You are browsing the archive for ConfigMgr.

SCCM LTSB, The do NOT use, Edition

8:36 am in ConfigMgr by The WMI guy

Really, I can't be more clear than that, don't ever use it.

Intro


The ConfigMgr product team announced a new edition of the latest version of Configuration Manager. In line with the Windows team they decided to call this new edition LTSB. I assume because the message about Windows LTSB was clear as mud and was an excellent example of strong communication.

The LTSB version has severe limitations, both now, and in regards to future option.

The announcement blog has a page pointing to documentation which is titled
Which branch should I use?

That page contains, 1516 words, or 9699 characters. So I'll summarize it here for you.
USE Current Branch!

That's all folks.

For those of you still reading, imho, the LTSB edition is there to solve the one specific scenario in the blog post when you let your usage rights on ConfigMgr expire. It's there to solve a legal/licensing issue, and for nothing else.

It doesn't support anything new, doesn't support Windows 10 CB/CBB, has no plans for support of any new Windows 10 LTSB that hasn't been released to date. There's only the guarantee of 10 years of security updates.

Official announcement

Which branch should I use documentation

System Center – Search providers, help me help you (and myself)

10:40 am in ConfigMgr by The WMI guy

Hi All, Thanks for visiting,

The product documentation for System Center used to have a metatag called AppliesToProduct. This allowed Bing searches like the following

"software updates" Meta:Search.MSHAttr.appliesToProduct("System Center 2012 R2 Configuration Manager") site:technet.microsoft.com


 

Which in turn allowed me to create search providers, so you don't have to recall the meta-tag search syntax, for Internet Explorer, firefox and Chrome, available here:

https://oscc1-public.sharepoint.com/tn-library-searchpage And explained and promoted by fellow MVP Brian Mason here: http://mnscug.org/blogs/brian-mason/196-kim-s-chrome-search

Now, how can you help, you ask?

The new ConfigMgr 1511 & 1602 documentation no longer has the tags. So we can't easily search that doc library anymore, which given the swift pace at which Configuration Manager evolves is painful.

I put in a uservoice request to bring them back on the documentation's team page, so what I'd like to ask, is to give me your vote(s) (You can give multiple votes to 1 item)to bring the item to the attention of Jeff Gilbert and the doc team.

You can find the item here, voting only takes a minute, (Happy voting, and thanks):

https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/13097310-please-bring-the-meta-tags-back-to-the-documentati

And if it's not too much trouble, tweet out that you supported this request from the uservoice page.


 


 

Best regards,

Kim Oppalfens


 

Solving the What’s new puzzles in ConfigMgr tech preview

11:40 am in ConfigMgr, Console Extension, Intune, RBA, SCCM by The WMI guy

Howdy y'all,


 

First of all, for people that don't follow my @thewmiguy twitter handle yet, shame on you. For those that do, you might have noticed that Jorgen (@ccmexec) and I fought a fierce battle over who could finish most off the different What's new scenarios in the latest ConfigMgr preview scenarios last week.

****** Spoiler alert *******

I beat him to it, but it was a photo finish kind of thing


 

******End of spoiler alert *****

Now, both Jorgen, and 2 other people that'll rename unnamed specifically inquired about how I finished the VPP scenario, or the app configuration scenario for that matter, as they couldn't figure out how to do that. The reason they couldn't, and my competitive advantage over Jorgen was that the tech preview lacked certain security roles that come along with these objects to allow you to access them.

Given my knowledge of AdminUI extension I found this out by looking through the xml's that define the adminui, as well as through the adminui.consolebuilder.exe. Both showed me that the UI nodes for these features were protected by security roles that didn't exist. So the first thing I did was remove the permission requirement using the adminui.consolebuilder.exe. Now, that's not the cleanest way to handle things, as that would mean everybody got to see these nodes, even people that have no business with it whatsoever. But hey, I was on a race against the clock, so gloves were off. After finishing the scenario's and posting the results, I figured out a cleaner way of getting the items lit up. In essence, all you have to do, is create the security roles, and below you'll find the SQL code to do just that.

