Wednesday, December 30, 2015

Happy New Year (2016)

From Henk's blog (and sponsors) we wish you all a Happy New Year! Thanks for visiting my blog, and hope you liked all information last year about Microsoft System Center and Microsoft Intune.








Expect more to come in 2016 again!
#HappyHolidays

Wednesday, December 23, 2015

Doing a ConfigMgr 2012 R2 to 1511 migration on another server

Recently I did a ConfigMgr 2012 R2 to 1511 migration. Case is, it was needed to be installed on a new server. This new server has a different computername and IP-address and different partitions as well. When you want to recover an existing ConfigMgr installation, you need to have a server with the same computername, IP-address and partitions too. Therefore I have choosen not to re-use the ConfigMgr back-up, but using migrations tools.

Let's have a look at current situation first. The existing server is build on Windows Server 2008 R2, SQL Server 2008 R2 and ConfigMgr 2012 R2, where the Primary server installation is separated from SQL installation. You may upgrade SQL Server in-place with Microsoft support, but an in-place Windows Server upgrade is not supported. Therefore a new server with a current (2012 R2) server installation is needed. When using Windows Server 2012 an in-place upgrade to 2012 R2 is supported. Otherwise not!

When building a new server, and there's a need to use the existing ConfigMgr database, the computername, IP-address and partitions must be same. Because I want to change the name and partition both, recovery is not possible. Therefore I used a new server build on Windows Server 2012 R2, SQL Server 2014 SP1 and and ConfigMgr 1511. During installation a new Site code and name is requested. The existing name cannot be re-used.

After installation start the migration tools, and migrate all objects needed to the new server. Remember you cannot migrate collections when coming from ConfigMgr 2012. For some reason that is possible only from ConfigMgr 2007 environments. Other objects migrate fine indeed. After migration remember to update ConfigMgr client too, so management can be done from the new server.

All went fine during this migration. Hope it helps!

Update 28-12-2015: Within the Object migration task, collections can be selected as well. As asked by Conor O'Farrell within the comments, both deployments and collections can be migrated successfully. On my software package however the program was disabled after migration, without the possibility to enable it during migration. So yes, you can migrate all stuff needed from ConfigMgr 2012 R2 to 1511. Just great!

Sources used:
Backup and Recovery in Configuration Manager
How to move the ConfigMgr 2012 site database to a new SQL server
Supported configurations for System Center Configuration Manager
Planning a Migration Job Strategy in System Center 2012 Configuration Manager

Thursday, December 17, 2015

How to remove Windows and Office updates with ConfigMgr

I'm using ConfigMgr for patch management a lot, however sometimes there are updates that needs to be removed as well. Within ConfigMgr you can use 'Edit membership' to remove already deployed updates from existing Software Update Groups, but what to do when updates are installed on systems already? Interesting question and there is a solution for this as well.

When Windows updates are deployed already, do the following:
-Create a new custom task sequence
-Add a Run command line step in it
-Use the command: C:\Windows\System32\wusa.exe /uninstall /kb:<kb number>/quiet /norestart in it
-Deploy the task sequence to your systems

When Office updates are deployed however, the proces will be a little different:
-Create a new custom task sequence
-Add a Run command line step in it

-But now it comes:

Start regedit and do a search on the kb number. This can be found in HKLM\ Software\ Microsoft\ Windows\ CurrentVersion\ Uninstall\ for x86 systems and HKLM\ Software\ WOW6432Node\ Microsoft\ Windows\ CurrentVersion\ Uninstall\  for x64 systems.

Have a look for the Uninstallstring there, which is like: "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{GUID1}" "{GUID2}" "1033" "0"

-Use both GUIDs and use them in the following command line: msiexec /package {GUID1} MSIPATCHREMOVE={GUID2} /qb /norestart
-Deploy the task sequence to your systems

After that the Windows and/or Office update will be removed succesfully!

Source: Teh Wei King

Tuesday, December 15, 2015

Issue with Windows ADK for Windows 10 (Version 1511) in ConfigMgr

When using ConfigMgr 2012 SP2 or R2 SP1, and Windows 10 needs to be deployed, Windows 10 ADK is needed as well. This because the deployment tools are not forward-compatible; you need to use a Windows 10 boot image to deploy a Windows 10 OS image. When searching for the Windows 10 ADK however, it's possible you download the wrong one! Within Version 1511 (Build 10.1.10586.0) there's an serious issue that blocks a specific ConfigMgr OS deployment scenario from Software Center.

