BzowK

Thanks guys - Good idea about the OU -> collection thing. Was playing with scenario again this morning and don't think what I had before will work exactly. The goal I had was to be able to use a simple PowerShell script which wouldn't require editing and pull all variables from the TS so that only the TS needed to be configured. Below are some examples of the environment plus what I'm trying to do as Niall requested... What I'm Trying to Do Create task sequence for application install which requires different source files to be copied to local system based on its common site name. The common site name isn't defined in a common area that I can locate, but is listed as one of the OUs in each system's DN. The current install only has files to copy for 6 different sites and future ones wouldn't be many more - but we have almost 1,000 OUs in our domain and probably 150 - 200 different "common names." (explained below) 5 Examples of DNs As you can see, there is no common formatting of OU structure CN=HOSTNAME1,OU=MainGround,OU=Workstations,OU=AMC,OU=Oklahoma,OU=Markets,DC=domain,DC=abc,DC=com CN=HOSTNAME2,OU=DiabetesMgt,OU=UPCBell2,OU=Workstations,OU=Clinics,OU=Oklahoma,OU=Markets,DC=domain,DC=abc,DC=com CN=HOSTNAME3,OU=Workstations,OU=TSSH,OU=New Mexico,OU=Markets,DC=domain,DC=abc,DC=com CN=HOSTNAME4,OU=Workstations,OU=WHCFloorG,OU=HMC,OU=Oklahoma,OU=Markets,DC=domain,DC=abc,DC=com CN=HOSTNAME5,OU=NMAlturaFloor1,OU=Workstations,OU=Altura,OU=New Mexico,OU=Markets,DC=domain,DC=abc,DC=com Common Site Names from Above List I searched the registry for a common location for these names, but no go except for fact they were included somewhere in each system's DN AMC Clinics TSSH HMC Altura TS Idea I Considered Initially A task sequence which did the following (only using 3 of the above to keep short): Type: Set Task Sequence Variable / TSVariable = AMC TSValue = blank Type: Set Task Sequence Variable / TSVariable = Clinics TSValue = blank Type: Set Task Sequence Variable / TSVariable = TSSH TSValue = blank Type: Run PS Script / Pkg with PS1 in root selected / Script Name: SearchDNforKeyword.ps1 (Exact script from original post) Type: Run Command Line / xcopy folder1\*.* c:\folder / Condition: AMC = $true Type: Run Command Line / xcopy folder2\*.* c:\folder / Condition: Clinics = $true Type: Run Command Line / xcopy folder3\*.* c:\folder / Condition: TSSH = $true What I discovered after creating a test TS is that I wrote it to pull one specific variable from the TS yet must define multiple ones. This means I'd either have to write (and constantly update) a script that contains all common names. Given the fact we have almost 1,000 OUs, this wouldn't be fun. It would be compatible with future usage, but blows away the simplicity I was looking for. So... any thoughts? Thanks again for your help and suggestions!

Hey Guys / Niall - So I've got a bit of a challenge deploying some legacy apps right now. The installation process for many of these applications requires that files manually be copied to to local paths on the PC or certain registry settings added based on the location of the system. Easy to do with TS conditions, but finding a common variable between each of the locations is difficult. The locations they define are based on systems in specific OUs, but the OU formatting is different at each site (name of OU they give me could be at 3rd, 4th, or 5th level). I want a universal solution that I can use for all and all pretty much define different steps by the name of the OU the system is in. Below is what I came up with and have been trying to put together, but haven't had much luck - especially since my PowerShell isn't that great. The solution I came up with was to add the following in task sequences that needed it: Define TS variable for each name of OUs (which required different TS steps to be run) Per TS variable set above, run PowerShell script to grab system's DN then keyword search it for the TS variable's name If TS variable was found in DN string, set variable's value to TRUE else FALSE Create TS steps that copy the files as needed per site then set condition on it to run only if that site's TS variable had a TRUE value As for the PowerShell portion of this, below is what I have so far with comments per line... #Defines SCCM TS Variable Environment? $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment #Reads variable from Task Sequence $v = $tsenv.Value("Site") #Grabs system's DN from Registry $dn = (Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine") | Select-Object -ExpandProperty distinguished-name #Searches DN string for TS Variable no matter case and sets it to $d (TRUE or FALSE) $d = $dn.ToLower().Contains($v.ToLower()) #Sets the original TS Variable "Site" to TRUE or FALSE $tsenv.Value("Site") = $d So far, no luck. So - is what I'm doing even possible? If so, what am I missing - or - any idea for a better way to go about this, perhaps? I tried to thing of something WMI-based, but couldn't Any ideas?

Good Morning Guys / Niall - I need help with an important issue, please. Our domain currently has numerous AD Groups for both devices and users. Our SCCM environment (2012 R2 SP1 CU3) has discovery set to add all of them and the default user collection "All User Groups" has 6,396 members from which I may search and locate individual groups. However - when adding a query to add a user group to a User Collection (or group with systems to a Device collection); none of the members are added to the collection. Below is the statement used which I typed in to directly specify the group: select SMS_R_USER.ResourceID,SMS_R_USER.ResourceType,SMS_R_USER.Name,SMS_R_USER.UniqueUserName,SMS_R_USER.WindowsNTDomain from SMS_R_User where SMS_R_User.UserGroupName = "company\\ABQ-Techs" If I choose to build the query via wizard, choose User Resource, User Group Name, then click Value (which should list all User Groups), only about 10 are listed - perhaps less than a percent of the ones we have. The same applies to Device Collections as when I try to create a query to include devices in a collection and click Value after setting "Security Group Name" or "System Group Name", I get just a handful of items to pick from. I found that this post describes the exact same issue, but there's no resolution listed despite many seemingly having the issue. All discovery properties are basically at defaults and logs don't seem to show any errors. I just ran a full discovery then edited a copy of the log to include only events during the process plus change sensitive info which is attached. Any suggestions? Thanks!

