Tag Archives: configuration manager

System Center 2012 SP1 Orchestrator: Getting Started with Configuration Manager 2012 Integration

Posted on by
5

Introduction

System Center 2012 SP1 Orchestrator is a tool to help automate enterprise processes. It stresses the reduction of code writing, which has its benefits, but also has its drawbacks. In my personal opinion, everyone should learn how to write code. These days, if you’re focused on the Microsoft platform, there is nothing better to learn than PowerShell. Knowing how to write code will help you to fill in gaps in the integration of two or more software products.

Given the wide array of functionality offered by System Center 2012 SP1 Configuration Manager, it would seem highly desirable to use Orchestrator to automate some of that functionality. You can perform functions such as:

  • Creating or deleting Collections
  • Invoke Collection membership evaluations
  • Add or remove Collection Membership Rules
  • Enumerate Collection members
  • Deploy Applications or Configuration Baselines
  • Invoke ConfigMgr client actions

In the next section, we’ll explore how to set up integration between Orchestrator and Configuration Manager.
Continue reading

SQL 2012 SP1: Errors on starting database server named instance

Posted on by
Reply

I recently got some weird SQL Server error messages in the Application event log after rebooting my SQL 2012 SP1 server, running on Windows Server 2012:

Event ID 26014: Unable to load user-specified certificate [Cert Hash(sha1) "D3D88810B87C9533AA30CE9B2C3BDCEE3C674B97"]. The server will not accept a connection. You should verify that the certificate is correctly installed. See “Configuring Certificate for Use by SSL” in Books Online.

Event ID 17182: TDSSNIClient initialization failed with error 0×80092004, status code 0×80. Reason: Unable to initialize SSL support. Cannot find object or property.

Event ID 17182: TDSSNIClient initialization failed with error 0×80092004, status code 0×1. Reason: Initialization failed with an infrastructure error. Check for previous errors. Cannot find object or property.

Event ID 17826: Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.

Event ID 17120: SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.

These errors confused me, because as far as I know, I’m not using SSL for my SQL Server instance. To solve the issue, I opened the SQL Server Configuration Manager –> SQL Server Network Configuration –> right-click “Protocols for CM12″ –> Properties –> Certificate tab. Click the “Clear” button and restart the service. Hopefully this clears up the error.

 

ConfigMgr 2012: Ccmeval.exe causing client corruption

Posted on by
6

I’ve discovered, on more than one occasion, that the ConfigMgr 2012 client’s ccmeval.exe, which is intended to resolve client health related issues, actually breaks the ConfigMgr client. This has happened on a Windows 8 RTM client, and I’m fairly certain that it affects Windows Server 2012 as well. You might be aware that Windows 8 and Windows Server 2012 are unsupported client operating systems with ConfigMgr 2012 RTM, but will be officially supported in Configuration Manager 2012 Service Pack 1 (SP1).

Issue


By default, when the ConfigMgr 2012 client is installed, a Scheduled Task is registered under the \Microsoft\Configuration Manager called “Configuration Manager Health Evaluation.” The command line that is called is simply ccmeval.exe, with no command line arguments. The task will run approximately around midnight (12:19 AM on my test client) every night.
Continue reading

PowerShell: Get a List of Installed Software from ConfigMgr

Posted on by
3

Let’s say you’ve got Microsoft’s System Center Configuration Manager (SCCM / ConfigMgr) in your IT environment (and if you don’t, why on earth not!). If you’re on the desktop management team, you might occasionally get requests from someone on a network or security team, inquiring as to the installed software on a particular client, or group of clients.

Rather than diving straight into the ConfigMgr reports, as most people do, sometimes it’s just faster to load a data set into PowerShell and massage the data from there. Why PowerShell? Well, it provides very easy, real-time filtering and sorting capabilities, and if you need to make a modification to a temporary “report,” you don’t have to worry about modifying the Report object in the ConfigMgr provider, which is typically done through the ConfigMgr console.

Continue reading

ConfigMgr 2012 RC Issues with CAS + Primary Hierarchy

Posted on by
9

I just got done setting up a ConfigMgr 2012 Release Candidate primary site beneath a Central Administration Site (CAS), and when firing up the console on the primary site, I’m getting the following message: “Your Configuration Manager console is in read-only mode while this site completes tasks related to maintenance mode. After these tasks are complete you must reconnect you Configuration Manager console before you can edit or create new objects.”

