I'm not sure these are documented so adding here:
Content status message of successfully distributed content is the normal status when you deploy content to a DP
Content status message of successfully processed content on DP is the status when you validate content on a DP
Content status message of content was distributed to DP is when you redistribute content to the DP.
Every time I do a CM Risk Assessment (RaaS) for a customer I have to remember the various versions of CM2012 clients that are out there. Here is a compiled list so I'll know where to find it (and maybe you will too!) :-)
It would appear not. Rod Trent blogged about it, Mary Jo Foley and Paul Thurott talked about it this week as well. I have had the good fortune to speak at the past several MMS conferences and before that served as a member of staff. It was a great conference, with great people, and I will miss it.
Somehow managed to delete all of my comments on my blog. Whoops! Hopefully I’ll get some new ones to publish.
Here is some additional information on how the content routing function works in ConfigMgr 2012. If you use this feature make sure you document the routes that have been added/deleted.
Assume there is a CM2012 SP1 primary site (BLB) with two CM2012 SP1 secondary sites (SE1 and SE2). By default CM creates file replication routes from BLB to SE1 and vice versa and from BLB to SE2 and vice versa. We used to call these file replication routes “senders”.
Assume BLB is in Dallas, SE1 is in Houston and SE2 is in College Station and the College Station network goes to Houston and then from Houston back to Dallas. Again, if the network for both remote sites went straight back to Dallas then using content routing between the secondary sites may not make sense as it would add additional traffic, latency, etc.
To adjust the file replication routes to match this scenario, we need to create routes between the two secondary sites and then remove the file replication routes between SE2 and BLB. Make sure the computers accounts for the two secondary sites can communicate with each other and do not modify the database replication links.
Now when you distribute applications to the SE2 distribution point the primary site will use the SE1 secondary to route the content to the SE2 DP. You should be able to see this routing logic in the scheduler log on the primary site. In this example I am assuming the SE1 DP should not be a DP for this content so it was not included as a targeted DP. If I was deploying content to multiple secondary sites thru the SE1 secondary the logic would be same.
The ability to inventory mapped network drives was a common customer ask in ConfigMgr 2007 and SCCM Expert and some other folks provided free scripts and MOF edits to take care of this. But can this be done in ConfigMgr 2012?
Mapped network drives and printers are a per-user setting so you need to run a script or process under the user’s context to grab that data and store it somewhere that the hardware inventory process can get to. The obvious place to store the data is WMI. There may be other scripts out there that do this and if you have a better way to do this in ConfigMgr 2012 please let me know, but I chose to use a script provided by CTS for ConfigMgr 2007 and it worked just fine in my lab. Credit to Alvin Morales and JC Hornbeck for the blog article:
http://blogs.technet.com/b/configurationmgr/archive/2008/12/18/configmgr-2007-how-to-inventory-mapped-drives.aspx
Obviously in ConfigMgr 2012 we won't perform the MOF edits shown in the article, we make the change in the ConfigMgr 2012 console itself. But the VB script provided (mapdrives.vbs is what they called it) is required. Given the requirements that need to be met for this to work as a ConfigMgr package (run with user rights, run only when a user is logged on, set it to re-run on a schedule, etc) this may work better as a logon script. You could also modify the VB script to inventory mapped printers as well. You could further modify the script to force a hardware inventory once it’s done, or just wait for the next scheduled inventory to occur.
Once you have created the package and deployed it to your clients, you can verify it worked by using WBEMTEST to connect to root\CIMV2 and look in CX_mappeddrives.
In the ConfigMgr 2012 console you’ll need to add the new class for hardware inventory. So, Administration/Client Settings/Default Client Settings (or select a custom device settings group)/Hardware Inventory/Set Classes. Click Add and use the Connect option to specify a client that now has the information stored in WMI and select the CX_mappeddrives class name.
