An ordinary guy trying to make a difference
From the System Center Configuration Manager Team Blog:
The Configuration Manager documentation library (http://technet.microsoft.com/en-us/library/bb680651.aspx) has been updated on the Web and the latest content on the Web has Updated: January 1, 2010 at the top of the topic.
This month's updates contain an updated support statement that in-band provisioning for AMT-based computers is now supported on client computers running Windows 7. We have also updated topics to incorporate customer feedback. We do value customer feedback and try to incorporate it when possible. Although we can't promise to make the docs perfect for everybody, we are committed to continual improvement. So, keep that feedback coming, and feel free to contact us about anything related to the documentation by using our usual address of SMSDocs@Microsoft.com.
What's New in the Configuration Manager Documentation Library for January 2010
The following information lists the topics that contain significant changes since the December 2009 update.
Configuration Manager 2007 SP2 Supported Configurations
- Removal of the statement that in-band provisioning is not supported on Windows 7. This topic also has an updated section about BranchCache, to clarify its integration with Configuration Manager 2007 SP2.
Certificate Requirements for Native Mode
- Updated for the client authentication certificate that might be used with an operating system deployment in native mode. This certificate must have a unique value for the Subject Name and unlike the client authentication certificate that is used by native mode clients, it does not support a certificate SAN value.
Troubleshooting Management Point Communication
- Updated for clarity and with a warning that before running the MPCERT and MPLIST tests in a native mode site, a certificate must be imported into the browser.
Overview of Configuration Manager Client Deployment
- Updated the upgrade installation information with the clarification that you cannot use task sequences to upgrade the Configuration Manager client.
Configuration Manager 2007 SP2 Upgrade Checklist
- Updated with the clarification that clients do not automatically upgrade when the site is upgraded, and you must take manual steps to ensure that clients are upgraded. This checklist also has a new step to back up a customized SMS_def.mof prior to the upgrade because this file is overwritten by Setup.
How to Export Certificates For Use With Operating System Deployment
- Updated to correct a step out of sequence.
How to Set a Maintenance Window
- Updated to clarify how the Maximum allowed run time value is evaluated by maintenance windows. This clarification is also added to Program Name Properties: Requirements Tab.
How to Re-run an Advertisement
- Updated to clarify the differences between original advertisement schedules and those created by the Re-Run Advertisement action. This clarification is also added to How to Assign a Mandatory Advertisement and the Troubleshooting section "Advertisements Created by Using Rerun Advertisement Might Run at the Wrong Time" in Troubleshooting Software Distribution Issues.
Modifying the Default Configuration Manager SMS_def.mof File Before Upgrading
- Updated to clarify that service pack upgrades to the Configuration Manager site removes any custom edits to the SMS_def.mof file. This information is incorporated into the upgrade checklist topics as an additional step to back up a customized SMS_def.mof file for reference before the upgrade, and then edit the SMS_def.mof on the site server after verifying the site upgrade.
Deployment Package Name Properties: Data Access Tab
- Updated with the important information that specifying a share distribution folder that is already in use can result in data loss. This information is also added to the following topics: Download Updates Wizard: Data Access Page, Boot Image Properties - Data Access Tab, Operating System Images - Data Access Tab, and Operating System Install Packages - Data Access Tab.
Remove Package Page
- Updated with the information that the Select Group button is not used in Configuration Manager 2007.
Troubleshooting Configuration Manager Console Issues
- Updated the Troubleshooting issue "Error Message: This Function Is Not Supported on This Site System" with a second solution to verify that the account has read and execute permissions on the Configuration Manager installation folder on the site server.
Configuration Manager Client General Issues
- Updated for the new Troubleshooting issue "Available Cache Space and Location is Displayed Incorrectly on 64-Bit Configuration Manager Clients".
Operating System Deployment Task Sequence Variables
- Updated with the new task sequence variable _SMSTSTimezone.
Ports Used by Configuration Manager
- Updated with the clarification that the ports used by the software update point do not have to be the same throughout the hierarchy.
-- The Configuration Manager Writing Team
http://blogs.technet.com/configmgrteam/archive/2010/01/29/announcement-configuration-manager-documentation-library-update-for-january-2010.aspx
Internet Explorer 6.0
978207 MS10-002: Cumulative security update for Internet Explorer
978722 After the installation of security update 974455 or 976325, Internet Explorer 6 may stop responding (hang) when accessing Web sites that provide compressed content
975916 The custom form of a meeting request is not used in the recipients' calendar in an Exchange Server 2007 environment
978803 Some formatting is not displayed or is displayed incorrectly when you preview an Office Word document that is attached to an e-mail message in Office Outlook 2007 or in Outlook 2010
976899 FIX: A slipstream installation of SQL Server 2008 fails intermittently
976379 FIX: A performance issue occurs when you perform a partition merge operation to move data between partitions in SQL Server 2008
200953 No VSS writers are listed when you run vssadmin list writers on Windows Server 2008
977305 A Java application crashes when it connects to SQL Server 2008 by using Java Database Connectivity Driver 2.0
974014 Compatibility Pack for SMS 2003 SP3 that adds Windows 7 and Windows Server 2008 R2 as supported clients
978729 The Back button and the Forward button in Windows Internet Explorer 8 do not work correctly
979664 The BACKSPACE, DELETE, and TAB keys do not work in a customized Explorer Bar in Windows Internet Explorer 8
978723 Internet Explorer 8 opens a URL that links to a Microsoft Office file from the Temporary Internet Files folder
979672 A hyperlink in a 64-bit application starts a 64-bit version of Internet Explorer 8
979666 The cookie information for a domain is not displayed correctly in Windows Internet Explorer 8
978724 Windows Internet Explorer 8 crashes when you try to remove some add-ons by using the Manage Add-ons dialog box
979665 Error message in Mshtml.dll occurs when you use Windows Internet Explorer 8 on a computer that is running Windows 7: "Event ID: 1000"
978725 The Window.open method in a WebBrowser control application returns NULL in Internet Explorer 8
979667 A table that contains a People Picker control is not pasted correctly in Microsoft Office InfoPath 2007
You spoke, we listened. Thanks for your feedback on the Solution Accelerators newsletter. For the next few months, we'll be experimenting with the structure and content of this publication to better incorporate your comments. Stay tuned, and continue to tell us what you think!