Therefore it's needed to use Version RTM (Build 10.0.26624.0). You should continue to use the original release of the Windows 10 ADK, which is supported for OS deployments including Windows 10, version 1511. When downloading adksetup.exe, just check the version before installing deployment tools! (details tab)

Version RTM
 
Version 1511

As mentioned on the Configuration Manager Team Blog, the new Configuration Manager 1511 is also affected by the ADK issue. Please check that post. We will update it when we have further information. You should continue to use the original release of the Windows 10 ADK, which is supported for OS deployments including Windows 10, version 1511. This older version of the Windows 10 ADK can still be downloaded directly from the Microsoft Download Center

Have a look on Microsoft Technet for more information:
Issue with the Windows ADK for Windows 10, version 1511

More blogposts about Windows ADK:
Update ConfigMgr 2012 R2 SP1 with Windows 10 boot images

Thursday, December 10, 2015

Installing ConfigMgr as a service (version 1511) first experience

Since ConfigMgr as a service (version 1511) is released, installation and upgrade can be done. I did a installation in my environment already, to see the difference with ConfigMgr 2012. Let's have a look at my experiences so far:

Splash.hta hasn't been changed, but Version 1511 is visible now! Installation (in my case) is done in 27 minutes, which is quite normal.

During installation 'Usage Data' is showed. It enables Microsoft to automatically collect diagnostics and usage information over the Internet. Enhanced mode is the default data collection level, but Basic and Full membership is possible too.

The new Service Connection point brings monthly updates in ConfigMgr and Intune more easily then before. When Online, new updates are applied and Usage Data (as mentioned before) is collected.

After installation Version 1511 is showed, which is the new ConfigMgr. Have a look at my other blogposts the new ConfigMgr also:
- What to expect from ConfigMgr as a service (version 1511)
- ConfigMgr and SCEP (version 1511) Generally Available now!
- My experience with ConfigMgr 2016 (Technical Preview 3) so far

For more information on 'Usage Data' have a look here:
Reference for System Center Configuration Manager Setup

Wednesday, December 9, 2015

What to expect from ConfigMgr as a service (version 1511) and new features

ConfigMgr 1511 (better known as ConfigMgr as a service) is released yesterday. Have a look on my earlier blogpost for that. Let's have a look at some new features known so far:

-ConfigMgr is a 'as-a-service' solution from now on!
-ConfigMgr is called 1511 because of versioning, which is YYMM
-Microsoft has the ability to update ConfigMgr when needed
-With a Maintenance Window you can choose when the update is done!
-No complex individual upgrades are needed anymore


Windows 10 support
-It has full support for Windows 10 (provisioning, servicing, imaging)
-An in-place upgrade task sequence is available by default
-Windows 10 on-premises MDM possible, but Intune subscription is still needed
-Windows 10 servicing possible and dashboard integrated
-Both Endpoint Protection and Windows Defender management

Updates and servicing:
-No servicepacks, CU's and hotfixes needs to be installed anymore
-Client deployment monitoring in the console (cool feature)
-No reboots are needed when update ConfigMgr with new functionality
-Preferred management points in ConfigMgr possible (new feature)



Other new features:
-Multiple deployments for Automatic Deployment Rules :)
-Cluster aware patch management (instead of using WSUS)
-Combined Software center and Application catalog (finally)
-and much, much more...


Because Microsoft is moving away from Silverlight (using HTML5 instead) no Application Catalog (as second Software Center) is needed anymore, but both Application Catalog roles still needs to be installed. Microsoft is using a unifying Software Center now, which can handle both packages and applications. That's great for end user experience if you ask me! It can be enabled in Client settings.

Migration is possible from 2007 (side-by-side) and 2012 (in-place) with the recommendation to run the latest Cumulative Update.

Have a look at What’s new on the Configuration Manager horizon (session by @Tim_DK) for more information!

Tuesday, December 8, 2015

ConfigMgr and SCEP (version 1511) Generally Available now!

As for today (December 8th) ConfigMgr and SCEP (version 1511) are available! They can be downloaded from the Microsoft Evaluation Center, MSDN, and Volume Licensing Service Center. ConfigMgr 1511 (YYMM versioning) was designed to work with Windows 10, and gives you multiple options to deploy, update, and manage Windows 10 in the way that makes sense for your business.

With the new ConfigMgr (ConfigMgr as a service) it's no longer needed to install servicepacks, cumulative updates and additional hotfixes. With the Service connection point (connects ConfigMgr to Microsoft cloud services, used for Microsoft Intune, and to update and service your ConfigMgr installation) this will be done easier from now on! Have a look at this blogpost for more information on that.
 



This release provides key new capabilities:
Deploy/upgrade/provision Windows 10: ConfigMgr supports a variety of fast, efficient ways to deploy or upgrade devices to Windows 10.
Keep Windows 10 up-to-date: Once devices are running Windows 10, enterprises must keep them up-to-date to ensure they are properly secured.
More frequent and easier to install updates: ConfigMgr is now designed to make it easier to update without going through complex individual upgrades.
Manage Windows 10: You can manage devices using the traditional ConfigMgr agent and, when integrated with Microsoft Intune, also via cloud or on-premises MDM.


ConfigMgr provides an improved unified device management platform for customers using ConfigMgr integrated with Microsoft Intune to manage PCs, servers, and mobile devices. This release enables faster updates to bring new Intune features to your hybrid deployments.

Have a look at Removed and Deprecated Features for Configuration Manager to see differences between ConfigMgr 2012 and 1511.

