An ordinary guy trying to make a difference
Microsoft is currently building the update to System Center Configuration Manager 2007 (ConfigMgr07) titled Service Pack 2. The ConfgMgr Technology Adoption Program (TAP) team is pleased to announce that we are now soliciting participation in the System Center Configuration Manager Service Pack 2 Product validation program.
What's New? ConfigMgr07 SP2 will include new OS support along with improving on the Intel AMT integration.
New Operating System Support
(Intel) Active Management Technology Integration - Version 2
Configuration Manager 2007 Service Pack 2 will improve on the Intel AMT (iAMT) integration provided in Service Pack 1. SP2 will add full feature support for computers that have the Intel vPro chip set and iAMT firmware versions 4 & 5. In addition to providing feature parity with SP1 and iAMT firmware versions 3.2.1, 4.0 and 5.0, support for the below new features are being added:
OOB Wireless Management: Wireless Profile Management (mobile ONLY)
End Point Access Control: 802.1x support
Provision 802.1x settings on AMT wireless clients during AMT provisioning
Send 802.1x settings operations to the Intel translator on AMT systems with revisions earlier than 3.2.1
Persistent Data Storage: Non Volatile Memory or Third Party Data Store (3PDS)
Access Monitor: Audit Log
Enable or Disable Audit Log (no critical event settings)
View Audit Log through OOB Console
Remote Power Management: Power State Configuration
This program is designed to provide collaboration with your company and Microsoft. The purpose is to validate through lab testing and the deployment of pre-release builds. Your company will have the opportunity to provide design and performance feedback for the product. You can do this through the reporting of bugs and submission of Design Change Requests (DCRs), as well as provide general feedback for product group consideration. This program will provide customers with support from the Microsoft System Center Configuration Manager product group, as well as 24x7 support for production deployment issues. The program starts soon and finishes by the end of the calendar year 2009.
A short nomination survey is located here:
Full link: https://www.surveymonkey.com/s.aspx?sm=EFslbxTQdA6OCgbp_2fg8iNQ_3d_3d
The number of available slots in the program is limited. The selection is based on a broad set of criteria and not solely on a customer's commitment to fulfill program requirements.
Prioritization will be given to organizations that meet one or more of the following profiles:
February 2009
Initial Nomination period
Submission of System Center Configuration Manager SP2 Nomination Surveys by or on behalf of interested customers.
March 2009
Customers selected
Customers selected for the program are notified and given information regarding initial participation.
April / May 2009
Readiness/Planning
Online information sessions and conference calls to get familiar with feature set and initiate planning
June 2009
Beta
Deployment in production environment. Product validation and feedback submitted.
Summer
RC
More extensive deployment in production environment. Product validation and feedback submitted.
Win7 plus 90 days
Release to Manufacturing
Upgrade to released build and enterprise-wide deployment.
Please contact sccmtap@microsoft.com with any questions you may have regarding this communication or the nomination process.
Sincerely,
The System Center Configuration Manager Technology Adoption Program team
In his second Screencast Jason Lewis covers finding, managing and importing catalogs:
http://blogs.technet.com/jasonlewis/archive/2009/02/27/screencast-system-center-updates-publisher-finding-managing-importing-catalogs.aspx
Feed: The Operations Manager Support Team Blog
If you've ever said "You know, if I was the one designing System Center Configuration Manager I'd add ____" or "Why did they do it this way? It would be much better like _____" then here's your chance to provide that feedback straight back to the source:
System Center Configuration Manager Study (Remote Survey) (Mar 11-Mar 16, 09) (US based participants Only)
Microsoft User Research is conducting a study focusing on design ideas for the next version of System Center Configuration Manager from March 11 to March 16, 2009. This is a great opportunity for System Administrators to provide feedback and help improve the user experience of the next version of System Center Configuration Manager.
You can participate in this study from anywhere in US (at home or work). We highly value your feedback and will be offering you a gratuity option in appreciation of your time and participation.
We are recruiting individuals:
· Who work with SMS/System Center Configuration Manager to distribute software OR use some other application to distribute software to groups of computers
· At least 500 computers at your organization are managed by you
· Who have not participated in a user research study in past 2 months
· Are based in US and can spare around 1 and half hour to participate in the study
If you are interested in participating, please email us at itusable@microsoft.com with Remote ConfigMgr in subject line.
View article...
When running one of the tasks in the action pane of System Center Operations Manager 2007, the results may be displayed in a window as unformatted XML. This is due to a SQL transform that was added in the RTM (original) version and was changed with Service Pack 1. If you install a slipstream version of OpsMgr SP1 you will not see the issue. Also note that in my experience, simply installing SP1 on top of an RTM installation will not resolve this either - you'll only avoid this if you install a slipstreamed SP1 version from scratch.
