Here’s another cool post I found while browsing all the other System Center related sites today, this one by Jeff Wettlaufer (Sr. Technical Product Manager for System Center) on the OEM Deployment Packs we have available. We have Deployment Packs for Dell, HP, IBM and Sun servers so if you’re running any of this hardware and are looking for an easier way to deploy images and tools then you’ll want to check these out:
========
I wanted to get a note out to you about our recent efforts at integrating OEM specific deployment customizations into the powerful OS Deployment features in ConfigMgr. The OEM Deployment Packs provide the ability to extend the capabilities within the OS Deployment feature, namely the Task Sequencer, to support specific hardware elements of some industry leading server manufacturers. Built on the ConfigMgr SDK, these are extremely powerful extensions for your server builds to incorporate. Below is a summary of each of the currently released versions, with a link to their downloads.
To continue reading see Configuration Manager OEM Deployment Packs on the System Center Team Blog.
J.C. Hornbeck | Manageability Knowledge Engineer
Microsoft released a new version of ACT, version 5.5. This version changed the database schema which prevents configuring the ACT database from the ACT Connector administrator console. If you upgrade an existing ACT installation to 5.5 which has already been configured in the ACT connector, no additional steps are required.
Using this documented workaround ACT 5.5 is supported by Microsoft with the System Center Configuration Manager 2007 ACT Connector.
Symptoms
You will see the following error when attempting to configure your ACT database:
Cannot connect to SERVERNAME.
[-2146232060] Invalid object name ‘ACT_Databases’.
An update will not be released to fix this issue at this time, but the following workaround is available:
Workaround
The following script can be used to configure ACT connector to work with ACT 5.5 install.
Syntax
ActConfig.vbs [Server] [Site code] [ACT Server] [ACT database] {Machine Account}
- [Server] – Name of ConfigMgr server where ACT Connector is installed
- [Site Code] – Three letter side code of ConfigMgr server where ACT Connector is installed
- [ACT Server] – Name of SQL server where ACT is installed
- [ACT Database] – Name of ACT database on SQL server (set during ACT install)
- {Machine Account} – Optional parameter. If the ACT is installed on different server than the ACT Connector, then provide the machine account name the ACTC provider runs under (domain\machinaccount$) where the machine account name is the ConfigMgr server where the ACT Connector is installed.
ActConfig.vbs
Server = Wscript.Arguments.Item(0)
SiteCode = Wscript.Arguments.Item(1)
ActServer = Wscript.Arguments.Item(2)
ActDatabase = Wscript.Arguments.Item(3)
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & Server & "\root\sms\site_" & SiteCode)
Set wbemObjectSet = objWMIService.InstancesOf("SMS_ActConfig")
'domain\smsserver$
If LCase(Server) = LCase(ActServer) Then
MachienAcct = ""
Else
MachineAcct = Wscript.Arguments.Item(4)
End If
For Each wbemObject In wbemObjectSet
wbemObject.Server = ActServer
wbemObject.Database = ActDatabase
wbemObject.Put_
If MachineAcct = "" Then
wbemObject.AddLinkedServer ActServer, ActDatabase
Else
wbemObject.AddLinkedServer ActServer, ActDatabase, MachineAcct
End If
Next
Levi Stevens | Program Manager
I was browsing through some of the other Configuration Manager blogs this morning and found a really good one written by Steve Rachui from our PFE (Premier Field Engineer) group. This one is about a Windows Installer issue he ran into the other day and is definitely worth the read. I have a brief intro and link below:
========
Ran across an interesting issue today. When trying to import an OSD WIM image into the ConfigMgr console we received an error that ‘the specified path does not contain a valid WIM file’. Generally, this error can be linked to a corrupt install of the WAIK or spaces in the UNC path. Thats what we thought so we uninstalled the WAIK only to find that we couldn’t reinstall it. When trying to reinstall we received an error stating “The installer encountered an unexpected error installing the package. This may indicated a problem with the package. The error code is 2908”. We tested further and found this error to be generated with most any MSI we would try to install. Only the most basic MSI installed without issue.
Ultimately, we traced the issue down to the fact that…
To continue reading see Unable to import WIM into SCCM console.
J.C. Hornbeck | Manageability Knowledge Engineer
Notification balloons seem to be a frequent topic of feedback from customers. There may pop up too often, or only certain users should get them, or the timing isn’t configurable enough.