Once the client has retrieved machine policy and submitted hardware inventory, you should be able to see the mapped drive data in Resource Explorer:
and you can confirm in the database:
October 18! http://blogs.technet.com/b/in_the_cloud/archive/2013/08/14/mark-your-calendars-for-oct-18-the-r2-wave-is-coming.aspx Now you can get your upgrades and migrations done before the holiday season, not during!
There were issues reported for this update with ConfigMgr 2007 and 2012 when this update was original released. An update was released this week
http://support.microsoft.com/kb/2872041/en-us
If you start testing the integration of Intune with Configuration Manager 2012 you’ll likely spend time waiting for the Dirsync process to run. It runs every 3 hours by default which is OK for a production environment but when testing you want things to happen quickly so you can continue testing. Here is a process you can use to manually kick off that dir sync process in your test lab. This allows you to make changes in your AD (like creating new test accounts, password resets, etc) and get those changes communicated to the cloud. I’m not recommending that you could or should use this in production as I don’t know if there are any support issues with doing this. There also may be other ways to accomplish this but I figured this out in my testing and it works for me. Your mileage may vary.
Once you have installed and configured dirsync look in \Microsoft Online Directory Sync\SYNCBUS\Synchronization Service\UIShell and run miisclient.exe.
This is the Forefront Identify Manager (FIM) client and we can use it to monitor and troubleshoot the dirsync process. In the app we can monitor the status of the different sync jobs. Look closely and you’ll notice a trend. About every 3 hours (usually it’s 3 hours plus a few minutes) you’ll see 3 jobs run, in this order: Delta Import Data Sync, Delta Confirming Import and Export. I won’t go into the details about what those do now, will possibly cover it a later entry.
If you select one of the Delta Import Data Sync records and right click, you’ll see a few options, with one being Run. If you select Run and then verify the Run Management Agent options (basically in this example make sure the Management Agent is Source AD and that the Run Profiles options is set to Delta Import Delta Sync) and click OK the Synchronization Service Manager will create a new Delta Import Data Sync record with the current date/time stamp and set the status when it’s done to success (or failure if it fails). Repeat the same process for Delta Confirming Import and then when it’s done run the Export. Done!
If you want to confirm that the changes in AD are being picked up you can select the Delta Import Delta Sync record for the sync after the AD change was made and check the Synchronization Statistics window at the bottom and you should see some values in the Staging section. In this example, the Last Name for my Intune test user account in AD was changed and I was expecting to see an update to that AD account get picked up and sent to Azure AD. I used the Sync Statistics to verify that the change was processed and I was then able to go to my Azure domain and saw that the change was reflected there. Success!
Don't know that we have a formal announcement on an MS site yet, but there is some info on the possible issues here: http://myitforum.com/myitforumwp/2013/07/15/configmgr-issues-with-ms13-052-kb2840628/. This affects CM2007 and CM2012.
If you have issues with KB2840628 open a case with Premier Support. And this just reinforces something I preach to my customers all the time: You need a separate test lab that mirrors your production environment and you need to test everything in there (updates, images, packages, etc). And testing in production is not testing :-)
7/17/2013: Updating entry with official word from product team: http://blogs.technet.com/b/configmgrteam/archive/2013/07/17/issues-reported-with-ms13-052-kb2840628-and-configmgr.aspx
If you have a central administration site (CAS) in your Configuration Manager 2012 hierarchy, consider using SQL Enterprise for the CAS. If you use SQL standard, the support limit is 50,000 users and there is no supported method to change the SQL edition after the fact (other than a complete reinstall of the hierarchy!)