Hey Guys / Niall - I recently wrote and compiled a script which when executed on a workstation, will write a few registry strings to a custom key within the registry. The goal of this script is to inventory this data using SCCM. I think the issue I'm having is that by design, the script writes these values into a key which is named after the currently logged in user therefore is dynamic per system. I've tried using RegKeytoMOF and have looked at many pages like this one for how to add classes to inventory by editing MOF files, but haven't had luck. When using RegKeytoMOF and selecting the key named after the username, the MOF files it creates seem to populate correctly as I can clearly see each string within defined. I cannot use this as the key would be different per system so would assume I need to select the parent key. However, when I select the parent key of "ProfileInfo", the generated MOF files do not contain any settings nor mention "ProfileInfo." So - how do I go about doing this? Is the below correct? Thank you! Example of What I'm Trying to Inventory All Strings within: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Company\ProfileInfo\gwashington DocumentsSize = 100 DesktopSize = 50 MyProfile = 800 FavoritesSize = 0 AllProfilesSize = 1200 "HKLM\SOFTWARE\Wow6432Node\Company\ProfileInfo" would be the same on all PCs, but the key "gwashington" shown above is named after the logged in user so would be dynamic / different per system. All strings would be named the same within the user's key, but would obviously have different values per PC. RegKeytoMOF Output When "gwashington" Key Selected ClassGroup & ClassName set to "ProfileInfo" // RegKeyToMOF by Mark Cochrane (tribute to Skissinger & Steverac) // this section tells the inventory agent what to collect #pragma namespace ("\\\\.\\root\\cimv2") #pragma deleteclass("ProfileInfo", NOFAIL) [DYNPROPS] Class ProfileInfo { [key] string KeyName; String MyDocuments; String Desktop; String Favorites; String AppData; String MyProfile; String AllProfiles; String MyNetworkShare; }; [DYNPROPS] Instance of ProfileInfo { keyname="RegKeyToMOF[MarkCochrane]"; [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Company\\ProfileInfo\\gwashington|MyDocuments"),Dynamic,Provider("RegPropProv")] MyDocuments; [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Company\\ProfileInfo\\gwashington|Desktop"),Dynamic,Provider("RegPropProv")] Desktop; [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Company\\ProfileInfo\\gwashington|Favorites"),Dynamic,Provider("RegPropProv")] Favorites; [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Company\\ProfileInfo\\gwashington|AppData"),Dynamic,Provider("RegPropProv")] AppData; [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Company\\ProfileInfo\\gwashington|MyProfile"),Dynamic,Provider("RegPropProv")] MyProfile; [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Company\\ProfileInfo\\gwashington|AllProfiles"),Dynamic,Provider("RegPropProv")] AllProfiles; [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Company\\ProfileInfo\\gwashington|MyNetworkShare"),Dynamic,Provider("RegPropProv")] MyNetworkShare; }; RegKeytoMOF Output When "ProfileInfo" (Parent) Key Selected ClassGroup & ClassName set to "ProfileInfo" // RegKeyToMOF by Mark Cochrane (tribute to Skissinger & Steverac) // this section tells the inventory agent what to collect #pragma namespace ("\\\\.\\root\\cimv2") #pragma deleteclass("ProfileInfo", NOFAIL) [DYNPROPS] Class ProfileInfo { [key] string KeyName; }; [DYNPROPS] Instance of ProfileInfo { keyname="RegKeyToMOF[MarkCochrane]"; }; Thanks!

Hey Guys - Any suggestions on this? I'm at a loss, but must find a solution. I considered repacking everything as Packages, but not only would that take forever, it would be working backwards! I re-ran the TS again today on a VM with the same results. Once done, I loaded all logs in CCM\Logs within Support Center so that everything would be slipstreamed. I found one of the apps which is being installed from an "Install Application" step (not a UDI selection) which was "PowerPoint Viewer" which is pretty straightforward. Attached is this custom log which shows lines from all log files during the installation of this one app. The issues reported are the same that all other applications are experiencing. Below is a list of all errors & warnings within this log. AppInstallFailure.log Errors GetLocationSyncEx failed with error 0x80040154 ContentAccess Failed to send Location Request Message CheckLocations failed. Error = 0x87d00607 State transition to (Failure), Param(-2016410105) : CTaskConsumer(ScopeId_.../DeploymentType_ Failed to get the display name of the CI. Status messages will be based on the CI ID. (x2 times) Conformant Rule:..._Configuration_PolicyDocument not found (x2 times) Failed to create Location Request Message body ContentAccess Unable to get locations, no need to continue with download Error obtaining message hook object 'zlib-compress'. Code 0x80040154 No location available : CTaskConsumer(ScopeId_...) Job({4E257A6F-1009-4C11-9BC7-F14566E5C70C}): Handling dependency failure : Task(ScopeId_...) NotifyProgress received: 24 (Application download failed ) Execution status received: 24 (Application download failed ) App install failed. Install application action failed: 'Office PowerPoint Viewer'. Error Code 0x80004005 Warnings No ConfigPoints found for rule:System Center Configuration Manager.ScopeId_... (many times) ...No mandatory Enforce tasks. No actions will be performed. (x2 times) CCIInfo::SetError - Setting CI level error to (0x87d00607). Remove failed. Error 0x80041002 : CITask(ScopeId_...) As you can see, it seems to be that the client cannot download the content for whatever reason. It is distributed and shouldn't even let me start the TS unless it was. Any ideas? I'm still trying to look some of this up but so far, no luck Thanks!

