SCCM by Davis

31 may 2013

SCCM by Davis: “NickolajA joined the group Enhansoft” plus 19 more

SCCM by Davis: “NickolajA joined the group Enhansoft” plus 19 more

Link to SCCM by Davis

NickolajA joined the group Enhansoft

Posted: 31 May 2013 01:08 AM PDT

Comments: 0

Rob Marshall wrote a new post, ConfigMgr 2012 intune and WP8 deployment testing

Posted: 31 May 2013 12:35 AM PDT

ThumbnailFinally, ConfigMgr 2012 admins can now do some testing with ConfigMgr 2012 SP1, intune and Windows 8 phone … without a certificate.This was a real blocker for testing as you needed to purchase a certificate from […]

Comments: 0

Cisco: EU OK of Microsoft-Skype Deal Was Careless

Posted: 30 May 2013 08:15 PM PDT

The networking giant says putting no conditions on the deal gave Microsoft an unfair monopoly on the video communications market.

Peter Daalmans wrote a new post, Quick tip when integrating Windows Intune & DirSync with ConfigMgr 2012 SP1

Posted: 30 May 2013 02:38 PM PDT

As an Enterprise Client Manager you need to of course use the Windows Intune integration in Configuration Manager 2012 SP1 to be able to manage also your mobile devices next to all other Windows, Unix, Linux and […]

Comments: 0

Geoff Edney became a registered member

Posted: 30 May 2013 01:37 PM PDT

Comments: 0

Megan joined the group ConfigMgr 2012 Application Exports

Posted: 30 May 2013 01:20 PM PDT

Comments: 0

Megan joined the group Configuration Manager Queries, Reports, and MOFs

Posted: 30 May 2013 01:19 PM PDT

Comments: 0

Megan joined the group Script Gallery

Posted: 30 May 2013 01:19 PM PDT

Comments: 0

Megan joined the group Windows 8

Posted: 30 May 2013 01:18 PM PDT

Comments: 0

Megan joined the group Orchestrator Runbooks Community Repository

Posted: 30 May 2013 01:18 PM PDT

Comments: 0

Megan joined the group System Center Orchestrator/Opalis

Posted: 30 May 2013 01:17 PM PDT

Comments: 0

Megan joined the group Microsoft TechEd

Posted: 30 May 2013 01:15 PM PDT

Comments: 0

Megan joined the group IT Fit

Posted: 30 May 2013 01:14 PM PDT

Comments: 0

Megan became a registered member

Posted: 30 May 2013 01:09 PM PDT

Comments: 0

Cisco: Global Internet Traffic Will Triple by 2017

Posted: 30 May 2013 01:00 PM PDT

More connected users and devices and faster network speeds are driving the growth, according to a study by Cisco.

Windows Management Experts wrote a new post, Deploy a LOB “Modern” Windows 8 Application: Part 1

Posted: 30 May 2013 01:04 PM PDT

ThumbnailThe introduction of Windows 8 brought a whole new type of application. This application was first known as "metro", and now "modern". These applications are designed for tablets and touchscreens.

This will be a […]

Comments: 0

Windows Management Experts wrote a new post, Capturing Application Settings after Install

Posted: 30 May 2013 01:02 PM PDT

ThumbnailOne of the biggest challenges in application deployment is modifying settings post-install. These "settings" can include customizing application preferences, tying the application to a data source, activating the […]

Comments: 0

brink668 joined the group SCCM Right-click tools

Posted: 30 May 2013 12:03 PM PDT

Comments: 0

Jim W. Brown joined the group SCCM Right-click tools

Posted: 30 May 2013 11:56 AM PDT

Comments: 0

Windows Management Experts posted an update: Deploy a LOB “Modern” Windows 8 Application: Part 1 The […]

Posted: 30 May 2013 11:32 AM PDT

Deploy a LOB "Modern" Windows 8 Application: Part 1
The introduction of Windows 8 brought a whole new type of application. This application was first known as "metro", and now "modern". These applications are designed for tablets and touchscreens.

This will be a two-part series on these new apps. This part will be an introduction to these new apps, the difference between desktop and modern apps, and sideloading apps vs. using AD.

Introduction to Modern Apps

When an application comes with both a modern and desktop interface, it is actually two versions of the software running on your computer. Take Internet Explorer, for example. If you open it from the Start Menu, this launches the modern version, while launching it from the desktop launches the desktop version. If you bookmark a website in the modern version, it does not show up in the desktop version.

In order for applications to use the modern interface, they must be written for the modern interface. You cannot take a desktop application and turn it into a modern application without rewriting it. To write your own modern application, you can use Visual Studio Express 2012 for Windows 8, available here: http://www.microsoft.com/visualstudio/eng/products/visual-studio-express-products. We will create a sample application in part 2 of this series.