Lately we’ve had multiple customers asking for a very specific feature. The AdminUI for SCCM provides the ability to disable notification balloons for normal Software Distribution packages, but not for Task Sequences.
While there are currently no plans to modify the AdminUI to add this ability, all of the necessary logic is already present in the client code; you just have to go out of your way to enable it. If the ability to disable notification balloons for Task Sequences is something that would be beneficial in your environment then you can use the script below to automate the process.
The example below needs to be run on a site server by a user who has sufficient permissions in SCCM to modify the Task Sequences in question. Running the example with no command line arguments will provide usage instructions.
There is no guarantee or warranty associated with this example. Make sure you test any utility before using it in a production environment; and, as always, make sure that you are running frequent backups and that you test the restoration procedure on a regular basis to ensure that the backups are valid.
The script text is below but you can also download it directly here.
========
Option Explicit On
If WScript.Arguments.Count < 1 Then
WScript.Echo "Usage:"
WScript.Echo " DisableTSNotification.vbs -all"
WScript.Echo " DisableTSNotification.vbs PackageID [PackageID]..."
WScript.Quit
End If
Dim strComputer
Dim siteCode
Dim objWMIService
Dim colItems
Dim objItem
Dim packageID
Dim itemFound
Dim numPackages
Dim numUpdated
strComputer = "."
siteCode=GetSiteCode()
Set objWMIService = GetObject("winmgmts://" & strComputer & "/root/sms/site_" & siteCode)
If StrComp(UCase(WScript.Arguments.Item(0)), "-ALL", 1) = 0 Then
numPackages = 0
numUpdated = 0
Set colItems = objWMIService.ExecQuery("SELECT * FROM SMS_TaskSequencePackage", "WQL", 32)
For Each objItem in colItems
If (objItem.ProgramFlags AND 1024) = 0 Then
objItem.ProgramFlags = objItem.ProgramFlags OR 1024
objItem.Put_
numUpdated = numUpdated + 1
WScript.Echo "Modified package " & objItem.PackageID
End If
numPackages = numPackages + 1
Next
WScript.Echo "Updated " & numUpdated & " of " & numPackages & " packages"
Else
For Each packageID in WScript.Arguments
Set colItems = objWMIService.ExecQuery("SELECT * FROM SMS_TaskSequencePackage WHERE PackageID='" & packageID & "'", "WQL", 32)
itemFound = false
For Each objItem in colItems
If (objItem.ProgramFlags AND 1024) = 0 Then
objItem.ProgramFlags = objItem.ProgramFlags OR 1024
objItem.Put_
WScript.Echo "Modified package " & objItem.PackageID
Else
WScript.Echo "No need to update package " & objItem.PackageID
End If
itemFound = true
Next
If itemFound = false Then
WScript.Echo "ERROR: Package " & packageID & " was not found on this server"
End If
Next
End If
Function GetSiteCode()
Dim objSWbemLocator
Dim objSWbemServices
Dim ProviderLocation
Dim Location
Dim strSiteCode
objSWbemLocator = CreateObject("WbemScripting.SWbemLocator")
objSWbemServices = objSWbemLocator.ConnectServer(".", "root\sms")
ProviderLocation = objSWbemServices.InstancesOf("SMS_ProviderLocation")
For Each Location In ProviderLocation
If Location.ProviderForLocalSite = True Then
strSiteCode = Location.SiteCode
End If
Next
GetSiteCode = strSiteCode
End Function
========
Trevor Duke | Escalation Engineer
We’ve seen some issues reported over the past couple of days where the SMS 2003 SP3 ITMU scan is failing on some or all clients with code 87 (The parameter is incorrect). When this occurs, the SMSWusHandler.log contains entries similar to the following on the failure:
ERROR: UpdateSearcher::Search() failed.
An error occurred when searching with the existing scan package service. Removing the service...
ERROR: Search() failed with hRes=0x80070057
0x80070057 is the hresult value for the operation. Returning 87 as the exit code.
This happens on SMS 2003 clients running WUA versions prior to 7.0. ITMU v3 shipped with version 5.8.0.2694 of the Windows Update Agent thus causing the issue described above.
Note: Support for the Windows Update Agent version that shipped with ITMU v3 ended on April 30th.