The ConfigMgr client has traditionally been a fairly passive component on computers. It gets policy on a schedule, it submits inventory, evaluates baselines etc but typically doesn't make any changes to the computer unless you tell it to. The ConfigMgr 2012 client has a client health process that runs every night (midnight plus an offset is the default time) and is set to automatically remediate any of the issues it is configured to check for (WMI, CM client service stopped, etc). For some environments making unplanned changes to a production computer may be worrisome and you may want to disable this auto remediation feature. If so, consider changing the following registry key on these clients:
HKEY_LOCAL_MACHINE\Software\Microsoft\CCM\CcmEval\NotifyOnly
The default value is FALSE, meaning the client will auto remediate problems when found and you can monitor this in the Monitoring workspace in the console. Change the value to TRUE if you want to adjust this behavior. When the registry entry is set to TRUE the client will not auto remediate problems that are found and administrator will see alerts in the Monitoring workspace. The administrators can then manually (or use some other process) to resolve the identified computer issue.
A customer asked about the benefits of using a Windows Azure-based distribution point. Great question!
Pros:
Cons:
Azure DP does not support PXE, multicast, OSD, app-v streaming, task sequences, packages that run from DP. Also no ability to prestage content
http://support.microsoft.com/kb/2717295
Error: CSMSAMTDiscoveryTask::Execute, discovery to client_computer failed. General Worker Thread Pool: Error, Can not execute the task successfully. Remove it from task list.
Starting service 'ReportServer'Time out has expired and the operation has not been completed.
Thread name = SMS_SITE_SYSTEM_STATUS_SUMMARIZERExecutable = C:\Program Files\Microsoft Configuration Manager\bin\x64\smsexec.exeException = eeeeffff (EXCEPTION_SMS_FATAL_ERROR)
When the Administrator Console is first installed, a copy of the Adminconsole.msi file is cached in the %Temp% folder of the user who initiated the installation. If that MSI file is missing, the Configmgr2012adminui-rtm-kb2717295-i386.msp update file may not be applied. When this update is distributed by using Software Distribution, the installation may fail, and an exit code of 1603 is logged in the excecmgr.log file.To resolve this issue, reinstall the original release of the Administrator Console by using Consolesetup.exe, then apply this update.
ConfigMgr client computers that are powered on but are not connected to the corporate network will continue to execute hardware and software inventory processes as scheduled and will store the data locally. Once the client is able to connect to the ConfigMgr site server and retrieve policy the client will upload the saved inventory records and the site server will assign them sequenced version numbers and typically process them in the order they were created. This behavior can be verified in the dataldr.log on the site server.
In ConfigMgr 2012 you can have include collections to include members and you can have exclude collections to exclude members. Makes sense, right? But what happens if a collection member (could be a computer or a user) exists in both collections, the include and the exclude? Which one takes priority? The exclude would win, so the collection member would not be returned in the collection results.
Finally got my copies of the book (Mastering System Center 2012 Configuration Manager) from the publisher, which reminded me I needed to put something on my blog about the book. I was the technical editor for the book and I wrote the chapter on role-based administration and the chapter on endpoint protection. We started working on this book in late 2011 and it was released a week after the release of ConfigMgr 2012. It is pretty remarkable, in my opinion, that we were able to get this book done and ready for purchase so close to the product launch. I don't make any money from the sales, but if you are looking for some good info on ConfigMgr 2012, check it out and let me know your thoughts.
Here is the amazon link. http://www.amazon.com/s/ref=nb_sb_noss?url=search-alias%3Daps&field-keywords=mastering+configuration+2012
ok, enough with doing blog posts in IE. Now setup to use Live Writer, making my random helpful stuff entries easier to post!
After installing a primary under a central admin site you may get the following message when attempting to open the console at the primary site level: "Your Configuration Manager console is in read-only mode while this site completes tasks related to maintenance mode". This usually indicates that the initial replication between the CAS and the primary isn't complete yet. Monitor rcmctrl.log on the CAS and also the Database Replication view in the Monitoring workspace on the CAS. Once the link state says 'Link is active' for the child sites then the replication should be complete and you should be able to open the console at the primary without getting the read-only message. Also note that this replication may take some time. My environment took at least an hour to complete.
