May, 2012

  • New logs in ConfigMgr 2012 – Client Logs

    With the new version of Configuration Manager, comes a bunch of new juicy logs. I’ll separate the posts into Client and Server. In this first instalment, I’ll cover off on the new logs found on your clients.

    The first thing you need to know, is the log location has changed slightly.

    Client logs can now be found at C:\Windows\CCM\Logs – rather than in the System32 or SysWoW64 directory

    AppDiscovery.log

    With the new ConfigMgr 2012 App Model, we now scan each machine at a regular period (default is every 7 days) and make sure that applications that should be installed on a machine are indeed installed. The AppDiscovery.log will show you the discovery engine (based on DCM) checking to make sure the app is installed.

    Performing detection of app deployment type MS_Silverlight(ScopeId_73F3BB5E-5EDC-4928-87BD-4E75EB4BBC34/DeploymentType_246b2460-f182-4916-959c-0a2c41c55ca0, revision 2) for system. AppDiscovery 3/05/2012 9:27:30 AM 7988 (0x1F34)

    +++ Application not discovered. [AppDT Id: ScopeId_73F3BB5E-5EDC-4928-87BD-4E75EB4BBC34/DeploymentType_246b2460-f182-4916-959c-0a2c41c55ca0, Revision: 2] AppDiscovery 3/05/2012 9:27:31 AM 7988 (0x1F34)

    Here we can see the WMI query for the Microsoft Silverlight application and it not being found. The AppDiscovery.log will then flag Silverlight for installation

    ActionType - Install will use Content Id: Content_b0e86929-a5f2-4154-b876-ed83965ce25d + Content Version: 1 for AppDT "MS_Silverlight" [ScopeId_73F3BB5E-5EDC-4928-87BD-4E75EB4BBC34/DeploymentType_246b2460-f182-4916-959c-0a2c41c55ca0], Revision - 2 AppDiscovery 3/05/2012 9:27:34 AM 12156 (0x2F7C)

    AppEnforce.log

    If an application should be installed, and the AppDiscovery doesn’t find it, the AppEnforce log should kick in with the installation routine

    +++ Starting Install enforcement for App DT "MS_Silverlight" ApplicationDeliveryType - ScopeId_73F3BB5E-5EDC-4928-87BD-4E75EB4BBC34/DeploymentType_246b2460-f182-4916-959c-0a2c41c55ca0, Revision - 2, ContentPath - C:\Windows\ccmcache\1a, Execution Context - SystemAppEnforce 3/05/2012 9:28:29 AM 7988 (0x1F34)

    A user is logged on to the system. AppEnforce 3/05/2012 9:28:29 AM 7988 (0x1F34)

    Performing detection of app deployment type MS_Silverlight(ScopeId_73F3BB5E-5EDC-4928-87BD-4E75EB4BBC34/DeploymentType_246b2460-f182-4916-959c-0a2c41c55ca0, revision 2) for system. AppEnforce 3/05/2012 9:28:29 AM 7988 (0x1F34)

    +++ Application not discovered. [AppDT Id: ScopeId_73F3BB5E-5EDC-4928-87BD-4E75EB4BBC34/DeploymentType_246b2460-f182-4916-959c-0a2c41c55ca0, Revision: 2] AppEnforce 3/05/2012 9:28:29 AM 7988 (0x1F34)

    App enforcement environment:

    Context: Machine

    Command line: "Silverlight.exe" /q

    Allow user interaction: No

    UI mode: 1

    User token: null

    Session Id: 4294967295

    Content path: C:\Windows\ccmcache\1a

    Working directory: AppEnforce 3/05/2012 9:28:29 AM 7988 (0x1F34)

    Prepared working directory: C:\Windows\ccmcache\1a AppEnforce 3/05/2012 9:28:29 AM 7988 (0x1F34)

    Prepared command line: "C:\Windows\ccmcache\1a\Silverlight.exe" /q AppEnforce 3/05/2012 9:28:33 AM 7988 (0x1F34)

    Executing Command line: "C:\Windows\ccmcache\1a\Silverlight.exe" /q with system context AppEnforce 3/05/2012 9:28:33 AM 7988 (0x1F34)

    Once the application has installed, it will rerun the application detection and this time succeed.