Solution Accelerators for the New Year
Our 2010 resolution: Continue providing Microsoft Partners with free tools to help lower costs and build your business!
Join a Beta Review Program
Opening soon: Beta review program for new Security Compliance Manager! This new tool provides centralized security baseline management features, a security settings database, customization capabilities, and security baseline export flexibility to accelerate an organization's ability to efficiently manage the security and compliance process for the most widely used Microsoft technologies. Join the Security Compliance Manager Beta, and help the security team build this offering to best meet the needs of you and your customers. The beta will launch in early February 2010; participants will be notified via e-mail when the materials are available. Existing members, bookmark this link.
Provide feedback and influence the development of MOF Management Reviews. These resources will enable you to help your customers ensure that their IT services are on track to deliver expected business value. The first management reviews in the series include Portfolio, Release Readiness, and Operational Health. Join the MOF Beta, and use this opportunity to influence the development of MOF Management Reviews. Already a member? Bookmark this link to preview the beta release.
Download New Solution Accelerators
Enable successful Forefront UAG implementation with the new Infrastructure Planning and Design (IPD) guide. The newly released IPD guide for Forefront Unified Access Gateway (Forefront UAG) takes you through the logical three-step planning and design process of selecting the Forefront UAG features required, determining the number of instances, and designing the infrastructure. Download this key guidance, and help your customers successfully implement Forefront UAG.
Get the most from Microsoft technologies with MOF Reliability Workbooks. These resources provide the knowledge necessary to keep technologies running smoothly so you can deliver the services your customers expect. The first workbooks in the series address Microsoft Active Directory, System Center Operations Manager and Virtual Machine Manager, Hyper-V, and Windows Server 2008 R2. Download the MOF Reliability Workbooks, and help your customers start getting the most from their technologies.
New release of Offline Virtual Machine Servicing Tool (OVMST) 2.1 creates big buzz in December! We're seeing a huge uptake for this Solution Accelerator, which helps you safely update customers' offline virtual machines without introducing vulnerabilities into their IT infrastructure. The new version supports the R2 wave! Get all the info, and download OVMST 2.1 here.
Take Advantage of Additional Resources
40,000 IT pros have viewed these short "how-to" videos about Service Level Dashboard! See for yourself how this free, fully-supported Solution Accelerator can help you keep mission-critical applications up and running at peak performance. View the SLD overview; How to install SLD; and How to configure SLD. You can also download the dashboard for free!
[Today's post is provided by Levi Stevens]
Last year we added support for the new Windows Embedded Standard 2009 platform to Configuration Manager 2007. Until our online documentation at Tasks for Managing Configuration Manager Clients on Windows Embedded Devices is updated, we are bringing you the few key things that you need to know:
We will follow up this with another blog post we are working on that will document how to extend Hardware Inventory to create collections and report on specific versions of Windows Embedded family operating systems. So keep your eyes peeled.
Prerequisites for using the Configuration Manager 2007 Client on Windows Embedded Devices
Before you install and use the Configuration Manager 2007 client on devices running the Windows Embedded operating system, ensure that the following prerequisites are in place:
General Prerequisites
When building your Windows Embedded image in Microsoft Target Designer, ensure that the following components are included:
Note:
The Configuration Manager 2007 advanced client prerequisites macro component is included Windows Embedded Standard 2009 and can be selected in Microsoft Target Designer. To install the Configuration Manager 2007 client on devices running Windows XP Embedded, you must first download the System Center Configuration Manager 2007 Advanced Client pre-requisites macro component for Windows XP Embedded from http://www.microsoft.com/downloads/details.aspx?familyid=7e7128f7-43d8-48d0-85bc-ca971e2fbc8a&displaylang=en&tm.
Prerequisites when using the File Based Write Filter
Configure the following exceptions if you want to use the File Based Write Filter (FBWF) to persist the state of the Configuration Manager 2007 client between device restarts.
Registry Exceptions
Configure the following registry exceptions using the Embedded Designer as you create your image:
File Exceptions
Configure the following file exceptions using the File Based Write Filter after installing the Configuration Manager 2007 client:
For detailed information about building images and configuring write filters, see your Windows Embedded documentation.
-- Levi Stevens
http://blogs.technet.com/configmgrteam/archive/2010/01/25/things-you-need-to-know-when-using-windows-embedded-standard-2009.aspx
From TechNet Edge:
In the previous posts we discussed the path to deploying Windows 7, including application compatibility and image creation. In this post we’ll discuss the methods for deploying Windows 7 to clients.
First, let me explain the terms and tools you may have heard about. In the previous posts and other articles you will hear about the Windows Automated Installation Kit (AIK) for Windows 7 , and that the role this plays in the deployment process is primarily for tools. It is advertised as “tools and documentation”, and it does exactly what it says in that documentation. It’s also useful for low-volume deployments. The 3 scenarios within the documentation reflect this;
Unless you are performing the lowest of the low volume installs for example, a friend or families machine, you will need the WAIK.
