SCCM by Davis: “Phil Pritchett replied to the forum topic DPs not updating with package source in the group System Center Configuration Manager 2012” plus 19 more

---

• Phil Pritchett replied to the forum topic DPs not updating with package source in the group System Center Configuration Manager 2012
• Phil Pritchett joined the group System Center Configuration Manager 2012
• Phil Pritchett changed their profile picture
• Marcia Boseman became a registered member
• DerekO became a registered member
• Tamika Lundgren became a registered member
• Jacob Roth replied to the forum topic CM 2012 vs. Altiris in the group System Center Configuration Manager 2012
• GE's 'Industrial Internet' Bolster's Critical Infrastructure Security
• Rod Trent wrote a new post, Fixing the Red Screen-after-update issue with the Microsoft Surface
• Rob Marshall wrote a new post, TechNet UK Article: How to Configure Alerts in System Center 2012 Configuration Manager
• SCCM 2012 SP 1 Agent Version Number
• SCCM 2012 - Enabling the Endpoint Protection Role
• SCCM 2012 - Installing the SUP Role
• SCCM 2012 - Importing and Managing Drivers for OSD
• Excluding unwanted updates from ADR
• Wayne became a registered member
• Timothy Ferrara joined the group Enhansoft
• Timothy Ferrara joined the group Enhansoft
• Rob Marshall wrote a new post, MS KB2823324 patch could cause loss of OS on next reboot if deployed
• created the doc cjLwxWYILFiUeRVHrw

Phil Pritchett replied to the forum topic DPs not updating with package source in the group System Center Configuration Manager 2012 Posted: 14 Apr 2013 10:14 PM PDT The package share at SMSPKGH$ will be empty because packages are distributed to the Content share by default. SMSPKGH$ is your distribution share. This functionality is different from SCCM2007 where packages were […] Comments: 0

Phil Pritchett joined the group System Center Configuration Manager 2012 Posted: 14 Apr 2013 10:14 PM PDT Comments: 0

Phil Pritchett changed their profile picture Posted: 14 Apr 2013 10:02 PM PDT Comments: 0

Marcia Boseman became a registered member Posted: 14 Apr 2013 06:08 PM PDT Comments: 0

DerekO became a registered member Posted: 14 Apr 2013 03:57 PM PDT Comments: 0

Tamika Lundgren became a registered member Posted: 14 Apr 2013 02:36 PM PDT Comments: 0

Jacob Roth replied to the forum topic CM 2012 vs. Altiris in the group System Center Configuration Manager 2012 Posted: 14 Apr 2013 12:12 PM PDT I have the same issue Jay and I brought both of the Altiris admins to MMS this year and they came away with the feeling that there wasn't much difference. The only issue would be the Symantec customer support […] Comments: 0

GE's 'Industrial Internet' Bolster's Critical Infrastructure Security Posted: 14 Apr 2013 08:25 AM PDT NEWS ANALYSIS: GE's new Industrial Internet provides industrial-strength reliability and security to the communications needs of critical infrastructure in the U.S.

Rod Trent wrote a new post, Fixing the Red Screen-after-update issue with the Microsoft Surface Posted: 14 Apr 2013 05:54 AM PDT A System Update was made available while I was at MMS 2013.  The previous System Updates had applied successfully, lulling me into a false sense of security, so I applied the update while in my hotel room.  The […] Comments: 0

Rob Marshall wrote a new post, TechNet UK Article: How to Configure Alerts in System Center 2012 Configuration Manager Posted: 14 Apr 2013 12:57 AM PDT I wrote a little article for TechNet UK as a guest post where I go over the new Email Notifications mechanism in ConfigMgr 2012 SP1.Check it out here Comments: 0

SCCM 2012 SP 1 Agent Version Number Posted: 03 Mar 2013 06:18 PM PST After upgrading to Service Pack 1, I needed to update my agent versions collections. The new version number for the SP1 agent is 5.00.7804.1000 New Query select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_SMS_ADVANCED_CLIENT_STATE on SMS_G_System_SMS_ADVANCED_CLIENT_STATE.ResourceId = SMS_R_System.ResourceId where SMS_G_System_SMS_ADVANCED_CLIENT_STATE.Version = "5.00.7804.1000″

