Saturday, September 13, 2014

Empty Inventoried Software under Asset Intelligence

If you are getting nothing from the inventoried software under the Asset Intelligence, please check the Hardware Inventory Classes.

Hau1

Please make sure the below are checked:

  • Installed Executable – Asset Intelligence (SMS_InstalledExecutable)
  • Installed Software – Asset Intelligence (SMS_InstalledSoftware)

hau2

After the SCCM Client receive the machine policy, and the hardware inventory policy ran, you should be able to have something pop up from the inventoried software list under Asset Intelligence. You can search for SMS_InstalledSoftware in the InventoryAgent.log from the client machine to check if the classes are inventoried.

Friday, September 5, 2014

SCCM 2012 Distribution Point Prerequisites – Windows Server 2003

Below is the prerequisites requirement for setting up a SCCM 2012 DP.
image

I would like to highlight the Remote Differential Compression prerequisites on Windows Server 2003. Remote Differential Compression is not available to be configured in the Add/Remove Windows Components like any others prerequisites. If you have missed out this prerequisite, you will not able to perform any content distribution, the operation will fail!!! Although you have checked to install IIS automatically during the DP installation, it just simply won’t install because that only available on Windows Server 2008 and above.

You can manually install the Remote Differential Compression prerequisite. It is located in the client folder, \\SCCM12\SMS_PS1\Client\i386. Look for the installer named “msrdcoob.exe”. Run the installer manually in the Windows Server 2003 and you should be able to distribute content to the DP now.

Thursday, July 3, 2014

Failed to launch SCCM 2007 reports from remote console, "You do not have permission to view this directory or page."

I was performing a maintenance fro a SCCM 2007 customer this morning. Customer is complaining that he couldn’t launch the report from his remote console, but no problem launching it from the ConfigMgr Console from SCCM Server.

I went to the verify the DCOM configuration, and the setting is correct. Checkout the DCOM configuration guide here.

Next, I check the SMSReporting_XXX Authentication configurations. I make sure only the Windows Authentication is enabled. Somehow the “Enable Kernel-mode authentication” setting is checked under the Advance Settings of the Windows Authentication, which is not correct. I uncheck the setting and it should looks like the screen captured below.

image 

Lastly, I reconfigure the Providers settings of the Windows Authentication, which looks like the screen captured below. Only NTLM and Negotiate: Kerberos are enabled.

image

User can now successfully launch the report from his remote console. Cheers!!

Friday, June 13, 2014

SCCM 2012 Limited Support on IPv6

SCCM 2012 is not fully support on IPv6 yet. Below are some of the features that are not IPv6 ready. I was working on OSD and randomly getting error “Failed to download policy” with generic error code 0x80004005. I opened a case with Microsoft and the engineer find out that SCCM 2012 is not fully ready on IPv6 yet. We disabled the IPv6 configuration from the server and the error seems to went away.

image

Technet reference:

  1. http://technet.microsoft.com/en-us/library/gg682077.aspx#BKMK_SupConfigIpv6
  2. http://technet.microsoft.com/en-us/network/hh994905.aspx

Tuesday, June 10, 2014

Moving, Changing, Migrating, Restoring of your SCCM 2012 SQL Database?

Are you performing any one of the actions above to your SCCM 2012 SQL database? After you did that, please make sure that the new SQL server configuration is correct. Especially the Allow Snapshot Isolation, Is read Commited Snapshot On, Trustworthy, Broker Enabled. and Honor Broker Priority settings. All these settings need to be set as TRUE. If these settings are not configured correctly, you might end up getting errors “Microsoft SQL Server Reported SQL Message 50000, Severity 16: *** Unknown SQL Error!” from SMS_POLICY_PROVIDER Component or this error. Please also ensure that the owner of the database is SA!!!

image 

image
To alter the settings above:

ALTER DATABASE <CM_XXX>
SET ALLOW_SNAPSHOT_ISOLATION ON

ALTER DATABASE <CM_XXX>
SET READ_COMMITTED_SNAPSHOT ON

--- Enable the SQL Broker on the Site database

USE master;
GO
ALTER DATABASE CM_XXX SET ENABLE_BROKER
GO

--- SET the Site Database as trustworthy

USE master;
GO
ALTER DATABASE CM_XXX SET TRUSTWORTHY ON
GO

--- SET the Database to honor the HONOR_BROKER_PRIORITY

USE master;
GO
ALTER DATABASE CM_XXX SET HONOR_BROKER_PRIORITY ON;
GO

image
To change the owner to “sa”
EXEC sp_changedbowner ‘sa’

Thanks for reading…

References:

  1. http://blogs.technet.com/b/configurationmgr/archive/2013/04/02/how-to-move-the-configmgr-2012-site-database-to-a-new-sql-server.aspx
  2. http://support.microsoft.com/kb/2709082/en-us

Monday, June 2, 2014

SMS WSUS Configuration Manager failed to configure upstream server settings on WSUS Server

Lately, I helped a customer to check the WSUS error above on SCCM 2007 mixed mood environment.

First thing I did is to check WCM.log. From the log I found out that the server is using ParentWSUSPort = 8531, SSLToParentWSUS = 1. Usually for mixed mood environment, the server will use Port 8530 and without SSL.

The next thing I did is to check the Software Update Point Component settings. On the General tab of the settings, the Enable SSL for this WSUS server is uncheck by default, but somehow this is now checked.

So I UNCHECK the Enable SSL for this WSUS server setting and apply the settings. Next, I delete the Software Update Point and reinstall it once after it is deleted. After the reinstallation of the Software Update Point, the SCCM server can now sync the latest updates from Microsoft and the WCM.log is showing that the server is using ParentWSUSPort = 8530, SSLToParentWSUS = 0

Monday, May 12, 2014

SMS_MP_CONTROL_MANAGER failed to start with 0x80041002

My customer is running on SCCM 2012 RTM build 7711. The management point is downed and showing the error message above in the mpcontrol.log.

Resolution: Uninstall the Management Point role and verify that the Management Point is uninstalled in the MPSetup.log. After the uninstalled completed, reinstall the Management Point. Verify that the Management Point is setup completely in the MPSetup.log.