Now, here’s the other tool you may read about, Microsoft Deployment Toolkit (MDT) 2010. The MDT is a solution accelerator and is different from the WAIK. So what does it provide? To quote a couple of paragraphs from the Windows 7 Resource kit, extracts of which can be download for free as an e-book,
“Microsoft Deployment Toolkit 2010 (MDT 2010) is a holistic approach to desktop deployment, bringing together the people, processes, and technology required to perform highly successful, repeatable, and consistent deployment projects….Although the Windows AIK 2.0 provides essential imaging tools, the Microsoft Deployment Toolkit (MDT) 2010 is a complete deployment framework that provides end-to-end guidance for planning, building, and deploying Windows 7 images. MDT 2010 takes full advantage of the Windows AIK 2.0”
So basically, WAIK provides the tools, and MDT takes those tools and reduces their complexity by integrating them into a wizard-based process. Now, how do you get Windows 7 onto a client? Let’s start with the basic scenario as scoped out in the WAIK and then we will build up and include the MDT.
Install from Media.
This is very straightforward and relies mainly on using the Windows 7 media to perform the install. Where this differs from say, installing a friend’s PC, is that the idea is to create a repeatable process. So the first step is to use the Windows System Image Manager (Windows SIM) tool within the WAIK to create what is called a configuration set. This set comprises an answer file and additional source files, such as custom drivers and applications, needed to complete your installation. You store this on removable media, such as a flash drive, insert it in the destination computer and boot from the media. Once installed, you use Sysprep to generalize the install ready for shipping. This method is very easy and straightforward, ideal for very low volume.
Installing from the Network
Installing from the network has similarities with installing from media. You can use the Install from Media process to create the reference machine. At this point, instead of shipping the machine to the client you can customize the reference machine by installing applications for example. Once you are happy with the reference image, you simply use the capture tools in WAIK to copy the image to a network share. To install the image on a destination computer, boot that computer using Windows PE, connect to the share and use the image tool ImageX to apply the image. This is a little more hands on than the Media version, but you do get a much more customized image, and it can be quicker than installing from media. It is, however, the simplest network solution and does require hands on. As we move on you will be able to compare this to more automated deployments.
Deploy from Server
Finally, the last scenario described in the WAIK is deployment from server. This scenario is more or less identical to the Network option above. The difference comes with the use of a server with the Windows Deployment Server (WDS) role installed. This role provides the ability to store images centrally and respond to client machine requests when booted using Pre-Boot Execution Environment (PXE). The client receives a menu showing them what images are available, they select the image and the installation proceeds. WDS provides the technology necessary to capture and remotely deploy custom operating system images. In some organizations this may be enough. What WDS does not provide is end-to-end technology or the guidance for high-volume deployment projects. It also does not provide tools or guidance for customizing the custom images you deploy with settings, applications, device drivers, and so on. Bridging this gap is where MDT 2010 comes in.
Using the Microsoft Deployment Toolkit 2010
We have now covered the basic deployment scenarios, and we’ve also reached the limits of what the WAIK can do out of the box. So let’s discuss MDT and the functionality it brings. When I asked the Deployment team about this post and MDT they summed it up as, “It [MDT] is the integration of all disparate deployment and migration tools. It provides the glue to facilitate an end-to-end automated migration from Windows XP”.
The two major components MDT brings to the table are the documentation and the solution framework. The documentation has technical guides, references, and quick-start guides; the solution framework contains the files and tools that allow you to create highly customized deployments.
MDT supports 4 deployment scenarios:
You can pick and choose the scenarios to use, and once chosen you have a choice of two deployment methods with MDT:
The initial process when using either LTI or ZTI is roughly the same, it’s also very similar to the process you would follow above when creating and deploying images from either a network location or from WDS.
What makes the MDT a must have for high-volume deployment scenarios is the inclusion of these scripts, and the wizard-based console. Together they take all the complexity out of the standard WAIK tools, and save you hours in building your deployment environment
Over the three posts we wanted to get over the massive changes there has been in the deployment resources and tools. We’ve covered the help available to plan deployments, how to get your applications to run on Windows 7, and the tools available to perform highly customized Windows 7 deployments of all sizes.
http://edge.technet.com/Media/Deploying-Windows-7/
From the Configuration Manager Writers - Announcements, Comments and other Stuff blog:
In case you missed them, the following posts were published on the System Center Configuration Manager Team Blog for the time period December 12th, 2009 – January 25th, 2010:
Known Issue: Logging Information for Native Mode Certificate Selection
Manually creating a Microsoft License Statement File for Import into Asset Intelligence
Announcement: Configuration Manager Documentation Library Update for December 2009
Known Issue: Supernets in Active Directory Sites Used as Site Boundaries
Insider's Guide to Troubleshooting Client Content Download in Configuration Manager 2007
http://blogs.technet.com/wemd_ua_-_sms_writing_team/archive/2010/01/25/round-up-of-new-posts-on-the-configuration-manager-team-blog-decmeber-12th-2009-january-25th-2010.aspx
This bulletin summary lists the out-of-band security bulletin released on January 21, 2010.
The full version of the Microsoft Security Bulletin Summary for January 2010 can be found at http://www.microsoft.com/technet/security/bulletin/ms10-jan.mspx.
With the release of the out-of-band bulletin on January 21, 2010, this bulletin summary replaces the out-of-band bulletin advance notification originally issued on January 20, 2010. The revised bulletin summary Web page includes the out-of-band security bulletin as well as the security bulletin already released on January 12, 2010. For more information about the bulletin advance notification service, see http://www.microsoft.com/technet/security/Bulletin/advance.mspx.
To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications on http://www.microsoft.com/technet/security/bulletin/notify.mspx.
Microsoft will host a webcast to address customer questions on the out-of-band bulletin on January 21, 2010, at 1:00 PM Pacific Time (US & Canada). Register for the Security Bulletin Webcast at http://www.microsoft.com/technet/security/bulletin/summary.mspx.
Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.