Thanks for the reply - I've got to get this working today if at all possible so appreciate the help! Attached is a screenshot I compiled of my current TS. Due to time constrants, much of it it basically MDT's default client UDI TS. A few notes are also below... Notes Please remember, it's not just that UDI selected applications are not installing but NO applications are installing including ones hard-coded in TS Upon TS completion, all drivers are successfully installed - Testing in a Hyper-V VM COALESCEDAPPS & PACKAGES variable steps are labeled as such The Two steps under the "Install Applications" group are "Install Application" steps which have no conditions - None of these install The two Citrix Registry steps below the two above are "Install Package" steps which are successful upon TS completion The "Install HPP" group is successful The "Convert list to two digits" step executes the below string cscript.exe "%deployroot%\scripts\ZTICoalesce.wsf" /CoalescePattern:Applications /CoalesceTarget:CoalescedApps /CoalesceDigits:2 OSD UDI Task Sequence PS: Drivers for additional models will be added later if wondering Thanks guys!

Thanks for the replies, guys... ZeZe: I double checked the step for "Set Variable for Drive Letter" prior to my partition step and it is set to "false". My fault if i noted otherwise. Also, yes - I did deploy all applications to a single collection without members and they are showing up in UDI just fine. The problem isn't just with ones selected during OSD, though - it's Applications also within the task sequence from "Install Application" steps. Niall: Hey! The log files should be attached to the initial post in Logs.zip. It's basically a copy of everything from C:\Windows\CCM\Logs after being generalized. I would be happy to provide additinoal logs if desired. One more update - After posting here, I did a bit more research and saw that some had this issue for Applications and they were able to resolve it by setting the option within each of the apps to download and install locally. I tried doing this to a couple of the apps (from UDI selection and hard coded in a TS step) but it still didn't install any Applications. That was yesterday afternoon. This morning, I was using the same VM to test something different and was able to successfully deploy an Application (not one of the ones attempted during OSD) to it - still, though - none of the Applications from the TS or selected during UDI have yet to install. Very strange. What do you think? Thanks for your help!!!

Hey Guys / Niall - I'm currently using a fairly recent build of SCCM 2012 R2 SP1 CU3 which has MDT 2013 Update 2 installed. The task I'm working on now is creating an OSD Task Sequence which includes a UDI Wizard created using MDT. Currently, I am able to apply the task sequence to a system and have it complete without error - however - there are a couple of things which are not correct that I'm trying to figure out. I figured I'd post each to get opinions from others. Issue #1 - No Applications Installed (TS or UDI) Despite being added as a step to the TS or selected in the UDI Wizard, any/all Applications do not install. Packages which are listed in TS right after the Applications install just fine. Below is how I have my "Install Application" steps configured in the TS in order: Install Applications Group (No conditions) x2 Install Application step listing 5 apps. No conditions / not set to continue on error x3 Install Program steps (which work) "Convert list to two digits" step which runs "cscript.exe "%deployroot%\scripts\ZTICoalesce.wsf" /CoalescePattern:Applications /CoalesceTarget:CoalescedApps /CoalesceDigits:2" Install Application step which installs all with base variable name "COALESCEDAPPS" Install Package step which installs all with base variable name "PACKAGES" (don't have any packages configured in UDI - only apps) All apps listed are known to install successfully and log files shows them parsing, but never attempting installation. In fact, an AppEnforce.log file doesn't even exist once the build completes! Issue #2 - Reserved Partition Assigned Drive Letter Even Though Set Not To Do So This one isn't as big, but the 350mb System Reserved partition is assigned the drive letter D:. I went back and checked inside of the TS (and know I'm looking at correct step due to how partitions are named) and the partition has the option checked to not assign a drive letter. Below is how that step is configured: Format and Partition Disk (Conditions SMSTSMediaType not equal OEMMedia & SMSTSBootUEFI not equals true) Volumes System Reserved: Primary / 350mb fixed size / Make bootable / Do not assign drive letter / NTFS / Quick format Local Disk: Primary / 99% of disk / not bootable / assign drive letter / NTFS / Quick Format / Variable: OSDisk Windows: Recovery / 1% of disk / All options greyed out I'm not dead set on having the volumes configured this way - just basically need the OS to install to C:, have it be the only with a drive letter, and have it take up the most disk space - that's it. I'm collecting log files from a build this morning right now and can post them after generalizing them. Any suggestions? Thanks UPDATE I generalized, compressed, and have attached all log files from C:\Windows\CCM of build with these issues I ran this morning. Logs.zip Thanks!