Modern apps, by default, are installed per user. The only way to install them for the machine is to inject them into the Windows 8 WIM using a DISM command (more on this in part two). Also, for modern apps in the Windows Store, such as Skype or Netflix, you must have your Microsoft Live ID attached to your account. If you are not bound to an AD, you can also use this account to log into your computer. For AD-bound computers, you tie log in with your AD account and then tie your Live ID to the account.

Apps from the Windows Store can be deployed using Configuration Manager 2012 SP1. They are not, however, deployed in the same way that desktop apps are deployed. Administrators never actually download files to their environment. You pretty much put a link in Software Center to the app in the Windows Store. When your end user selects the app from Software Center, it takes them to the Windows Store where the app downloads. A Live ID must also be tied to the user, or the application will not download. These apps can be "Required", so that they will install automatically (as long as a Live ID is tied to the user). I will show this process in more detail in part two of the series.

LOB (line-of-business) apps that are created in house are deployed using CM 2012 in a similar fashion to normal apps. They have a source directory, get copied to distribution points, and are installed via Software Center.

Differences

Modern apps are intended to run on tablets or touchscreen interfaces. They are specifically designed for touch with larger buttons, more spacing between items, and swipes. They can run on normal desktops and laptops, but they are optimized for touchscreens.

Modern apps are written in Java script or HTML5. That is why desktop apps cannot simply be converted into modern apps. Developers must specially write their apps for the modern interface.

Modern apps also store all settings within the app, meaning that they cannot be extracted and deployed to multiple settings. Modern apps can also not be extracted from a computer where the app is installed and deployed to other computers, as this breaks the Microsoft EULA. They only way to get them is from the Windows Store, or to develop your own in house.

Sideloading vs. AD

For in-house apps, you have two options for making Modern applications work. If you have an AD, you must make one group policy change. Change the "Allow all trusted apps to install" setting to enabled (Computer Configuration > Administrative Templates > Windows Components > App Package Deployment). This will allow you to load apps.

For those without an AD, you must use sideloading. For sideloading to work, you either need to have Software Assurance, or purchase sideloading keys from Microsoft. If you have Software Assurance, you can get your key from your volume license site. To purchase keys, contact your Microsoft reseller. They are normally $3,000 for 100 keys. If you have CM 2012, you can deploy the sideloading key from the "Software Library" node of the console:

http://www.windowsmanagementexperts.com/wp-content/uploads/2013/05/14.jpg

If you do not have CM 2012, you can install the key with these commands from the command prompt:

slmgr /ipk
slmgr /ato ec67814b-30e6-4a50-bf7b-d55daf729d1e

Type the last command EXACTLY as shown. This step activates the key.

Come back next week to learn how to create an app, sign it, and deploy it. I will be focusing on deployment using CM 2012 SP1, as well as the PowerShell commands for manual deployment. Before next week, please install Visual Studio 2012 Express for Windows 8 (link above) and Windows Software Development Kit for Windows 8 (http://msdn.microsoft.com/en-us/windows/desktop/hh852363.aspx). We will need Visual Studio to create the app, and the SDK for creating a certificate and signing the app.

Comments: 0
by to No hay comentarios:

30 may 2013

SCCM by Davis: “Chris became a registered member” plus 19 more

SCCM by Davis: “Chris became a registered member” plus 19 more

Link to SCCM by Davis

Chris became a registered member

Posted: 30 May 2013 12:35 AM PDT

Comments: 0

brink668 edited the forum topic SCCM 2012 – Computers will not reboot during maintenance window after installing updates in the group System Center Configuration Manager 2012

Posted: 29 May 2013 06:36 PM PDT

I finally got computers to stop rebooting randomly during the day outside the maintenance window due to WUA agent not config manager but now I have a different problem. I have not updated the WUA agent.

SCCM […]

Comments: 0

brink668 replied to the forum topic SCCM 2012 - Need help...computers restarting when Maintenance Window is in place in the group System Center Configuration Manager 2012

Posted: 29 May 2013 06:07 PM PDT

I figured it out, the WUA Agent was calling the reboot not Config Manager.

Comments: 0

Rod Trent wrote a new post, Hotfix Watch: Site Assignments failing for ConfigMgr 2012 SP1

Posted: 29 May 2013 04:24 PM PDT

Microsoft has released a hotfix to fix an issue where an ampersand or other nonalphanumeric characters in the 3rd party root CA could cause site assignments to fail.

KB and Hotfix are here: FIX: Site […]

Comments: 0

Rod Trent wrote a new post, Attending TechEd 2013 North America? Get a Surface RT Dirt Cheap

Posted: 29 May 2013 03:34 PM PDT

I posted an announcement earlier on our sister site, Windows IT Pro. Microsoft has an awesome deal on Surface RT's and Surface Pro's if you're attending TechEd 2013 in New Orleans.