    +++ Discovered application [AppDT Id: ScopeId_73F3BB5E-5EDC-4928-87BD-4E75EB4BBC34/DeploymentType_246b2460-f182-4916-959c-0a2c41c55ca0, Revision: 2] AppEnforce 3/05/2012 9:29:41 AM 7988 (0x1F34)

    AppIntentEval.log

    The AppInterval.log works with the two previous logs, and should tell you which applications are required. You should see something like

    ScopeId_73F3BB5E-5EDC-4928-87BD-4E75EB4BBC34/DeploymentType_246b2460-f182-4916-959c-0a2c41c55ca0/2 :- Current State = Installed, Applicability = Applicable, ResolvedState = Installed, Title = MS_Silverlight

    CCMVDIProvider.log

    The CCMVDIProvider.log will show you if the machine is a virtual or a physical machine

    EndpointProtectionAgent.log

    The EndpointProtectionAgent.log will only show you that the SCEP agent is/isn’t installed. It will not show you any information about definition updates. For SCEP definition updates and SCEP functionality, you’ll find a bunch of logs in C:\ProgramData\Microsoft\Microsoft Antimalware\Support

    ExpressionSolver.log

    ExpressionSolver.log is a log that records MSI discovery. This log is only available when verbose logging is enabled

    ExternalEventAgent.log

    The ExternalEventAgent shows all of the state messages sent from SCEP, into the CCM client. The CCM client will then process this state message as it would any internal state message.

    FileSystemFile.log

    This log file records all Software Inventory file system scans. You can see in the log file below, that we’re looking for qmgr.dll, scrnsave.exe, scrnsave.scr and msiexec in the System32 directory.

    Query = SELECT __class, __path, __relpath, name, path, lastwritedate, size, companyname, productname, productversion, productlanguage, fileversion, filedescription FROM FileSystemFile WHERE name = 'qmgr.dll|scrnsave.exe|scrnsave.scr|msiexec.exe' and path = '%windir%\\system32\\*' and iscompressed = false and isencrypted = false; Timeout = 14400 secs; ScanInterval = 2 msecs; SkipFile = skpswi.dat

    SCNotify.log

    You’ll see a bunch of SCNotify logs in your logs directory. This log describes the user notification for new applications. In the log you’ll see a bunch of WMI calls, and whether or not applications should notify the user of their availability

    This software should not display a user notification balloon, removing it from the available notification list.

    SoftwareCatalogUpdateEndppoint.log

    The SoftwareCatalogUpdateEndpoint log will show any changes to the Software Catalog URL and will show the URL being added to the Trusted Sites list in Internet Explorer

    CSoftwareCatalogUpdateHandler::StartUpdateTrustedSitesProcess: Started UpdateTrustedSites process
    CSoftwareCatalogUpdateHandler::SetCatalogSecurity: Updating the registry for Software Catalog.

    SoftwareCenterSystemTasks.log

    This log will show you the Software Center notifications and whether or not the Software Center is installed and healthy.

    UpdateTrustedSites.log

    The UpdateTrustedSites logs the actual updates after the SoftwareCatalogUpdateEndpoint reports that the URL needs to be added to the Trusted Sites

    CSoftwareCatalogUpdateHandler::AddDefaultPortalToTrustedSites: Catalog Url should be added to the trusted sites zone. UpdateTrustedSites 18/05/2012 1:13:32 PM 14172 (0x375C)

    AddDefaultPortalToTrustedSites: url = http://applicationcatalog.yourdomain.com:80, zone = 258 UpdateTrustedSites 18/05/2012 1:13:32 PM 14172 (0x375C)

    UserAffinity.log

    With the new 2012 App Model, we need to determine which users are primary users of a device. The UserAffinity log will show which users have been added as primary users, and the method for determining the primary user

    Auto affinity threshold settings Days = '21', User Minutes = '2880', AutoApproveAffinity = '1'. UserAffinity 18/05/2012 1:12:33 PM 14332 (0x37FC)

    No WMI instance. Setting an affinity. UserAffinity 18/05/2012 1:12:45 PM 14332 (0x37FC)

    Setting auto affinity for user 'yourdomain\mattshadbolt'. UserAffinity 18/05/2012 1:12:45 PM 14332 (0x37FC)

    Successfully sent user affinity state message for user ‘yourdomain\mattshadbolt'. UserAffinity 18/05/2012 1:12:45 PM 14332 (0x37FC)

    Successfully saved user affinity data for user ‘yourdomain\mattshadbolt' into WMI. UserAffinity 18/05/2012 1:12:45 PM 14332 (0x37FC)

    We can see that AutoApproveAffinity is enabled for any users that have used the machine for anyone using the machine within 21 days, and for 2880 minutes or more.