Have a look for more information:
System Center Configuration Manager Overview
System Center Configuration Manager Team Blog

Monday, December 7, 2015

Failed to retrieve the package list on the distribution point

When looking at Content Status of distribution points, you may see a warning status with the following message: Failed to retrieve the package list on the distribution point. Or the package list in content library doesn't match the one in WMI. Review smsdpmon.log for more information about this failure.

This because of a mismatch between the ConfigMgr content library and WMI. You can enable content verification, but after a while the warnings are still there. There is however a solution available, but not default in the ConfigMgr console. Let's have a look at it.

When looking in smsdpmon.log you will see the packages which are out-of-sync or doesn't exist anymore. When having multiple distribution points, there may be different issues as well.

In my case I started a PowerShell script, which can be found here: windows-noob.com

After running the script from Peter33 and start content validation some days later, the issue was gone. Hope it helps!

Thursday, December 3, 2015

iOS 9 Extensions installation issue in ConfigMgr with Intune (Hybrid scenario)

Last month Microsoft released the iOS 9 Intune extension for ConfigMgr. At a customer with Hybrid scenario (ConfigMgr with Intune) the following happens when opening the ConfigMgr console. A prompt is displayed that a new extension is available, with the choice to install it right away, or open the console in read-only mode. When select -install- an error message is displayed, and you can start all over again. Let's have a look at this.
 
The first message displayed is "Extensions for Microsoft Intune have been enabled or disabled for this site. To update this console with the changes, click Yes. To continue without updating the console, click No. The console will be restarted in read-only mode."
 
When select Install the following message is displayed: "The feature task requires that you close the Configuration Manager console. Close all open Configuration Manager consoles and retry the operation".

Trick is no ConfigMgr consoles are open, nothing seems to happen and reopening the console would bring me back to the start again!

Solution for this is to start an elevated (admin) command prompt and navigate to C:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\bin. Run AdminUI.ExtensionInstaller.exe /Q from there. After that the console can be opened fine, and no popup is displayed anymore.

Maybe useful for future updates too :-)

Monday, November 30, 2015

iOS 9 Extensions missing in ConfigMgr with Intune (Hybrid scenario)

Last month Microsoft released the iOS 9 Intune extension for ConfigMgr. At a customer with Hybrid scenario (ConfigMgr with Intune) however the iOS 9 extensions was missing. Whenever starting the ConfigMgr console, no new message are displayed.

We logged a call with Intune Support and the following did the trick:
Start SQL Management Studio and run the following queries against the SMS database.

Select * from CFDMetadata where FeatureID = 'FFFF4E99-5BD9-4A82-BC9F-7864FCAEA519'

update CFDMetadata set MinCMVersion = '5.00.8239.1000', MaxCMVersion = '5.00.8239.9999', MoreInfoLink = 'https://go.microsoft.com/fwlink/?LinkId=330435', ReleasedDate = '2015-09-11 09:09:00.000' where FeatureID = 'FFFF4E99-5BD9-4A82-BC9F-7864FCAEA519' and FeatureVersion = 300001214

After starting both queries, the iOS Intune extension became available. Hope it helps!

Friday, November 27, 2015

Jalasoft Releases Brand New Xian SNMP Device Simulator v5.5

Sponsor post

Today (November 25th) Jalasoft announced the release of The Xian SNMP Device Simulator 5.5. This new version comprises several new features along with several performance enhancements.


The two most important additions are the built in OID editor and an SNMP Dump Manager. The OID Editor gives people the option to customize the behavior of certain OIDs within the simulation file. For example, users will be able to change the simulated interface status with only a few clicks. Additionally, we’ve implemented the new SNMP Dump Manager. This feature has been introduced to help the user handle the simulation files that the Xian SNMP Device Simulator is using in a much simpler manner

The SNMP Simulator comes in two versions; The free version can simulate up to 5 devices in a normal way while the paid version has the option of dynamic simulation OID editing and device recording. Prices start at 99 USD (for 50 devices). A free 30 day evaluation is available for download at the Jalasoft website.

Read more:
Fun things to do with the new Jalasoft Xian SNMP Device Simulator

Monday, November 23, 2015

Path for Upgrading ConfigMgr 2007 to ConfigMgr 2016 (as a service)

Since the ConfigMgr 2012 release (April 2012), I'm doing both implementations and 2007 migrations a lot. ConfigMgr 2012 is still the best choice for on-premises and remote device management.

With Microsoft Intune integration (part of Enterprise Mobility Suite) for mobile device and application management, you have best of both worlds. Microsoft mentions that 'No one else offers this functionality!'. Therefore ConfigMgr and EMS is the best solution for deploying and managing Windows 10 on PC's, tablets and mobile devices.

Additionally, ConfigMgr 2016 (ConfigMgr as a service, which is called just 'ConfigMgr' from now on) will support MDM-based management for Windows devices, fully on-premises, with no ConfigMgr agent required. In that case you can choose between full (with ConfigMgr agent) and MDM-based (no ConfigMgr agent) management.

But what to do if organizations are still on ConfigMgr 2007 these days?