Microsoft is already […]

Comments: 0

Chris Cavazos became a registered member

Posted: 29 May 2013 02:11 PM PDT

Comments: 0

Cisco Buying Energy Software Maker JouleX

Posted: 29 May 2013 12:45 PM PDT

JouleX's software enables enterprises to monitor and manage the energy usage of a range of devices and data center IT systems.

Rod Trent posted an update in the group Veeam: In preparation for a new release, Veeam is giving away a […]

Posted: 29 May 2013 12:25 PM PDT

Rod Trent wrote a new post, In preparation for a new released, Veeam is giving away a bevy of goodies

Posted: 29 May 2013 12:22 PM PDT

Veeam is getting ready to release Veeam Backup and Replication version 7, and to help sweeten the deal, they are giving away the following goodies:

ThinkPad W530 with Windows 8 Pro
ThinkPad Battery […]

Comments: 0

Stacy Tzaperas joined the group System Center Configuration Manager 2007

Posted: 29 May 2013 11:43 AM PDT

Comments: 0

Kris Barker joined the group Software Licensing and SAM

Posted: 29 May 2013 11:39 AM PDT

Comments: 0

Kris Barker wrote a new post, Software Asset Management – Are YOU Part of the “One Percent?”

Posted: 29 May 2013 11:35 AM PDT

Love it or hate it, the term "One Percent" has taken on prodigious meaning in the English vernacular. In fact, it's difficult to utter these words without stirring up political fervor of one kind or another. But […]

Comments: 0

Mike became a registered member

Posted: 29 May 2013 11:33 AM PDT

Comments: 0

Enhansoft wrote a new post, How to Remotely Determine the SMS Provider Using WBEMTest v2

Posted: 29 May 2013 11:29 AM PDT

ThumbnailBy Suzanne Tighe

As I was reading Garth Jones' blog post on how to remotely determine the SMS provider using WBEMTest, I realized that that wasn't the method I would use. Not to disagree with my esteemed […]

Comments: 0

Stacy Tzaperas became a registered member

Posted: 29 May 2013 10:50 AM PDT

Comments: 0

Rod Trent wrote a new post, Join the Windows Azure Feedback Panel get a Amex Gift Card

Posted: 29 May 2013 10:49 AM PDT

Windows IT Pro is hosting a feedback panel for those who are ready to test out Windows Azure.  Your feedback is critical and your time is valuable so all participants will receive an Amex gift certificate.

Drop […]

Comments: 0

Sprint, Softbank Enter National Security Agreement, Move on to FCC

Posted: 29 May 2013 09:15 AM PDT

The Sprint-Softbank merger, having received the approval of CFIUS, is now in the hands of Sprint shareholders and the FCC.

Rod Trent posted an update in the group IT Fit: What to Pack and How to Train While Traveling | Breaking Muscle

Posted: 29 May 2013 09:29 AM PDT

Rod Trent posted an update in the group Flexera Software: Slash Support Costs with the Most Robust Enterprise App […]

Posted: 29 May 2013 08:19 AM PDT

Slash Support Costs with the Most Robust Enterprise App Store

Hear Joel Grove, Infrastructure Software Engineer at SunTrust Banks, Inc. discuss how Flexera Software App Portal has helped SunTrust empower 50,000 users with on-demand self-service access to business apps, and automate 4,000 application requests per month, saving thousands of hours of help desk time.

http://learn.flexerasoftware.com/content/AR-WBNR-App-Portal-Slash-Support-Costs

Comments: 0

Jon Badar became a registered member

Posted: 29 May 2013 05:54 AM PDT

Comments: 0
by to No hay comentarios:

28 may 2013

SCCM by Davis: “Matt became a registered member” plus 13 more

SCCM by Davis: “Matt became a registered member” plus 13 more

Link to SCCM by Davis

Matt became a registered member

Posted: 28 May 2013 01:25 AM PDT

Comments: 0

smile became a registered member

Posted: 28 May 2013 12:01 AM PDT

Comments: 0

M Rolstone became a registered member

Posted: 27 May 2013 11:49 PM PDT

Comments: 0

Nick Moseley wrote a new post, Deploying Android Apps with Windows Intune

Posted: 27 May 2013 04:58 PM PDT

ThumbnailUsing Windows Intune standalone?  You can quickly deploy apps using the following process!  This example utilizes an Android emulator being managed through Intune.  For more information on how to set that up for […]

Comments: 0

Nick Moseley wrote a new post, Deploying Android Apps with Windows Intune

Posted: 27 May 2013 04:47 PM PDT

ThumbnailUsing Windows Intune standalone?  You can quickly deploy apps using the following process!  This example utilizes an Android emulator being managed through Intune.  For more information on how to set that up for […]

Comments: 0

Kurt Irvin became a registered member

Posted: 27 May 2013 04:28 PM PDT

Comments: 0

Packaging Adobe Reader XI

Posted: 19 Apr 2013 09:54 AM PDT

Here are the instructions of how to package up Adobe Reader XI using the Adobe Customization tool free of charge.  The purpose of packaging up this application is to selectively disable auto updates and any other annoyances that comes by default with the product.