Critical Security Bulletins Microsoft Security Bulletin MS10-002 - Affected Software: - Internet Explorer 5.01 Service Pack 4 when installed on Microsoft Windows 2000 Service Pack 4 - Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4 - Internet Explorer 6 for Windows XP Service Pack 2 and Windows XP Service Pack 3 - Internet Explorer 6 for Windows XP Professional x64 Edition Service Pack 2 - Internet Explorer 6 for Windows Server 2003 Service Pack 2 - Internet Explorer 6 for Windows Server 2003 x64 Edition Service Pack 2 - Internet Explorer 6 for Windows Server 2003 with SP2 for Itanium-based Systems - Internet Explorer 7 for Windows XP Service Pack 2 and Windows XP Service Pack 3 - Internet Explorer 7 for Windows XP Professional x64 Edition Service Pack 2 - Internet Explorer 7 for Windows Server 2003 Service Pack 2 - Internet Explorer 7 for Windows Server 2003 x64 Edition Service Pack 2 - Internet Explorer 7 for Windows Server 2003 with SP2 for Itanium-based Systems - Internet Explorer 7 in Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2 - Internet Explorer 7 in Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2 - Internet Explorer 7 in Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected) - Internet Explorer 7 in Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected) - Internet Explorer 7 in Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2 - Internet Explorer 8 for Windows XP Service Pack 2 and Windows XP Service Pack 3 - Internet Explorer 8 for Windows XP Professional x64 Edition Service Pack 2 - Internet Explorer 8 for Windows Server 2003 Service Pack 2 - Internet Explorer 8 for Windows Server 2003 x64 Edition Service Pack 2 - Internet Explorer 8 in Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2 - Internet Explorer 8 in Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2 - Internet Explorer 8 in Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected) - Internet Explorer 8 in Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected) - Internet Explorer 8 in Windows 7 for 32-bit Systems - Internet Explorer 8 in Windows 7 for x64-based Systems - Internet Explorer 8 in Windows Server 2008 R2 for x64-based Systems (Windows Server 2008 Server Core installation not affected) - Internet Explorer 8 in Windows Server 2008 R2 for Itanium-based Systems - Impact: Remote Code Execution - Version Number: 1.0
979352 Microsoft Security Advisory: Vulnerability in Internet Explorer could allow remote code execution
201282 MOM 2005 Reports have incorrect date values on the X-axis
977840 Description of the Office Outlook 2003 Junk E-mail Filter update: January 12, 2010
977839 Description of the Office Outlook 2007 Junk E-mail Filter update: January 12, 2010
977231 A canceled meeting is displayed unexpectedly in a manager's calendar in Office Outlook 2007
977444 Cumulative update package 9 for SQL Server 2008
200819 Issues to consider when changing the default value of network packet size for SQL server connections
977443 Cumulative update package 6 for SQL Server 2008 Service Pack 1
201169 Updating a SQL Server 2008 cluster may fail on Cluster_IsOnlineIfClustered rule when using WSUS.
977813 A version of Microsoft SQL Server 2008 Express that supports the .NET Framework 4 Beta 2 is available at Microsoft Download Center
201413 SQL Server 2008 setup may fail with "Setup Failure in SetupActionName: " error message
975374 FIX: The check phase of the WMI service fails when you set up a SQL Server 2008 cluster
978250 FIX: Deadlocks may occur when you run multiple jobs concurrently to rebuild indexes offline in SQL Server 2008
976991 FIX: The LogReader agent unexpectedly consumes all CPU resources when the agent handles a failed connection in a SQL Server 2008 transactional replication
978301 FIX: All CPU resources are used when you use Connector for SAP BI in an SSIS 2008 package
977097 FIX: Error message when you make a DDL change to an IDENTITY column and then synchronize the change to the subscriber in SQL Server 2008: "Incorrect syntax near the keyword 'IDENTITY' (Source: MSSQLServer, Error Number: 156)"
978190 FIX: You receive error message 8630 when you run a query on a SQL Server 2008 server that is under memory pressure
978108 FIX: Some nTEXT, NTEXT, or IMAGE data whose size is not greater than 80 bytes cannot be replicated correctly in a transactional replication after you upgrade SQL Server 2000 to SQL Server 2008
977076 FIX: Error message when you run an ALTER INDEX statement on a table that has CDC enabled in SQL Server 2008: "Msg 22983: The unique index on source table is used by Change Data Capture"
976316 FIX: You receive error message 8672 when you run a MERGE statement in SQL Server 2008
977889 FIX: Error message when you try to run an SSIS 2008 package that contains a Flat File source and a text qualifier uses some special characters that are not supported by the W3C XML language specification: "An invalid character was found in text content"
975058 FIX: Connector 1.0 for SAP BI throws an exception when data is being loaded in parallel in a SSIS 2008 package
978020 FIX: Only the first 2000 characters are returned by the fn_get_audit_file() function when you use it to obtain the information of an audit file in SQL Server 2008
978629 FIX: Error message when you use the system_health Extended Event session to capture a deadlock graph in SQL Server 2008: "Msg 9436: XML parsing: line 54, character 12, end tag does not match start tag"
978504 FIX: An insert operation fails when you insert data from one database into another database when the destination database contains a user-defined data type in SQL Server 2008
974901 MXDW crashes when you run Print Driver Stress Test in Windows Vista SP2 or Windows Server 2008 SP2
972270 MS10-001: Vulnerability in the Embedded OpenType Font Engine could allow remote code execution
978909 The wrong fonts appear in Web pages, in printed Word documents, or in printed PowerPoint presentations after you install security update 961371
978258 USB devices that are connected to a computer may not work after the computer is idle for more than one hour Windows 7 or in Windows Server 2008 R2
977392 Error message when you press CTRL+SHIFT+F3 to enter audit mode from the OOBE Wizard in Windows 7 or in Windows Server 2008 R2
977692 The Lsass.exe process exits unexpectedly on a domain controller that is running Windows Server 2008 R2 after a password is synchronized in Identity Management for Unix (IDMU)
977132 Error message when you click the "Control whether Narrator starts when I log on" link in the "Microsoft Narrator" dialog box during the setup process of Windows 7 or Windows Server 2008 R2
One of biggest problems I have is finding and keeping up-to-date with the ever increasing mountain of information “out there”. This recently came to a head when for some bizarre reason I lost all of my RSS feeds in Outlook. It was more than a chore to add these all back in again and it got me thinking “wouldn’t it be great if there was a way of centralising and consolidating all of my feeds?”.