SCCM 2012 - Enabling the Endpoint Protection Role Posted: 03 Mar 2013 05:54 PM PST Endpoint protection is pretty sweet, and the integration with SCCM Console is very well done. Nice work MS guys! This is basically a dump from my internal documentation. It might be a little unpolished, but sometimes it's better to ship a product then continue fretting about perfection… Install EPP Role on the CAS Navigate to Administration -> Sites -> Site Server and System Roles Right-click the CAS and choose "Add site server role." On the System Role Selection screen choose 'Endpoint Protection Point' and click Next. On the Endpoint Protection screen accept the license terms. On the Microsoft Active Protection screen review the information and make a choice. Create EPP Collectons Download the script named prep-site-server-wsus.ps1 from my Github page. Modify the variables at the top of the script to match your Org's name and site code. Run the script ON THE SITE SERVER, using your admin account. Configure and Deploy Custom Anti-Malware Policies Navigate to Assets and Compliance -> Endpoint Protection -> Antimalware Policies. Right-click -> Import. In the import dialog, navigate to "C:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\XmlStorage\EPTemplates". For each Endpoint Collection that was created, there should be a custom anti-malware setting found in the folder that can be imported. Choose to import an .xml template that matches a collection you're interested in working on. Right-click the imported EPP Policy and choose 'Deploy'. Deploy the policy to the collection that matches the policy name best. Repeat this process for all of your EPP collections. Configure Client Settings Navigate to Administration -> Client Settings. Right-click and choose to create a new client settings package. On the 'General' screen, name the new package and check the box labeled 'Endpoint Protection'. On the Endpoint Protection screen, set the following settings Manage Endpoint Protection client on client computers: True Install Endpoint Portection client on client computers: True Automatically remove previously installed antimalware software: True Suppress any required computer restarts: True Disable alternate sources for the initial update: False Click OK to save changes. Right-click the new client settings package and choose 'deploy'. Deploy the client settings to a collection of your computers. Endpoint should now be uninstalling your previous virus scanner, and installing the EPP. Wooo!

SCCM 2012 - Installing the SUP Role Posted: 03 Mar 2013 05:44 PM PST I posted previously about configuring software updates in SCCM. This post is about installing the SUP role on the CAS and site servers. A little backwards, I know. This post is a slightly modified version of my internal documentation on the process. Sorry if it's a little un-treated. These instructions assume that you're not using a proxy server, and that you're installing the SUP role on the same server as your CAS and site server management points. Install WSUS and Hotfix on CAS WSUS 3 SP1 Download WSUS Install cmd line. The F:\WSUS line is where you want WSUS to store the license agreements for updates which require them. WSUS30-KB972455-x64.exe /q CONTENT_LOCAL=1 CONTENT_DIR=F:\WSUS SQLINSTANCE_NAME=%COMPUTERNAME% MU_ROLLUP=1 DEFAULT_WEBSITE=0 CREATE_DATABASE=1 CONSOLE_INSTALL=0 WSUS Hotfix Download WSUS Hotfix Install cmd line: WSUS-KB2734608-x64.exe /q Install SUP Role on CAS Administration -> Site Configuration -> Servers and Site System Roles -> CAS Server. Right-click -> Add Site System Role Specify the server's FQDN. Check 'Software Update Point'. Do not use a proxy sever unless actually needed. Active Settings: Check 'Use this server as the active software update point', and 'WSUS is configured to use a custom website'. Synchronization Source: 'Synchronize from Microsoft Update' and 'Do not create WSUS reporting events' Synchronization Schedule: Check 'Enable synchronization on a schedule'. Run every 1 days. Alert when synchronization fails on any site in the hierarchy. Supersedence Rules: Choose 'Immediately expire a superseded software update'. Classifications: All Products: DO NOT CHOOSE EVERYTHING, only what you need right now. You can always add more later. Choosing everything makes the console really slow. Languages: Only select languages for which you actually install that specific language's OS version of Windows. This is not about keyboard layouts, it's about the whole OS language scheme. Next, wait, close. Run a Full WSUS Synchronization Software Library -> Software Updates -> Right-click -> Run Synchronization Enable SUP Internet Mode on CAS Admin -> Sites -> Right-click Site -> Configure Site Components -> Software Update Point Choose 'Allow both intranet and internet clients'. Install WSUS and Hotfix on Site Server See the previous section regarding the WSUS and Hotfix install. It's the same process for both the CAS and Site Server. Install SUP Role on Site Server Admin -> Site Config -> Servers and Site System Roles -> CAS Serevr. Right-click -> Add Site System Role Specify FQDN Check Software Update Point Do not use a proxy sever Active Settings: Check Use this server as the active software update point, and WSUS is configured to use a custom website. Synchronization Source: Do not create WSUS reporting events. Languages: Only select languages for which you actually install that specific language's OS version of Windows. This is not about keyboard layouts, it's about the whole OS language scheme. Next, wait, close. Run a Full WSUS Synchronization Software Library -> Software Updates -> Right-click -> Run Synchronization Now, you should be ready to actually configure the SUP to push out updates. Good luck!