Here are the steps I took.

1. Download the distributable Adobe Reader XI exe

2. Extract the exe to an empty folder using the following command:

AdbeRdr11000en_US.exe –nos_oc:\adobereader\extracted –nos_ne

Where c:\adobereader\extracted is the location to extract the exe

3. Download and install Adobe Reader XI customization wizard

http://www.adobe.com/support/downloads/detail.jsp?ftpID=5515

4. Open customization wizard and open the extracted AcroRead.msi file for customizing

5. Here are the customizations I made to the product to disable the unwanted features

A. Suppress the EULA

image

B. Configure some Installation Options

image

C. Disable icon from being placed on desktop

image

D. Disabled all online updates and features

image

F. Deleted the Adobe ARM service installed by defaults that communicates back to Adobe for updates.  The service is not listed here but is by default.

image

6. Then save the package and you'll see a transform file has been created inside the extracted files directory.  You can either deploy this package using the msi along with the transform file or use the setup.exe which calls the setup.ini file and the transform file exists inside of the ini.

example: msiexec.exe /i "acroread.msi" TRANSFORMS="acroread.mst"

LTI/ZTI Scripting: Add computer to an AD Group

Posted: 18 Apr 2013 09:00 PM PDT

I'm currently doing some intense SCCM 2012 training so I've not been posting or in the forums recently. I've still been responding to emails though.

I received an email from a reader earlier this week. He wanted to add the current computer to an AD security group during his deployment.

It turns out that I wrote such a script a few weeks earlier. It's in the repository here.

The script will add the current computer to an AD Group that is set in the customsettings.ini

The script is then run in a task sequence with the command line:

cscript.exe "%SCRIPTROOT%\ZTIAddMember.wsf

The code below is a sample of the customsettings.ini changes.

[Settings]  Priority=Default  Properties=CustomProperty, ADGroup     [Default]  OSInstall=Y  ADGroup = LDAP://CN=IT Computers,OU=Groups,DC=corp,DC=continuum,DC=com

The code is "As is". No refunds!

Gus joined the group Orchestrator Runbooks Community Repository

Posted: 27 May 2013 12:06 PM PDT

Comments: 0

Gus joined the group System Center Orchestrator/Opalis

Posted: 27 May 2013 12:03 PM PDT

Comments: 0

Gus became a registered member

Posted: 27 May 2013 12:00 PM PDT

Comments: 0

SCCM by Davis: “Rob Marshall wrote a new post, WMUG - A day with Wally Mead covering ConfigMgr 2012 SP1 and Mobile Device Management” plus 2 more

Posted: 27 May 2013 03:40 AM PDT

SCCM by Davis: "Rob Marshall wrote a new post, WMUG - A day with Wally Mead covering ConfigMgr 2012 SP1 and Mobile Device Management" plus 2 more

Link to SCCM by Davis

Rob Marshall wrote a new post, WMUG - A day with Wally Mead covering ConfigMgr 2012 SP1 and Mobile Device Management

Posted: 26 May 2013 01:36 PM PDT

ThumbnailThe Windows Management User Group has Wally Mead back for an awesome day of ConfigMgr SP1 and Mobile Device Management content.The venue is London, Victoria, Cardinal Place, and we have capacity for 100 attendees, […]

Comments: 0

SCCM by Davis: "SCCM 2012 SP1 Powershell cmdlets" plus 19 more

Posted: 26 May 2013 03:27 AM PDT

SCCM by Davis: "SCCM 2012 SP1 Powershell cmdlets" plus 19 more

Link to SCCM by Davis

SCCM 2012 SP1 Powershell cmdlets

Posted: 18 Apr 2013 05:03 AM PDT

Un certain nombre de cmdlets Powerhsell sont disponibles avec SCCM 2012 SP1.
Powershell 3 doit être installé afin de pouvoir utiliser ces cmdlets.

La liste est disponible sur le technet à l'adresse suivante : http://technet.microsoft.com/en-us/library/jj821831.aspx

Il est également possible d'obtenir la liste des cmdlets en utilisant la commande suivante dans Powershell : Get-Command -Module ConfigurationManager

La console Powershell peut être lancée depuis la console SCCM via le menu Connect via Windows Powershell.

console_sccm

Jay Ferron wrote a new post, Microsoft Security Compliance Manager

Posted: 25 May 2013 12:25 PM PDT

How do manage your infrastructure and verify compliance. Microsoft SCM offers security baselines to help you manage configuration drift, address compliance requirements, and reduce security threats. Security […]

Comments: 0

Jason Sandys wrote a new post, ConfigMgr Startup Script Updated

Posted: 25 May 2013 01:19 PM PDT

1.6 is here with a couple of minor improvements including the ability to selectively install ConfigMgr 2012 x86 or x64 hotfixes based upon the client's OS architecture. The other improvement is the ability to […]

Comments: 0

Dell, HP Upgrade Thin Client for Better Security, Communications

Posted: 25 May 2013 08:30 AM PDT

The companies unveiled new and enhanced thin client offerings aimed at improved performance in cloud and virtual environments.

