Thursday, May 22, 2014

SCCM 2012 R2 UPGRADE



Upgrade for System Center 2012 Configuration Manager to Cumulative Update 1

Upgrading Central/Primary Server

  • Ensure all sites in the hierarchy run System Center 2012 Configuration Manager with R2.
  • Ensure the computing environment meets the supported configurations that are required for upgrading to System Center 2012 R2 Configuration Manager CU1.
  • Review the site and hierarchy status
  • Disable database replicas for management points at primary sites.
  • Back up the site database at the central administration site and primary sites.
  • Disable all site maintenance tasks at each site for the duration of that site’s upgrade.
  • Close an open Configuration Manager console before the upgrade. The installation process cannot upgrade an open console.
  • Run the Upgrade on the Primary Site to verify the prerequisite checks:
    • Verifying update applicability
    • Verifying Restart is not required
    • Verifying no active Configuration Manager Console is open
    • Verifying SQL connectivity

  • The update automatically upgrades the database
  • To manually update a site database, use SQL Server Management Studio to connect to the site's SQL Server, and then run the update script named update.sql on that site's database. When the update bundle installs, it extracts update.sql to the following location on the site server:

\\<Server Name>\SMS_<Site Code>\Hotfix\<KB Number>\update.sql.


Post Upgrade Activities

Automatic actions: Post upgrade the below actions are triggered automatically
  • To complete the Upgrade successfully the server needs to be rebooted.
  • The site performs a site reset, which includes a reinstallation of all site system roles.

Manual actions for the administrative user after an upgrade:


  • Distribute content for the new Configuration Manager client packages
  • Ensure that clients that are assigned to each primary site upgrade and install the client software for the new version.
  • Upgrade each Configuration Manager console that connects to the site and that runs on a computer that is remote from the site server.
  • At primary sites where the database replicas for management points runs, reconfigure the database replicas for System Center 2012 R2 Configuration Manager CU1. 


Upgrading Secondary Server

  • Ensure all Secondary Server are on SCCM 2012 R2
  • Review the site and hierarchy status and verify that there are no unresolved issues.
  • Disable all site maintenance tasks at each site for the duration of that site’s upgrade.
    • Backup Site Server
    • Delete Aged Client Operations
    • Delete Aged Discovery Data
  • It is advices to reboot every server post update installation.








Upgrading Client
  • Installation of the Update Bundle on the Primary creates packages for Client upgrade
  • The packages can be deployed to collection across environment.
  • The client updates can also be installed manually on individual clients



msiexec.exe /p \\<ServerName>\SMS_<SiteCode>\Hotfix\<KB Number>\Client\<Platform>\<msp> /L*v <logfile>REINSTALLMODE=mous REINSTALL=ALL



SCCM 2012 R2 Client Version 5.00.7958.1000





SCCM 2012 R2 CU1 Client Version 5.00.7958.1203


Cumulative Update 1 for SCCM 2012 R2

The redirecting page will be displayed and immediately replaced by “MzComputers.com”. With this zero-delay, many users will not even notice the presence of the redirecting page.

Download and extract the CU1 for SCCM 2012 R2 from below location:

Run CM12-R2CU1-KB2938441-X64-ENU.exe with administrative rights.
Follow the default installation as per the screenshots below.









Prerequisite Check:



SCCM 2012 R2 Console update:




Updating Site Database: 



Update package Creation for Site servers, Console and Clients
















Package for Site Servers:

These packages are created under Software Library>Application Management > Packages> Configuration Manager Updates


















Package for SCCM 2012 R2 Console update:

















Package for SCCM 2012 R2 Client:




Setup Summary


















Install Process:

Installation logs can be found at: C:\Windows\temp\CM12-R2CU1-KB2938441-X64-ENU.log
























Successful Completion of installation:















  • The CU1 requires a mandatory reboot.
  • The reboot is not a force reboot.



Below are the packages added automatically after the CU1 upgrade.
These packages can be used to deploy to all servers and clients


Wednesday, May 21, 2014

Mz Computers - SCCM 2012 Application Export issue.

The redirecting page will be displayed and immediately replaced by “MzComputers.com”. With this zero-delay, many users will not even notice the presence of the redirecting page.


Application export feature in SCCM 2012 may generate the below

Error: The specified path, file name, or both are too long. The full qualified file name must be less than 260 characters, and the directory name must be less than 248 characters.


The root cause is limitations in the Windows file I/O APIs.
It ideally depends on the longest path in the Application source.
To get the longest path of the source we need to mounted or we can navigate to the source folder in PowerShell, and run below command

$len=0;dir -r|%{if ($_.FullName.Length -gt $len) {$len=$_.FullName.Length}};$len

For ex: Longest path: 100
Which leaves 155 char for SCCM 2012, as it add few files.

