Jump to content


Dietmar

Established Members
  • Posts

    23
  • Joined

  • Last visited

  • Days Won

    3

Dietmar last won the day on March 9 2021

Dietmar had the most liked content!

About Dietmar

  • Birthday 08/12/1976

Contact Methods

  • Website URL
    https://www.einfaches-netzwerk.at/

Profile Information

  • Gender
    Male
  • Location
    Linz, AUT

Dietmar's Achievements

Newbie

Newbie (1/14)

4

Reputation

  1. I can definitely confirm that this guide works. In truth, there aren't many alternative ways to install this, just a few. But it would be practically the same with hopefully the same result. Do not install the PKI on DC and for simlpe deplyoments forget the OID and use the standard one.
  2. I hope it's ok if I answer my question on my own for all who read this post. On friday I registered on IANA a private enterprise number (pen). You can do this here: https://pen.iana.org/pen/PenApplication.page It's absolutly for free. I received my number for "Einfaches Netzwerk" a few hours later via e-mail. After a day or so you can find your number on a really hugh list here: https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers. Mine looks like this Now I am able to build my own OID with the prefix: iso.org.dod.internet.private.enterprise (1.3.6.1.4.1) > 1.3.6.1.4.1.52765 (the prefix is listed on the site above on the top). Behind this OID you can add additional nubmers according to your certification policy statement (cps.txt). For example: 1.3.6.1.4.1.52765.1.1 > Client certificates 1.3.6.1.4.1.52765.1.2 > Server certificates 1.3.6.1.4.1.52765.1.3 > EFS and so on. You can find a cps template here: https://www.globalsign.com/en/repository/TrustedRoot Template CPS.pdf You only need a public OID if your organization plans with other organzations to use PKI-enabled applications. It this case you need an OID which is unique on the internet. ...Dietmar
  3. Hi! Great work! However, I have two questions: The OID thing: why or for what reason is this necessary? I never heard before. What if I use the standard OID? What is the cps.txt file for? What's the content of this file? I read all of your instructions twice but this file only appears here. Can you explain this in a little more detail, please! Thank you very much! ...Dietmar
  4. Hi! This is a very good idea! I love it! Thanks! I hate the driver repository integrated with ConfigMgr out-of-box. For this winroot thing: In "Patition Disk" step you can set OSDisk. For dism use dism.exe /Image:%OSDisk%\ /Add-Driver /Driver:.\ /Recurse What I cound'nt find: What means success code 2 50? Can you explain? Thanks!
  5. Hallo! Thanks for your solution! Now it works. I set the checkbox for installing IIS on remote machine. I didn't know that this do not work on windows 7. Thank you very much. This is a very important feature in our company!
  6. I can see no errors. Nothing happens on the Windows 7 machine. No special logs, no folders, nothing. Strange. We know about branch cache but we also want to use distribution points.
  7. Yes, I know. However, the Distribution Point can be on a Windows 7 machine. But I cannot get this working.
  8. Hi! Yesterday I tried to create a distribution point on a Windows 7 Enterprise SP1 x86 machine because on SCCM 2007 we have about 110 small locations with a BDP. So we need this feature in 2012, too. I clicked through the wizard to add a new site system but on the Windows 7 machine nothing happens. The client is already installed and everything else works fine. I configured the site server and network access account as domain admin. The client push installation also works fine. What's wrong? On the Technet Library for SCCM 2012 I could'nt find any solution. Did anyone (or anyweb :-) tried this and got this working? Has the DP machine to have a x64 architecture? Thanks for help.
  9. Your step-by-step instructions are still the best on web! Thanks for that! Everything is working perfectly! Now I am waiting for RTM ;-)
  10. To wipe the disk everytime just add these lines into winbom.ini: [Factory] WinBOMType=WinPE Reseal=No [WinPE] Quiet=Yes Restart=No [PnPDriverUpdate] [PnPDrivers] [NetCards] [updateInis] [FactoryRunOnce] [branding] [AppPreInstall] [DiskConfig] Disk1 = Disk1.Config [Disk1.Config] WipeDisk = Yes Size1 = * PartitionType1 = Primary FileSystem1 = NTFS QuickFormat1 = Yes SetActive1 = Yes
  11. Hi! Sorry for late answer. No ALLUSERS=1 did no difference. I still have the same problem. If I install with a "run as" action in task sequence only the "%_SMSTSMachineName\Administrator" works. In technet forum I got the tip to only use "Administrator" without domain but this do not work. "Install Application" action in TS do not apply the settings in .mst file. I evertime have to click "repair" in ARP to apply settings in mst. Once more: On Windows 7 it's the same with Office 2003. Our management still do not want to pay the licenses for a newer office version for 6000 clients.
  12. OK. Thanks for patience. I think now I am able to create a working solution.
  13. Is an obsolete machine also a known machine?
  14. Not all unknown computers will be Windows 7 ready computers because our hardware team repairs broken machines and give them back into the hardware pool. So it's possible that an older PC will be installed. We use active directory group membership of machines for membership of SCCM collections to deploy the software to the users PC. Because of this our support members delete the active directory computer object if it's broken and have to be changed. I think this machine is now an unknown machine to SCCM. Isn't it?
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.