Archive

Posts Tagged ‘SCCM’

Track Local Network Shares on SCCM 2007

Hi,

If you need to find all the local shares that users create on their computer this post might be good for you,

The first thing you need to do is to edit the sms_def.mof file for the client to start reporting of his local shares\

  1. Open the file …\Microsoft Configuration Manager\Inboxes\clifiles.src\hinv\sms_def.mof with your notepad
  2. search for   SMS_Group_Name (“Shares”), 
  3. You can change all the FALSE parameters to TRUE, or just the SMS_Report, Name and Path
  4. Now you need to wait, it can take some time that the client will start reporting about his shares

The second thing to do is to build a small report, you can use a basic report that show all the shares

SELECT TOP (100) PERCENT dbo.v_GS_SHARE.ResourceID, dbo.v_R_System.Name0 AS Hostname, dbo.v_GS_SHARE.Name0 AS ShareName,
dbo.v_GS_SHARE.Path0 AS Path
FROM dbo.v_GS_SHARE INNER JOIN
dbo.v_R_System ON dbo.v_GS_SHARE.ResourceID = dbo.v_R_System.ResourceID

Or you can use some filter to disable administrative shares

SELECT TOP (100) PERCENT dbo.v_GS_SHARE.ResourceID, dbo.v_R_System.Name0 AS Hostname, dbo.v_GS_SHARE.Name0 AS ShareName,
dbo.v_GS_SHARE.Path0 AS Path
FROM dbo.v_GS_SHARE INNER JOIN
dbo.v_R_System ON dbo.v_GS_SHARE.ResourceID = dbo.v_R_System.ResourceID
WHERE (dbo.v_GS_SHARE.Name0 NOT LIKE ‘_$’) AND (dbo.v_GS_SHARE.Name0 <> ‘admin$’) AND (dbo.v_GS_SHARE.Name0 <> ‘ipc$’)

I’m done here , on my next post I’ll show how to generate report of permission of those shares.

The Complete Guide To Deploy 3rd Party Update Via WSUS Infrastructure

07/04/2013 2 comments

One of the annoying things with non-Microsoft vendors is their large amount of update (for example Adobe Flash) and the lack of ability to manage it in your company’s computers

In this post I’m assuming that you already have WSUS infrastructure in your organization, and if not you should have it before trying to do the following steps. (I hope that someday I have the time to publish my WSUS best practice from my experience).

Don’t you want to see this thing on your computers?

scup3

scup4

Well, let’s start

  1. Local Update Publisher

Local Update Publisher (LUP), is a software that allow system administrators to publish their own update or 3rd party update   using WSUS Local Publishing.

You can download it here and install it on your WSUS server, there is an installation manual in this link.

  1. Certification

The most difficult issue in this the ExportImport of the WSUS Certification, the LUP WIKI don’t showing the way to do it right

The WSUS Server need to issue itself a certification, and this certification need to installed in all WSUS clients.

What you really need to remember is that the Exported Certification needs to be 2046 Bit, and you need to deploy it with group policy to computers in to places:

    • Trusted Root Certification Authorities.
    • Trusted Publishers.

 

  1. WSUS policy

One more Change that you need to do is on the WSUS GPO (or computer registry if you don’t manage it with policy)

In the GPO (computer configuration > policies > administrative templates > windows components > Windows Update) you should enable: “Allow signed updates from an internet Microsoft update service location”

The registry value that Present this policy is AcceptTrustedPublisherCerts in :  HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdate

Need to look like that: “AcceptTrustedPublisherCerts”=dword:00000001

  1. XML Import

The next step is to go 3rd-party  vendors site and search for distribution terms of their products (like: SCUP, SCCM, SMS,  etc.)