Good Afternoon Guys / Niall - I recently rebuild our SCCM environment and it is currently at 2012 R2 SP1 CU3. The design (which I didn't create) called for the WSUS server to be a separate server. When I deploy the SUP role to it and schedule an initial sync, it does not work. Below are some environment details, errors / logs, and what I've tried so far. Environment Details SCCM 2012 R2 SP1 CU3 x5 Separate Site Servers: Primary, x2 Secondaries (off-site), Database, & WSUS All Site Servers run Windows Server 2012 R2 Database: SQL 2014 WSUS uses it's own SQL instance - not WID All site servers have full control of Systems Management Container All Site Servers are in a single security group which are set as local admins on each server Errors / Logs After deploying the SUP role, I get the following in wsyncmgr.log and WCM.log SCCM Console Status Messages WSUS Configuration Manager failed to configure upstream server settings on WSUS Server "PrimaryFQDN". WSUS Configuration Manager will not be able to configure WSUS Server "PrimaryFQDN" as the WSUS Server remoting API's of version 3.0 SP2 or greater are not installed on this site server.Solution: WSUS Server configuration on the WSUS Site System requires WSUS Server remoting API of version 3.0 SP2 or greater to be installed on the site server. To install the remoting API for version 3.0 SP2 run "WSUSSetup.exe console_install=1" on the site server or refer to the documentation. wsyncmgr.log WCM.log What I've Tried to Resolve Uninstalling SUP role, had new DB instance created, and returned WSUS server back to snapshot taken after it was initially built. Reinstalled all from beginning. (Tried this a few times) No go Verified that credentials were all correct Verified that I could visit http://wsusserver:8530- I could and received blank page - no error, though Tried installing pre-reqs manually (.NET 3.5, .Net 4.5, & IIS with default features) Heard that even though remote WSUS server, should have WSUS console / services installed on Primary, too. Never heard of that, but then again never used a remote SUP server. Trying that now. Any suggestions? Thanks!

Hey Guys - I guess no one's been able to assist so far, but I'm still having the issue. After working on it throughout the day, I wanted to submit new information I've discovered in hopes of getting assistance.... Currently, when deploying the client from the console; ~100% of the systems install the client but about 50% of them assign the correct site / site code I found a ChangeSiteCode VB script which I edited with our site, copied to a few systems which had the client but didn't correctly assign, and ran it with psexec. 100% of the time, it worked and the systems started working correctly Strangely, whenever I execute the script described above, the system removes itself from the collection it was a member of. The collection has no queries - only direct rules. Not issue, but perhaps a clue Via ADSI, I connected to and verified that our schema is extended and that all values are present. None are specific to a site, seemingly The old primary still exists but is off the network. Previously, I had disabled options for publishing to AD. I reconnected it's NIC today, removed all boundaries and boundary groups, then uninstalled secondary sites before taking it back offline again about an hour later I've tried a couple of different things, but currently the parameters I'm using for client installation in the console are "SMSSITECODE=NEW SMSMP:NEWPRIMARY.corporate.abc.com DNSSUFFIX:corporate.abc.com SMSSLP:NEWPRIMARY.corporate.abc.com Fixed-LocationServices.log This log file is from a system which installed the client, then tried to connect to the old site. At 2:51:03pm, I ran the change site VB script which assigned it to the correct site. I changed the hostnames to "OLDPRIMARY" and "NEWPRIMARY" plus the old site code is "OLD" and new site code is "NEW" so you can easily distinguish between the them. That's most if not all of it. In a rush to resolve as I only have installed 40 out of 13,000+ clients. Any suggestions as to why it's trying to go to the old site are more than welcome. Thanks!!!!

Hey Guys / Niall - I wanted to make this post as even though still researching, it hasn't been going that well... I recently installed SCCM 2012 R2 (which I updated to SP1 CU3) in an environment which recently had SCCM 1511 installed and no longer used and I hear SCCM 2007 in the past. When deploying clients from the console, only about 30% of them are responding as actually being installed. When I look at logs, I see that the client installs correctly on all, but Location Services shows the below errors: After research, I tried sending "ccmsetup RESETKEYINFORMATION=TRUE" to a couple of the systems, but no change. I also looked in AD and the schema is extended and the System Management container contains records for the Primary and both Secondaries. Instead of the default of SMSSITECODE in the the Client Installation properties, I tried adding SMSMP and DNSSUFFIX but client it seems to not have helped. We are running an HTTP site - not HTTPS so don't know how or why certs would be affected, but perhaps one was run once in the past. One more note, prior to client deployment, I found out about 3,000 of the 13,000 systems already had a previous version of some type of client installed (they were running ccmexec.exe.) Therefore, using the legacy deployment system had them deploy ccmclean on each of them. I do not know if the clients which are affected are ones that previously had a version of the client installed or not. If anyone has any suggestions, I'd appreciate them - Thanks! UPDATE I just saw at the top of that log that it's "Assigning to site" of the old 1511 site code and finds a DNS record for the old 1511 Primary server. Could this just be due to DNS? Before installing, the Systems management container was empty. I just looked again and it still contains not reference to the old site. How is this happening and (besides the DNS entry) what do I need to delete? THanks!