I have recommended the appdeploy.com web site to countless customers over the year as THE software packaging reference site. Now, that url takes you to itninja.com and it looks like Dell has done their best to turn a great site into something not nearly as intuitive and useful.
During the Configuration Manager Risk Assessment Program (RAP) offering that MS Premier provides to customers one issue we look for, and usually find, is the fact that SQL memory has not been limited. Now, on a production SQL server that may not be an issue. But, if SQL is running locally on the primary or CAS, that might cause some memory allocation issues for other functions running on the server (like Configuration Manager).
It's good to see that we now check for this condition during the pre-req check for the install of ConfigMgr 2012.
Been using the beta for a while, now the 2.5 RTM is available here http://technet.microsoft.com/en-us/solutionaccelerators/cc835245. Not sure what SCM is? Come see our Instructor Led Labs and Breakout Session on Security Compliance Manager at MMS! #mms2012
...and found anything here that is useful please consider making a tax deductible donation to the bike ride (the MS150) I am doing in a few weeks to support Multiple Sclerosis (MS). The ride is May 4-5 in the North Texas area and we will ride over 150 miles over the course of two days. Any amount you want to donate would be very helpful in helping me reach my goal. Here is the link http://main.nationalmssociety.org/site/TR/Bike/TXHBikeEvents?px=9029062&pg=personal&fr_id=18029
thanks!!!!
If you have worked with SMS/ConfigMgr over the years you understand that the product is continually evolving and adding more functionality. In many companies, ConfigMgr is, or is close to becoming, a core critical IT service. With the said, what are the high availability options for ConfigMgr 2012?
We can utilize a SQL cluster for the central administration site (the CAS) and for the primary site servers. We cannot use a SQL cluster for the secondary site.
Configuration Manager 2012 also provides the ability to install multiple instances of several site system roles to increase availability, including the management point, distribution point, state migration point, the application catalog roles and the reporting services point. You can also use an NLB cluster for the software update point role. In ConfigMgr 2007 we provided the ability to use an NLB cluster for the management point role, but in ConfigMgr 2012 we replace that with the ability to add multiple management point servers to the hierarchy.
But what about high availability for the CAS, primary or secondary site server roles themselves? There is no clustering or NLB support for those roles. If the CAS or primary site servers go down, our recovery model is to use the backup/recovery process in ConfigMgr. If the secondary site server goes down, the only recovery model is to reinstall the site. You could possibly make the case to backup the package files to avoid having to repush those across the WAN, but backing up the secondary site server itself (and the database) is unnecessary. Also we do not support restoring any ConfigMgr components/servers using the snapshot feature that virtual server products provide. You might use it, it might work in a recovery, but completely unsupported.
But what if I decide to have two primary site servers (and a CAS, since you would need it to 'bind' the two primary's together) and have one primary there (say it's site code PR2) in case the other primary (PR1) goes down (or vice versa). In that scenario, your plan might be to temporarily assign the clients from PR1 to PR2. Then, rebuild PR1 and then move the clients back from PR2 to PR1. Temporarily assigning clients to another primary site is possible, but may introduce issues. After assigning the clients to the other site the clients will begin submitting data (inventory, compliance settings data, Endpoint-related data, software update compliance, etc) to the newly assigned site. Once the original site is recovered and the clients are assigned back to it, the clients would exist and be viewable in both primary sites and would remain there until that data was manually deleted or triggered to delete once it become aged. This may introduce various issues around targeting and software delivery and perhaps other unforeseen issues. The more effective recovery scenario would be to recover the original primary site and replicate information from the central administration site database (if a CAS has been implemented). Otherwise, restoring the site using the ConfigMgr backup/recovery process would be the recommended option.
A customer I work with alot has an opening in their Oklahoma City location for a ConfigMgr administrator. They are great folks, they are aggressive with new technology and this would be a great opportunity for the right person. If you have an interest email me and I'll put you in contact. breben @ microsoft . com