Chris LaPlante became a registered member

Posted: 25 May 2013 04:23 AM PDT

Comments: 0

System Center: SQL installation guide

Posted: 16 Apr 2013 10:20 AM PDT

I was always a bit upset because of missing SQL installation guide for System Center (and other prod

AdminStudio Configuration Manager Edition

Posted: 14 Apr 2013 02:42 AM PDT

How to get free software packaging tool when you have System Center Configuration Manager

Download software : http://www.flexerasoftware.com/promolanding/7698.htm

Optain a licens number : http://learn.flexerasoftware.com/content/AR-EVAL-AdminStudio-Limited-Edition-SCCM

MMS (Microsoft Management Solutions) 2013 Keynote – my notes

Posted: 13 Apr 2013 02:48 PM PDT

image

Mostly it was Microsoft System Center 2012 SP 1 stuff like Azure intgration into the privat cloud, Intune integration etc. what was known before, but here are some interesting highlights that I wrote down:

  • 20% of the Microsoft Enterprise customers use Office 365
  • At Domino's (BIG US Pizza Service – http://www.dominos.com/) they run 15000 VM's based on Hyper-V, administred by only 2 (two) admins
  • There are 35000 unique Windows Intune customers
  • IT evolve to be a PEOPLE CENTRIC IT which needs to provide answers to questions like WHO access the IT Infrastructure, WHAT they access and WHERE they access it from
  • Happy users are more productive
  • Security should travel with the documents

You can view the keynote here –> http://channel9.msdn.com/Events/MMS/2013/KEY1

Upgrade SCCM 2012 to 2012 SP1 and get an error when editing a task sequence?

Posted: 12 Apr 2013 12:17 PM PDT

Recently I upgraded Configuration Manager 2012 to 2012 Sp1. We had a bunch of task sequences, but they wouldn't open. I re-ran the configuration manager extension integration from the MDT 2012 Update 1 install, forcing the extensions down and resolved the error. I was thinking of blogging about this topic, and somone already did, 8 days ago. Nice work Jeroen Erkelens, here's the Post.

MDOP 2013

Posted: 12 Apr 2013 07:47 AM PDT

MDOP 2013 has launched. Several enhancements to the suite of apps including MBAM 2.0. This utility now has integration into ConfigMgr and a self-service portal and automated provisioning with Win8 deployments. AGPM, DART, App-V, and UEV have all been improved. Continue reading about the new feature sets at the Windows Blog.

Install and Manage EndPoint with SCCM

Posted: 12 Apr 2013 03:29 AM PDT

Install EndPoint Protection using SCCM

Microsoft System Center 2012 Endpoint Protection (previously Forefront Endpoint Protection) consolidates desktop security & management into one solution.

Add Site System Roles for "EndPoint Protection" Point.

Specify only if you are use proxy server.

Configuring EndPoint Protection Point:

Configuring Windows Update Pint:

Before you proceed double click on "Software Update Pont" to ensure port used by the WSUS server ( it is 80 and 443 for WSUS 3.0 SP2 but newer WSUS use port: ports 8530 and 8531)

Specify only if you are use proxy server.

Configure Email Alert.

Set account credentials if your email server doesn't permit relay. If it is external server; probably it will not support relay. So you need to "specify an account" and mail server account password.

Creation on device collection (group similar Operating system for group deployment)

We just put "All Systems" for this exercise but in real live we can be specific.

Grouping Windows 7 system in same collection here.

Definition updates for malware.

Yes

See the log update

Craete a share with read access to auth users and full access to admin ac

Note: you can notice FEP will install on to your desktop PC. Require waiting for an while.

You can set type of FEP scan policy you required; either import from built in template as shown below or customize the template as per your need.

Customize antimalware policy:

SCCM Boundaries and Client push configuration

Posted: 12 Apr 2013 02:46 AM PDT

Configuring SCCM 2012 SP1.

First all we need to create a boundary group so that SCCM could discover clients. It can be done using AD Site as group, IP segment etc.

Here we creating boundary and its group using AD Site.

Right click on Boundaries from left panel as shown in the red box. Choose type as you prefer.

Now Right click on "Boundary Groups" to create boundary group (eg. AD site)

Please ignore my AD name. this server is SCCMSERVER not SCOM

Yes to following ..

Then Yes to confirm for next popup screen.

Configure (Enable) push base client installation (remote).

Click on Sites then click on our site from right windows and Click on "Client Installation Setting" follow by Client Push Installation.