SCCM 2012 - Importing and Managing Drivers for OSD Posted: 03 Mar 2013 05:34 PM PST There are two main sets of drivers to worry about. WinPE drivers, and the target OS drivers. If your computer can't boot WinPE, or WinPE can't talk to the disk or network card, not much will get done. Conversely if WinPE lays down an image and reboots to it and the OS doesn't have disk or network drivers, any subsequent task sequence steps will fail because your PC won't be able to contact the SCCM server. Here's how to manage drivers in SCCM: Driver Organization We need two folders: first, a place to put drivers downloaded from the OEM's website and second, a place for SCCM to store it's driver databases (called 'Driver Packages'). I created the following folder structure on my SCCM site server: source$\ driversource driverpackages applications images ossource …etc Driversource is where we will put downloaded OS drivers. For example: source$\driversource\ Win7\ Dell Optiplex 9010 <a bunch of folders, INF files, etc.> Dell Optiplex 990 <a bunch of folders, INF files, etc.> Lenovo X1C <a bunch of folders, INF files, etc.> WinXP\ HP xw4300 <a bunch of folders, INF files, etc.> HP xw4600 <a bunch of folders, INF files, etc.> Driverpackages is a folder that SCCM will manage. Messing with stuff in this folder will break things. SCCM will make folders subfolders with GUID's for each driver included in the package. In the following example folder structure, I would have created the source$ share, the driverpackages folder, the OS folders, and the make\model folders. However, SCCM creates and manages the GUID-named folders. source$\driverpackages Win7 Dell Optiplex 9010 {idsfbsg-srgsrtg-4564w65mklsfsfgs} WinXP Dell Optiplex 990 {83453q-efsdfgsgs-45545yerthdfgssdfg} Step-By-Step – OS Drivers Create a folder in .\source$\driverpackages\<os>\<model>. Create a folder in .\source$\driversource\<os>\<model>. Download the OEM drivers, extract them, and put the extracted files in the .\driversource\… folder. Open SCCM Console -> Software Library -> Operating Systems -> Drivers. Right-click 'Drivers' and choose 'Import Driver'. On the 'Locate Driver' screen, enter the unc of your downloaded source drivers. This should look like: \\sccm-server\source$\driversource\<os>\<model>. On the 'Driver Details' screen, add a category to make it easier to clean up after bad or accidental imports later. I always use the Make + Model + OS (ex: "Dell Optiplex 9010 Win7″). On the 'Add Driver to Driver Packages' screen, click 'New Package'. On the 'Create Driver Package' screen, enter a name and path. The name of the driver package should match the category for clarity. The path of the driver package should be the folder .\source$\driverpackages\<os>\<model> created in a previous step. On the 'Add Driver to Boot Images' screen, do not choose to add any drivers to the boot image at this time. Finish the import wizard. It will take some time for the drivers to finish importing. Step-By-Step – Boot Image Drivers Next, we need to add the network and sata drivers to the boot images so that WinPE can access the HDD and NIC. Without this step, it's likely that WinPE will attempt to load then immediately reboot because it cannot reach the SCCM server. Navigate to SCCM Console -> Software Library -> Operating Systems -> Driver Packages. Right-click your new driver package and choose 'Show Members'. Right-click the headers of the viewing pane (The bar showing column names like "Icon", "Name", "Provider", etc.) and add the 'Content Source Path' field. Sort the list by driver 'class', then highlight all drivers with the classes 'SCSIAdapter', 'Net', and 'hdc', but only those which are for the x86 architecture. You can usually tell the architecture by the