Warning, Modifing the SQL database is still a big NONO, in production. As this issue only exists in Tech Preview 1601, you should be fine. Still might want to take a backup of your lab, as this only comes with the guarantee that there is absolutely no guarantee. Proceed at your own risk, refrigerators in close proximity to your site server might blow up, etc…..


Insert
into [dbo].[RBAC_RoleOperations]


VALUES (N'SMS0001R', 73, 810550295),


(N'SMS0002R', 73, 268435457),


(N'SMS0007R', 73, 809500689),


(N'SMS0008R', 73, 1048577),


(N'SMS0009R', 73, 810550295),


(N'SMS000ER', 73, 810550295),


(N'SMS0001R', 74, 1049623),


(N'SMS000ER', 74, 1049623);


 

After executing the SQL insert statement above you should be greated by the following additional entries in your Software library workspace



 

Enjoy.
"The M in WMI stands for Magic"
""Everyone is an expert at something" Kim Oppalfens - ConfigMgr Expert for lack of any other expertise
System Center Configuration Manager MVP
http://www.scug.be/thewmiguy/default.aspx

http://www.linkedin.com/in/kimoppalfens

http://twitter.com/thewmiguy

Configuration Manager telemetry / usage metrics (work in progress)

10:05 am in ConfigMgr by The WMI guy

Telemetry, what is it about?

Microsoft has quite a bit of information here about its new telemetry data system for SCCM here: https://technet.microsoft.com/en-US/library/mt613113.aspx

Below are my findings and additions to that documentation that people are inquiring about, but let me start off with the why, of it all. The new Configuration Manager comes with a brand new servicing mechanism. You should be aware by now that Windows 10 comes with a pretty high release cadence (a new Windows every 4 months). To keep up with that pace, Configuration Manager is planned to follow suit, and more or less follow that same cadence. Now, quite some people are sceptic about that increased cadence and the impact on the different products quality. To answer the challenges that come with this increased pace Microsoft plans to ship fast / fix fast, and that's were telemetry comes in.

The general idea is to find the setups and "modus operandi" that are frequently used by a large set of customers and use those in testing. Additionally, the telemetry data should prove to be a shortcut to get troubleshooting data to the product team. In other words, sharing data on the way you use the product should be in your own interest.

Sounds good, but am I supposed to just trust Microsoft in collecting data from my environment that might be privacy sensitive? Well, yes and no. Microsoft takes privacy extremely serious, and so does the Configuration Manager product team. The product team has, imho, very good reasons to make sure the data they collect isn't catalogued as privacy sensitive, as doing so would introduce them to a drastically increased involvement of both legal and auditing, as for any Microsoft service that holds privacy sensitive data. To keep the level of scrutiny they'd have to go through in check, the ConfigMgr team starts off with anonymizing the data. They do that by hashing some of the data, so that any privacy sensitive data isn't readable to them.

And that's where some of the challenges come in for customers that are privacy sensitive and/or have auditing breath down their neck. This hashed data isn't readable to them either, which worries some of them, as they don't know what they are sending out. Below I'll explain, for all the hashed values I found in telemetry results so far how you can make the data human readable alongside the hash so that you can control what the data you are sending out actually means.

Database objects involved

Tables

The telemetry table contains the names and id's of the stored procedures that are responsible for collecting the telemetry data. In the environments that I've verified this on, there are 150 stored procedures lists in the telemetry table. You can have a look at this info by running the following query


 

select
*
from Telemetry order
by name


 



 

The results are stored in a table called either telemetryresults or TEL_telemetryresults (There seems to be a difference between the techpreview releases and the production releases regarding the table name.) You can look at your own results by running the following query

select
*
from TEL_TelemetryResults

        or

select
*
from TelemetryResults

depending on your environment.