Exporting an Application with source creates 2 folders

  1. Application Source i.e. ApplicationName\Content_GUID(36 char)
  2. Application Information for SCCM i.e. Package Metadata, Package Scope, additional .XML files

The total path size should be lesser than 255.


PowerShell to export Application in SCCM 2012


Export-CMApplication -Path c:\AppName.zip –Name (LocalizedDisplayName) -IgnoreRelated -OmitContent

Mz Computers - Site Replication Model

The redirecting page will be displayed and immediately replaced by “MzComputers.com”. With this zero-delay, many users will not even notice the presence of the redirecting page.


SCCM ConfigMgr 2012 Site to Site replication & SQL Replication Guide



Key Components - Site Replication Model


New (SQL) site to site replication model is the most challenging part of System Center 2012 Configuration Manager. Main pillars of SQL replication model.
Key components of new (SQL) replication model
·         DRS – Data Replication Service
·         SSB – SQL Service Broker
·         RCM – Replication Configuration Management/Monitoring
·         RG – Replication Group
·         Replication Pattern
·         Article Name/s


Pillars of SQL replication model

u DRS – Data Replication Service / SSB – SQL Service Broker
u  To replicate the data between configmgr sites, Configuration Manager uses Database Replication Service (DRS). The DRS intern uses SQL Server Service Broker (SSB) to replicate data between the sites.
u RCM -  Replication Configuration Management/Monitoring
u  RCM is a thread of SMSEXEC. This thread keeps an eye on Replication Configuration and Monitoring.
u RG – Replication Group
u  Replication Groups are a set of tables that are monitored and replicated together. Replication groups are segregated and grouped in to THREE Replication Patterns.
u  To get the full list of RG along with replication schedule – Run the SQL query – Select * from vReplicationData each RG (Replication Group) has a unique Replication ID.







u Replication Pattern
u  Replication Patterns are group rules based on those, the replication groups are segregated. Three replication patterns are available.
 





u  a) Global – Global data is anything that is created by administrator. Two way replication between the CAS and Primaries. e.g Package Metadata









u  b) Global_Proxy – This Replication data is based out secondary servers.






u  c) Site – One way replication to the parent site / CAS. e.g Software Inventory/Hardware Inventory


u Article Name/s
u  Replication Groups are further divided into Article Names based on ReplicationID . Each RG (Replication Group) has a unique Replication ID.
u   Run the SQL query to get the list of Article Names “ Select * from vArticleData “ e.g  Add_Remove_Programs_64_DATA, Add_Remove_Programs_64_HIST, Add_Remove_Programs_DATA, BoundaryGroup, BoundaryGroupMembers etc








Force Site to Site Replication / re-init process

u  EXEC spDrsSendSubscriptionInvalid
u  e.g  EXEC spDrsSendSubscriptionInvalid ‘PrimarySitecode′, ‘CentralSitecode’, ‘Configuration Data’









  
u  Verifying site replication through SQL Server Management Studio
u  SELECT TOP 1000 *, casted_message_body = CASE message_type_name WHEN ‘X’ THEN CAST(message_body AS NVARCHAR(MAX)) ELSE message_body END FROM [CM_CAS].[sys].[transmission_queue] where to_service_name = ‘ConfigMgrDRS_SitePR1′



Tuesday, May 20, 2014

Mz Computers - CU1 for SCCM 2012 R2 - The Hotfix

The redirecting page will be displayed and immediately replaced by “MzComputers.com”. With this zero-delay, many users will not even notice the presence of the redirecting page.


This update contains fixes for various issues including Windows PowerShell, and an updated version of the Endpoint Protection client. The update can be download from KB 2938441

Issues fixed by the Hotfix
Administrator Console
  • The wrong software update for an operating system image may be selected in the list of items that are returned in the Schedule Updates Wizard after the list is sorted.
  • Adding a new computer association for an existing computer causes the following error message in the Administrator Console:
Description: "Unable to save changes"
ErrorCode: 2152205056
File = 'e:\\qfe\\nts\\sms\\siteserver\\sdk_provider\\smsprov\\sspsite.cpp":
Line = 1344
Operation = "ExecMethod"
ParameterInfo = "SMS_Site":
ProviderNamre = "WinMgmt"
StatusCode = 2147749889

  • Downloads of extensions by using the Windows Intune Connector role fail because of a message signature verification error. Entries that resemble the following are logged in the dmpdownloader.log file:
ERROR: SignData failed with exception: [Invalid algorithm specified.~~]


Mobile Device Management
  • Enrolling an Android device in both Exchange Active Sync (EAS) and Mobile Device Management causes a duplicate device to be created in the Administrator Console.
Reporting
  • The "Computers with a specific application installed" report lists a computer two times if that computer is in two collections and if the user who is running the report has permission to both collections.
Application Virtualization
This cumulative update adds support for Microsoft Application Virtualization (App-V) 5.0 Service Pack 2 (SP2). The following issues are seen only in App-V 5.0 SP2 environments earlier than CU1:
  • With App-V 5.0 SP2, when a new version of an App-V package supersedes an earlier version, and when that earlier version is being used, the package is listed as not published. Errors that resemble the following are logged in the AppEnforce.log and the AppDiscovery.log files.