Just follow the following steps:

Here you can use Administrator account or your custom account.

Now selecting "All Systems" should show you those client has been joined to the domain and discovered by SCCM.

Right click on the client computer name and click on 'Install Client" from popup menu.

SCCM client installation should kick in at the client machine.

Following screen shows SCCM client installation process sis running on the client machine.

SCCM Client has been install on following Windows 7 computer.

Now you can manger above client for other purposes. See my next post for the "installation of SCCM EndPoint Protection" using SCCM.

Note: installation of SCCM EndPoint Protection post contains steps for Windows updates (WSUS) and "Creation of System Collection" (grouping different client type based on Query Rules).

SCCM 2012 SP1 Installation

Posted: 12 Apr 2013 01:58 AM PDT

This document guide you through installation of Microsoft System Center Configuration Manger (SCCM) 2012 SP1 with Windows Server 2012 AD and MS SQL Server Standard 2012 SP1.

Configure Active Director (AD) on Windows server 2012:

Creating Active directory rather simple in Windows 2012.

Add the roles and feature from Server Manager Dashboard (AD DS);

Back in Server Manager, you will notice that AD DS has been added to the left navigation tree.  Click on it and then click on More on the right navigation pane where it states that Configuration is required for Active Directory Domain Services.



Note:
No dcpromo command needs to enter from command prompt or Windows Run.

You will now be presented with the All Servers Task Details, in which you will click on Promote this server to a domain controller under Action. The Deployment Configuration screen appears and we will select "Add a new forest" as this is the first domain controller.

 

Enter your Root domain name and then click Next.

The following screen will then appear in which you will enter and select your Domain Controller Options.


You will then get the below warning in which you can ignore for now.


Click Next

The NetBIOS domain name will then be inputted automatically.  In the event of a conflict, it will suggest an alternative by appending the original name with a 0.


Click Next

Note: click on following link next for the screen that is not show on above.

http://social.technet.microsoft.com/wiki/contents/articles/12370.step-by-step-guide-for-setting-up-windows-server-2012-domain-controller.aspx

Microsoft SQL server 2012 SP1 Setup:

Configuration Manager 2012 SP1 requires the following SQL versions

SQL Server 2008 SP2 with Cumulative Update 9 or higher
SQL Server 2008 SP3 with Cumulative Update 4 or higher
SQL Server 2008 R2 SP1 with Cumulative Update 6 or higher
SQL Server 2012 with Cumulative Update 2 or higher

You can install additional feature as you required but I just go with minimum required for SCCM installation.

Ensure you have select following SQL Collation for SCCM:

SQL_Latin1_General_CP1_CI_AS.

Click Add Current user or Other Amin users:

Download SP1 this is now supported SQLServer2012SP1 (KB2674319-x64-ENU.exe)

http://www.microsoft.com/en-us/download/details.aspx?id=35575

Now open SQL Manger and connect using your current user (user that you have entered during installation as admin)


Note: Ignore the server name;

Microsoft recommend 50 to 80% of available physical memory.


Note: more memory certainly improve performance. It is ideal to use a different server for SQL for real operational server.

Install Windows ADK:

The Windows® Assessment and Deployment Kit (Windows ADK) is a collection of tools that you can use to customize, assess, and deploy Windows operating systems to new computers.

http://download.microsoft.com/download/9/9/F/99F5E440-5EB5-4952-9935-B99662C3DF70/adk/adksetup.exe

Prepare Active Directory (schema update for AD) for SCCM.

Run following file from DC server if SCCM server is not your DC server. Note: do not use SCCM server as DC server in real  production server. AD has to be separated but for lab environment it is OK.

On the CD or mounted/extracted iso it should be here: SMSSETUP\BIN\X64\extadsch.exe

\SMSSetup\Bin\x64\Extadsch.exe, right click and choose Run As Administrator.
A command prompt window will appear briefly as the schema is extended, check in c:\ for a log file called ExtADSch.log it should look similar to this

If you see error message following log file; run this for domain controller login with Administrator.

Configure Windows Host firewall to required ports for SCCM:

Right click on Incoming rules and create new rule

Crate System Object Container:

Right click CN=system management then properties

Create firewall rules using Group policy:

Open Group Policy Management tools to open WMI and File and printer sharing for SCCM clients.

Repeat again for WMI

Adding required Windows Roles and Feature>

If require PXE boot; the Windows Deployment Service is required. Note: Enabling PXE boot from SCCM consoled also automatically install "Windows Deployment Service" so you can install now or later.