If you can't or didn't install a slipstream version of SP1 then you can run the following script in the SQL management studio to correct the issue...
http://blogs.technet.com/operationsmgr/archive/2009/02/19/opsmgr-2007-task-results-may-return-unformatted-xml.aspx
If you need to do this Ben’s script will allow you to do this:
http://blogs.msdn.com/virtual_pc_guy/archive/2009/02/19/script-creating-an-external-virtual-network-with-hyper-v.aspx
In Microsoft System Center Operations Manager 2007 Service Pack 1 (SP1), you may experience one of the following symptoms:
http://support.microsoft.com/default.aspx?scid=kb;en-us;960363
In this blog post Carol walks us through the process of using IPsec to secure an Internet-based Child Primary Site:
http://blogs.technet.com/configmgrteam/archive/2009/02/18/using-ipsec-to-secure-an-internet-based-child-primary-site.aspx
For those of you with access to Microsoft Connect, the ConfigMgr SP2 TAP has just been announced.
To apply and for further details simply goto the ConfigMgr Home Page on Connect:
https://connect.microsoft.com/site/sitehome.aspx?SiteID=16
It’s looking good and can’t wait to get it in my lab ;-)
Due to unforeseen circumstances we’re going to have to postpone our next event planned for the 4th March.
As soon as we get a new date finalised I’ll let you know.
Apologies.
FSPs can be a tad confusing so to help everyone out Carol has put together this blog post that should help:
http://blogs.technet.com/configmgrteam/archive/2009/02/18/the-fallback-status-point-prerequisites-verification-and-troubleshooting.aspx
In this post Rajsekhar Banerjee walks you through deploying a screensaver with ConfigMgr:
http://blogs.technet.com/configurationmgr/archive/2009/02/18/configmgr-2007-how-to-deploy-a-new-screen-saver.aspx
Just to give you a “heads up” that our next event will be taking place on Wednesday March 4th at the Microsoft office in Cardinal Place, London.
At this event Stephen Porter from Microsoft is going to be talking about System Center Data Protection Manager and our very own David Allen is going to be be giving a technical overview of OpsMgr 2007.
We’ll be providing food, plenty of networking opportunities and SWAG giveaways so mark your diaries and we look forward to seeing you there.
As soon as we get the registration link finalised I’ll blog it and we’ll get it added to our home page.
Expression Web
967682 HTML template created in Expression Web is not seen within Expression Media
960715 Microsoft Security Advisory: Update Rollup for ActiveX Kill Bits
967728 You cannot deploy favorites with URLs that contain the % character
954882 You are prompted unexpectedly for credentials after you start Outlook 2003
959614 Description of the Outlook 2003 Junk E-mail Filter update: February 10, 2009
959456 Error message when you try to open an appointment in the calendar after you apply hotfix 955572: "Cannot open this item"
961812 Lotus Notes links are not clickable in Outlook 2007 or in Word 2007
959634 Description of the Outlook 2007 Junk E-mail Filter update: February 10, 2009
960082 MS09-004: Description of the security update for SQL Server 2000 GDR and for MSDE 2000: February 10, 2009
959420 MS09-004: Vulnerabilities in Microsoft SQL Server could allow remote code execution
967092 You cannot apply security update 960082 in a Windows 2000 or Windows Server 2003 environment
967094 ISA Server 2004 and ISA Server 2006 may be affected by the security updates in Microsoft Knowledge Base articles 960082 and 960083
967096 SharePoint users are incorrectly offered a SQL Server 2000 Desktop Engine (Windows) update when they try to install the security update in Microsoft Knowledge Base article 960082
967093 SQL Server 2000 Desktop Engine (Windows) (WMSDE) is uninstalled when you use the "Add or Remove Programs" item in Control Panel to uninstall a security update for SQL Server 2000 and for MSDE 2000
960083 MS09-004: Description of the security update for SQL Server 2000 QFE and for MSDE 2000: February 10, 2009
960089 MS09-004: Description of the security update for SQL Server 2005 GDR: February 10, 2009
967095 The Windows Internal Database (WYukon) is removed when you use the Add or Remove Programs item in Control Panel to uninstall a security update for SQL Server 2005
960090 MS09-004: Description of the security update for SQL Server 2005 QFE: February 10, 2009
967598 Error message when you use the SQL Server Error and Usage Reporting tool on a 64-bit Windows operating system: "The Error Reports Location path name cannot be empty"
967502 After you execute the SqlCeEngine.Compact method against a SQL Server Compact 3.5 client database that is synchronized to a central database server, some changes to the client database may not be uploaded
957634 MS09-005: Vulnerabilities in Microsoft Visio could allow remote code execution: February 10, 2009
955655 MS09-005: Description of the security update for Visio 2003: February 10, 2009
957831 MS09-005: Description of the security update for Visio 2007: February 10, 2009
