowed="true" />
<add fileExtension=".ssdgm" allowed="true" />
<add fileExtension=".lsad" allowed="true" />
<add fileExtension=".ssmap" allowed="true" />
<add fileExtension=".cd" allowed="true" />
<add fileExtension=".dsprototype" allowed="true" />
<add fileExtension=".lsaprototype" allowed="true" />
<add fileExtension=".sdm" allowed="true" />
<add fileExtension=".sdmDocument" allowed="true" />
<add fileExtension=".mdf" allowed="true" />
<add fileExtension=".ldf" allowed="true" />
<add fileExtension=".ad" allowed="true" />
<add fileExtension=".dd" allowed="true" />
<add fileExtension=".ldd" allowed="true" />
<add fileExtension=".sd" allowed="true" />
<add fileExtension=".adprototype" allowed="true" />
<add fileExtension=".lddprototype" allowed="true" />
<add fileExtension=".exclude" allowed="true" />
<add fileExtension=".refresh" allowed="true" />
<add fileExtension=".compiled" allowed="true" />
<add fileExtension=".msgx" allowed="true" />
<add fileExtension=".vsdisco" allowed="true" />
<add fileExtension=".exe" allowed="true" />
<add fileExtension=".vbs" allowed="true" />
</fileExtensions>
<verbs allowUnlisted="true" applyToWebDAV="false" />
<hiddenSegments applyToWebDAV="false">
<add segment="web.config" />
<add segment="bin" />
<add segment="App_code" />
<add segment="App_GlobalResources" />
<add segment="App_LocalResources" />
<add segment="App_WebReferences" />
<add segment="App_Data" />
<add segment="App_Browsers" />
</hiddenSegments>
</requestFiltering>
You might get the below error..
The above problem will come When you don’t Have the files in DriveLetter:\RemoteInstall\SMSBoot\
In fact the below article address the issue, However I have approached in different way as just copy the Missing files & folders from other Remote Install Folder and past on the Problem system.
read here more http://smsug.ca/blogs/garth_jones/archive/2008/12/03/how-to-add-ad-data-to-configmgr-reporting.aspx
AD it just another database, just like SQL server is. With that in mind there is nothing stopping you from using SQL to link to AD to give you data about your AD environment!
1) Create Linked Server using SSMS
exec master.dbo.sp_addlinkedserver 'ADSI', 'Active Directory Service Interfaces', 'ADSDSOObject', '<DC Name FQDN>'
2) Modify the security for ADSI using SSMS
exec master.dbo.sp_addlinkedsrvlogin @rmtsrvname = N'ADSI', @locallogin = NULL , @useself = N'False', @rmtuser = N'<Domian>\<User Id>', @rmtpassword = N'<Password>'
3) The hard part is over!
4) Create query to query AD and ConfigMgr
This query will list all PCs within AD that are NOT within ConfigMgr (or SMS)
select
AD.cn as 'PC Name(AD)',
AD.operatingSystem as 'OS (AD)',
AD.operatingSystemServicePack as 'SP (AD)'
from
openquery (ADSI,
'SELECT cn,
operatingSystem,
operatingSystemServicePack
FROM ''LDAP://<DC Name FQDN>''
WHERE objectCategory = ''Computer''') as AD
Where
AD.cn not in (Select name0 from v_GS_Computer_System as CS)
order by
AD.cn,
AD.operatingSystem,
AD.operatingSystemServicePack
This query will give you a count of all OS that are NOT within ConfigMgr (or SMS)
select
AD.operatingSystem as 'OS (AD)',
count(AD.operatingSystem)
from
openquery (ADSI,
'SELECT cn,
operatingSystem,
operatingSystemServicePack
FROM ''LDAP://gartek-dc.gartek.tst''
WHERE objectCategory = ''Computer''') as AD
Where
AD.cn not in (Select name0 from v_GS_Computer_System as CS)
Group by
AD.operatingSystem
order by
AD.operatingSystem
So what does this report look like.
So there you have it.
Failed to send registration request message. Error: 0x80040225
also when you see in the error 3 in ClientIDManagerStartup log
RegTask: Server rejected registration request: 3 ClientIDManagerStartup 26/01/2012 1:07:43 AM 7904 (0x1EE0)
You might also see (not in all cases) in ccmexec.log
System task 'ClientRegistrationStartup' returned error code 0x80040222. CcmExec 26/01/2012 1:10:03 AM 7904 (0x1EE0)
Solution: Remove the Client authentication and SMS certificates Certificates of from Certificates console and request new certificates
Found the error: While deploying 7 with the SCCM 2007 and MDT 2010.
sccm PXE-T00: Unspecified file opening error detected
PXE-E36:Error Received from TFTP server
Solution:This is not related to SCCM / WDS Issue.. it was with Symantec Ghost caused the issue, once the service was stopped the issue is resolved.
Enjoy,
It will again extend your evolution to 180 Days
Sometimes or other we might need to retain the max size of log files for reading/analyzing.
Here are some useful info………… in this regards………….
Client side reference registry
For X86 systems
- HKLM\Software\Microsoft\CCM\Logging\@GLOBAL
For X64 systems
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CCM\Logging\@GLOBAL
The reference key is Log Maxsize
I tried to change manually by regedit how it is showing error as can’t be edited the value..
So I depended on below WMI script
' VBScript to change the Log File Size on a ConfigMgr client
' Change the 500000 to your required size in bytes
Dim newLogMaxSize
Dim sMachine
newLogMaxSize = 500000
sMachine = "."
set oCCMNamespace = GetObject("winmgmts://" & sMachine & "/root/ccm")
Set oInstance = oCCMNamespace.Get("SMS_Client")
set oParams = oInstance.Methods_("SetGlobalLoggingConfiguration").inParameters.SpawnInstance_()
oParams.LogMaxSize = newLogMaxSize
oCCMNamespace.ExecMethod "SMS_Client", "SetGlobalLoggingConfiguration", oParams
' End of script
So Do not change the registry value directly!
The SDK shows the SetGlobalLoggingConfiguration Method in Class SMS_Client
http://msdn.microsoft.com/en-us/library/cc146025.aspx
best ground and space-based telescopes in the world, combined with 3D navigation—all free from your computer.
http://www.worldwidetelescope.org/Home.aspx?qstr=CR_CC=&CR_ID=
You may get above (The program for advertisement "XXXXXXX" has not been run yet ("XXXXXXXX" - "*"). Software Distribution is currently paused on this computer, and it has to be resumed before this program can begin. ) error and your advertisement will never run… because system required a reboot to continue further any installation……
Solution: Reboot the system
Some of Free Packaging tools - From Forum Responses