 

Depending upon the level of data you've chosen you should see a number of rows returned. There should be one thing that catches your eye quite swiftly. As you can see in the screenshot below each row has a results column that ends with a returning hash. Which opens up the very first question, what is this hash all about?

Well this particular hash is used to correlate data between the different rows in your telemetry results so the product team can store all data coming from one customer together. Given the introduction they need a way to do that without making your company name or anything similar that could identify your environment, and hence they need to anonymize the data. Now, every Configuration Manager environment has a randomly generated hierarchyid that could be used for this purpose. But even that wasn't anoynymous enough for the Configuration Manager product team. To anonymize the data they've chosen to hash that hierarchy id using SHA256.


 


 


 



 

You can get your own hierarchy id and the accompanying hash to validate this data by running the following query:


 

     Declare @tenantid as
nvarchar(max)

     select @TenantId = dbo.fnConvertBinaryToBase64String(dbo.fnMDMCalculateHash(CONVERT(VARBINARY(MAX), [dbo].[fnGetHierarchyID]()),
'SHA256')
)

     Declare @hierarchyid as
nvarchar(max)

     select @hierarchyid = [dbo].[fnGetHierarchyID]()

     select @hierarchyid, @tenantid


 

Stored procedures

There are a bunch of stored procedures involved in collecting the telemetry data, and most of them just generate just 1 of the rows in the telemetryresults table. You can find the stored procedures responsible for collecting data by running the following query.


 

    SELECT
distinct o.name As
'Stored Procedures',o.*

FROM
SYSOBJECTS o INNER
JOIN
SYSCOMMENTS c

ON o.id = c.id


WHERE o.name like
'tel_%'
and o.xtype =
'P'


 

If you're only interested in the ones that generate data for the telemetryresults table run the query below.

SELECT
distinct o.name As
'Stored Procedures',o.*

FROM
SYSOBJECTS o INNER
JOIN
SYSCOMMENTS c

ON o.id = c.id

WHERE o.name like
'tel_%'
and o.xtype =
'P' and o.name in
(select name from Telemetry)


 

You could subsequently analyze the stored procedures to see what it is they are collecting, but that is an elaborate exercise. As we've seen that SHA256 is the hashing mechanism of choice I've chosen to check which of these stored procedures use the SHA256 function. I've identified the stored procedures, and linked id's using this query


 

SELECT
DISTINCT

o.name AS
Object_Name, Telemetry.id,

o.type_desc, m.definition

    FROM
sys.sql_modules m


INNER
JOIN
sys.objects o ON m.object_id = o.object_id

    inner
join telemetry on o.name = Telemetry.Name

    where m.definition like
'%sha256%'
and o.name like
'tel_%'


 

This results in the following list of id's



 

Which in turn lets you focus on the telemeteryresults table and the rows that contain hashed information:

select
*
from TEL_TelemetryResults

where id in

('ACABF386-BCD1-48C5-9C7F-A33DADA6E89D',
--TEL_Content_DPState

'69FC4B89-3561-4360-9157-4F8E896F7FB9',
--TEL_Content_Package

'2E8CC4FA-738D-4A48-B36F-E981344C97C3',
--TEL_DCM_BuiltinSettings

'942B1F7E-EB3F-4576-8CB8-F8066D31940F',
--TEL_EAS_Connectors

'CD6B1D69-5F70-46B1-BC82-2C99764188B5',
--TEL_MAM_PolicySettingStatistics4Deployment2Collection

'3B694B4A-DA65-4E60-BAE9-5796849A9586',
--TEL_Perf_TableSize

'E1201168-0A70-41B7-857E-309F8A5FB96B',
--TEL_SetupInfo

'0F40B971-AAC7-4A39-8CDA-1E023C833306'
)
--TEL_SQL_DBSchema


 

Or on those that should not contain any hashed information by changing the where clause to use not in instead of in. This should allow you to quickly check whether the results column still has data you can't understand. (Should that be the case feel free to share the ID of the row and I'll happily look into it.)