Well you know if I do something I think will be of use to others I like to share.
I’ve also been looking at Social Networking (which I didn’t “get”until recently), and I’ve been Tweeting away and have created a FAQShop Facebook Group. Now “wouldn’t it be cool” I thought “to try and stitch this all together?”
Well that’s exactly what I’m aiming to do.
The first piece of the jigsaw is seeking out and consolidating RSS feeds for the System Center family and other sources I fell will be of use and that what exactly I’ve done in creating the FAQShop Twitter feed which you can access at:
http://twitter.com/FAQShop
If you’re a Twitter user/ fan then feel free to follow FAQShop. If you’re not a Twitter user or would prefer to subscribe to the RSS feed then the link is on the right or you can just click here:
http://twitter.com/statuses/user_timeline/102016867.rss
I’d welcome your comments and feedback and if you’ve got any suggestions for feeds then feel free to contact me(cliff [AT] faqshop.com).
Enjoy and hope you find it useful.
BTW - I’ll keep you posted on the new FAQShop Facebook Page I’m creating and progress on the rewrite of FAQShop itself.
I’m delighted to be able to blog about this Press Release I just received from my very good friend Garth Jones – congratulations to you my friend.
FOR IMMEDIATE RELEASE
January 19th 2010, Ottawa, Ontario
Contact: Garth Jones Chief Architect Enhansoft
Tel: 613-297-0245
Email: Garth@Enhansoft.com
Enhansoft Goes Gold!
Ottawa, Ontario, Canada, January 19, 2010--- Enhansoft Inc., a leading developer of System Center Configuration Manager solutions, was awarded Microsoft Gold Certified Partner status on January 15th 2010. Holding the Systems Management competencies confirms Enhansoft’s commitment to Microsoft customers and technologies.
Microsoft Gold Certified Partners have access to exclusive resources and early product information. The program includes direct access to Microsoft staff, product support, new products and technologies, and planning tools and events on the latest Microsoft product developments and future direction.
“Our new partnership provides us greater access to the Microsoft System Center team. Our dedication to providing the best solutions and support in the industry has paid off. ”
Garth Jones Chief Architect
About Enhansoft Inc. Enhansoft, a Microsoft Gold Certified Partner, specializes in providing software solutions and consulting services within the system management area focusing on Microsoft System Center products. Maximize the potential of your systems, the productivity of the company workforce and, best of all, the impact on the bottom line.
Our products have a worldwide reputation for extending and enhancing Microsoft technologies by leveraging Microsoft System Center Configuration Manager (ConfigMgr / SCCM) & Systems Management Server (SMS) technologies to extend their asset information and reporting capabilities.
Enhansoft professional services bring together a deep product knowledge of system management focused on Microsoft System Center products.
Our Clients Benefit From:
Our Focus - We specialize in the system management area, focusing on Microsoft System Center products with an emphasis on asset management.
Our Experience - The team at Enhansoft combines real-world system management experience with high-level programming expertise to design software that is easy to implement and has an immediate impact on workload and company bottom line.
Our professional services team helps customers realize value within their system management environment. Many of our consultants have more than 10 years of experience within system management area, are leaders in their respective IT communities and user groups, and have presented at such conferences as Microsoft Management Summit, Techdays, and EnergizeIT.
Our Expertise - Our products and services are designed for ConfigMgr experts by ConfigMgr experts.
From global corporations to institutes of higher learning and public school systems, to global government agencies, Enhansoft has the software and expertise to help any organization realize the long-term efficiencies and cost savings associated with asset management. Our headquarters are located in Ottawa, Ontario, Canada with remotes offices in Chicago, Illinois. We leverage hands-on experience, as well as client feedback to continually refine our products. We also work with a network of partners — including software resellers and consulting firms — who recommend our products, service and expertise to their own clients.
www.Enhansoft.com
Enhancing Your Business
In the previous post we looked at the key information and first steps required to perform a successful deployment of Windows 7, and we looked in some detail at one of the main concerns organizations have when deploying a new OS; application compatibility. In this post we’ll look at the resources available to help prepare for the actual deployment of Windows 7.
Efficient deployment of a Windows OS to many different machines usually involves using an image. Until very recently that image was a sector-based image and organizations usually had one for each type of client hardware they own.
Today we have file-based images in the Windows Imaging Format (WIM). This format offers a number of advantages over sector-based images, such as being hardware agnostic within processor architecture, e.g. you will need separate images for x86 and x64 processors. WIMs are usually smaller than their sector-based image equivalent and easier to maintain and patch. You don’t need hundreds of WIMs to support your client hardware base, and they allow for more flexible deployment options. Along with this new image format comes a slew of new tools and documentation to help create and maintain them. The main tool is the Windows Automated Installation Kit (AIK) for Windows 7. I called it a tool; in fact it’s a suite of tools and documentation to help with image creation and maintenance.
The one thing that hasn’t changed over the years is the concept; regardless of whether you use sector-based images or file-based images you do start with a reference machine, prepare it for capture, and then capture it. What has changed is the way you do this and the strategy you follow. In the article Choosing an Image Strategy and Building Windows 7 System Images, the 3 primary strategies for imaging are discussed. In brief, these are “Thick”, “Thin”, and “Hybrid”.
A “Thick” image is one that contains the OS and all applications you want to have available as soon as the imaging process is complete. As the name suggests, it’s the bigger of the imaging strategies.