Here are a few facts about the hierarchy:

  • The CAS runs on Windows Server 2008 R2 SP1
  • The CAS points to a remote SQL 2008 SP1 Server on Windows Server 2008 R2 SP1
  • The Primary Site runs on Windows Server 2008 R2 SP1
  • The Primary Site points to a local SQL 2008 R2 SP1 instance (with KB2603910 installed)

image

After passing this message box, the following error would appear in the SmsAdminUI.log file:

[5, PID:3140][11/16/2011 20:28:22] :System.Management.ManagementExceptionrnGeneric failure rn   at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
   at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
   at Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlQueryResultsObject.<GetEnumerator>d__0.MoveNext()rnManagementException details:
instance of SMS_ExtendedStatus
{
    Description = " Could not find property systemIsolationState";
    ErrorCode = 1078464256;
    File = "e:\nts_sccm_release\sms\siteserver\sdk_provider\smsprov\sspobjectquery.cpp";
    Line = 3900;
    Operation = "ExecQuery";
    ParameterInfo = "Select COUNT(*) FROM SMS_G_System_NAPCLIENT where systemIsolationState=0";
    ProviderName = "WinMgmt";
    StatusCode = 2147749889;
};

 

Obviously something was going on, because this same error was not happening on the CAS when I’d launch the console. We can see in this message that the property named systemIsolationState apparently does not exist in the SMS_G_System_NAPCLIENT WMI class in the rootsmssite_### namespace. Now that we know exactly what’s missing, it’s time to fire up the WMI Explorer and see if that property does or doesn’t exist.

image

As you can see, the property surely does not exist on the “001” site, which is the primary site beneath the CAS. Next, let’s check the CAS for this property.

Note: I’m not sure that this property is necessarily supposed to exist on the CAS, but it’s worth checking out anyway. It’s highly probable that it should exist on the CAS, because it’s a common inventory class for system resources.

Here’s a similar screenshot from the CAS.

image

Aha! It looks like the property does exist on the CAS. At this point, I’m suspecting that something failed during the installation of the primary site, so let’s head back over to the primary site and check out its ConfigMgr setup log (c:ConfigMgrSetup.log). I saw this message repeating towards the end of the setup:

INFO: Still monitoring Replication initialization.    Configuration Manager Setup    11/16/2011 3:35:38 PM    1168 (0×0490)
INFO: Still monitoring Replication initialization.    Configuration Manager Setup    11/16/2011 3:44:38 PM    1168 (0×0490)
INFO: Still monitoring Replication initialization.    Configuration Manager Setup    11/16/2011 3:53:38 PM    1168 (0×0490)
INFO: Still monitoring Replication initialization.    Configuration Manager Setup    11/16/2011 4:02:38 PM    1168 (0×0490)

And finally, after a while, it finished:

INFO: Stopping component monitoring as stop signal received.    Configuration Manager Setup    11/16/2011 6:52:25 PM    3752 (0x0EA8)
INFO: Stopping server role monitoring as stop signal received.    Configuration Manager Setup    11/16/2011 6:52:26 PM    3836 (0x0EFC)
INFO: Stopping replication monitoring as stop signal received.    Configuration Manager Setup    11/16/2011 6:52:26 PM    1168 (0×0490)
<11-16-2011 18:52:27> *****************************************************         1/1/1601 12:00:00 AM    1992907627 (0x76C95B6B)
<11-16-2011 18:52:27> ***** Exiting ConfigMgr 2012 Setup Bootstrapper *****         1/1/1601 12:00:00 AM    1992907627 (0x76C95B6B)
<11-16-2011 18:52:27> *****************************************************         1/1/1601 12:00:00 AM    1992907627 (0x76C95B6B)

I’m a little confused at how it finished successfully, because there were some other errors in the log as well:

omGetServerRoleAvailabilityState could not read from the registry on sccm03.mybiz.loc; error = 5:
omGetServerRoleAvailabilityState could not read from the registry on sccm03.mybiz.loc; error = 5:

Also this showed up:

INFO: SDK Provider is on sccm03.mybiz.loc.    Configuration Manager Setup    11/16/2011 8:56:25 PM    1748 (0x06D4)
INFO: Retrieving current site control image…    Configuration Manager Setup    11/16/2011 8:56:25 PM    1748 (0x06D4)
INFO:  SQL Connection succeeded. Connection: SMS ACCESS, Type: Secure    Configuration Manager Setup    11/16/2011 8:56:25 PM    1748 (0x06D4)
INFO: Stored SQL Server computer certificate for Server [sccm01.mybiz.loc] successfully on [sccm03.mybiz.loc].    Configuration Manager Setup    11/16/2011 8:56:25 PM    1748 (0x06D4)
CSql Error: Cannot find type data, cannot get a connection.    Configuration Manager Setup    11/16/2011 8:56:25 PM    1748 (0x06D4)
ERROR:  SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure    Configuration Manager Setup    11/16/2011 8:56:25 PM    1748 (0x06D4)
CSql Error: Cannot find type data, cannot get a connection.    Configuration Manager Setup    11/16/2011 8:56:28 PM    1748 (0x06D4)
ERROR:  SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure    Configuration Manager Setup    11/16/2011 8:56:28 PM    1748 (0x06D4)
CSql Error: Cannot find type data, cannot get a connection.    Configuration Manager Setup    11/16/2011 8:56:31 PM    1748 (0x06D4)
ERROR:  SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure    Configuration Manager Setup    11/16/2011 8:56:31 PM    1748 (0x06D4)
CSql Error: Cannot find type data, cannot get a connection.    Configuration Manager Setup    11/16/2011 8:56:34 PM    1748 (0x06D4)
ERROR:  SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure    Configuration Manager Setup    11/16/2011 8:56:34 PM    1748 (0x06D4)
CSql Error: Cannot find type data, cannot get a connection.    Configuration Manager Setup    11/16/2011 8:56:37 PM    1748 (0x06D4)
ERROR:  SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure    Configuration Manager Setup    11/16/2011 8:56:37 PM    1748 (0x06D4)
CSql Error: Cannot find type data, cannot get a connection.    Configuration Manager Setup    11/16/2011 8:56:40 PM    1748 (0x06D4)
ERROR:  SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure    Configuration Manager Setup    11/16/2011 8:56:40 PM    1748 (0x06D4)
CSql Error: Cannot find type data, cannot get a connection.    Configuration Manager Setup    11/16/2011 8:56:43 PM    1748 (0x06D4)
ERROR:  SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure    Configuration Manager Setup    11/16/2011 8:56:43 PM    1748 (0x06D4)
CSql Error: Cannot find type data, cannot get a connection.    Configuration Manager Setup    11/16/2011 8:56:46 PM    1748 (0x06D4)
ERROR:  SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure    Configuration Manager Setup    11/16/2011 8:56:46 PM    1748 (0x06D4)
CSql Error: Cannot find type data, cannot get a connection.    Configuration Manager Setup    11/16/2011 8:56:49 PM    1748 (0x06D4)
ERROR:  SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure    Configuration Manager Setup    11/16/2011 8:56:49 PM    1748 (0x06D4)
CSql Error: Cannot find type data, cannot get a connection.    Configuration Manager Setup    11/16/2011 8:56:52 PM    1748 (0x06D4)
ERROR:  SQL Connection failed. Connection: CCAR_DB_ACCESS, Type: Unsecure    Configuration Manager Setup    11/16/2011 8:56:52 PM    1748 (0x06D4)
INFO: Registered type CCAR_DB_ACCESS for sccm01.mybiz.loc CM_CEN    Configuration Manager Setup    11/16/2011 8:56:55 PM    1748 (0x06D4)
INFO:  SQL Connection succeeded. Connection: CCAR_DB_ACCESS, Type: Unsecure    Configuration Manager Setup    11/16/2011 8:56:55 PM    1748 (0x06D4)
INFO: Read CAS SQL Server information, stored CAS SQL Server certificate and registered connection to its database.    Configuration Manager Setup    11/16/2011 8:56:55 PM    1748 (0x06D4)

Someone else posted this same message when trying to do a CAS + Primary Site configuration. Next step: reinstall the primary site.

After re-installing the primary site, the same issues returned. Finally I decided to just install a stand-alone primary site without a CAS.