 

Obfuscated data / data hashing and making it human readable again

The last ID '0F40B971-AAC7-4A39-8CDA-1E023C833306' contains the full schema of your Configuration Manager database as collected by the TEL_SQL_DBSCHEMA stored procedure. When you look at the stored procedure definition you'll notice that it runs the following query to collect the data:


SELECT dbo.fnConvertBinaryToBase64String(


dbo.fnMDMCalculateHash(CONVERT(VARBINARY(MAX), DS.ObjectName),
'SHA256'))
AS ObjectNameHash,

DS.ObjectVersion AS ObjectVersion,

DS.UpdatedBy AS UpdatedBy,

DS.ObjectHash As ObjectHash


FROM dbo.DBSchema DS


INNER
JOIN SC_SiteDefinition SS


ON DS.SiteNumber = SS.SiteNumber


WHERE
ISNULL(SS.parentsitecode,
N'')
= N''


 

As should be apparent, the objectnames are obfuscated in this stored procedure. Should you like to know what the obfuscated data really means you can modify the query slightly and another item in the select section of the query to include the data before it is hashed like so:


 


SELECT DS.ObjectName, dbo.fnConvertBinaryToBase64String(


dbo.fnMDMCalculateHash(CONVERT(VARBINARY(MAX), DS.ObjectName),
'SHA256'))
AS ObjectNameHash,

     DS.ObjectVersion AS ObjectVersion,

DS.UpdatedBy AS UpdatedBy,

DS.ObjectHash As ObjectHash


FROM dbo.DBSchema DS


INNER
JOIN SC_SiteDefinition SS


ON DS.SiteNumber = SS.SiteNumber


WHERE
ISNULL(SS.parentsitecode,
N'')
= N''



 

As you can see, all I did was include the column DS.ObjectName before it was hashed so you could see it in readable format alongside the hashed format. The reason they hash the data in this particular instance is because your're schema could contain your company name, or other privacy sensitive data. The most likely way this would end up in your schema is by including that information in the names of your custom hardware inventory classes.

This is just one of the 8 queries that might contain hashed data, but the mechanism above is repeatable for the other stored procedures. I'll add the queries needed to represent the cleartext data and the hashed variant over the next couple of days.

Enjoy.
"The M in WMI stands for Magic"
""Everyone is an expert at something" Kim Oppalfens - ConfigMgr Expert for lack of any other expertise
System Center Configuration Manager MVP
http://www.scug.be/thewmiguy/default.aspx

http://www.linkedin.com/in/kimoppalfens

http://twitter.com/thewmiguy

SCCM vNext updates and servicing feature!

1:55 pm in ConfigMgr by The WMI guy

Hi All,

Feature Explained

On the 23rd of September 2015 the ConfigMgr Product team released a blog on an update for Configuration Manager Technical Preview 3, or the new and upcoming version of SCCM, known by many as SCCM vNext. The blogpost contained roughly 321 words. (Yes I did put that in there to weasel you into going in and counting the words J)

The shortness of the blog, and it's number of words, in my opinion, doesn't do justice to the importance of this new feature called CM Updates, Updates and servicing or Easy setup, depending on who you talk to. This feature is the way forward for the product team to update the next release of Configuration Manager, and might well replace Service packs and/or CU's in the future. One of the challenges for the CM product team has always been to find the right "release vehicle". Release vehicles are a means to get updates out to the install base, and at present are usually one of these:

  • New release
  • Service pack
  • Cumulative Update
  • Web release/download

The first 2 in that list, are at least perceived as disruptive to the systems management service, while Cumulative Updates have quite different perceptions across different IT departments and companies. But there's definitely a set of IT departments that consider the CU's, and their installation disruptive as well. That means all sorts of things come into play when any of these are released, release management, a rollback plan, the change advisory board to name a few. The ambition of CM updates is to alleviate that pain through an integrated servicing mechanism much like other software that auto-updates, yet with admin approval.

