Tuesday, May 20, 2014

Mz Computers - CU1 for SCCM 2012 R2 - The Hotfix

The redirecting page will be displayed and immediately replaced by “MzComputers.com”. With this zero-delay, many users will not even notice the presence of the redirecting page.

This update contains fixes for various issues including Windows PowerShell, and an updated version of the Endpoint Protection client. The update can be download from KB 2938441

Issues fixed by the Hotfix
Administrator Console
  • The wrong software update for an operating system image may be selected in the list of items that are returned in the Schedule Updates Wizard after the list is sorted.
  • Adding a new computer association for an existing computer causes the following error message in the Administrator Console:
Description: "Unable to save changes"
ErrorCode: 2152205056
File = 'e:\\qfe\\nts\\sms\\siteserver\\sdk_provider\\smsprov\\sspsite.cpp":
Line = 1344
Operation = "ExecMethod"
ParameterInfo = "SMS_Site":
ProviderNamre = "WinMgmt"
StatusCode = 2147749889

  • Downloads of extensions by using the Windows Intune Connector role fail because of a message signature verification error. Entries that resemble the following are logged in the dmpdownloader.log file:
ERROR: SignData failed with exception: [Invalid algorithm specified.~~]

Mobile Device Management
  • Enrolling an Android device in both Exchange Active Sync (EAS) and Mobile Device Management causes a duplicate device to be created in the Administrator Console.
  • The "Computers with a specific application installed" report lists a computer two times if that computer is in two collections and if the user who is running the report has permission to both collections.
Application Virtualization
This cumulative update adds support for Microsoft Application Virtualization (App-V) 5.0 Service Pack 2 (SP2). The following issues are seen only in App-V 5.0 SP2 environments earlier than CU1:
  • With App-V 5.0 SP2, when a new version of an App-V package supersedes an earlier version, and when that earlier version is being used, the package is listed as not published. Errors that resemble the following are logged in the AppEnforce.log and the AppDiscovery.log files.

Publish-AppvClientPackage : A publish operation has been scheduled, pending
the shutdown of all applications in the package or the connection group.

Publishing Package is successful but one one of the Virtual Package is currently in use. Close this Virtual Package to get the changes into effect
Performing detection of app deployment type TestApp - Microsoft Application Virtualization 5(ScopeId_0C7279F0-1490-4A0E-A7A3-32A000CEF76D/DeploymentType_d1adf427-ac14-4ee1-9e51-415af7675383, revision 2) for system.

Required component [{AppVPackageRoot}]\TestApp.exe is not published

  • With App-V 5.0 SP2, App-V packages that are being used cannot be uninstalled. Errors that resemble the following are logged in the AppEnforce.log file:
CVEWorker::UninstallConnectionGroup() failed
Internet-based clients
  • Internet-based clients cannot download content from an Internet-facing distribution point after they first encounter a failure to reach Windows Update. Additionally, the DataTransferService.log file on the client logs errors that resemble the following:
Failed to set proxy to bits job for url 'https:// site.configmgr.com:443/SMS_DP_SMSPKG$/{pkg_id}'. Error 0x87d00215
All proxy types and no proxy have been tried for times but failed.

Software Center
  • The business hours setting in the Software Center is not honored for mandatory assignments for programs and task sequences that can run independently of assignment. Instead, the programs and task sequences run immediately. The full text of this setting is "Automatically install or uninstall required software and restart the computer only outside of the specified business hours."
  • The Uninstall option may not be available in Software Center for applications that are made available through multiple deployment types. For example, if two deployment types for an application apply to a client, and if both have an Uninstall action, the Uninstall button is unavailable.
  • The "Available After" date for applications in Software Center may display a date of 1998. This problem occurs for applications that are made available through task sequences.

Operating system deployment
  • External drives, such as some USB thumb drives, are displayed as fixed disks instead of removable media. Attempts to start and install an OS image result in error messages that resemble the following in the Smsts.log file:
Booted from fixed disk
!sVolumeID.empty(), HRESULT=80004005 (e:\qfe\nts\sms\framework\tscore\resolvesource.cpp,465)
!sVolumeID.empty(), HRESULT=80004005 (e:\qfe\nts\sms\framework\tscore\resolvesource.cpp,465)
!sTSMDataPath.empty(), HRESULT=80070002 (e:\qfe\nts\sms\framework\tscore\resolvesource.cpp,1425)
TS::Utility::GetTSMDataPath(rsPath), HRESULT=80070002 (e:\qfe\nts\sms\client\tasksequence\bootshell\configpath.cpp,352)
Failed to find the current TS configuration path
ConfigPath::FindConfigPath(sConfigPath), HRESULT=80070002 (e:\qfe\nts\sms\client\tasksequence\bootshell\bootshell.cpp,545)
Failed to find the configuration path.
The system cannot find the file specified. (Error: 80070002; Source: Windows)
Execution failed with error 80070002.