A “Thin” image is effectively the opposite of “Thick”, containing the very basic information, leaving other items like the applications to be handled at deployment time.
Finally, “Hybrid” is a combination of the other two, where core applications needed for immediate use are installed, and others are handled at deployment time or later.
Which one to use depends on your requirements, but the tools to create the images for the three strategies are the same. The core tools are Windows PE, SysPrep, ImageX, and DSIM (Deployment Image Servicing and Management). These tools, in order, allow you to boot a machine to install Windows 7, prepare it for capture and deployment, capture the image ready for deployment, and then subsequently maintain it. I could write about the process, even point you to the training kit for Configuring Windows 7; (Imaging is approximately 13% of exam 70-680), but it’s better to see it in action. To see these tools in action watch the following videos: Sysprep and ImageX being used to generalize and capture a custom and DSIM servicing an offline mounted Windows 7 image.
The creation and maintenance of images these days is pretty straightforward and certainly a lot more efficient. If you are not using file-based Windows Image format (WIM), download and read over this: Deployment A-Z for Windows 7. Once you have you images ready, the next step is to get them onto the clients. In the final post we will look at ways to get the image file onto a client machine.
http://edge.technet.com/Media/Building-Windows-7-Images/
Why are items like mapped drives and network printers not migrated using MDT 2010 and USMT 4.0? [15/01/10] Contributed By: Cliff Hobbs [MVP ConfigMgr/ SMS] If you're attempting to backup items like mapped drivers and network printers using MDT 2010 and USMT 4.0 it may not work "out of the box" but you can easily fix it...
Security Advisory Released Today * Microsoft Security Advisory (979352) - Title: Vulnerability in Internet Explorer Could Allow Remote Code Execution - http://www.microsoft.com/technet/security/advisory/979352.mspx - Revision Note: Advisory published.
Full Title: Network drives and network printers are not migrated when you use Microsoft Deployment Toolkit 2010 with the User State Migration Tool (USMT) 4.0
You back up the user state on a client computer by using Microsoft Deployment Toolkit 2010 together with User State Migration Tool (USMT) 4.0 that is included with Windows Automated Installation Kit (AIK) for Windows 7. However, items such as mapped network drives and network printers are not migrated from the source computer.
http://support.microsoft.com/kb/977565
[Today's post had been contributed by Bhaskar Krishnan]
Software distribution in Configuration Manager 2007 starts with creating a package and ends when the package content installs on the client. However, there are quite a few steps in between and the content download process is usually where customers encounter most problems. Here are some examples from the TechNet forums:
This blog post offers a troubleshooting guide for customers to diagnose some of the frequently encountered issues relating to client content download problems. It outlines the scenario, then takes you through how to track the various processes involved from when the client downloads policy to when the client installs the software.
Step 1: Tracking the Advertisement on the Client
This scenario assumes that the package has been successfully distributed to a standard distribution point, an advertisement for this package is targeted to a collection, and for troubleshooting purposes, debug logging is enabled on both the client and the management point. For instructions how to configure debug logging, see http://support.microsoft.com/kb/833417.
When client policy is triggered, clients in the targeted collection get the advertisement. If you need instructions to initiate client policy, see How to Initiate Policy Retrieval for a Configuration Manager Client.
For more information about the log files mentioned and their locations, see List of Log Files in Configuration Manager 2007.
Start with the log file execmgr.log on the client and search for the advertisement ID. You should see references to the advertisement ID in this log that looks similar to the following:
<![LOG[CExecutionManager::HandleMessage received message: '<?xml version='1.0' ?> <SoftwareDeploymentMessage MessageType='Execution'> <AdvertisementID>CAR20000</AdvertisementID> <PackageID>CAR00003</PackageID> <ProgramID>TestProgram</ProgramID> <HistoryLocation>Machine</HistoryLocation> </SoftwareDeploymentMessage>'
<![LOG[CExecutionManager::HandleMessage received message: '<?xml version='1.0' ?>
<SoftwareDeploymentMessage MessageType='Execution'>
<AdvertisementID>CAR20000</AdvertisementID>
<PackageID>CAR00003</PackageID>
<ProgramID>TestProgram</ProgramID>
<HistoryLocation>Machine</HistoryLocation>
</SoftwareDeploymentMessage>'
After confirming that the client has received the advertisement, open the log file LocationServices.log on the client. If the advertisement requires content to be downloaded, the client asks its management point for a list of URLs where this content is available. The LocationServices.log file logs this content location request sent by the client. Search for this by using the PackageID value that was referenced in execmgr.log. It will look similar to the following:
ContentLocationRequest : <ContentLocationRequest SchemaVersion="1.00"><Package ID="CAR00003" Version="1"/><AssignedSite SiteCode="PS2"/><ClientLocationInfo LocationType="SMSPackage" UseProtected="0" AllowCaching="0" BranchDPFlags="0" UseInternetDP="0" AllowHTTP="1" AllowSMB="1" AllowMulticast="1" AllowFileStreaming="0"><ADSite Name="CorpHQ"/><IPAddresses><IPAddress SubnetAddress="A.B.C.D" Address="A.B.C.E"/></IPAddresses></ClientLocationInfo></ContentLocationRequest>
After receiving this content location request, the management point responds with a content location reply, containing a list of URLs. You can use the log file MP_Location.log file on the management point to track both the request (ContentLocationRequest xml segment) and the response (ContentLocationReply xml segment).