    So that's it! If you find any other logs that weren’t around in 2007, please let me know and I’ll do my best to cover them!

    Matt Shadbolt

     

  • List of ConfigMgr 2012 KB Articles and Hotfixes

    A list of Knowledge Base Articles and Hotfix information for Configuration Manager 2012 has been published on the Technet Wiki.

    This is a living document and will be updated regularly:

    http://social.technet.microsoft.com/wiki/contents/articles/9539.list-of-public-microsoft-support-knowledge-base-kb-articles-for-system-center-2012-configuration-manager-configmgr-2012.aspx

    I suggest subscribing to the RSS feed and checking it regularly. That way you’ll always have the most up-to-date information:

    http://social.technet.microsoft.com/wiki/contents/articles/9539.list-of-public-microsoft-support-knowledge-base-kb-articles-for-system-center-2012-configuration-manager-configmgr-2012/rss.aspx

    Note that these are only the publicly published KB articles and Hotfixes. If you’re having specific issues, please contact Premier Support and they can check if there is a private KB article or Hotfix available.

    Matt Shadbolt

  • ConfigMgr 2012 Automatic Deployment Rules

     

    In CM12 we have a number of changes in Software Updates. One of the most anticipated one’s is Auto Deployment Rules.

    Yes finally I hear you say….

    Well Lets run through creating an Auto Deployment and one little gotcha to keep your eye on.

    In the Console we select

     Software Library > Software Updates > Automatic Deployment Rules

    Choose Create Automatic Deployment Rule from the Ribbon or Right click on the mouse.

          image

     

    In the first screen we can choose a Template

    (Templates are no longer a node in the console they are now created when creating an Auto Deployment Rule or manually Deploying Updates and are saved at the Summary screen.Ill point this out later in the post)

    image

     

     

     

    You can Select to Add to an Existing Software Update Group or Create a new Software Update Group.

    image

    If you select Add to an Existing Software Update Group a brand new group will be created the first time the Auto Deployment Rule is run and every time the rule runs after that the new updates are added to that group.

    (NOTE You cannot create a software Update group manually and then create an Auto Deployment rule to add new updates to that group. Even if you give it the same name and description the Auto Deployment Rule will still create a new group. See Figure below.The group created at 6:02 pm was done manually. I then ran the Auto Deployment rule at 6:07 pm and you can see that it creates a group with a duplicate name and description.)

    image

     

    If you select Create a new Software Update Group every time the rule is run a new Software Update Group is created.

     

    You can also choose to Enable the deployment after the rule is run.

     

    Here you can choose to use Wake on lan and also decide whether to automatically deploy all updates and approve any license agreements or deploy only updates that do not include license agreements.

    image

    This is where you select the requirements to select the updates to auto approve.

     

    image

    Here you can set a Schedule for the Rule to run. Potentially every Patch Tuesday or Daily for Forefront updates.

    Or you can run the rule manually.

    image

    Similar to CM07 we can set the deployment schedule and whether the Deployment will be Mandatory.

    image

    Set the User Experience, deadline behaviour and reboot suppression.

    image

    We can now Generate Alerts if the compliance falls below a certain after a certain period of time. As before we can select to disable alerts for Operations Manager.

    image

    Set your Deployment options

    image

    Either select an existing package or create a new one for the new updates

    image

    Select a DP or DP Group

    image

    Where to download the updates from

    image

     

    Choose a language

    image

    On the Summary screen you can Choose to Save your settings as a Template for future use

    image

    image

    We now see the new Rule in the console and we can choose to Run Now from the ribbon.

    image

    image

    The log file for troubleshooting is Ruleengine.log

    We can see the Auto Deployment Rule is kicked off

    image

    Evaluating and downloading updates

    image

    Here we see it looking for an existing update group and not finding one therefore creating a new Software Update Group then adding the updates to that Group.

    image

    Back to the console.If we select Software Update Groups we now see the newly created Windows 7 Automatic Deployment and the Deployment (Yet to be enabled) on the tab below.

    image

    When we select Show Members we can see the updates applied.

    image

    and there you have it.