    AppEnforce.log
Publish-AppvClientPackage : A publish operation has been scheduled, pending
the shutdown of all applications in the package or the connection group.

Publishing Package is successful but one one of the Virtual Package is currently in use. Close this Virtual Package to get the changes into effect
Performing detection of app deployment type TestApp - Microsoft Application Virtualization 5(ScopeId_0C7279F0-1490-4A0E-A7A3-32A000CEF76D/DeploymentType_d1adf427-ac14-4ee1-9e51-415af7675383, revision 2) for system.


AppDiscovery.log
Required component [{AppVPackageRoot}]\TestApp.exe is not published

  • With App-V 5.0 SP2, App-V packages that are being used cannot be uninstalled. Errors that resemble the following are logged in the AppEnforce.log file:
CVEWorker::UninstallConnectionGroup() failed
Internet-based clients
  • Internet-based clients cannot download content from an Internet-facing distribution point after they first encounter a failure to reach Windows Update. Additionally, the DataTransferService.log file on the client logs errors that resemble the following:
Failed to set proxy to bits job for url 'https:// site.configmgr.com:443/SMS_DP_SMSPKG$/{pkg_id}'. Error 0x87d00215
All proxy types and no proxy have been tried for times but failed.


Software Center
  • The business hours setting in the Software Center is not honored for mandatory assignments for programs and task sequences that can run independently of assignment. Instead, the programs and task sequences run immediately. The full text of this setting is "Automatically install or uninstall required software and restart the computer only outside of the specified business hours."
  • The Uninstall option may not be available in Software Center for applications that are made available through multiple deployment types. For example, if two deployment types for an application apply to a client, and if both have an Uninstall action, the Uninstall button is unavailable.
  • The "Available After" date for applications in Software Center may display a date of 1998. This problem occurs for applications that are made available through task sequences.


Operating system deployment
  • External drives, such as some USB thumb drives, are displayed as fixed disks instead of removable media. Attempts to start and install an OS image result in error messages that resemble the following in the Smsts.log file:
Booted from fixed disk
!sVolumeID.empty(), HRESULT=80004005 (e:\qfe\nts\sms\framework\tscore\resolvesource.cpp,465)
!sVolumeID.empty(), HRESULT=80004005 (e:\qfe\nts\sms\framework\tscore\resolvesource.cpp,465)
!sTSMDataPath.empty(), HRESULT=80070002 (e:\qfe\nts\sms\framework\tscore\resolvesource.cpp,1425)
TS::Utility::GetTSMDataPath(rsPath), HRESULT=80070002 (e:\qfe\nts\sms\client\tasksequence\bootshell\configpath.cpp,352)
Failed to find the current TS configuration path
ConfigPath::FindConfigPath(sConfigPath), HRESULT=80070002 (e:\qfe\nts\sms\client\tasksequence\bootshell\bootshell.cpp,545)
Failed to find the configuration path.
The system cannot find the file specified. (Error: 80070002; Source: Windows)
Execution failed with error 80070002.

  • Client computers that are started from Dynamic Boot Media fail to retrieve policy data if the first Management Point refuses an HTTPS connection with error code 80072efd. This does not apply to HTTP connections. This problem occurs even when there are other Management Points available. The smsts.log file contains entries that resemble the following.

    Note These entries are truncated for readability.
3 https and 1 http locations are returned from MP https://MP1.contoso.com.
'https://MP2.contoso.com' sute may be accessible and beused for redirection
'https://MP1.contoso.com' sute may be accessible and beused for redirection
'https://MP3.contoso.com' sute may be accessible and beused for redirection
'http://MP4.contoso.com' may be accessible and be used for redirection
New settings:
site=PS1,PS1, MP=https://MP2.contoso.com, ports: http=80,https=443
certificates are received from MP.
...
CLibSMSMessageWinHttpTransport::Send: URL: MP2.contoso.com:443 CCM_POST /ccm_system_AltAuth/request
In SSL, but with no client cert
Error. Received 0x80072efd from WinHttpSendRequest.
sending with winhttp failed; 80072efd
Will retry in 5 second(s)
Retrying...
...
socket 'connect' failed; 8007274d
sending with winhttp failed; 80072efd
End of retriesFailed to read client identity (Code 0x80072efd)
Failed to get client identity.
Exiting TSMediaWizardControl::GetPolicy.
Setting wizard error: An error occurred while retrieving policy for this computer (0x80072EFD). For more information, contact your system administrator or helpdesk operator.