When the management point returns a valid list of URLs for the client to download the content, it will look similar to the following:
MP LM: Message Body : <ContentLocationRequest SchemaVersion="1.00" ExcludeFileList=""><Package ID="CAR00003" Version="1"/><AssignedSite SiteCode="PS2"/><ClientLocationInfo LocationType="SMSPackage" UseProtected="0" AllowCaching="0" BranchDPFlags="0" UseInternetDP="0" AllowHTTP="1" AllowSMB="1" AllowMulticast="1" AllowFileStreaming="0"><ADSite Name="MyADSite"/><IPAddresses><IPAddress SubnetAddress="A.B.C.D" Address="A.B.C.E"/></IPAddresses></ClientLocationInfo></ContentLocationRequest> MP_LocationManager 10/14/2009 10:52:08 AM 4768 (0x12A0) UID not found MP_LocationManager 10/14/2009 10:52:08 AM 4768 (0x12A0) MP_GetContentDPInfoUnprotected (CAR00003,1,PS2,SMSPackage,00000000) MP_LocationManager 10/14/2009 10:52:08 AM 4768 (0x12A0) WriteContentDPInfo MP_LocationManager 10/14/2009 10:52:08 AM 4768 (0x12A0) MP LM: Reply message body: <ContentLocationReply SchemaVersion="1.00"><ContentInfo PackageFlags="0"/><Sites><Site><MPSite SiteCode="PS2" MasterSiteCode="PS2" SiteLocality="LOCAL"/><LocationRecords><LocationRecord><SMBPath Name="\\[ServerName]\SMSPKGC$\CAR00003"/><URL Name="http://[ServerName/SMS_DP_SMSPKGC$/CAR00003" Signature="http://[ServerName]/SMS_DP_SMSSIG$/CAR00003.1.tar"/><ADSite Name=""/><IPSubnets><IPSubnet Address=""/><IPSubnet Address=""/></IPSubnets><Metric Value=""/><Version>6221</Version><Capabilities SchemaVersion="1.0"/><ServerRemoteName>NOVA42306.NOVA42304DOM.net</ServerRemoteName><DPType>SERVER</DPType></LocationRecord></LocationRecords></Site></Sites></ContentLocationReply> MP_LocationManager 10/8/2009 2:42:56 PM 5408 (0x1520)
MP LM: Message Body : <ContentLocationRequest SchemaVersion="1.00" ExcludeFileList=""><Package ID="CAR00003" Version="1"/><AssignedSite SiteCode="PS2"/><ClientLocationInfo LocationType="SMSPackage" UseProtected="0" AllowCaching="0" BranchDPFlags="0" UseInternetDP="0" AllowHTTP="1" AllowSMB="1" AllowMulticast="1" AllowFileStreaming="0"><ADSite Name="MyADSite"/><IPAddresses><IPAddress SubnetAddress="A.B.C.D" Address="A.B.C.E"/></IPAddresses></ClientLocationInfo></ContentLocationRequest>
MP_LocationManager 10/14/2009 10:52:08 AM 4768 (0x12A0)
UID not found MP_LocationManager 10/14/2009 10:52:08 AM 4768 (0x12A0)
MP_GetContentDPInfoUnprotected (CAR00003,1,PS2,SMSPackage,00000000) MP_LocationManager 10/14/2009 10:52:08 AM 4768 (0x12A0)
WriteContentDPInfo MP_LocationManager 10/14/2009 10:52:08 AM 4768 (0x12A0)
MP LM: Reply message body: <ContentLocationReply SchemaVersion="1.00"><ContentInfo PackageFlags="0"/><Sites><Site><MPSite SiteCode="PS2" MasterSiteCode="PS2" SiteLocality="LOCAL"/><LocationRecords><LocationRecord><SMBPath Name="\\[ServerName]\SMSPKGC$\CAR00003"/><URL Name="http://[ServerName/SMS_DP_SMSPKGC$/CAR00003" Signature="http://[ServerName]/SMS_DP_SMSSIG$/CAR00003.1.tar"/><ADSite Name=""/><IPSubnets><IPSubnet Address=""/><IPSubnet Address=""/></IPSubnets><Metric Value=""/><Version>6221</Version><Capabilities SchemaVersion="1.0"/><ServerRemoteName>NOVA42306.NOVA42304DOM.net</ServerRemoteName><DPType>SERVER</DPType></LocationRecord></LocationRecords></Site></Sites></ContentLocationReply> MP_LocationManager 10/8/2009 2:42:56 PM 5408 (0x1520)
When the management point has no locations for the client to download the content, it will look similar to the following:
No Locations found. MP_LocationManager 10/14/2009 10:52:08 AM 4768 (0x12A0) MP LM: Reply message body: <ContentLocationReply SchemaVersion="1.00"><ContentInfo PackageFlags=""/><Sites><Site><MPSite SiteCode="PS2" MasterSiteCode="PS2" SiteLocality="LOCAL"/><LocationRecords/></Site></Sites></ContentLocationReply>MP_LocationManager 10/14/2009 10:52:08 AM 4768 (0x12A0)
No Locations found. MP_LocationManager 10/14/2009 10:52:08 AM 4768 (0x12A0)
MP LM: Reply message body: <ContentLocationReply SchemaVersion="1.00"><ContentInfo PackageFlags=""/><Sites><Site><MPSite SiteCode="PS2" MasterSiteCode="PS2" SiteLocality="LOCAL"/><LocationRecords/></Site></Sites></ContentLocationReply>MP_LocationManager 10/14/2009 10:52:08 AM 4768 (0x12A0)
If you see "No Locations found" like this in the MP_Location.log, confirm that the package is successfully installed on the distribution points by using the log file distmgr.log on the site server.