In order to restore scan functionality with ITMU v3, the following steps should be followed:
1. Download the 7.2.6001.788 build of the WUA agent for each platform used in the environment (x86, x64, ia64) to a separate folders
We suggest downloading these to subfolders under the ITMU install folder, in the same fashion as the original WUA agent folders. For example, use subfolder names like WUSPkgSourcev3, WUSPkgSourcex64v3 and WUSPkgSourceIA64v3, etc.
2. Create new packages for each build of the 7.2.6001.788 client and a new program to run the appropriate EXE with /q. For example, the command line for the x86 build would be windowsupdateagent30-x86.exe /q.
3. Open each program for the original ITMU scan package for each platform, one at a time, and select the Advanced tab. Modify the 'Run another program first' Package and Program to refer to the newly created items for that platform.
Once this is done, clients that require the WUA update will get it the next time they attempt to run ITMU. If clients already have the current version of the agent, the dependent program will exit with success and the scan will run normally.
Keith Thornley - Senior Support Escalation Engineer
When you use System Center Configuration Manager 2007 Operating System deployment (OSD) to deploy Volume License builds of Windows XP Service Pack 2 (SP2) images, "Activate Windows" may still appear in the "All Programs" Start menu after deployment. Since the OS has a Volume License, it is 'pre-activated' and no activation is needed. If you go ahead and click the "Activate Windows" item it reports that the OS is already activated.
This can occur if the Sysprep option for "Do not reset activation flag" is not checked, thus causing the activation flag to be reset, resulting in the "Activate Windows" option to be created in the Start Menu.
To prevent this from happening, there is an option in the Build and Capture task sequence under Prepare OS, under the "Select the following Sysprep options" section called "Do not reset activation flag". The "Do not reset activation flag" must be checked to stop "Activate Windows" from showing up on the deployed OS.
Hope this helps,
Will Swanda | Support Escalation Engineer
From the Configuration Manager product team blog:
The Configuration Manager documentation library (http://technet.microsoft.com/en-us/library/bb680651.aspx) has been updated on the Web and the following information lists the topics that are new or contain significant changes since the April 2009 update.
The latest content that has been updated on the Web has Updated: June 1, 2009 at the top of the topic.
-----
To read about the details check out at the source at:
http://blogs.technet.com/configmgrteam/archive/2009/06/18/announcement-configuration-manager-documentation-library-update-for-june-2009.aspx
J.C. Hornbeck | Manageability Knowledge Engineer
We had five new Knowledge Base articles for System Center Configuration Manager 2007 last week and one for SMS 2003: I won’t go into the details of each but you can check out the article titles and links below:
========
KB971225 - Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2 are not listed as supported platforms in Systems Management Server 2003 Service Pack 3
KB969620 - The SMS_EXECUTIVE service process (Smsexec.exe) crashes on a System Center Configuration Manager 2007 Service Pack 1 site server that allows SQL server authentication
KB971223 - Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2 are not listed as supported platforms in System Center Configuration Manager 2007 Service Pack 1
KB971224 - Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2 are not listed as supported platforms in System Center Configuration Manager 2007 RTM
KB970739 - The System Center Configuration Manager 2007 Service Pack 1 Administration console crashes when you repeatedly click the “Find Now” button to filter the view on a collection
KB971506 - A package that is several gigabytes is not updated on a branch distribution point (BDP) in System Center Configuration Manager 2007 Service Pack 1.
Enjoy!
J.C. Hornbeck | Manageability Knowledge Engineer
Yesterday the Configuration Manager product team announced the release of the public beta for Configuration Manager Service Pack 2 and it’s available for download for all customers. Service Pack 2 for Configuration Manager 2007 delivers new platform support for Windows 7 client, Windows Vista SP2, Windows Server 2008 R2 and Windows Server 2008 SP2. In addition, Service Pack 2 delivers continued innovation with Intel vPro technology, support for Branch Cache enabled environments, and continued development for 64 bit architectures.
For more information and a download link see http://blogs.technet.com/configmgrteam/archive/2009/06/17/announcement-configuration-manager-2007-service-pack-2-public-beta.aspx.
J.C. Hornbeck | Manageability Knowledge Engineer
Here’s an issue I ran into the other day and since I didn’t see it documented anywhere I thought I’d post a quick heads-up here.