On Microsoft TechNet there was a question about this several months ago. I did a post on Twitter today as well. The answer sounds promising: ConfigMgr 2016 does support migrating from ConfigMgr 2007 R2 SP2 and R3 SP2, which is really great news! So no need to migrate to ConfigMgr 2012 first before going to 2016. Thanks to Peter Daalmans (@pdaalmans) on this one.

ConfigMgr 2016 will be generally available in Q4 CY2015 (which is really soon!). Technical Preview 4 is released last week, which is the last technical preview before the general availability (GA) of the current branch of ConfigMgr.

Thursday, November 19, 2015

OpsMgr warning: Power Shell script was dropped (solved)

Recently I did some OpsMgr troubleshooting. This in an environment with lot of agents and management packs installed. On multiple Hyper-V hosts there is a recurring OpsMgr warning seen: Power Shell script was dropped. I did a lot to try solve the issue, but despite the activities, it didn't do the job. Hope to found a solution on this, so therefore this blogpost.
 
Let's have a look at Product Knowledge first:
 
Summary
The System Center Management Health Service could not run a PowerShell script as part of a rule or monitor due to over utilization.

This may affect some monitoring or discovery.
 
Causes
This can be caused by:
-Too many PowerShell scripts being run by the System Center Management Health Service.
-PowerShell scripts are taking too long to execute.
-PowerShell scripts are running too frequently.
-The computer does not have enough resources (for example; memory) to run the PowerShell script.

 
Resolutions
The alert description and context has information indicating which rule or monitor failed. However, there may be other rules or monitors failing as well. The following link will display all events indicating a failure to run the executable:

After reviewing the error in the context, consider reducing the frequency of the PowerShell script.
Ensure that the computer is not over utilized.
-Check Task Manager to see if there is enough free memory.
-Check Task Manager to see if there are any processes consuming all the CPU.

This can also be caused when too many PowerShell scripts are being scheduled. This could be the result of an event storm or a misconfigured timer. In both cases the rule configuration will have to be examined to determine why the PowerShell script is running too often and usually will need to be backed down somehow (increasing the interval).

 
 
Let's have a look at Event Viewer now:
 
Workflow names (there are more):
Microsoft.SystemCenter.VirtualMachineManager.Network.2012.Vport.BytesReceivedPerSec
Microsoft.SystemCenter.VirtualMachineManager.Network.2012.Vport.BytesSentPerSec

Microsoft.Windows.Server.2012.MaxConcurrentAPI.Monitor
Microsoft.Windows.HyperV.2012.R2.DiskPartitionSpaceProvider.FreeSpaceCollectionRule
Microsoft.Windows.HyperV.2012.R2.DiskPartitionSpaceProvider.UsedSpacePercCollectionRule
Veeam.Virt.Extensions.HyperV.VM.Monitor.Heartbeat

Veeam.Virt.Extensions.HyperV.VM.ClusterResourceGroupStatus.Monitor
Veeam.Virt.Extensions.HyperV.VMRule.DISK.usedStorage.ByInstance
Veeam.Virt.Extensions.HyperV.VMRule.DISK.usedStorage

 
Script names (there are more):
CheckMaxConcurrentAPI.ps1, ClusterVMState.ps1
GetDiskPartitionSpaceV2.ps1, GetVPortPerfData (a lot)

SummaryInfo.ps1, UsedStorageV3.ps1
 
All errors seen here has Event ID 22411 and Source Health Service Modules. They will be generated every 30 minutes again.

Easy solution could be to stop rule alerts, so that no warnings on Dropped Power Shell script would be displayed anymore. But that doesn't take away the thousand of errors on any Hyper-V host seen. I did look at the following websites for more information too. Hope anyone can point me in the right direction on this. Thanks!
 
Websites visited:
ReSearch This KB – Power Shell script was dropped
What does powershell script 'GetVPortPerfData' do in SCOM?
Powershell Script to "Disable/Enable" Subscriptions
OpsMgr 2012 Self Maintenance Management Pack Update
SCOM: powershell run space failed to start

Update: Based on the website from Reidar Johansen I followed the steps to disable both Virtual Port errors. After that no new events were logged on Hyper-V anymore and no new warnings were created in OpsMgr. Start the command: Get-SCOMRule -Name Microsoft.SystemCenter.VirtualMachineManager.Network.2012.Vport.* and disable the rules DisplayName: [Virtual port received bytes per second] and [Virtual port sent Bytes per second] and you will be fine. Hope it helps!

Wednesday, November 18, 2015

The management pack cannot be downloaded and the temporary file has been deleted

When using Operations Manager (OpsMgr/SCOM) and want to see if there are updates on management packs, just check Download management packs > Add > Updates available for installed management packs. On a few management packs however the following error message was displayed:
<MP> did not pass the security verification. The management pack cannot be downloaded and the temporary file has been deleted. A few management packs I get this error are Hyper-V, Lync/Exchange and SQL server, but I guess there may be more.

The following must be done when having this error: Apparently Microsoft released a newer version, which can be downloaded straight from Microsoft, but not from within OpsMgr. After downloading and importing it no error message is displayed anymore. Too bad a few management packs cannot be downloaded right away at this moment, by probably Microsoft will fix it in future.