content source path. Right-click the highlighted drivers -> Edit -> Boot Images. Add your selected drivers to the x86 boot images listed. Be careful, because adding x86 drivers to an x64 boot image, or vice versa can break the boot image. Also, ensure that the checkbox labeled 'Update the distribution points' is checked before hitting 'OK'. Now, you should be able to PXE boot your target computer. You can verify that the nic drivers work by pressing F8 in WinPE to open a command prompt, then trying to ping an ip address. To verify disk drivers, in the WinPE command prompt run the command 'diskpart' then enter 'List Disk'. Step-By-Step for Win7+ Next, we need to get the OS drivers into the task sequence. First, we need to find out what your target computer thinks it's model name is. Open PowerShell on the target system. Execute the following command, and copy down the answer somewhere safe. We need the response that this command gives to properly form the WMI query in the Task Sequence. (gwmi win32_ComputerSystem).Model Next, let's actually edit the task sequence. Navigate to SCCM Console -> Software Library -> Operating Systems -> Task Sequences. Right-click your desired task sequence and choose 'Edit'. Select a position after 'Apply OS Image' but before 'Setup Windows and ConfigMgr' and choose Add -> Drivers -> Apply Driver Package. On the new TS action, click 'Browse' and select the driver package that was just created in the previous section. Click the 'Options' tab of the new TS action. Click 'Add Condition' -> Query WMI. On the 'WMI Query Properties' screen, add the following WMI query. Replace the words 'Latitude e4300′ from the example query below with the output of the GWMI command in powershell from a previous step. The quotes and % sign should -stay in- the query. select * from Win32_ComputerSystem where Model like "Latitude e4300%" Click OK to close the TS Edit Window and save the TS. Right-click the TS and choose, 'Distribute Content', then complete the wizard to distribute the driver package to your distribution points. For Win7, you should now be good to go! For XP, there are a couple more steps. Step-By-Step for WinXP XP Requires 3 sets of drivers: WinPE, OS Drivers, and OS Mass Storage drivers. The above steps will walk you through completing WinPE and OS Drivers. The subsequent steps will cover mass storage drivers. Follow the instructions for the WinPE and Win7 sections, then come back here. Complete the instructions at the following blog post. It is an excellent write-up of the process for finding the correct mass-storage driver and including it in the task sequence. Identifying Windows XP Mass Storage Drivers in Windows PE with Devcon And that's it! Good luck out there.

Excluding unwanted updates from ADR Posted: 03 Mar 2013 10:23 AM PST In a previous post I wrote about how to uninstall (or "Approved for Removal" in WSUS ter

Wayne became a registered member Posted: 13 Apr 2013 06:48 PM PDT Comments: 0

Timothy Ferrara joined the group Enhansoft Posted: 13 Apr 2013 05:34 PM PDT Comments: 0

Timothy Ferrara joined the group Enhansoft Posted: 13 Apr 2013 05:34 PM PDT Comments: 0

Rob Marshall wrote a new post, MS KB2823324 patch could cause loss of OS on next reboot if deployed Posted: 13 Apr 2013 05:07 AM PDT Lots of chatter out there on the web on this, Microsoft has pulled a patch, KB2823324, that is reportedly causing Windows OS's not to boot properly or for application to not function correctly.If you haven't got […] Comments: 0

created the doc cjLwxWYILFiUeRVHrw Posted: 13 Apr 2013 12:48 AM PDT Comments: 0

You are subscribed to email updates from SCCM by Davis To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google Inc., 20 West Kinzie, Chicago IL USA 60610