Issue: AMT clients are "successfully" provisioned however their accounts are not created in the Out Of Band OU specified.
In the System Center Configuration Manager 2007 console, for the container to create our AMT accounts we have specified:
OU=AMT,OU=Misc,DC=alpha,DC=bravo,DC=charlie,DC=com
However the AMT clients we are trying to provision do not register their DNS suffix in that namespace. Instead they register it in DC=charlie,DC=com (NOT DC=alpha,DC=bravo,DC=charlie,DC=com).
We tried hosts file on the SCCM server as well as modifying the DNS Suffix Search order on the SCCM server to no avail. Regardless of the console settings, when we try to create the account we do a DNS lookup of the client and then fail to add the user object with this error:
Failure: The AMT Proxy Manager failed to add a object into AD. FQDN: serverName.charlie.com, ADDN: OU=AMT,OU=Misc,DC=charlie,DC=com, UUID: 4C4C4544-0047-5010-8036-B4C04F544631, AMT Version: 3.2.3.
Note: This LDAP path is not the one defined in OOB Mgmt Properties and in fact does not exist!
If we configure the clients to register in DNS the DNS suffix of DC=alpha,DC=bravo,DC=charlie,DC=com then everything works.
Cause: This can occur if the domain has a disjointed namespace. For more information on disjointed namespaces see the Disjointed namespaces section of http://support.microsoft.com/default.aspx?scid=kb;EN-US;909264.
Resolution: We do not support disjointed namespaces with AMT and ConfigMgr 2007 SP1, and at this time there is no support for this configuration with ConfigMgr 2007 SP2 either. However, we are investigating what it would take to offer that support and will make a final determination at a later date.
So ultimately the answer to this problem would be to allow your clients to register in the correct DNS namespace that matches up to your AD LDAP path specified.
Best,
Buz Brodin | Senior Support Escalation Engineer
Just in case you missed it, Carol Bailey has posted yet another fantastic article on certificates over on the http://blogs.technet.com/configmgrteam blog. If certificates are as confusing to you as they are to me then you'll definitely want to give this one a good read. I have her intro and a link below:
========
I sometimes get questions from customers about values to set for the key sizes and validity periods for the certificates required for native mode and out of band management in Configuration Manager. This has been a tough one for me to answer, because in the main, these values are external to Configuration Manager and they are PKI design questions with advantages and disadvantages for different values. The higher the key size, the more secure the certificate is from attackers, but will require more processing to use. The longer the validity period, the less certificate maintenance required (and potentially some service disruption), but the certificate is more vulnerable to being compromised.
To continue reading see http://blogs.technet.com/configmgrteam/archive/2009/06/12/recommendations-for-pki-key-lengths-and-validity-periods-with-configuration-manager.aspx
J.C. Hornbeck | Manageability Knowledge Engineer
We had two new Knowledge Base articles on System Center Configuration Manager 2007 last week: They’re both about an issue where the image capture process may fail during the "Prepare Windows for Capture" stage but the first refers to ConfigMgr 2007 RTM and the second refers to ConfigMgr 2007 SP1. Note that the hotfixes mentioned are different depending on the version you’re running as well. The links and titles are below:
========
KB969991 - When you use System Center Configuration Manager 2007 RTM to capture an image of Windows Vista SP2 or of Windows Server 2008 SP2, the image capture process fails during the "Prepare Windows for Capture" stage
KB970093 - When you use System Center Configuration Manager 2007 Service Pack 1 to capture an image of Windows Vista SP2 or of Windows Server 2008 SP2, the image capture process fails during the "Prepare Windows for Capture" stage
Enjoy!
J.C. Hornbeck | Manageability Knowledge Engineer
This should go out in an updated Knowledge Base article within the next couple days but I figured I’d give all of you an advanced, sneak preview anyway. Below are our updated statements regarding supported platforms for Systems Management Server 2003 and System Center Configuration Manager 2007:
* SQL Server 2008 Service Pack 1 is now supported on Configuration Manager 2007 (SP1 and/or R2)
System Center Configuration Manager 2007 SP1 and/or R2 now supports the use of SQL Server 2008 SP1.
No hofixes are required.
