Jump to content


Trevor Sullivan

Established Members
  • Posts

    130
  • Joined

  • Last visited

  • Days Won

    8

Everything posted by Trevor Sullivan

  1. You could store the passwords as hashes in a configuration file somewhere. Then, pop up a box asking for the password in the WinPE portion of the task sequence. Hash the password input in the script, and compare it against the hashes in the config file. To make it even better, you could define the task sequences for which each "user" is allowed. So, if they enter a correct password, but don't have the currently running task sequence in their approved list, it prevents the task sequence from proceeding. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  2. Remove the permissions (instance-level) for Department B on the package in question. Another option would be to put a note in the software package that indicates that Department B should not use the package. Also, try not to solve people problems with technology. Cheers, Trevor Sullivan http://twitter.com/pcgeek86 http://trevorsullivan.net
  3. Have you give this method a shot? http://trevorsullivan.net/2009/11/06/wmi-repository-corruption-sccm-client-fix/ Cheers, Trevor Sullivan http://twitter.com/pcgeek86 http://trevorsullivan.net
  4. You can't really advertise a driver package to a system. What you could do, however, is build a standard software package that points to the same location as the driver package, and then advertise a program that runs pnputil.exe -a (adds driver to driver store) or pnputil.exe -a -i (adds driver to driver store and installs the driver). Cheers, Trevor Sullivan http://twitter.com/pcgeek86 http://trevorsullivan.net
  5. I typically will configure the Driver Package source paths using the administrative share, to bypass the stacking of (share + NTFS) permissions. Cheers, Trevor Sullivan http://twitter.com/pcgeek86 http://trevorsullivan.net
  6. You should be able to configure Windows 7 to install print drivers as non-admins. Here's an article that should help you out: http://answers.microsoft.com/en-us/windows/forum/windows_7-hardware/install-network-printers-without-local-admin/b21aa72b-5a7f-485d-999e-f844e7d4a550 Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  7. Hi Peggy, I'm not sure that, that level of detail is logged anywhere in ConfigMgr. You can subscribe for change events using the ConfigMgr WMI provider, but you still probably won't be able to know exactly who made the change. Here is a PowerShell module that will help you subscribe for and respond to WMI events, such as ConfigMgr collection change events. http://powerevents.codeplex.com Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  8. Hello, Here is one collection query that may be helpful to you: This query will return all system resources that have not returned a hardware inventory to the server in more than 30 days. Hope this helps. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  9. Hello there, Dell has been known to hide command line switches before, in particular for BIOS / firmware updates. Have you at least tried using -q or -s? Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  10. Hi Stuart, It's hard to say if those settings will cause problems in the future — there are too many variables to make that determination. Another good, free packet sniffer is Wireshark, which you can obtain here: http://ww.wireshark.org Network Monitor 3.1 is great though.
  11. Hello, You can safely ignore the message about the "supported embedded platform" -- this shows up no matter what, unless it actually is a supported embedded platform. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  12. Hello there, Are you using WDS with System Center Configuration Manager, or stand-alone? Check out this Microsoft KB article on how to enable logging in WDS: http://support.microsoft.com/kb/936625 Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  13. I think you've already achieved that by configuring the settings that you put in place earlier. If that didn't help enough, you can either restrict it further, or look into a 3rd party product like Adaptiva OneSite. OneSite gives you a significant advantage over native ConfigMgr functionality, to help control bandwidth, although it's not necessary in all situations either. If you want to e-mail me (pcgeek86@gmail.com), I can put you in touch with someone that has more information. It's a paid product, but it might be what you're looking for. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  14. So what exactly is your question? Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  15. Hello, See if this post helps: http://social.technet.microsoft.com/Forums/en-US/configmgribcm/thread/41e608ba-8f8c-407d-88a3-41875b6dfd08/ Sorry, I don't have any personal experience with this, and therefore cannot offer anecdotal advice. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  16. Are you running the program under the user's credentials or Local System? Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  17. It's a little complicated, but you can make programs interactive when they're running -- there are numerous articles out there on how to do this: http://www.codeproje...veOSDTasks.aspx http://blogs.technet...tup-wizard.aspx To answer the other part of your question, you can have an application detect if is part of a task sequence or not by detecting the existence of tsmanager.exe perhaps? Yeah, I know that's not exactly reliable, but it might work for the time being. Hope this helps. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  18. Yes, you'll most likely want to set up your distribution points as protected distribution points. This will avoid the situation where a client might somehow contact a distribution point across two of your T1 links. I'm a bit unclear as to your configuration, but it sounds like you have 6 child primary sites. Is that correct? If so, then yes, you'll want to set up the discovery of client systems on each of the child primary sites. Why? Because discovery data flows upwards, not downwards. Check this article for more information: http://technet.micro...y/bb633276.aspx -------------------------------------------------------------- By the way, on a side note, I'd encourage you to re-evaluate whether or not you really need primary sites located at each of the remote sites. That will complicate / slow SCCM administration, SCCM backups, SCCM database access, SCCM provider scripting, and so on. Depending on how many clients you have at those sites, you might be better off simply putting secondary sites out there, or even just distribution points. Hope this helps. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  19. You actually don't even need a Network Access Account configured, unless you are doing OSD, or unless you have workgroup clients. Domain systems will use their AD computer accounts to retrieve content from distribution points. Hope this helps. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  20. How about just wiping out the icons from %SYSTEMDRIVE%\Users\Public\Desktop? Those are probably the ones that they cannot delete. Hope this helps. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  21. Removing the Software Update Point (SUP) role, uninstalling WSUS, re-installing WSUS, and re-installing the SUP might work. Hope this helps. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  22. Yeah, it really "depends" ... for more control over the entire process (selecting updates, scheduling, content distribution, etc.), you need to use SCCM. Hope this helps. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  23. It looks like your SCCM primary site might be having trouble communicating with Active Directory. Even though you did not extend the Active Directory schema, it looks like someone has enabled the Active Directory system discovery, and it is failing. Perhaps the container (organizational unit) which is configured in the system discovery is no longer existent? That's how I'd interpret the "failed to bind to container." The second message you posted is informational, and is not an error. Hope this helps. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  24. Have you looked at the wuahandler.log on the client? This may provide some insight into the cause of the behavior you're seeing. Hope this helps. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
  25. Hello, You'd probably want to have a wrapper script that waits (up to a limited period of time, not perpetually) for the GUI process to exit, and then proceed with the installation. Although that is the traditional method, you can also register for WMI events using Windows PowerShell, and immediately begin the installation after the process has exited. The WMI query you would use to subscribe for such events would look like this (against the root\cimv2 WMI namespace): select * from __InstanceDeletionEvent within 10 where TargetInstance ISA 'Win32_Process' and TargetInstance.Name = 'sapgui.exe' Of course, you'll need to replace 'sapgui.exe' with whatever the actual process name is, but you get the idea. To use this practically in PowerShell, you would use the Register-WmiEvent cmdlet, along with the -Query, -Namespace, and -Action parameters. The value passed to the -Action parameter would be a PowerShell ScriptBlock that could fire off your setup program, along with any other tasks. You may want to insert a final check for any remaining instances of 'sapgui.exe' in the event that there were multiple processes with the same name (though I've left this out of the example below). $ActionBlock = { setup.exe /s; } Register-WmiEvent -Namespace root\cimv2 -Query "select * from __InstanceDeletionEvent within 10 where TargetInstance ISA 'Win32_Process' and TargetInstance.Name = 'sapgui.exe'" -Action $ActionBlock Hope this helps. Cheers, Trevor Sullivan http://trevorsullivan.net http://twitter.com/pcgeek86
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.