Hey Guys / Niall - I'm wrapping up a complete rebuild of the production environment's SCCM. So far, I've installed SCCM 2012 R2, applied SP1, then applied CU3. Recently, I installed MDT 2013 Update 2 then ran the ConfigMgr Integration as Administrator. I'm trying to create the base MDT Packages, but am getting errors! When trying to create a new MDT Boot Image, I perform the following steps: Right click Boot image and choose to create a new MDT boot image Enter the (empty) source path for the boot image Enter the desired name and version Select x64 and 128mb On the next page (Components) get the error message "The path is not of a legal form" The components page behind it is empty (doesn't list any of the components). Clicking OK simply dismisses the error window and leaves me at the blank Components page. If i click OK on it, I get the error "Object reference not set to an instance of an object" so must cancel out of it. As I initially installed MDT to D: (keeping the rest of the default path the same), I removed the ConfigMgr integration, uninstalled MDT, reinstalled MDT to the default path on C:, reintegrated, and tried again - got the same error. Google only has a couple of things about it - one being from Niall - saying basically to make sure everything is launched as admin. It is, but still no go. Any suggestions? Thanks!

Hey Guys / Niall - I recently started at a company which started the installation of Configuration Manager 1511 about a month prior to my arrival. I was brought in in part due to my prior experience with SCCM and to assist getting many parts of it up and running. The Story Recently, during initial client deployment; they found out that .NET 4.5.2 was the minimal .NET Framework version for the 1511 client. Unfortunately, there are many key applications used by the ~10,000 staff which are incompatible with .NET. I put a "fix" together which seemed to work for most that basically enabled .NET's legacy mode, but to test it the proper way would take a long time and important deployments plus other tasks are lining up daily. After much discussion, it was decided to test deployment of the latest "legacy" SCCM client to the environment instead of the 1511 version - at least for a month or two. The reason is mostly due to it's pre-requisite not being .NET 4.5.x mostly. Even though 1511's latest features may not work, I got word from Microsoft that everything else would work fine. Yes, I understand that this may not be the first choice of many and wasn't for me, either; until I thought of the times in the past when a primary was upgraded and some clients which never were still worked as desired. What Has Been Tried I didn't plan on replacing the actual client installation files on the Primary, but deploying using a different method therefore grabbed the files from a 2012 R2 ISO, placed them in a share, create ClientPatch folders, added the latest MSPs, and started testing. I then attempted installation on a couple of VMs which had an OEM installation of Windows 7 x64 Pro (what we use), pointing to the source I created, and using a few strings similar to the below: "ccmsetup.exe" /source:"\\server\2012R2Client\CLIENT" /mp:PrimaryNetBIOS SMSSITECODE=ABC SMSCONFIGSOURCE=P Note: The path listed as the source above was to the root folder with ccmsetup.exe, the i386 folder, and x64 folder in it... The Issue No matter what string I tried, ccmsetup.log kept showing that the installation would download and use the Client source from the Primary. Once I looked more closely at the log, I saw why (I think.) Seemingly, the client is checking the manifest stored in AD as is seeing that the client I'm trying to install doesn't meet the minimum version requirement therfore is downloading it despite my string configurations. Below are a few lines showing what I'm talking about... CcmSetup version: 5.0.7958.1000 Checking if manifest version '5.00.8325.1000' is newer than the ccmsetup version '5.0.7958.1000' Downloaded manifest from the source and its newer than the running ccmsetup. Will download ccmsetup from source as well. Here's the full log file if interested... ccmsetup.log So - assuming this is correct, is there a workaround that I may use to get around this? Any suggestions are appreciated - Thanks!

Good Morning All / Niall - I'm setting up a Windows 7 x64 Pro OSD TS in a new 1511 environment and am stuck on something. I'm set up numerous OSD TS's before, but this is my first with 1511. Everything goes well until it gets to the step where the client is installed & configured where it stays there for probably 10-15 minutes. Eventually, it reboots then goes to the next step which still shows a message about the client on the 2nd progress bar then fails. When I log into Windows (after it reboots from the failure), the domain is joined and I may log in with domain credentials. I launch the SCCM Client properties in Control Panel and see that there's no site selected nor client certificate. I did find that if I manually enter the site code into the client under the "Site" tab, it immediately finds the site and connects to it. What I've Tried / Examined I've tried a few different things - all with the same results - including building a new client package from scratch using the steps in Niall's famous guides, and using in the task sequence; using the SMSMP string in the client properties of the TS, and examining log files. Even though I see a couple of errors in the ccmsetup.log, the client seems to physically installs fine and exits with code 0. When looking at LocationServices.log, I see a few things, though: In case the screenshot doesn't come through... Failed to resolve 'SMS_SLP' from WINS Unable to find lookup MP(s) in Registry, AD, DNS and WINS LSIsSiteCompatible : Failed to get Site Version from all directories Client is not assigned to a site. Cannot get site signing cert. LsRefreshManagementPointEx failed with 0x80004005 Client is not assigned to a site. Cannot refresh Local MP. Client is not assigned to a site. Cannot get portal info. The above loops amongst a few information messages Any ideas or suggestions to what this may be? I've got to get all of this working today! Thanks!