-----
* Windows Vista and Windows Server 2008 Service Pack 2 are now supported on Systems Management Server 2003 SP3
Systems Management Server 2003 SP3 now supports Windows Vista and Windows Server 2008 SP2 as clients. Administrator consoles or site server roles will not be supported on these platforms.
No hotfixes are required.
-----
* Windows Vista and Windows Server 2008 Service Pack 2 are now supported on Configuration Manager 2007 RTM
System Center Configuration 2007 SP1 now supports Windows Vista and Windows Server 2008 SP2 as clients. Administrator consoles or site server roles will not be supported on these platforms.
The following hotfixes are required:
KB969991- When you use System Center Configuration Manager 2007 RTM to capture an image of Windows Vista SP2 or of Windows Server 2008 SP2, the image capture process fails during the "Prepare Windows for Capture" stage
-----
* Windows Vista and Windows Server 2008 Service Pack 2 are now supported on Configuration Manager 2007 SP1
System Center Configuration 2007 SP1 now supports Windows Vista and Windows Server 2008 SP2 as clients, for administrator console installations, and Windows Server 2008 SP2 for site-server roles.
The following hotfixes are required:
KB970093- When you use System Center Configuration Manager 2007 Service Pack 1 to capture an image of Windows Vista SP2 or of Windows Server 2008 SP2, the image capture process fails during the "Prepare Windows for Capture" stage
Best,
J.C. Hornbeck | Manageability Knowledge Engineer
Here’s a tip on an issue you may run into if you’re trying to run a script at the end of an OSD with System Center Configuration Manager 2007. If you’re pushing images of 64-bit Windows Server 2008 systems, and in the build task sequence you’re trying to run a task at end of build that sets a registry key for the new server, the task may fail to run correctly and it may exit without generating any kind of error.
This can happen if the task that’s running is a script that runs under cscript.exe (32-bit). Because the script is being run on Windows Server 2008 (64-bit), the OS is forcing the task sequence (script) to use the 32-bit subsystem (32-bit version of cscript.exe) and thus the script fails.
To resolve or workaround this issue you can do either of the following:
1. For the 'Run Command Line' properties, check the box for "Disable 64-bit file system redirection"
2. For the command-line, a 32-bit application can access the "native system folder" by using: "%WinDir%\Sysnative" which allows use of %WinDir%\System32 without redirection.
For more information see the following KB article:
A 32-bit application cannot access the System32 folder on a computer that is running a 64-bit version of Windows Server 2003
http://support.microsoft.com/kb/942589
Will Swanda | Senior Support Engineer
Looks like they just announced the availability of the HP Insight Control suite for Microsoft System Center over on the System Center product team blog. In case you’re not familiar with this, I have a brief intro and a link to the source below:
========
HP Insight Control suite for Microsoft System Center enables Microsoft System Center customers to deploy, monitor, control, and optimize their HP ProLiant and HP BladeSystem platforms directly from Microsoft System Center products. This enhanced visibility into the health of HP servers and server blades enables faster response to server failures, reducing the risk of downtime for both physical and virtual environments. It also reduces deployment and update times and delivers greater control of server power to help IT organizations increase staff productivity and optimize use of power and cooling capacity.
• Deploy servers quickly: Quickly and reliably configure, deploy and update HP ProLiant servers through Microsoft System Center Configuration Manager, including pre-OS server configuration and firmware and driver update.
• Proactively monitor health: Enable System Center Operations Manager and System Center Virtual Machine Manager to respond intelligently to hardware events, including automating virtual machine evacuation from distressed hardware.
• Control from anywhere: Take control of servers regardless of location, reduce travel time, and accelerate server recovery by launching iLO Advanced directly from System Center Operations Manager.
• Optimize power confidently: Up to triple data center capacity by safely capping power usage to fit more servers within existing power envelopes – without putting the electrical infrastructure at risk – with Insight Control power management.
• Unmatched service levels: With HP Insight Control suite for Microsoft System Center, customers can take advantage of Insight Remote Support, advanced server monitoring built on HP Systems Insight Manager, that automatically forwards HP ProLiant and BladeSystem service events to HP call centers and tracks server warranty and support contract status.
For more information on the HP Insight Control suite for Microsoft System Center check out the guest blog post on the System Center blog from Scott Farrand of HP.
J.C. Hornbeck | Manageability Knowledge Engineer