ConfigMgr 2012 Beta 2: WMI Namespace Documentation

Posted on by
Reply

I recently put together some documentation for the Microsoft System Center Configuration Manager 2012 Beta 2 WMI provider. This is a searchable, formatted Excel document that displays all the classes, properties, and methods for the SCCM 2012 provider. Hopefully this will help you to find the proper information for writing custom scripts and so on.

http://dl.dropbox.com/u/18088468/SCCM%202012%20WMI%20Namespace%20Documentation.xlsx

Please provide feedback if this was helpful, or if you’d like to see something else added to it!

ConfigMgr 2012: Deleting Advertisements

Posted on by
4

Where’d my Advertisements Go?

Advertisements aren’t quite what you think they are. At least, that’s probably the case if you’re talking in context of Microsoft System Center Configuration Manager (SCCM / ConfigMgr). At first glance you might see “deleting advertisements” and exclaim: “YES! Please do!” The difference here is that advertisements in SCCM are not product or service advertisements, but rather proclamations of the availability of software to a computer system. If you’re reading this, you most likely already knew that, but if not, then … now you do.

Back in the days of the SCCM 2007 console, there was a single Software Distribution –> Advertisements node which contained advertisements for both standard software distribution and operating system deployment (OSD) task sequences. This worked pretty well, but it was a little confusing since the operating system deployment node was entirely separate from software distribution. Hierarchically, it just didn’t make sense.

image

Continue reading

Extreme PowerShell / ConfigMgr: Extending Hardware Inventory

Posted on by
2

Introduction

In previous versions of Microsoft System Center Configuration Manager (ConfigMgr / SCCM), a common task for administrators, engineers, and consultants, was to extend the hardware inventory configuration. These inventory extensions were written in Managed Object Format (MOF) and allowed the SCCM client agents to report back a wider array of information to the central site database for reporting purposes, collection building, and other management tasks. Making changes to the configuration could be a tedious task, as MOF is not very forgiving, and rather quite strict, in its syntax.

In Microsoft Systems Management Server 2003 (SMS 2003), each time a configuration change was made, it was necessary to deploy the updated MOF file to the SMS clients — this made ensuring hardware inventory consistency across all clients a challenging task. In SCCM, Microsoft included changes to these MOF files (SMS_DEF.mof and Configuration.mof) as part of the machine policy refresh task, which is a client-side polling mechanism for configuration changes.

In SCCM 2012 Beta 2, Microsoft is taking it a step further and has eliminated the SMS_DEF.mof altogether, left the configuration.mof behind by itself, and stuck the WMI inventory configuration in … WMI. What is WMI? WMI stands for Windows Management Instrumentation, a service built into the Windows Operating System since Windows XP (and Windows 2000 Service Pack 4, I think). It provides a standard method of exposing hardware and software level system information to applications, such as storage, processor, memory, running processes, installed software, and other application configuration data. SCCM is built on top of this technology, and often makes developing software and scripts around the product much easier than it otherwise might be.

For the remainder of this article, we’re going to look at specifically how to extend hardware inventory in SCCM 2012 programmatically using Windows PowerShell with the SCCM WMI provider.

Continue reading

ConfigMgr 2012 Beta 2: Setting the Network Access Account

Posted on by
3

You might need to set the Network Access Account (NAA) in System Center Configuration Manager 2012 Beta 2 if you are deploying operating systems with it. Windows Pre-Execution (WinPE) needs an account to access content on the distribution point. In order to set the network access account, open the SCCM console and navigate to this node: AdministrationOverviewSite OperationsSites. Right-click on the SCCM site in the right-hand pane, and select Software Distribution. Click on the Network Access Account tab, and set the account you want to use.

image

image

ConfigMgr 2012: Client Side Software Center

Posted on by
7

Introduction

The System Center Configuration Manager 2012 Beta 2 client agent has been updated significantly. One of the things that has been changed a lot is the client-side interface that allows an end-user to select optional software to install, scripts to run, or operating systems to deploy.

In previous versions of ConfigMgr, there was a Control Panel applet called “Run Advertised Programs.” A user would open this in order to browse the list of optional program made available by a ConfigMgr administrator. There was another control panel applet called “Program Download Monitor” that would allow an end-user to monitor the download status of a program – admittedly, this was probably hardly ever touched by an end-user, realistically.

Continue reading