Or in the words of the blog: "This update is the first to be delivered through our new "Updates and Servicing" node in the product. Moving forward, this is how you should expect to receive Technical Preview updates. When System Center Configuration Manager becomes generally available in Q4 of this calendar year, we will continue to use this same channel to provide a faster, lighter and easier update experience for new features, bug fixes, and more."

People already involved with Microsoft Intune in a Hybrid scenario will see a lot of similarities with what is called the weave feature to download mobile device management extensions and enable/install these extensions. This should not come as a surprise, as one of the driving factors behind weave was the speed with which new versions and features of IOS, Android and Windows Phone were released. The mobile device management market is rapidly growing and evolving, and needed it's own release vehicle, that release vehicle became 'Extensions for Microsoft Intune' a.k.a weave. Now, with Windows 10 entering the Windows as a service-era, with things like the current branch potentially upgrading every 10 months, Microsoft needed something similar to update general CM items, and not just mobile device management related items. The blog released yesterday was the announcement of "the very first real world public test of this mechanism!". The announcement itself lacked a bit of enthusiasm, but this is a feature that I am excited about for the future of CM.

This feature can update and deliver fixes and features for:

  • Site servers
  • SMS_Provider
  • Configuration Manager console
  • Configuration manager clients

Which should provide the necessary flexibility to update just about anything, as this allows the product team to update, the ConfigMgr File system, the Admin UI file system, the database (Data as well as new tables, views, Stored procedres,…, as WMI)

Feature documentation

The announcement itself didn't go into much detail explaining how the future worked, however did contain a link to the documentation of the Microsoft System Center Configuration Manager Technical Preview. This page contains a section on "Updates and servicing" which gives some insight into how this all operates.

Some important items in that documentation, are highlighted below, but I do encourage you to go and read the doc itself to get all the nitty gritty details

First of all, this entire process is driven by a new site system role called the cloud connection point, which replaces the Microsoft Intune connector site system role. In the current tech preview (Release 3), the cloud connection point needs to be installed on the primary site server and needs internet access. Both of these limitations are expected to be resolved in a subsequent release, and an offline procedure is planned for a future release, as mentioned in the comments section of the blog.

Other limitations: Os language must be English, and you must set your date/time format to this absolutely weird way of throwing days, months and years in some random order called MM-DD-YYYY. Not sure who ever came up with that way of noting dates, but apparently that's what we need to use. In testing and hearing experiences from others, this is the number one deal-breaker: The update process itself seems to be rock-solid, assuming you set your Date/time format accordingly.

New updates are checked for every 7 days, since the install date of the environment. According to the docs a restart of the SMS_executive service triggers the check for updates as well. I'd venture a guess that restarting the SMS_DMP_Downloader might trick it as well, which would be less disruptive. (To be tested).

Once the updates are downloaded you'll find them in Administration > Cloud Services > Updates and Services as available, you can subsequently click Install Update Pack

As a final note, just running the prerequisite checker standalone, from this same node, doesn't work in the current build. Triggering this will perform the install as well.

Feature at work – The server upgrade

  1. Step 1 would be to restart your sms_executive service if the update hasn't arrive in your Updates and Services node.
  2. The update should arrive and be in the downloading state for a while. You can monitor the download progress in the DMPDownloader.log the log should contains lines similar to:

EasySetupDownload thread is starting... $$<SMS_DMP_DOWNLOADER><09-22-2015 21:21:36.981-120><thread=4700 (0x125C)>

Download Easy setup payloads~~ $$<SMS_DMP_DOWNLOADER><09-22-2015 21:21:37.008-120><thread=4700 (0x125C)>

Get manifest.cab url~~ $$<SMS_DMP_DOWNLOADER><09-22-2015 21:21:37.012-120><thread=4700 (0x125C)>

Successfully write the update meta into outbox for package dcd17922-2c96-4bd7-b72d-e9159582cdf2~~ $$<SMS_DMP_DOWNLOADER><09-22-2015 21:40:36.934-120><thread=4700 (0x125C)>

  1. This particular update is somewhere between 800 and 900 Mbytes, so depending on your internet connection speed, it might take a while to download everything. In my particular experience, mumbling "patience is a virtue" over and over again had neither a positive nor negative impact on the download speed.
  2. Once downloaded you should see the update in your <CM Install Folder>\EasySetupPayLoad


  3.  