Source: https://social.technet.microsoft.com/forums/systemcenter/en-US/e97ba10e-563f-4d8c-bccd-799c0ceb4227/system-center-core-monitoring-reports-mp-verification-failed (old post from 2010 but still active)

Hope it helps!

Monday, November 16, 2015

Savision Live Maps Unity for System Center Operations Manager

SCOM alerts
Let's have a look at a common situation you find many times at customer sites: when using Microsoft System Center Operations Manager (SCOM), you know that alerts can be overwhelming. When multiple management packs are imported for more functionality and many agents are enrolled on servers with different applications and roles installed on them, you must configure Operations Manager to benefit from it! Otherwise there can be so many SCOM alerts and e-mail messages a day, that monitoring isn't effective anymore. I did see black television screens (monitoring screens turned off) and IT admins deleting all alerts each day (doing monitoring from that point), often. You can find an in-depth article about SCOM alert storms here.

On the other hand, no graphical Service dashboard is available for a perfect monitoring overview by design. The default built-in SCOM dashboards are using a column or grid layout, with performance, state, alert, and details widgets. They’re good for a basic overview, but nothing more than that. Dashboards can be created in Microsoft Visio, as well as you may know. By using SharePoint Extensions for System Center 2012, they can be connected with the Operations Manager environment. The problem is you need to create those dashboards yourself and have SharePoint Enterprise edition installed. It’s not so easy and user-friendly to create dashboards that way.

Let's introduce Savision Live Maps Unity here. With 700 organizations worldwide using Live Maps Unity, it's the business service management solution you want!


Savision’s SCOM dashboards
With Live Maps Unity, which is used for both monitoring service health and performance, this perfect monitoring overview (as mentioned before) is available! It can be used for a graphical Service dashboard instead, but it's much more than that. Savision's Live Maps Unity speaks the language of the business by focusing on service delivery. It includes unlimited HTML5-based SCOM dashboards for monitoring both service health and performance. With Savision’s SCOM dashboards (based on HTML5-code, which is fast and lightweight), there is no need to look at alerts all day. Just focus on the information Live Maps Unity sends to you.

There won't be many e-mail messages anymore as well. This because Live Maps Unity notifies only when necessary, giving IT admins the time needed to research and solve issues instead of wasting time on notifications. With the Service dashboard in-place, IT admins can use Operations Manager proactive again instead of reactively. The Service dashboard gives you all information needed on a single screen. It’s generated automatically, based on applications found in your environment and gives a total overview of business-critical services, like Exchange, SharePoint, Active Directory and more.

No need to design all those dashboards yourself. Live Maps Unity has the capability to examine your entire IT infrastructure. Additional dashboards can be created with a few clicks by using the built-in drag-and-drop interface. This is really different than using Microsoft Visio, mentioned before. This data is connected with real components and applications by default. These dashboards can be shown from anywhere on any device! This can be done on a mobile device (tablet or smartphone) or desktop if you prefer. This isn’t possible with the default SCOM solution; you have to use another solution for this.

Business Service Management Solution
With Live Maps Unity, you have that solution. The product can be used to monitor entire IT infrastructures, with features like: performance monitoring, .NET application discovery, easy-to-build dashboards, and a Services dashboard. It offers a lightweight web console with support for all major browsers; so no need to have a physical console installed. It offers interactive geographical maps and native System Center integration. It allows quick visualizations of the IT environment through SCOM dashboards. It has everything inside for monitoring service health and performance. It’s the Business Service Management Solution that makes SCOM the perfect monitoring solution!

As a result: With SCOM and Savision’s Live Maps Unity, you have best of both worlds and true power in SCOM finally. No need to focus on alerts anymore, because it helps to deal with the root cause of notifications. Just focus on alerts which really need your time and attention to manage the healthiest environment possible.

Included are some web links to find more information on the product and even more functionality as well. There are some videos and datasheets available too.

Happy monitoringJ!
(Sponsor post)

Thursday, November 12, 2015

Install Cumulative Update 2 for ConfigMgr 2012 R2 SP1 and 2012 SP2

Today Microsoft called me with the news that Cumulative Update 2 (CU2) for ConfigMgr 2012 R2 SP1 and 2012 SP2 is released. This because I had some issues at customer location with Intune extensions not working in a hybrid ConfigMgr environment. With CU2 those issues must be gone now! KB3100144 (CU2) solves a lot of issues and is therefore highly recommended. It contains 34 (!) fixes and improvements and some additional changes too.

More about that can be found in another blogpost. No need to install KB3074857 (CU1) anymore after installation. This because it's integrated in CU2 now.

During installation (which is default as always) update packages will be created for site servers, ConfigMgr consoles and clients. When having Intune integrated in ConfigMgr (hybrid configuration), extensions will be updated as well. Great that CU2 is available now, and hope that ConfigMgr vNext will released soon too.