———–

——————-

WSUS installation

———– Note: installation of Default WSUS server with Windows Server 2012 ————–
It is better choice to use Database rather WID database. Recreate SUP (Software Update Point) in SCCM Site server roles if sync is failed between WSUS and SCCM SP1

WSUS is bit cranky for now but here is what I did to fix it:

1) Uninstall SUP role

2. Uninstall WSUS

4. Delete SUSDB from SQL Server if any

5. Restart Server

6. Install WSUS (Chose to install DB not WID)

7. Configured Updates to be stored locally

8. Run Post Deployment Configuration from Server manager

9. Started WSUS Admin Console and ran Wizard (also chose to connect for the catalog sync) up to the Point where you select the products. Here I canceled the wizard without choosing any products

10. Install SUP role in SCCM and configure the right Settings (WSUS on Server 2012 Defaults to its own admin Website and ports 8530 and 8531) and select the products you required.

11. Check following log file if WSUS does not sync with SCCM.

Path: C:\Program Files\Microsoft Configuration Manager\Logs

File Name:

WCM.log
wsyncmgr.log

12.) Starts synchronization in the sccm console

Install with Windows Server 2008 R2 SP1 [very stable]
Alternatively; download and install stable version of WSUS 3.0 SP2 or better still if you go with Windows 2008 R2 and WSUS 3.0 SP2 [stable]. Windows server 2008 R2 SP1, SCCM 2012 SP1, MS SQL 2008 R2 with required updates/ MS SQL 2012 SP1 with cumulative updates.

WSUS 3.0 SP2 installation steps:

http://technet.microsoft.com/en-us/library/dd939822(v=ws.10).aspx

Apply following KB for WSUS 3.0 Service Pack 2 (SP2) to work on Windows 2008 R2 Server.
Installation steps are here:

KB2720211

http://support.microsoft.com/kb/2720211

KB2734608

http://support.microsoft.com/kb/2734608/en-us

—————- End—————

Install SCCM 2012 (auto boot DVD or Run splash.hta file as an administrative privilege):

Click on the begun installation if no error found. Note: SCCM 2012 SP1 needs 8GB RAM for Primary site.

Required Hotfix release on Feb-2013 for SCCM SP1

http://hotfixv4.microsoft.com/ConfigMgrV5/sp1/ConfigMgr_2012_SP1_CU0_KB2801987_ENU/05.00.7804.1108/free/457899_ENU_x64_zip.exe

http://hotfixv4.microsoft.com/ConfigMgrV5/sp1/ConfigMgr_2012_SP1_CU0_KB2793237_ENU/05.00.7804.1111/free/459398_ENU_x64_zip.exe

Restart the server and ensure required services are running. Done.

This posting includes an audio/video/photo media file: Download Now

McAfee Access Protection Prevents creation of boot disk in SCCM 2012 SP1

Posted: 11 Apr 2013 05:32 PM PDT

This has been driving me crazy the past couple of days:

https://kc.mcafee.com/corporate/index?page=content&id=KB76867&actp=search&viewlocale=en_US&searchid=1357907921573

Last week I started on an install for SCCM 2012 SP1 for a customer who has McAfee as the main security solution in their environment.  I have some previous experience with McAfee, and i hadn't previously experienced any issues with it.  All of the previous clients I had that used McAfee were on 2012 RTM, and this was the first one I had done with SP1.  Sp1 uses the ADK, instead of the AIK, of course, and all has not gone smoothly.

The first problem I encountered was with the site installation itself: the site seemed to install fine, but no boot images were created.  This seemed a bit odd, so I checked the ConfigMgrSetup.log file located on the root of C:\

mcafee-1

The boot images were not created properly during setup.  The boot image files were both at their default location (\\server\SMS_sitecode\osd\boot) but they weren't in the console.  I decided to try and import them manually:

bootimageerror

A bit of an odd error message, however, the DISM log file showed that SCCM was unable to insert the OSD binaries into the WIM.  Now we're getting somewhere.  I figured I'd try creating one from scratch with MDT.  That was also unsuccessful.

MDT

Searching around the web was not very helpful  as most people seemed to be reporting problems related to permissions.  Given the access denied error that others reported, and the fact that my permissions were fine, I believed the culprit would be McAfee.  Since the logs didn't show McAfee blocking or deleting anything, I didn't have much to go on.  I talked to the security team and got them to allow me to temporarily disable McAfee, and like clockwork, I was able to create a boot image.  My first thought was to exclude C:\Windows\Temp\BootImages from McAfee, but the customer's security team wanted specific justification before adding any exclusions.  We tried it as a troubleshooting step, but once Access Protection was reactivated, the problem returned.

Earlier today I came across the article above from McAfee, hopefully they'll come to a more permanent solution, but for the time being, we need to turn off Access Protection whenever we update or edit any boot image, or perform offline servicing on a WIM.  I've been in other environments with SCCM 2012 SP1 and other AV solutions, such as Symantec Endpoint Protection, Kaspersky, and of course SCEP, but haven't experienced this issue yet.

