試想以下的情境：在佈署環境中，WDS的Server上面可能會有兩張以上的網卡，並且連接到不同的網段。

如果今天我們要限制WDS只接聽從傳送到特定網卡來的PXE ，我們該怎麼做？

1. 請開一個有Admin權限的命令提示字元，並且鍵入以下命令：
   
   WDSUTIL /Set-Server /BindPolicy /Add /Address:<IP or MAC address> /AddressType:{IP|MAC}
   
   您可以指定網卡的IP或是MAC Address，以下範例是使用MAC Address。
   
   
   以上的命令將會把您設定的網卡寫到BindPolicy的機碼中。
2. 接下來，執行以下的命令：
   
   WDSUTIL /Set-Server /BindPolicy /Policy:Include
   
   這個命令中的Policy選項有兩個參數：Include和Exclude，如果是Include就是白名單(僅包含要接聽的網卡)，Exclude就是黑名單(僅排除不要的網卡)。
   
   這樣就會把WDS設定在僅接聽剛剛設定的網卡上。
3. 重啟WDS服務，設定完成。

問題現象 –

Winrm quickconfig

WSManFault

    Message

        ProviderFault

            WSManFault

                Message

Error number:  -2147024894 0x80070002

問題成因 - Firewall issue

解決方案 –

you can try to a new Rule in Windows Firewall with Advanced security-> Port : TCP – 5985

Action: Allow all connection

Profile: Selected all network profile

Name: "Windows Remote Management (HTTP-In)"

Next - Finish.

Open Properties for this rule and then on the Program and Services tab, selected All Services.

If the steps action not work.

Please try to disable windows firewall services then run the command. then you can start windows firewall service.

問題現象 –

突然無法開啟SMS console 錯誤訊息"mmc 無法初始化嵌入式管理單元" 若是本機管理員登入MMC開啟後看不到任何階層架構

問題成因 - %appdata%/Microsoft/MMC files corrupt

解決方案 –

We deleted the adminconsole file from %appdata%/Microsoft/MMC folder and after that we could open SCCM console without any errors.

[USB裝置鎖定執行步驟]

1. 使用者點選USB隨身碟會出現存取被拒:

電腦設定->系統管理範本->系統->卸除式儲存裝置存取權-> 卸除式磁碟: 拒絕讀取存取權

結果: 點選隨身碟裝製出現存取被拒.

2. 針對尚未安裝driver的USB隨身碟:

電腦設定->系統管理範本->系統->裝置安裝->裝置安裝限制->防止安裝卸除式裝置

結果: 使用者插入新的隨身��後出現無法安裝driver.

3. 針對已經安裝driver的USB隨身碟

將以下的機碼透過startup script 匯入到使用者電腦:

===========================================================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\USBSTOR]

"Start"=dword:00000004       

============================================================

結果: 插入隨身碟後會無法使用已經安裝過driver的隨身碟.

Symptoms :

On already activated KMS client a Windows Activation window comes up with the error

An error has occurred:

Code: 0xC004D302

Description: The Security processor reported that the trusted data store was rearmed.

Cause :

1. Changes in the default permissions of the "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" .

2. Corruption in the Licensing Files.  (tokens.dat)

3. If you have run the slmgr.vbs /rearm command and try to run any other activation command(/dlv or /dli for example) prior to rebooting you will experience this error.  You must reboot after using the slmgr.vbs /rearm command prior to attempting activation.

Resolution:

1. Change the directory on the command prompt by typing in

(For Vista and Windows 2008)

cd "%windir%\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing"

(For Win 7 and Windows 2008 R2)

cd "%windir%\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform"

2. Backupy tokens.dat to tokens.old  by typing the command and copy the token.dat from activated machine.

ren tokens.dat tokens.old

3. Activated using slmgr command by typing in

- slmgr –ato  (using Internet)

- slui.exe -4  (using telephone)