After installation you will see Console version 5.0.8239.1301 now, which is the latest release. Just install it in your environment when experiencing problems described in this article. When not affected by these problems, Microsoft recommends to wait for the next service pack that contains this update.

Update: There was a minor bug in the first CU2 release. The product group has released a new build now. If you are installing using the new build, the console version will be 5.0.8239.1302

Wednesday, November 11, 2015

Cumulative Update 2 for ConfigMgr 2012 R2 SP1 and 2012 SP2 released

Yesterday (November 10th) Cumulative Update (CU) 2 for ConfigMgr 2012 R2 SP1 and 2012 SP2 is released. This update contains 34 (!) fixes for various issues including an update version of the SCEP client, and contains all of the changes from prior cumulative updates.

Here's a list of issues that are fixed, there are quite a lot of them:
-Administrator Console (3 fixes)
-Configuration Manager client (3 fixes)
-Site systems (6 fixes)
-Operating system deployment (8 fixes)
-Software distribution and content management (7 fixes)
-Microsoft Intune and mobile device management (5 fixes)
-Software update management (2 fixes)


Additional changes that are included in this update:
-Endpoint Protection - Revised February 2015 anti-malware platform update for Endpoint Protection clients
-Software distribution and content management - Distribution Manager can now process pull-distribution point packages more efficiently in large environments.
-Microsoft Intune and mobile device management - This update contains general performance improvements to the device enrollment process in Intune hybrid environments.
-Microsoft Intune and mobile device management - Update to implement oneClick quarantine of email messages in System Center 2012 Configuration Manager SP2


Just install it in your environment when experiencing problems described in this article. When not affected by these problems, Microsoft recommends to wait for the next service pack that contains this update. Great that CU2 is available now!

This update replaces Cumulative Update 1 for System Center 2012 Configuration Manager R2 SP1 and 2012 SP2

For more information or download the update have a look here:
Microsoft Support

Tuesday, November 10, 2015

Deploy a customized Windows 10 start menu during deployment

Did you know that when deploying Windows 10, it's possible to copy a default start menu too? When using a Windows 10 image from media, the start menu is filled with apps you never use :) Therefore remove (almost) all apps, and fill it with apps you want to use!

The command used to export the start menu is: Powershell export-startlayout –path "<path>\LayoutModification.xml"

An example looks like this:
<LayoutModificationTemplate Version="1" xmlns="http://schemas.microsoft.com/Start/2014/LayoutModification">
  <DefaultLayoutOverride>
    <StartLayoutCollection>
      <defaultlayout:StartLayout GroupCellWidth="6" xmlns:defaultlayout="http://schemas.microsoft.com/Start/2014/FullDefaultLayout">
        <start:Group Name="Office 2013" xmlns:start="http://schemas.microsoft.com/Start/2014/StartLayout">
          <start:DesktopApplicationTile Size="2x2" Column="0" Row="2" DesktopApplicationID="{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Microsoft Office\Office15\WINWORD.EXE" />
          <start:DesktopApplicationTile Size="2x2" Column="0" Row="0" DesktopApplicationID="{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Microsoft Office\Office15\EXCEL.EXE" />
          <start:DesktopApplicationTile Size="2x2" Column="2" Row="0" DesktopApplicationID="Microsoft.Office.OUTLOOK.EXE.15" />
          <start:DesktopApplicationTile Size="2x2" Column="4" Row="0" DesktopApplicationID="{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Microsoft Office\Office15\POWERPNT.EXE" />
        </start:Group>
        <start:Group Name="Applications" xmlns:start="http://schemas.microsoft.com/Start/2014/StartLayout">
          <start:DesktopApplicationTile Size="2x2" Column="4" Row="0" DesktopApplicationID="{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\FastStone Capture\FSCapture.exe" />
          <start:Tile Size="2x2" Column="0" Row="0" AppUserModelID="Microsoft.WindowsCalculator_8wekyb3d8bbwe!App" />
          <start:DesktopApplicationTile Size="2x2" Column="0" Row="2" DesktopApplicationID="Microsoft.InternetExplorer.Default" />
          <start:DesktopApplicationTile Size="2x2" Column="2" Row="0"
DesktopApplicationID="{6D809377-6AF0-444B-8957-A3773F02200E}\CCleaner\CCleaner64.exe" />
        </start:Group>
      </defaultlayout:StartLayout>
    </StartLayoutCollection>
  </DefaultLayoutOverride>
</LayoutModificationTemplate>


During deployment copy the LayoutModification.xml with the following command to make it available for all users:
copy /y LayoutModification.xml "C:\Users\Default\AppData\Local\Microsoft\Windows\Shell"


With that the start menu is active when logon after deployment. Very nice if you ask me! :) Only thing so far is Internet Explorer is missing from the start menu. Is there a way to place that in the xml file too? Hope to find a solution for that as well, because all other apps are added as expected!

Update: On Microsoft Community and ccmexec.com the answer is found. Just create a "Internet Explorer.lnk" and copy the file:
copy /y "Internet Explorer.lnk" "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"
A PowerShell script is available there too, which do the same thing! Just remember the script looks for StartMenu.xml

Within LayoutModification.xml change DesktopApplicationID="Microsoft.InternetExplorer.Default" to DesktopApplicationLinkPath="%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk"
After that Internet Explorer will shown up in the start menu!