  • Client computers that are started from Dynamic Boot Media fail to retrieve policy data if the first Management Point refuses an HTTPS connection with error code 80072efd. This does not apply to HTTP connections. This problem occurs even when there are other Management Points available. The smsts.log file contains entries that resemble the following.

    Note These entries are truncated for readability.
3 https and 1 http locations are returned from MP https://MP1.contoso.com.
'https://MP2.contoso.com' sute may be accessible and beused for redirection
'https://MP1.contoso.com' sute may be accessible and beused for redirection
'https://MP3.contoso.com' sute may be accessible and beused for redirection
'http://MP4.contoso.com' may be accessible and be used for redirection
New settings:
site=PS1,PS1, MP=https://MP2.contoso.com, ports: http=80,https=443
certificates are received from MP.
CLibSMSMessageWinHttpTransport::Send: URL: MP2.contoso.com:443 CCM_POST /ccm_system_AltAuth/request
In SSL, but with no client cert
Error. Received 0x80072efd from WinHttpSendRequest.
sending with winhttp failed; 80072efd
Will retry in 5 second(s)
socket 'connect' failed; 8007274d
sending with winhttp failed; 80072efd
End of retriesFailed to read client identity (Code 0x80072efd)
Failed to get client identity.
Exiting TSMediaWizardControl::GetPolicy.
Setting wizard error: An error occurred while retrieving policy for this computer (0x80072EFD). For more information, contact your system administrator or helpdesk operator.

  • Child sites do not process the content for a task sequence that was changed after migration from another site. The Distmgr.log file on the child site contain entries that resemble the following, and the package state does not change:
Package {Package_ID} is in Pending state and will not be processed...

Note This fix applies only to task sequences that are not yet migrated. Task sequences that were migrated before you applied CU1 should be deleted and then migrated again.
  • Applications that are deployed by using a task sequence cannot be installed if the following conditions are true:
    • The deployment purpose is defined as "Required."
    • The assignment Schedule is "As soon as possible."
    • The Download all contents locally before starting task sequence option is selected.

The Execmgr.log file on the client contains errors that resemble the following:
ContentProgressEx invalid request GUID handle
OnContentAvailable invalid request GUID handle

  • Task sequences that are migrated from Configuration Manager 2007 environments and that use Virtual Applications for Install Software package source fail to run. Errors that resemble the following are logged in the Smsts.log file:
Executing command line: smsappinstall.exe /app:ScopeId_{GUID}/Application_{GUID} /basevar: /continueOnError:
[ smsinstallapp.exe ]
ContinueOnError flag is null
Failed to parse command line arguments, hr=0x80070057
Process completed with exit code 2147942487

  • Task sequences may fail on a UEFI-based client if the "Format and Partition" task sequence step runs two times. A dialog box appears that contains the following text during the second "Format and Partition" operation:
OsdDiskPart.exe - Application Error
The instruction at {offset} referenced memory at {address}. The memory could not be read.

  • The following fixes are also included in this cumulative update for Operating System Deployment.
KB number
Application contents are duplicated in stand-alone media in System Center 2012 R2 Configuration Manager
An update is available for the "Operating System Deployment" feature of System Center 2012 R2 Configuration Manager
You cannot stage a Windows PE 3.1 boot image to a Windows XP-based computer in System Center 2012 R2 Configuration Manager
Per-computer variables for imported computers are not read in System Center 2012 R2 Configuration Manager

Endpoint Protection
  • This cumulative update includes an updated version of the Endpoint Protection client. For more information, refer to the following TechNet blogs:

Application management
  • Automated Deployment Rules do not download updates when a proxy server that uses a specific user account is defined. The PatchDownloader.log file on the software update point contains entries that resemble the following:
Downloading content for ContentID = 16777361, FileName = windows8.1-kb1234567-x64.cab.
Try username DOMAIN\Proxy_User_Account
Proxy enabled proxy server
Download http://windows8.1-kb1234567-x64_36d2001d0935b254ff87ab33e46545057ec78514.cab to C:\windows\TEMP\CABC023.tmp returns 407
ERROR: DownloadContentFiles() failed with hr=0x80070197

  • Users who are accessing the company portal cannot install or request an application that is targeted to a security group. A message that resembles the following is displayed:
Error loading details
An error occurred while attempting to load the app details.