  4. If the update arrive your UI should look like the 2 screenshots below, and have the update state listed as Available.

  5. Once the update's state switches to the available state, you can launch the "Install Update Pack" action from the Quick access toolbar, which provides you with the details of the CM Update and the ability to ignore prereq check warnings. (Feel free to leave this unchecked in the current build as warnings are ignored no matter what you select).

  6. Next, you need to read the License agreement, and accept them. Yes, the idea is that you read them first.

  7. Subsequently you can chose to upgrade all your clients at once, or perform testing to a pre-production collection you specify. This ties into the client updating feature that was enhanced in CM2012SP1CU1 to also support cumulative update releases as opposed to the original behavior which only supported service packs.

  8. The rest of the wizard doesn't provide you with any options to configure, find screenshots below for completeness.



  9. At this point the Administration node will list the Update in a state "installing". Depending on your environment this installation might take a while to complete.
  10. Logfiles involved during this upgrade are dmpdownloader.log, sitecomp.log and cmupdate.log and obviously the logs for prereq checking and setup which in my case are looked in the root of the c:\ drive.

  11. In the file system you'll also notice the downloaded files are being copied to a brand new folder in your site server installation called CMUStaging
  12. Upon successful installation the Monitoring\Overview\Site Servicing status should contain a status of installed
  13. And the about screen should contain a version of 1509, please note that the Console versions and Site version remain at 5.0.8299.1000



  14.  

Feature at work – The admin ui upgrade

Once the server is upgraded, the next time the admin ui is opened you'll be prompted by a message asking you to upgrade your admin UI to the newest version. Much like the request to enable new extensions for Intune when they have arrived. This is a similar system and poses the same challenges, you'll have to be an administrator and have the ability to install the upgrade for this to work successfully.



  1. Again this is a fairly regular install, so you can monitor progress by following the ConfigMgrAdminUISetup and its verbose variant.


 



 

Personal observations – Notes from the field Lab

The process appears to be fairly solid in several tests I've ran, as long as you make sure you have the DateTime format set to MM-DD-YYYY, I know, it's an American thing, get over it. They'll come to their senses one day and adopt Metric, 220Volt and a sensible datetime format, and might even come up with a proper name for that sport where you're seldomly allowed to use your foot. (Don't hold your breath, for now).

Troubleshooting

If you managed to break the upgrade anyway, have a look at the troubleshooting section in the link provide in the documentation section. But it roughly comes down to

  1. Make sure you set the datetime format correctly
  2. Are you 100% positive you verified item 1
  3. Really?
  4. If you goofed up on 1-3 run the following command in SQL Management studio, after typing a full page in Word with the sentence "I am a goof!"

    EXEC spCMUSetUpdatePackageState N'dcd17922-2c96-4bd7-b72d-e9159582cdf2', 262146, N''

Wmi

5 new WMI classes have surfaced that seem to be related to this feature:

  • SMS_CM_UpdateFeatures (0 Instances, 1 method (UpdateFeatureExposureStatus)
  • SMS_CM_UpdatePackageFeatures (0 Instances, 1 method (UpdateFeatureExposureStatus)
  • SMS_CM_Update_Packages (1 instance with guid of update, 2 methods (IsCurrentWorkingUpdatePackage, updatePrereqAndStateFlags)
  • SMS_CM_UpdatePackageSiteStatus (1 instance with guid of update, no methods)
  • SMS_CM_UpdatePackDetailedSiteStatus (multiple instances with different steps ranging from prereq checking to actual install steps. (State 3, appears to be success (to be validated)