Keep up the good work :)

Thursday, November 5, 2015

Configuration Manager (ConfigMgr) as a service won't get updated

In my LAB environment, ConfigMgr technical preview Build 1509 is installed. Problem is, it won't get updated to Build 1510. Because this functionality is the way to update ConfigMgr now and in future (ConfigMgr as a service), I did some troubleshooting. In this blogpost I give some tips and tricks to look at.

When looking in the ConfigMgr install folder have a look at these folders:
-CMUStaging & EasySetupPayload


When looking in the Logs folder have a look at these logfiles too:
-CMUpdate.log & dmpdownloader.log & hman.log


In the CMUpdate.log the following errors are found:
Set inbox to \\<CM server>\<CM site>\inboxes\cmupdate.box
*** [08001][2][Microsoft][ODBC Driver 11 for SQL Server]Named Pipes Provider: Could not open a connection to SQL Server [2].
*** [28000][18456][Microsoft][ODBC Driver 11 for SQL Server][SQL Server]Login failed for user 'NT AUTHORITY\SYSTEM'.
*** [42000][4060][Microsoft][ODBC Driver 11 for SQL Server][SQL Server]Cannot open database "<CM db>" requested by the login. The login failed.
*** [08001][2][Microsoft][ODBC Driver 11 for SQL Server]A network-related or instance-specific error has occurred while establishing a connection to SQL Server. Server is not found or not accessible. Check if instance name is correct and if SQL Server is configured to allow remote connections. For more information see SQL Server Books Online.
*** Failed to connect to the SQL Server, connection type: SMS ACCESS.
Waiting for changes to the "
\\<CM server>\<CM site>\inboxes\cmupdate.box" directories, updates will be polled in 600 seconds...

In my case the only folder seeing in EasySetupPayload folder is dcd17922-2c96-4bd7-b72d-e9159582cdf2, which is Build 1509. In manifest.log (CMUStaging folder), it's looking for db316362-77fc-46c9-9984-1baeb20615f4, which is Build 1510. So the download couldn't take place, and installation failed. I did a lot to force the download, but nothing seems to do the job.

When update tasks are not available in the ConfigMgr console (Administration > Cloud Services > Updates and Servicing) you can force it by using a SQL query:
EXEC spCMUSetUpdatePackageState N’dcd17922-2c96-4bd7-b72d-e9159582cdf2', 262146, N” (Build 1509)
EXEC spCMUSetUpdatePackageState N’db316362-77fc-46c9-9984-1baeb20615f4', 262146, N” (Build 1510)

Remember: This isn't supported, so use it at your own risk!

That didn't do the job in my LAB environment. I can choose to install Build 1510, but it won't get start downloading again.

Did the restart many times, but no files were downloaded for the new build. Another troubleshooting possible, based on the errors seen:
-Change DateTime format set to MM-DD-YYYY
-Enable Named Pipes in SQL Server Configuration Manager
-Change SQL authentication to SQL and Windows authentication
-Restart Configuration Manager Update service

Hope that anyone has a good solution to put me in the right direction! To be continued..

Update 26-7-2016: Check Microsoft TechNet for more information!

Tuesday, November 3, 2015

Doing a Windows 10 upgrade with ConfigMgr 2012 R2 SP1

Recently I did a Windows 10 upgrade with ConfigMgr 2012 R2. I used the new Windows 10 upgrade task sequence in ConfigMgr Technical Preview 3 before, but this one was new for me. Looking at Microsoft Technet there is a task sequence and multiple scripts available to do the job. With these components you can start an in-place Windows 10 upgrade right away, without the need to wait several weeks (or months) before ConfigMgr vNext is released.

On Microsoft TechNet the following posts are found:
How to upgrade to Windows 10 using the task sequence in System Center 2012 R2 Configuration Manager
and
Revised content for the Windows 10 in-place upgrade via task sequence for Configuration Manager
Within these posts the upgrade path can be found with the files (task sequence and scripts) needed.

Just create a deployment on the task sequence, and choose Install. In this case I choose an available deployment, so users can start the deployment when needed.

Before Windows 10 installation a Presetup takes place. This runs a corresponding Windows PowerShell script (PreSetup.ps1) to perform a variety of necessary actions prior to running Windows Setup.

This is where setup is actually run from the media package to automatically upgrade Windows. Both Windows media and scripts will be downloaded in the _SMSTaskSequence folder.

Windows restarts into a low-level mode to perform the upgrade and there are two possible outcomes: Upgrade completes successfully or Upgrade encounters a problem and rolls back the system to the down-level operating system.

In my case the Upgrade completes successfully. It was done in around 50 minutes. Additional steps can be added to this group as needed, such as Install Applications or Run PowerShell Script. The Install Software Updates step is provided as an example. The Cleanup step just removes the local staging directory.