Site systems
  • The Application Catalog website displays the error "Cannot connect to the application server" after an SSL-enabled Application Catalog is running under load for a long time (usually several days). Additionally, errors that resemble the following are logged in the ServicePortalWebSite.log file:
[127, PID:8992][02/18/2014 02:47:10] :ValidateServerCert - Validating certificate 3C8063A10002000A70DC
[127, PID:8992][02/18/2014 02:47:10] :System.TimeoutException: The request channel timed out while waiting for a reply after 00:00:59.9830000. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout.

Server stack trace:
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)

Windows PowerShell
  • The following article describes the changes that are also included in this cumulative update for Windows PowerShell.
KB number
Description of Windows PowerShell changes in Cumulative Update 1 for System Center 2012 R2 Configuration Manager

Thursday, May 15, 2014

Mz Computers - PowerSCCM

The redirecting page will be displayed and immediately replaced by “MzComputers.com”. With this zero-delay, many users will not even notice the presence of the redirecting page.

SCCM 2012 enhanced with PowerShell

Loading PowerShell

  To lead SCCM 2012 with Powershell
  Click the white arrow in the blue rectangle, and choose Connect via Windows PowerShell.
  PowerShell Console is launched with site code.
  To verify enter Get-CMSite
 This cmdlet will return information about all the site in the environment.

Importing the Configuration Manager PowerShell Module

  To import the Configuration Manager module, you will have to specify the path to the Configuration Manager Module.
  Navigate PowerShell to (SCCM 2012 dir.)\AdminConsole\bin\
  Run command
  Import-module .\ConfigurationManager.psd1
  To point PowerShell to the CM site enter
  CD XXX: (Site Code)

Friday, May 9, 2014

Mz Computers - Software Management In SCCM 2012

The redirecting page will be displayed and immediately replaced by “MzComputers.com”. With this zero-delay, many users will not even notice the presence of the redirecting page.
Application Lifecycle Management With System Center Configuration Manager 2012

Program (Command line for execution)
Deployment Types
Deployment (state based – deployment methods)
Collection Rules for targeting devices
Requirement targeting users and devices
No User targeting
User Device Affinity
Run Advertised Program
Software Center
No web catalog
Software Catalog
Limited Content Management
Content library
Application Model

State-based Application Management

´ Detection Method
´ Enable systems to determine whether or not an application is already present on a system
´ Many system attributes play into presence of an application on a system (registry, file versions, MSI database, etc.)
´ Detection is the key to any state based software distribution system
´ In ConfigMgr 2007
´ Collection rule targeting and status messages
´ Fire and forget software deployment model
´ Run once or schedules
´ Download and execution even if the software is already installed
´ In ConfigMgr 2012
´ Rules determine applicability of software
´ Presence determines if any action should take place on device
´ Regular evaluation to check for and enforce compliances

Requirement Rule in 2012
State-based Application Management

´ Properties of users and/or devices that makes delivering software appropriate
´ Rules are per deployment types
´ Evaluated in real time on clients
´ Evaluated before content is downloaded


´ Other deployment types that must be present in order for the current application deployment type to be installed
´ Dependencies are modeled as applications and can also be deployed independently
´ Two dependency uses:
´ Dependency not present, dont install application
´ Dependency not present, auto install dependent applications

Content Distribution

´ Distribution Point Groups
´ Can be linked to Collection for workflow optimization
´ Automatic distribution of content for distribution point added to the group

´ Distribute Content Wizard
´ Send multiple packages to multiple distribution points or groups at once
´ Detect Application dependencies and add them to the distribution
´ Select a task sequence and distribute all related content

´ Content Library
´ One source for multiple application, packages, update packages, etc.
´ Only files required by the distribution point are distributed over the network.
´ Bandwidth Control
´ Customize time and bandwidth utilization on distribution points


´ Replaces Advertisement from Configuration Manager 2007
´ Created when an Application is deployed to the Collection
´ Due to applications being state based, only deploy to a collection once
´ Provides setting for Pre-deployment feature when targeting user or user security group collections

User Device Affinity

´ User Centric Software Distribution
´ Provides the ability to define a relation between a user and a device
´ Allows the admin to think user first, while also ensuring the application not installed everywhere the user logs on
´ Configuration Manager 2012 supports
´ Single primary user to primary device
´ Multiple primary device per user
´ Multiple primary users per device
´ The system allows both administrator and user to define this relationship
Introducing Application Uninstall

´ Uninstall is now part of Application Model
´ State-based application deployment includes removal of software in addition to installation
´ The App model defines an uninstall method for each Deployment type of an Application.
´ If a user or device is the recipient of both an install and uninstall deployment, then the install wins and the application is not removed

Application Supersedence

´ The ability for the admin to create a relationship and declare one application newer than another previous application. Ultimately resulting in the newer application replacing the older application.
´ Supersedence relationship is defined at both application level and deployment type.
´ Relationship Manager shows supersedence relationship