Hey Guys - I recently started at a place where SCCM 2012 1511 had recently been installed. Even though the person who installed it had no prior experience with SCCM, it seemed to be running pretty well. Today, though, after issues with newly deployed clients, I found there was an issue with the Management Point. I've researched and tried many things, but wanted to post what's going on in case others had suggestions... Issues in Test URLs When going to either site below, I'd get a 500 error - http://primaryfqdn/sms_mp/.sms_aut?MPlist - http://primaryfqdn/sms_mp/.sms_aut?MPcert When going to them on the primary, I got an error that I didn't have permissions for the web.config file in the MP folder Issues in Server Logs: mpcontrol.log Call to HttpSendRequestSync failed for port 80 with status code 500, text: Internal Server Error SMS_MP_CONTROL_MANAGER 3/1/2016 2:49:00 PM 4972 (0x136C) STATMSG: ID=5436 SEV=E LEV=M SOURCE="SMS Server" COMP="SMS_MP_CONTROL_MANAGER" SYS=FQDN SITE=ABC PID=8168 TID=10576 GMTDATE=Tue Mar 01 12:44:12.091 2016 ISTR0="500" ISTR1="Internal Server Error" ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0 SMS_MP_CONTROL_MANAGER 3/1/2016 6:44:12 AM 10576 (0x2950) Resolution? After restarting this server and the SQL server (both Windows 2012 R2), I installed IIS 6 Tools then ran cscript %SYSTEMDRIVE%\inetpub\adminscripts\adsutil.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 0. I also added Read permissions for the local IIS_usrs account to the web.config file. Once the above was complete, all errors in mpcontrol.log were resolved. Also, I could successfully refresh policy dfor the client on my PC (couldn't before) Hooray! -- BUT -- Still Issues? With the current IIS log stil open in CMTrace, I still see numerous 500 lines plus an occasional 404. I can also now visit the App Catalog - BUT - when I try to install a basic application (advertised as available), I get the error saying "The security information for this application could not be verified... On my workstation, I manually refreshed policy for Machine and Application about 15 minutes ago. If I open my LocationServices.log file, though, I see tons of recent errors: In StatusAgent.log, I get frequent "Failed to determine MP type. Error 0x0" ...and in ccmexec.log, I'm getting the below currently... Any suggestions? Thanks! UPDATE Just to see what happens, I ran CCMClean on my workstation, renamed the old CCM and ccmsetup folders, and am re-deploying the client from the primary right now. I'm curious to see what virgin log files report. UPDATE #2 Well that was fast... While monitoring ccmsetup.log (once it appeared), I got the below errors. Note: Most blurred out sections are the FQDN of the primary. UPDATE #3 Argh - seems DHCP decided to give me a boundary which wasn't on the boundary list provided initially... Should be good now at least for client install...

Nevermind - figured it out myself. I was running it from my workstation where I had installed MDT, but hadn't installed ADk. Ran from primary and it worked - Thanks

Hey Guys - Recently started at a new position where I am primarially working with an SCCM 2012 1511 environment which was set up over the past month. Yesterday, I requested that MDT 2013 be installed and once I got approval, installed MDT 2013 Update 2 on the primary then ran the integration tool successfully. This morning, I went to create the MDT packages which I usually do by creating a test MDT client task sequence. When doing so, I get to the MDT Boot Image page, but cannot select the option to create a new boot image!?! As I didn't install SCCM, I don't have specifics, but was told Windows 10 ADK was installed - just the 4 components required. Any ideas / thoughts? Thanks!

Thanks for the reply - I guess it's just a big change from the environment I'm used to. This morning I created an IEAK IE11 installer which was 160mb on my workstation. When copying it to the source share on the primary (to create an Application) it took about 90 seconds. Just used to it taking about 2. What I don't understand is how OSD and larger apps are going to work well (plus have the perfomance they expect) in this environment. Also, you said "Make sure you don't "distribute content"". To any of the 3 total DPs? Whatchoo talkin about Willis? (For those unfamilier, a reference to an 80's show: Different Strokes) Thanks

Hey Guys / Niall - I recently started in a new position to help implement and advise on SCCM 2012 (1511) as well as the setup of all features including converting them from using imaging to OSD, Application deployment, Software Updates, etc - at least all the basics except for Forefront. Quite a task, but sounds fun to me. I learned something today which I'm questioning so wanted to post and get opinions. I've implemented SCCM in about 5 production environments before and for each one; have had at least a distribution point at each local site. If a site didn't have one; it was understood that they would only experience limited support. Today, I found out that our multiple point site will only have a total of 3 DPs - and - they were told this would be ok by Microsoft - even for using OSD at each one. Microsoft's Recommended Plan The ~30 locations are spread out around the country. Each of these 30 locations connects to one of 3 datacenters via various speeds of connection like T1, 500k, (some fast, some really slow). I was told that "Microsoft advised" that it would be ok for them to create a distribution site (they are actually doing secondary sites) in each of the 3 datacenters. The primary server (4th site server) is offsite from the corporate office in a datacenter that we have a 100mb connection to. Overall I understand that having a 100mb connection to the primary may not be the worst thing ever for doing something like OSD if only running 1-2 at a time, but cannot imagine supporting OSD at all 30 of these locations with the setup above - even with BranchCache - not to mention all other services. So - what are your thoughts? Am I just crazy to think this or do you believe we have a problem on our hands? Thanks Guys!