Just great to have this functionality in ConfigMgr 2012 R2 too!

Thursday, October 29, 2015

Introducing Configuration Manager (ConfigMgr) as a service

As for today (27-1) there is a new update on the Configuration Manager Team blog. Let's have a look at the news mentioned:
 
The Future of Configuration Manager:
-During this time, we have completed the work necessary to deliver ConfigMgr more as an “as-a-Service” product.
-In terms of taxonomy for these updates, we’ll simply be referring to the ConfigMgr product as System Center Configuration Manager + year and month.
-The combination of ConfigMgr and Intune is the only solution that provides the full solution for managing all the versions of Windows, as well as all mobile devices.
-Our goals with ConfigMgr in this release cycle are all centered around finishing the work we started back in 2010 (when we were building ConfigMgr 2012) to deliver ConfigMgr as a service.
-With this work now completed, and with ConfigMgr/Intune being delivered as services, here is what we are able to do for you:
--Deliver the single-pane-of-glass for managing all devices – with immediate support across Windows, iOS and Android without you have to go through complex individual upgrades. We’ll do the work for you.


Support for Windows 10 and Microsoft Intune:
-As we announced at Microsoft Ignite with our first technical preview, we will release a new version of Configuration Manager by the end of this calendar year.
-The new System Center Configuration Manager, as it will simply be called, is designed to support the much faster pace of updates for Windows 10 and Microsoft Intune.
-System Center Configuration Manager will support Windows 10 in any flavor: Current Branch, Current Branch for Business, and Long-Term Servicing Branch.
-The fact that we are not including a calendar year in the name is a reflection of the fact that the new System Center Configuration Manager will be updated frequently.
-We plan to support each version/update for 12 months before we require that customers upgrade to the latest one to continue support.
 -If you want to deploy Windows 10 in your environment today, you should have already upgraded ConfigMgr 2012 to the latest service pack and cumulative update as many of our customers already have.

Just great we have both Windows and ConfigMgr as a service from now on. ConfigMgr is the way to go for managing all versions of Windows! Hope to implement Microsoft Intune more as well. #loveit
 
More blogposts on ConfigMgr 2016 TP3:
My experience with ConfigMgr 2016 (Technical Preview 3) so far
October Update for ConfigMgr 2016 (Technical Preview 3) available  

Tuesday, October 27, 2015

Jalasoft Releases Xian Wings V2.3 for Operations Manager

Sponsor post

Today Jalasoft announced the release of Xian Wings V2.3 for Microsoft System Center Operations Manager 2012. The new version ships with a new Xian Wings Server and brand new clients for Microsoft Windows Phone, Apple iOS and Android based tablets as well as phones.


This new version comprises many enhancements. The communication between the server and the clients has been refined and is now more efficient in terms of data usage, making it faster and more reliable. As of now, the smartphone clients also have a shell console from where commands can be executed directly on the server. Furthermore, the tablet client has been improved and now gives the user the ability to import dashboards directly from SCOM. and users can now copy/cut and paste widgets from one to another dashboard.

Please read below for further information.
Jalasoft Releases Xian Wings V2.3 for Operations Manager

Monday, October 26, 2015

Skipping Task Sequence because it is not active yet

Recently I did a Windows 10 deployment with a new task sequence and deployment. Before running I updated my boot images first. This is described in the following blogpost: Update ConfigMgr 2012 R2 SP1 with Windows 10 boot images. During PXE boot however no task sequence became available and the system was restarted. When looking in smsts.log (press F8, start CMtrace, and open smsts.log in X:\Windows\Temp\Smstslog) the following message was seen: Skipping Task Sequence because it is not active yet & There are no task sequences available to this computer. 

Trick is, you need to change deployment scheduling on the task sequence (or other deployment). In my case I changed date/time in "Schedule when this deployment will become available" one day earlier. For it seems the time(zone) used by ConfigMgr is not the same as used on systems during deployment? After changing deployment scheduling everything was working fine again!
 
Having a look at smsts.log again the following message is seen now: Found mandatory deployment & Using mandatory deployment. Happy that Windows 10 deployment can continue now! :)

Friday, October 23, 2015

Microsoft Lumia 950 vs 950XL comparison

Recently on the Microsoft Windows 10 devices event new Lumia phones are announced. Last year the last Nokia phone (930) was released, which is still loved by many people. Microsoft skipped the 940 version, and is using the 950 and 950XL version now. Devices are called Microsoft Lumia now, with Windows 10 Mobile onboard. With this release, Microsoft wants to make sure this is a major release, kind of new generation. Same thing as for Windows 10 for desktops.

Let's have a look at the 950 and 950XL specs so far:
When looking for a comparison with the 930 have a look here:

Because of new functionality (Continuum, Windows Hello, Wireless charging, Cortana, Adaptive antenna technology, Octacore & Hexacore processors and Liquid cooling technology) this must be my next phone! Therefore I ordered the Lumia 950 today, which will be my next device in around 6 weeks. Hope to share my personal experience within a few months. Just click on the pictures for a better view :)
 

Source and photos: OneTechStop.net