SQL

5 new views where created related to the 5 WMI classes above:

  • Vsms_CM_updatefeatures
  • vSMS_CM_UpdatePackageFeatures
  • vSMS_CM_UpdatePackages
  • vSMS_CM_UpdatePackageSiteStatus
  • vSMS_CM_LatestInstalledPackageFeatures

10 Stored procedures have surfaced that appear to be related to this new servicing feature


20 new tables have surfaced that appear to be related to this new servicing feature



 

Enjoy.
"The M in WMI stands for Magic"
""Everyone is an expert at something" Kim Oppalfens - ConfigMgr Expert for lack of any other expertise
System Center Configuration Manager MVP
http://www.scug.be/blogs/sccm/default.aspx

http://www.linkedin.com/in/kimoppalfens

http://twitter.com/thewmiguy

My quest for the RDP deployment type from the ConfigMgr SDK (Part 1)

9:02 am in ConfigMgr by The WMI guy

Technet Library Bing search Providers are back

3:55 pm in CMCE, ConfigMgr, ConfigMgr by The WMI guy

Hi All,

Because I messed up my lab, the search provider buttons to install the System Center Search providers have been offline for a while.

A certain individual (Brainy dude from Minesoooota) gave me a rough time about it, so today I put in an effort to get them back online.

People that have a desire for search providers for different sections can let me know through the comments section at the bottom of this post or @thewmigy

These search providers use Bing as Google as a search engine lacks support for the Meta keyword that is used in them. Should anyone know how to use google to achieve the same thing, just let me know on twitter @thewmiguy. Likewise, if anyone wants these to use Yahoo,again, just let me know.
I put the buttons up on an Office 365 webpage as wordpress appears to be quirky when trying to use buttons in a post. S
Install instructions:
1) browse to http://www.oscc.be/tn-library-searchpage
2) Click the button for the search provider to install and click Ok

Usage instruction IE
1) In the address bar click the arrow pointing down
2) Hover over the search providers and select the one you want to use
3) Type the search string in the address bar and press enter

Usage instructions Google Chrome
1) In the address bar type the Name you've given your search provider, press enter
2) Eg: CM12 "Software Updates"

Technorati Tags:
Tags van Technorati: ,

OSCCD32aR00aP02ZL
Enjoy.
"The M in WMI stands for Magic"
""Everyone is an expert at someting" Kim Oppalfens - ConfigMgr Expert for lack of any other expertise
System Center Configuration Manager MVP
http://www.scug.be/blogs/sccm/default.aspx

http://www.linkedin.com/in/kimoppalfens

http://twitter.com/thewmiguy

Turns out Wally is somewhat right (about reading logfiles)

11:18 am in ConfigMgr by The WMI guy

Hi All,

It's been a while since I blogged anything, so for those of you wondering yes, I am still alive. Been pretty busy over the past year doing live presentations at several events, but blogging has suffered a bit. This is a first post in an attempt to pickup blogging again, or at least that’s the intention.

I’ll start of this blogpost with setting something straight, at one of my public speaking sessions a while back, I made the bold statement that Wally was wrong* (about his preferred tool for reading log files). For those of you wondering, it was at a 10 minute presentation I did at the last MMS in Las Vegas as part of the MVP Experts panel. More specifically, it was during session UD-B320: Configuration Manager 2012: MVP Experts Panel. The session itself can still be found online at channel 9 here.

Turns out, as often is the case when you make bold statements, Wally’s not wrong at all. In fact he’s somewhat right, CMTrace is indeed the second best log viewer tool to read Configuration Manager logfiles.