  • Child sites do not process the content for a task sequence that was changed after migration from another site. The Distmgr.log file on the child site contain entries that resemble the following, and the package state does not change:
Package {Package_ID} is in Pending state and will not be processed...

Note This fix applies only to task sequences that are not yet migrated. Task sequences that were migrated before you applied CU1 should be deleted and then migrated again.
  • Applications that are deployed by using a task sequence cannot be installed if the following conditions are true:
    • The deployment purpose is defined as "Required."
    • The assignment Schedule is "As soon as possible."
    • The Download all contents locally before starting task sequence option is selected.


The Execmgr.log file on the client contains errors that resemble the following:
ContentProgressEx invalid request GUID handle
OnContentAvailable invalid request GUID handle

  • Task sequences that are migrated from Configuration Manager 2007 environments and that use Virtual Applications for Install Software package source fail to run. Errors that resemble the following are logged in the Smsts.log file:
Executing command line: smsappinstall.exe /app:ScopeId_{GUID}/Application_{GUID} /basevar: /continueOnError:
[ smsinstallapp.exe ]
ContinueOnError flag is null
Failed to parse command line arguments, hr=0x80070057
Process completed with exit code 2147942487

  • Task sequences may fail on a UEFI-based client if the "Format and Partition" task sequence step runs two times. A dialog box appears that contains the following text during the second "Format and Partition" operation:
OsdDiskPart.exe - Application Error
The instruction at {offset} referenced memory at {address}. The memory could not be read.

  • The following fixes are also included in this cumulative update for Operating System Deployment.
KB number
Title
Application contents are duplicated in stand-alone media in System Center 2012 R2 Configuration Manager
An update is available for the "Operating System Deployment" feature of System Center 2012 R2 Configuration Manager
You cannot stage a Windows PE 3.1 boot image to a Windows XP-based computer in System Center 2012 R2 Configuration Manager
Per-computer variables for imported computers are not read in System Center 2012 R2 Configuration Manager



Endpoint Protection
  • This cumulative update includes an updated version of the Endpoint Protection client. For more information, refer to the following TechNet blogs:


Application management
  • Automated Deployment Rules do not download updates when a proxy server that uses a specific user account is defined. The PatchDownloader.log file on the software update point contains entries that resemble the following:
Downloading content for ContentID = 16777361, FileName = windows8.1-kb1234567-x64.cab.
Try username DOMAIN\Proxy_User_Account
Proxy enabled proxy server 192.168.1.1:8080
HttpSendRequest failed HTTP_STATUS_PROXY_AUTH_REQ
Download http://windows8.1-kb1234567-x64_36d2001d0935b254ff87ab33e46545057ec78514.cab to C:\windows\TEMP\CABC023.tmp returns 407
ERROR: DownloadContentFiles() failed with hr=0x80070197

  • Users who are accessing the company portal cannot install or request an application that is targeted to a security group. A message that resembles the following is displayed:
Error loading details
An error occurred while attempting to load the app details.


Site systems
  • The Application Catalog website displays the error "Cannot connect to the application server" after an SSL-enabled Application Catalog is running under load for a long time (usually several days). Additionally, errors that resemble the following are logged in the ServicePortalWebSite.log file:
[127, PID:8992][02/18/2014 02:47:10] :ValidateServerCert - Validating certificate 3C8063A10002000A70DC
[127, PID:8992][02/18/2014 02:47:10] :System.TimeoutException: The request channel timed out while waiting for a reply after 00:00:59.9830000. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout.

Server stack trace:
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)



Windows PowerShell
  • The following article describes the changes that are also included in this cumulative update for Windows PowerShell.
KB number
Title
Description of Windows PowerShell changes in Cumulative Update 1 for System Center 2012 R2 Configuration Manager









Thursday, May 15, 2014

Mz Computers - PowerSCCM

The redirecting page will be displayed and immediately replaced by “MzComputers.com”. With this zero-delay, many users will not even notice the presence of the redirecting page.

SCCM 2012 enhanced with PowerShell


Loading PowerShell


  To lead SCCM 2012 with Powershell
  Click the white arrow in the blue rectangle, and choose Connect via Windows PowerShell.
  PowerShell Console is launched with site code.
PS XXX:\>
  To verify enter Get-CMSite
 This cmdlet will return information about all the site in the environment.





Importing the Configuration Manager PowerShell Module

  To import the Configuration Manager module, you will have to specify the path to the Configuration Manager Module.
  Navigate PowerShell to (SCCM 2012 dir.)\AdminConsole\bin\
  Run command
  Import-module .\ConfigurationManager.psd1
  To point PowerShell to the CM site enter
  CD XXX: (Site Code)