AV White-list Considerations

This issue has prompted me to review some of the community resources concerning AV policy on an SCCM site server.  My personal feeling is to exclude these locations from any AV client:

  • %programfiles%\Microsoft Configuration Manager\Inboxes\*
  • %programfiles(x86)%\Microsoft Configuration Manager\Inboxes\*
  • <C:>\ConfigMgr_OfflineImageServicing – defaults to the same drive the site is installed on
  • C:\Windows\TEMP\BootImages

You may want to review the following links for more information:

http://blogs.technet.com/b/systemcenterpfe/archive/2013/01/11/updated-system-center-2012-configuration-manager-antivirus-exclusions-with-more-details.aspx

http://www.systemcenterblog.nl/2012/05/09/anti-virus-scan-exclusions-for-configuration-manager-2012/

SCCM 2007:  http://blogs.technet.com/b/configurationmgr/archive/2010/11/30/configmgr-2007-antivirus-scan-and-exclusion-recommendations.aspx

-easy

Onrego's Multitenant SCCM for MSP's

Posted: 10 Apr 2013 11:14 PM PDT

We are proud to announce the fact that Onrego Online System Center workstation management, based on Microsoft System Center Configuration Manager 2012, is now multitenant and available for MSP's around the world either as whitelabel or branded as Online System Center.

We launched Onrego Online System Center for corporations on November 1st 2012, and today we launch Onrego Online System Center for managed service providers (MSP) as well. MSP's can now use our innovation in managing their end customers' workstations and users and benefit from the power of Microsoft System Center Configuration Manager, which is, by Gartner Magic Quadrant for Client Management Tool, the leader in the field as you can see in the following figure (Copyright Gartner, found from Microsoftnow.com).

SCCM MagicQuadrant

MSP's can manage the tenants from Onrego Online System Center Portal with fully automated processes. Management Console can be given to the appropriate tenant if needed with no worries in security matters.

You don't have to worry about network or domain boundaries. Onrego Online System Center workstation management can manage workstations where ever they are located and no matter who owns them. MSP's can also benefit from mass management, such as delpoying patches to every tenant at once.

We are able to give a demo account for a MSP on a request. Meanwhile, we have couple of teasers of tenat management as well as basic workstation management.

Example of tenant management in Onrego Online System Center:

Example of basic workstation management in Onrego Online System Center:

We believe the future is cloud based! We believe our customers, partners and MSP's should pay only for what they are using with no upfront investments. Contact us and build your business as scalable and flexible one!

If you have any questions or you are intrested in Onrego's services, please do not hesitate to contact us!

Identify if SCCM 2012 SP1 CU1 has been installed

Posted: 09 Apr 2013 12:00 PM PDT

After upgrading to System Center Configuration Manager 2012 SP1 CU1, you will be able to identify th

Configuration Manager 2012 SP1 Toolkit - Content Library Transfer Tool

Posted: 07 Apr 2013 08:04 PM PDT

I found a cool blog post by Neil Peterson on this tool. Check it out if you need to move the DP's content store from one drive to another  Neil's Blog and TechNet Information

Configuration Manager 2012 SP1 Toolkit download

Sandeep Mangaraj became a registered member

Posted: 24 May 2013 04:40 PM PDT

Comments: 0

kaizokucred became a registered member

Posted: 24 May 2013 10:51 AM PDT

Comments: 0

Chad Simmons replied to the forum topic SCCM 2012 - Need help...computers restarting when Maintenance Window is in place in the group System Center Configuration Manager 2012

Posted: 24 May 2013 10:40 AM PDT

Review these logs: RebootCoordinator.log, ServiceWindowManager, SCNotify*, UpdatesDeployment, UpdatesHandler, and WUAHandler to see if you can coorelate the Software Updates request for restart/reboot and the […]

Comments: 0
You are subscribed to email updates from SCCM by Davis
To stop receiving these emails, you may unsubscribe now.		 Email delivery powered by Google
Google Inc., 20 West Kinzie, Chicago IL USA 60610
System Center Configuration Manager - Davis Blog

This posting includes an audio/video/photo media file: Download Now

Ethernet Invention Revealed the Origins of Innovation

Posted: 26 May 2013 08:50 AM PDT

NEWS ANALYSIS: Ethernet's invention 40 years ago showed that innovation can happen when smart people are given time to think and to work together.
You are subscribed to email updates from SCCM by Davis
To stop receiving these emails, you may unsubscribe now.		 Email delivery powered by Google
Google Inc., 20 West Kinzie, Chicago IL USA 60610
System Center Configuration Manager - Davis Blog

This posting includes an audio/video/photo media file: Download Now

Valbjorn Julius Thorlaksson became a registered member

Posted: 27 May 2013 07:44 AM PDT

Comments: 0

Aniruth became a registered member

Posted: 27 May 2013 05:53 AM PDT

Comments: 0
by to No hay comentarios:
Suscribirse a: Entradas (Atom)

SCCM by Davis

Cargando...