No, I didn’t all of a sudden turn into a notepad believer, the number 1 log file viewer tool for SCCM that I advise everyone to start using is actually part of the new Configuration Manager Support Center. This tool is part of a new toolset in troubleshooting ConfigMgr related issues provided to us by the product team, and can be downloaded here http://www.microsoft.com/en-us/download/details.aspx?id=42645 . Additionally, you can find an initial description of the tool on the ConfigMgr team blog here: http://blogs.technet.com/b/configmgrteam/archive/2014/05/06/system-center-2012-configuration-manager-support-center-tool-has-been-released.aspx

So why do I consider this the best log file viewer available? There are a couple of reasons, but for this blog post I’ll just focus on a single use case. Last week, at another happy customer, I had to troubleshoot client to management point communication, more specifically hardware inventory communication. Now, Kim, that’s easy enough, anyone with a little operational experience knows that all this takes is looking through the inventoryagent.log on the client, the mp_hinv.log on the management point, and the dataldr.log on the site server. Now, obviously the client I had to troubleshoot was neither running on the mp, nor on the site server, and the site server and management points where obviously on different machines as well. to make matters worse, the customer had no less than 3 MP’s to create a nice load balanced environment. Those of you present at my MMS 2013 presentation, or those of you that took the time to actually look at the Channel 9 video will know I am a big advocate for merging logfiles to get the overview of what is going on.

So here’s, what I was able to do with the assistance of the new Support Center Logfile viewer:

.\CMLogViewer.exe ‘\\client\c$\windows\ccm\logs\inventoryagent.log, '\\mpsup1\e$\SMS_CCM\Logs\MP_Hinv.log' , '\\mpsup2\e$\SMS_CCM\Logs\MP_Hinv.log', '\\SiteServer\e$\program files\Microsoft Configuration Manager\Logs\dataldr.log'

As you might have noted, all I did was specify the UNC paths to the relevant logfiles and comma separated them. This opens all logfiles I needed merged, without me having to know which mp’s the client used to actually send it’s hardware inventory along. There’s pleny of scenarios where this is useful. Multiple sms providers is another that comes to mind.

PS: There’s still a small issue in the Support Center Logfile viewer where it crashes when you specify an inaccessible logfile in this way.

Thank you, Adam Meltzer, for making my life that tad bit easier, yet again.

-- Enjoy. "The M in WMI stands for Magic"
"Everyone is an expert at something"

Kim Oppalfens - ConfigMgr Expert for lack of any other expertise
System Center Configuration Manager MVP – Belgium MEET member

mail: Kim.oppalfens@oscc.be
http://www.scug.be/thewmiguy

http://www.linkedin.com/in/kimoppalfens

http://twitter.com/thewmiguy

Met dank voor het spelchecken aan Rafëal Aubert: https://www.linkedin.com/in/rafaelaubert

ConfigMgr 2012 RB A through Z webinar

8:08 am in ConfigMgr, RBA, SCCM by The WMI guy

Hi All,

It's been a while since I blogged anything, so for those of you wondering yes, I am still alive. Been pretty busy over the past year doing live presentations at several events, but blogging has suffered a bit. This is a quick blog post to announce that I'll be doing another live webinar. I still love doing those, and this one is scheduled for next week already.

The registration page can be found over here: http://bit.ly/17i2lrj

Session title: ConfigMgr 2012: RBA through Z
Session Abstract: System Center Configuration Manager comes with a completely revamped security model. The feature was named Role Based Administration or RBA for short. In this session we'll go beyond the basics of security scopes, roles and collections to give you a deeper understanding of the possibilities of this new security model. Kim Oppalfens, who's been an sms/configmgr/enterprise client management mvp for the past 10 years will walk you through some real life example scenarios and will explain how you work these into the new model.

-- Enjoy. "The M in WMI stands for Magic"
"Everyone is an expert at someting" Kim Oppalfens - ConfigMgr Expert for lack of any other expertise
System Center Configuration Manager MVP
http://www.scug.be/blogs/sccm/default.aspx

http://www.linkedin.com/in/kimoppalfens

http://twitter.com/thewmiguy