Hey Guys / Niall - Our company runs SCCM 2012 R2 CU4 on a Windows 2008 R2 Server. One component we use is Software Updates which we deploy to ~1000 workstations. Recently, we purchased a license for PatchMyPC which enabled us to publish 3rd party updates from SCUP 2011 into SCCM. When importing the catalog, I not only imported the PatchMyPC updates, but the free Dell and Adobe ones, too. I was asked to go ahead and publish the metadata for all updates from all 3 catalogs and did so. Soon afterwards is when the issues started. When a client currently tries to run a software update scan, it fails. Below are the errors which the logs reflect: WUAHandler.log OnSearchComplete - Failed to end search job. Error = 0x8024000f. Scan failed with error = 0x8024000f. (Which translates to "Circular update relationships were detected in the metadata.") WindowsUpdate.log WARNING: CSerializationHelper:: InitSerialize failed : 0x80070002 WARNING: Failed to get Wu Exemption info from NLM, assuming not exempt, error = 0x80070032 When the issue first occurred, WindowsUpdate.log also listed many other errors which included update GUIDs. I found out that the issue was caused by corrupt Dell updates which were published and per instructions found, I expired each of the updates in SCUP then performed a full re-sync. I was able to verify in the console that the corrupt updates (which I placed in a different folder) were marked as Expired. This resolved the issue to where the GUIDs no longer appear in the log files, but I still have what's listed above left. This was done yesterday so know that policy has refreshed since What I've Tried Expiring the 16 unique Dell updates mentioned above and resyncing Verified that I can visit http://primaryserver:8530 from client-get prompted for credentials Re-importing SCUP catalogs then re-expiring updates Searched for updates which superseded themselves - Found this post where the same issue was caused by this occurring. I manually compared many of the update, but ran the SQL queries (via SQL Studio connected to Windows Internal DB) and got no results Been digging through logs! I've attached both log files mentioned above to this post. Due to their size, I zipped both of them up into a single file. WindowsUpdate.zip What may I do ? Any suggestions? I've already posted on TechNet Forums, but no replies. Thanks!

Good Morning Guys / Niall - A couple of months ago, I applied CU4 to our SCCM 2012 R2 environment and this past weekend, CU5 mostly due to the IsCacheCopyNeeded issue. When applying the CUs, I'm extremely thorough in my procedure and remediate to ensure that every single of our ~1000 clients receives the update if at all possible. There's only one part of the process I don't fully understand - the best method to apply the CU's MSP for future console pushes and OSD. I did some research and below are the three most common (individual) solutions I've found: 1. Copy MSP into a subfolder for each client source (\x64 & \i386). I've found posts where the folder should be named "hotfix", posts where it should be named "ClientPatch", and one post saying to create and copy it into both folders. The theory is that similar to the Office installation, once the primary installer completes, it searches pre-defined paths for MSP patches and applies them. I currently have both folders in my source and only have the latest CU MSP in them. Supposedly, this should ensure that all OSD deployments and console pushes will install the latest client by default so there's no need for a 2nd advertisement Example of where to place CU MSPs: - \\SCCMPrimaryServert\SMS_ABC\Client\i386\ClientPatch\configmgr2012ac-r2-kb3054451-i386.msp - \\SCCMPrimaryServert\SMS_ABC\Client\i386\hotfix\configmgr2012ac-r2-kb3054451-i386.msp - \\SCCMPrimaryServert\SMS_ABC\Client\x64\ClientPatch\configmgr2012ac-r2-kb3054451-i386.msp - \\SCCMPrimaryServert\SMS_ABC\Client\x64\hotfix\configmgr2012ac-r2-kb3054451-i386.msp 2. For OSD: Add step in OSD TS for client update package. This one is pretty straight forward. Never update the default client package and simply add a step in OSD for the update package which the CU creates 3. For Console Pushes & everything else - Maintain a query-based collection for all clients which are out of date. For it, always have an open advertisement for each of the latest (x64 & x86) client upgrade packages So - which of the above (if any) are the best solution? There are countless guides online for applying CUs for SCCM, but I haven't found any which discuss how to apply the CU to future client installs once the site has been completely updated. Any comments, suggestions, or anything else would be much appreciated - Thanks!