For example:

FLASH: http://www.adobe.com/licensing/distribution/strategies/sms.html

Acrobat Reader: http://www.adobe.com/devnet-docs/acrobatetk/tools/AdminGuide/sccm.html

Now what you have to do is to import the catalogue file into the LUP, select the versions you want to import and the LUP will download it from the site

123

Now approve the update to the group you want (like you do in WSUS)

You can also create an update by your own, I Didn’t try it yet…

scup5

HowTo Create SCCM collection based on failed advertisement

Hello
I came across with advertisment that failed 50% because of some setting wrong,

Before installation of the software requested was necessary to install a specific patch failed computers,
I found the following query that finds the computers that have failed in the original Advertisment

SELECT sys.ResourceID,sys.ResourceType,sys.Name,sys.SMSUniqueIdentifier,sys.ResourceDomainORWorkgroup,sys.Client FROM sms_r_system as sys inner join SMS_ClientAdvertisementStatus as offer on sys.ResourceID=offer.ResourceID WHERE AdvertisementID = ‘XXX#####’ and LastStateName = “Failed”

You know the rest here,

Yair

Categories: SCCM Tags: , ,

How-to create collection based on MAC address or UUID

22/04/2011 1 comment

Hi all

I Use this collection to “find unknown” computers  for deploy OSD over PXE, to make the resource unknown i need to delete it, but I don’t know the name of the resource only the MAC / UUID that shown in the PXE boot.

First create a new collection and the member ship rules should be based on query like the images below:

 That’s it,

Yair

Categories: Microsoft, SCCM Tags: , , , ,

PXE not working after restating the sccm 2007 server

Hi All,

Our SCCM server contain the PXE Service Point and WDS (DHCP on another server) – The server is A Virtual Server

Every time we needed to restart the server, the PXE didn’t worked, and we received the cursed TFTP Error….

So i tried to fix this issue by removing the PXE Service point, and reinstalling, but  i needed to create distribution points again to all my software/images

So, after 6 month, i solves this issue

  1. Restart the WDS Service
  2. Restart The PXE Service
  3. Update the Distribution points of the Boot image, x86 and X64 as well, i don’t know why it’s worked, but it fixed it.

Yair

How To Install The Accurate Driver Package For Specific Computer Model Using WMI Query (SCCM OSD)

Hi All,

This Howto guide will show you how-to install in the OSD TS the Accurate Driver Package For Specific computer model

First Create Driver Package For Each Computer Model

Then, In the OSD TS, Create Apply Driver Package For Each Model (Like The Picture Bellow)

Then, In the Option Tab, use WMI Query, to Determine If this Package Will Apply to this Computer

The syntax Shuld be like this:

SELECT Model FROM Win32_ComputerSystem WHERE Model like ‘%Latitude E4300%’

Thats it,

Yair

PST Inventory With SCCM

09/01/2011 4 comments

Hi,

We are about to implement Symantec Enterprise Vault and we need to estimate our PST size on our laptops,

So I set the Inventory Collection (Site management ->Site name -> Site settings -> Client agents (properties) -> software inventory client agent)

It will take a few days until the DB will be entered with the information we need, (I set up the software inventory schedule to run every 1 day for the first week, after i have all the information i’ll set it back to run every 7 days as the default setting)

Now There is few ways to see the PST data:

1. Use built-in report called Computers with a specific file and in the file name use %.PST

You should see something like:

2. Use Custom Report For PST as I found on System Center Forum by John Marcum

PST’s on a Client

select Sys.Name0, Sys.User_Name0, SF.FileName, SF.FilePath, SF.FileSize/1024 as Megs
from v_R_System Sys INNER JOIN v_GS_SoftwareFile SF on
Sys.ResourceID = SF.ResourceID
where SF.FileName like ‘%’+’.PST’ and Sys.Name0= @System
Order by SF.FileName

PST’s on Client Count

select Sys.Name0, Sys.User_Name0,
Count(SF.FileName) as FileCount,
Sum(SF.FileSize/1024/1024) as ‘Megs Used’
from v_R_System Sys INNER JOIN v_GS_SoftwareFile SF on
Sys.ResourceID = SF.ResourceID
where SF.FileName like ‘%’+’.PST’ and SF.FileSize/1024/1024 > 0
Group by Sys.Name0, Sys.User_Name0
having Count(SF.FileName) > 1 order by Sys.Name0 Desc

That’s It,

yair