967941 Navigation is canceled when you browse to Web pages that are in different Internet Explorer security zones
967753 You are unable to change the home page in Internet Explorer 7
961260 MS09-002: Cumulative security update for Internet Explorer
958585 A new set of public APIs lets Internet Explorer 7 add-ons add a "peer" tab thread for opening dialog boxes without unintended dialog suppression
958756 The customized properties for an .msi package installation are reset to their default values after you install Windows Installer 4.5
955986 The operating system may stop responding when you try to put the operating system into S3 sleep after you perform a surprise removal of a USB device on a Windows-based computer
967736 A Tape Backup Medium Changer may not detect properly in the Device Manager
956263 Description of the UDP Port Reservation Utility for Windows Server 2003
960077 Applications or services that call the LSA Kerberos functions by using 32-bit processes encounter an exception and crash in Windows Server 2003 64-bit or Windows XP 64-bit systems
953778 The SMTP service crashes intermittently and event errors 7031 and 1000 are logged on a Windows Server 2003 based-server that is running Exchange Server 2003
967500 The Set path for TS Roaming Profiles and TS User Home Directory Group Policy settings do not work with user environment variables
967887 Terminal Licensing Server may not issue Per Device CALs and event id 1004 is generated
959207 On a Windows Server 2003-based computer, the !heap command does not work when you debug a 32-bit process that runs in a 64-bit operating system
967510 Error message when you try to synchronize Active Directory user objects to ADAM: "Internal Error Occured:MultiByteWideChar"
958702 When you copy large files between two Windows Vista or Windows Server 2008-based computers in a high bandwidth WAN network environment, the copy speed may be very slow
959543 A hotfix is available for users of Windows Services for UNIX and of Utilities and SDK for SUA to incorporate DST changes in Mauritius, in Brazil, in Morocco, in Egypt, and in Argentina
967754 Cross-platform iSCSI boot deployment scenarios are not supported.
959662 The CDS_RESET flag of the ChangeDisplaySettingsEx function does not work as expected in Windows Vista or in Windows Server 2008
967893 Input method editor keyboard shortcut (CTRL+SHIFT+0) switches the input language in Vista
967678 You will be unable to set Stereo Mix as the default audio device after enabling it for the first time
Here's another interesting issue I came across the other day that I thought I would share with you just in case you happen to find yourself in a similar situation. Hopefully if you do then this will help you get all this working the way it should.
Scenario: An RMS in a parent domain and client agents that are domain controllers in a child domain in a DMZ.
The manual agent install goes fine on the clients but the agents never appear in the operators console despite Review New Manual agent installations in pending management View and Auto–approve New manually installed agents settings in SETTINGS—SECURITY –GENERAL.
The following event shows up on the agents:
Event Type: Error Event Source: OpsMgr Connector Event Category: None Event ID: 20070 Computer: DC Description: The OpsMgr Connector connected to <domain>, but the connection was closed immediately after authentication occurred. The most likely cause of this error is that the agent is not authorized to communicate with the server, or the server has not received configuration. Check the event log on the server for the presence of 20000 events, indicating that agents which are not approved are attempting to connect.
This event shows up on the server:
Event Type: Error Event Source: OpsMgr Connector Event Category: None Event ID: 20002 Description: A device at IP <addr> attempted to connect but could not be authenticated, and was rejected.
None of the agents show up in any of the following tables under Opsmgrdb:
Dbo.Mt_Computer Dbo.Mt_healthservice Dbo.Mt_healthservicewatcher dbo.AgentPendingActions
The following powershell command returns nothing:
get-agentpendingaction
The product documentation does not talk much about this scenario other than having port 5723 open from the agent to the server:
http://technet.microsoft.com/da-dk/library/cc540431(en-us).aspx
Regardless, what I’ve found is that we also need to have port 88 and port 389 opened between the agent and the RMS if they’re separated by a firewall. This has worked for me just about every time I’ve found myself in this situation.
Hope this helps,
Rohit Kaul
Welcome to the Microsoft Security Communications Centre. This centralised online hub lets you quickly and easily sign up for the free Microsoft Security Notification Service and the free Microsoft Security Newsletter—two important components in our ongoing effort to provide regular and relevant information about the latest security issues…
http://www.microsoft.com/uk/security/newsletter_signup.mspx