Hey Guys - Our company has an extensive OSD Task Sequence which incorporates many scripts and custom processes. For a variety of reasons, it's been decided that we start using Dell's ImageDirect. In this scenario, once we unbox systems, they want OSD to still be applied - but to the existing image on the PC - not re-apply the OS I created a Windows 7 image via imagedirect, downloaded it, and applied it to a test system. Currently, it would boot to Windows' mini-setup if powered on. I took our existing OSD TS and basically removed any steps where OSD applies the image, but steps which come after it that are still required are failing. For example, for a test I did this afternoon, the "Apply Win7 Settings" step would fail which usually comes after Apply OS image, but as it's disabled, errored out with the below in logs: Failed to read installation type from environment.. Please ensure you are running this executable inside a properly configured OS Deployment task sequence. Unspecified error (Error: 80004005; Source: Windows) (more below) As I found all of the info in that step is already in the ImageDirect image, I disabled it and tried again. This time, it failed at the "Apply Network Settings" step. These settings (including joining the domain) are obviously not in ImageDirect's image. What is the best way to approach working with what I've been asked to do? Thanks! UPDATE I sent an email to Dell's ImageDirect Support today asking a similar question. I showed them how we currently prep a new system versus what we were trying to do with ImageDirect giving the two scenarios below: Our Current Solution Currently, our company does the following when receiving a new system from Dell to get it ready for a user: 1. Unbox 2. PXE boots to SCCM/WinPE boot image 3. Applies an SCCM OSD task sequence which partitions, formats, and installs Windows 7 x64 Ent The same OSD task sequence is extensive and aside from installing the OS, applications, and joining domain, it performs numerous configurations. Proposed Solution with ImageDirect We are testing starting to use ImageDirect and propose to instead do the below steps 1. Unbox 2. PXE boot to SCCM/WinPE boot image 3. Apply the same task sequence – EXCEPT – for the steps which partition, format, and apply the OS (keeping ImageDirect's OS/image) Their reply was that what we are trying to do is different than what most customers do with ImageDirect and suggested that we apply any required settings using Group Policy. Based on the fact that their solution is Group Policy without asking the depth of the task sequence we are trying to apply made me believe that perhaps the person who replied may not be familiar enough with OSD so still don't consider my issue answered. So - I wanted to update my post to ask a couple of questions: My Questions 1. If I have a system which doesn't have the client installed nor is joined to the domain to PXE boot it to an SCCM Boot / WinPE image then start a task sequence which will Apply Network Settings (Join the domain), install the SCCM client, then proceed with non-OS related TS steps? 2. The reason I am so fixated on PXE is that if we had to use ImageDirect, we could boot a new system, go through mini-setup and into Windows, join the domain, install the client, then start a task sequence; but having to do all of that manually would take forever and defeeat the purpose of OSD in the first place. Do you have a suggestion to accomplish this using a better method? 3. The biggest reason we are testing using ImageDirect over the current solution of installing WIndows during OSD is drivers. We are a Dell shop and currently support ~6 models. I keep our SCCM Driver database up to date using model specific enterprise CABs and use model-specific driver installation steps in our OSD TS. Still, though, we have sporadic issues with drivers not being installed & not being installed correctly. It's gotten to the point where I've added a Full Driver Installation task sequence to the end of our OSD TS which has a group per model - each with individual & conditioned steps which install the full driver package downloaded from Dell. It's the only way we can have a consistent result. I've also tried the two types of Driver Installation steps (by driver package & by category) which both have similar results. Do you have suggestions for something which may remedy this issue instead of even going the ImageDirect route? The only other main reason we were going with ImageDirect is BitLocker. The systems we have come in from Dell for some reason come with Professional installed as our only option. Since we use BitLocker which isn't supported on Pro, we must re-image them via OSD to apply Enterprise. So - Any suggestions for any of the above or this entire scenario? Thank you!

Hey Guys / Niall - OSD task sequences have been one of the many things under my umbrella since starting my current position about 8 months ago. As with any environment, issues come and go - however - there's been one which occurs randomly and cannot easily be reproduced which I cannot figure out. Our current OSD task sequence is fairly detailed and supports all models we use. Depending on choices made from a frontend created via AutoIT, it can do many things including apply Win7 OS, provision Win 8 OS, install apps, etc. The steps which install the applications are straightforward and consists of a mix of Applications and Packages which reboots in between where required. The Issue The issue is that on some builds (1-2 per week), the TS will stop and throw an error due to an application which failed to install. The exit code is always 16389 and the application affected is random. We can continue the TS but must manually install whichever application threw it after the TS finishes. When imaging systems, we can do 1 - 12 at a time which are all running the same TS on the same computer model, but only one have the issue. In the past when trying to run the TS on the same system again, it works without the issue. In the past 3 weeks, it's occurred when installing CCleaner and Cisco AnyConnect client - both Applications - but in the past has affected many different ones. I unfortunately don't have log files to attach at the moment, but will soon. I wanted to go ahead and post in case this rang a bell for anyone who may have a suggestion or have heard of it before. Any ideas? Thanks Guys!

Hey Guys / Niall - I've got a fairly straightforward question for you. When the SCCM (2012 R2) Client is installed / deployed to a system, successfully downloads locally, but fails, it retries installation by default every 30 minutes. When creating an Orchestrator runbook for Client Health, I'm needing ccmsetup to try only once. So basically, I'm trying to find out how to make ccmsetup.exe not retry installation and simply fail. There is a "Retry" command line switch for ccmsetup (/retry:<Minutes>) where minutes may be specified, however, this does not pertain to the actual installation, but the initial download of the setup files. It does not have an affect on the client installation, itself. Yes, a simple script could be created which could kill the process after X, but prefer a native (or at least better) solution. Any ideas? Thanks!

Hey Guys - In our environment, OSD Task Sequences are usually run in the PC Lab by booting to PXE. Even though the PC Lab is 10 feet away from me and on the same local network, they are on a different subnet which is the only one set up for PXE booting. When starting here recently, I was told that to run OSD outside of the PC lab I'd have to boot to ISO. Fine with me. The Issue The problem is that every time I try to boot to ISO, I get errors and the process fails right before I can even see a list of Task Sequences. I'm using the same boot image that's on PXE, though. We do use SSL and re-created the ISO again this morning using the correct cert and password but no change. Below is a clip from the smsts.log. I've searched online, but so far haven't found a solution that works. This issue has been going on since I started which was a couple of months ago. I've tried different systems including ones fresh out of the box which haven't ever been on the network here. Known Solutions That Didn't Work Here are the solutions I've found online plus a couple of things I tried plus their results when I tried them: - BIOS Time / Date is Incorrect - I verified that they were correct plus was able to boot the same system via PXE without changing anything and it worked - Check IIS Logs - I checked them on the Primary as well as the local DP. Didn't see any issues. Restarted both last night anyways. Still have issue - Tried creating ISO using Default Boot Image instead of custom one. Same result with each. Both pull IP info - Attempted booting to ISO when connected to the subnet where PXE works - Same result Any Ideas? Thanks!