In the example of the MP_Location.log showing the management point returning a valid list of URLs for the client to download the content, it has SiteLocality="LOCAL", which identifies the client as being within the fast boundary of the site and hence the locality of the client is considered "local". The two other values for the SiteLocality attribute are Remote and Fallback:
When the client is located within a slow and unreliable boundary of the site, the ContentLocationReply looks similar to this:
ContentLocationReply : <ContentLocationReply SchemaVersion="1.00"><ContentInfo PackageFlags="0"/><Sites><Site><MPSite SiteCode="PS1" MasterSiteCode="PS1" SiteLocality="REMOTE"/><LocationRecords><LocationRecord><SMBPath Name="\\[ServerName]\SMSPKGC$\CAR00003\"/><URL Name="http://[ServerName]/SMS_DP_SMSPKGC$/CAR00003/" Signature="http://[ServerName]/SMS_DP_SMSSIG$/CAR00003.1.tar"/><ADSite Name=""/><IPSubnets><IPSubnet Address=""/><IPSubnet Address=""/></IPSubnets><Metric Value=""/><Version>6221</Version><Capabilities SchemaVersion="1.0"/><ServerRemoteName>[ServerName]</ServerRemoteName><DPType>SERVER</DPType></LocationRecord></LocationRecords></Site></Sites></ContentLocationReply> LocationServices 10/14/2009 2:01:23 PM 2592 (0x0A20)
If the client is within a slow and unreliable boundary and you want it to install software, ensure that the advertisement is configured with the following option enabled: "Download content from distribution point and run locally". The default setting for an advertisement when clients are within a slow and unreliable boundary is "Do not run program".
Note: There might be valid reasons why clients in slow and unreliable boundaries should not install software. This setting applies to all clients identified as being in a slow and unreliable boundary and cannot be configured for individual clients. If you do change the setting, be aware that it will impact potentially many clients. For more information, see Decide Whether Clients Should Download Content If They Are on a Slow or Unreliable Network Boundary.
When SiteLocality="FALLBACK", the resulting behavior is the same as if the client is on a slow and unreliable boundary. The content location reply in this case looks something like this:
ContentLocationReply : <ContentLocationReply SchemaVersion="1.00"><ContentInfo PackageFlags="0"/><Sites><Site><MPSite SiteCode="PS1" MasterSiteCode="PS1" SiteLocality="FALLBACK"/><LocationRecords><LocationRecord><SMBPath Name="\\[ServerName]\SMSPKGC$\CAR00003\"/><URL Name="http://[ServerName]/SMS_DP_SMSPKGC$/CAR00003/" Signature="http://[ServerName]/SMS_DP_SMSSIG$/CAR00003.1.tar"/><ADSite Name=""/><IPSubnets><IPSubnet Address=""/><IPSubnet Address=""/></IPSubnets><Metric Value=""/><Version>6221</Version><Capabilities SchemaVersion="1.0"/><ServerRemoteName>[ServerName]</ServerRemoteName><DPType>SERVER</DPType></LocationRecord></LocationRecords></Site></Sites></ContentLocationReply> LocationServices 1/11/2010 10:59:55 AM 2448 (0x0990)
The client attempts to download content from the first distribution point listed in the content location reply. This is logged in ContentTransferManager.log on the client, with an example being as follows:
CTM dumping locations returned by Location Service: ContentTransferManager 10/8/2009 2:42:56 PM 3204 (0x0C84) Source: 'http://[ServerName]/SMS_DP_SMSPKGC$/CAR00003' Locality: Local Version: 6221 Capability: <Capabilities SchemaVersion="1.0"/>Signatures: http://[ServerName]/SMS_DP_SMSSIG$/CAR0000.1.tar' ContentTransferManager 10/8/2009 2:42:56 PM 3204 (0x0C84) Source: '\\[ServerName]\SMSPKGC$\CAR00003' Locality: Local Version: 6221 Capability: <Capabilities SchemaVersion="1.0"/>Signatures: '' ContentTransferManager 10/8/2009 2:42:56 PM 3204 (0x0C84)
Then check DataTransferService.log on the client to see if a job has been created to download the files to the client. The log entry looks like this:
DTSJob {BC1A0EAB-A1D7-48BE-AD1E-CFE85F63C1B0} created to download from 'http://NOVA42306.NOVA42304DOM.net/SMS_DP_SMSPKGC$/CAR00003' to 'C:\Windows\system32\CCM\Cache\CAR00003.1.System'. DataTransferService 10/8/2009 2:42:56 PM 3204 (0x0C84)
Subsequent log entries look like the following:
Execute called for DTS job '{BC1A0EAB-A1D7-48BE-AD1E-CFE85F63C1B0}'. Current state: 'PendingDownload'. DataTransferService 10/8/2009 2:43:07 PM 3788 (0x0ECC) ... Starting BITS download for DTS job '{BC1A0EAB-A1D7-48BE-AD1E-CFE85F63C1B0}'. DataTransferService 10/8/2009 2:43:07 PM 3788 (0x0ECC)
Execute called for DTS job '{BC1A0EAB-A1D7-48BE-AD1E-CFE85F63C1B0}'. Current state: 'PendingDownload'. DataTransferService 10/8/2009 2:43:07 PM 3788 (0x0ECC) ...
Starting BITS download for DTS job '{BC1A0EAB-A1D7-48BE-AD1E-CFE85F63C1B0}'. DataTransferService 10/8/2009 2:43:07 PM 3788 (0x0ECC)
The last line above indicates content download from a BITS-enabled distribution point (the configuration option Allow clients to transfer content from this distribution point using BITS, HTTP, and HTTPS on the ConfigMgr Distribution Point Properties: General tab). Note that if the BITS download fails, the content download will fall back to using SMB and the download of files can then be monitored by using the FileBITS.log file.
If the content is being downloaded using BITS, the download process might stall under various circumstances. The bitsadmin tool is very useful in troubleshooting the status of content download. For example:
It's typical for the download to stall on one particular file or directory. The following lists some frequently encountered issues and resolutions.
Please post your comments on this blog post and let me know if you would like to see similar troubleshooting posts for software distribution and other areas. I will try to address questions as soon as possible.
- Bhaskar Krishnan
http://blogs.technet.com/configmgrteam/archive/2010/01/14/troubleshooting-client-content-download-in-configuration-manager-2007.aspx