Resolved software delployment issue

Well it appears I managed to get it working without the schema update. I agree the schema update makes things easier and I am expecting more issues until this update is done but I was personally kept from being able to run the update because our Change Control wouldn't allow it.

The major deviation from setting up SCCM (from here http://www.windows-noob.com/forums/index.php?/topic/1064-sccm-2007-guides/ ) is that I disabled updating AD. I did this because of all the errors I got with SCCM trying to update itself in AD and until we extend the schema it's not going to work anyway. This is in the properties of the site.

Then what I changed was the command line information for SCCM's client installation. I had to manually specify all the settings so the client knew where it was pointing to. This is a requirement when you have a server locator point instead of an extended schema.

This is the syntax I added CCMSETUP.EXE /noservice SMSMP=tstsccm SMSSITECODE=rg6 smslp=TSTSCCM

This was in the properties of the program

Now I also followed instructions for WSUS config and noticed the client inside the package said yes under WSUS but not under the Adobe pack. I decided to remove the query information all together to make it manually add itself and requery and then this showed the client was "yes". I did that because I had tried reinstalling the client a million times and never once did the actual client say it was "yes".

After this the software install and udpates started right up.

Troubleshooting SCCM Software package distribution

Disclaimer… while writing this post I noticed a lot of errors all over the place under system status. These issues I encountered were encountered yesterday without all of these errors occurring. I will start looking into the errors however from first glance they appear to be WSUS related which is not what I’m writing about here. I did notice a management point error explaining it’s not responding to HTTP requests (I just installed the Reporting Point yesterday so there might be a conflict between the two items using port 80?).

What I am trying to figure out is why my test machine isn't responding to advertisements... I am trying to figure this out because obviously the software isn't installing from the pack.

Here's what I have configured...

I followed The instructions from here to configure SCCM however I did it on a windows 2003 server instead of 2008. It is a virtual Server running on VMWare ESXI. I have not extended the schema or added anything via adsi edit.

I have successfully setup deployment of Windows XP for multiple versions of hardware which include software and driver installation specific to the hardware.

This software package I created is the first package so far. It is adobe reader 9. I set the package up by creating a transform file through Adobe's Customization Wizard 9.

Here is the command line listed in the software pack which works if I run it manually from a computer... *(I mean from the command line I can run this command but obviously because it is remotely and manual I have to designate the full network paths of the files)

- What I am noticing is that the PC’s Configuration manager does not know what SCCM site it is in.

- I am not seeing any advertised software from "Run Advertised Programs

- I am also getting a lot of warnings on the client when I try to run the “repair” from the configuration manager.

Event Type: Warning
Event Source: WinMgmt
Event Category: None
Event ID: 63
Date: 11/16/2009
Time: 4:47:30 PM
User: NT AUTHORITY\SYSTEM
Computer: THIRDIMAGE
Description:
A provider, PolicyAgentInstanceProvider, has been registered in the WMI namespace, root\ccm\Policy\S_1_5_21_1504005034_1371222036_1539857752_8570, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.


Event Type: Warning
Event Source: WinMgmt
Event Category: None
Event ID: 63
Date: 11/16/2009
Time: 4:47:30 PM
User: NT AUTHORITY\SYSTEM
Computer: THIRDIMAGE
Description:
A provider, PolicyAgentInstanceProvider, has been registered in the WMI namespace, root\ccm\Policy\Machine, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Event Type: Warning
Event Source: WinMgmt
Event Category: None
Event ID: 63
Date: 11/16/2009
Time: 4:47:30 PM
User: NT AUTHORITY\SYSTEM
Computer: THIRDIMAGE
Description:
A provider, AMTInvProvider, has been registered in the WMI namespace, root\cimv2\SMS, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Event Type: Warning
Event Source: WinMgmt
Event Category: None
Event ID: 63
Date: 11/16/2009
Time: 4:47:29 PM
User: NT AUTHORITY\SYSTEM
Computer: THIRDIMAGE
Description:
A provider, AMTProvisionProvider, has been registered in the WMI namespace, root\CCM, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Event Type: Warning
Event Source: WinMgmt
Event Category: None
Event ID: 5603
Date: 11/16/2009
Time: 4:47:29 PM
User: NT AUTHORITY\SYSTEM
Computer: THIRDIMAGE
Description:
A provider, BcdProv, has been registered in the WMI namespace, root\wmi, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

Event Type: Warning
Event Source: WinMgmt
Event Category: None
Event ID: 63
Date: 11/16/2009
Time: 4:47:27 PM
User: NT AUTHORITY\SYSTEM
Computer: THIRDIMAGE
Description:
A provider, AAInstProv, has been registered in the WMI namespace, root\cimv2\sms, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

- Now from the server side what I did was create a collection with this query to designate the security group I created for this package named adobe reader 9.
select.

SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.SystemGroupName = "RMS\\Adobe Reader 9"

- This is what I am seeing with regard to the Advertisement status for this package.

- When I look at a report of the active advertisements I see this
Report Name:
Status of a specific advertisement
Category:
Software Distribution - Advertisement Status
Comment:

- This report shows the status summary of all resources that have been targeted by an advertisement. The summary is broken into two parts. Acceptance status will summarize how many resources have received, rejected, or not yet received the advertisement. Delivery status will summarize the resources that have run or attempted to run the program being advertised.
Parameters:
Advertisement ID
RG62000B
Status of a specific advertisement
Top of Form
11/17/2009 9:31:34 AM
(Number of Records: 0)
No matching records could be found.

11/17/2009 9:31:34 AM
(Number of Records: 0)

Bottom of Form

Setting up a build and capture on SCCM2007 for Windows XP SP3

Originally following this guide http://www.windows-noob.com/forums/index.php?/topic/1064-sccm-2007-guides/


Found HRESULT=8007005 and "failed to connect to tstsccm but investigating that error didn't get me anywhere.

The error 0x80040103 combined with LOG[Failed to connect to "\\tstsccm\smspkge$\rc00006 which was the package for the client install that I installed before. per this comment

"if that package definetly exists and you can browse to it from another computer then simply try to recreate the package again (remove old one, delete it from DPs and recreate the package,

sometimes I've seen times where a package looks ok, can be accessed ok but fails in OSD and sometimes the only fix is to rebuild and redistribute the package"

From http://social.technet.microsoft.com/Forums/en-US/configmgrosd/thread/14732dc4-5f5d-4019-8c10-f45f5c5f09cc

I removed and recreated the package and then removed and recreated the task sequence and advertisement. I tried again and got the same error but this time on the package for the boot image.

Researching that error on the boot image led me to this comment
"i think i have cracked it.

i did not set the network access account in the client agent setting initially. once i set that, the task sequence has started. "

from http://www.windows-noob.com/forums/index.php?/topic/587-task-sequence-not-working/page__hl__0x80040103__fromsearch__1

which then gave a link on instructions on how to do this here http://www.windows-noob.com/forums/index.php?/topic/491-how-can-i-configure-sccm-2007-sp1-in-windows-server-2008/

I followed the instructions to configure the client agent properties. I added an account for read access and made it a basic user then added that user.

Tried it again and that worked.

Excellent group of articles on how to setup SCCM 2007

Everything from installing and configuring SCCM 2007 to OS & Software deployments from beginning to end.

http://www.windows-noob.com/forums/index.php?/topic/1064-sccm-2007-guides/

Managing Distribution Points in SCCM

After installing SCCM 2007 I started trying to create image capture media by following the instructions here http://technet.microsoft.com/en-us/library/bb694129.aspx

specifically this part - "5.Select the boot image that should be associated with the media. Click the Browse button to specify the computer architecture to be targeted with the captured image in the Select a Boot Image dialog box. Boot images must be available on one or more distribution points. For more information on distributing boot images, see Manage Distribution Points (Operating System Deployment). To specify the distribution point that contains the specified boot image, use the drop down list of available distribution points. Click OK."

I tried updating the distribution points with the images for the media creation to see the available distribution point in the wizard.

I followed this set of instructions http://publib.boulder.ibm.com/infocenter/toolsctr/v1r0/index.jsp?topic=/dpsccm/dpsccm_t_troubleshooting_pxe_error.html

I found out that I needed to manually copy the images to the distribution point for it to show up. i followed the same instructions to copy as I did to update however I selected Manage instead of update. This took me to a wizard that allowed me to designate the server as a Distribution point.

Configure incoming email on MOSS 2007

http://www.combined-knowledge.com/Downloads/2007/How%20to%20configure%20Email%20Enabled%20Lists%20in%20Moss2007%20RTM%20using%20Exchange%202003.pdf


Found out about this guide through http://www.michaelmarkel.com/2008/06/incoming-email-in-sharepoint.html

Risk assessment and proposal for VMWare

Problem, and risk assessment in our current environment and suggested solutions for them.

Problem – Rack Space is limited, hardware utilization is at 10%, cost per server roll is high which creates a struggle for prioritizing and justifying IT projects, and power consumption is unnecessarily very high.
Solution – All of these issues are resolved with VMWare infrastructure server.
VMWare infrastructure adds 70% hardware utilization which allows for 95% less hardware. This reduces cost in hardware that will pay for the DR solution and reduce cost of environment and decrease space utilization and battery / power consumption.

Problem - Current environment lacks flexibility. Implementation for new servers is time consuming and dependant on “build to order” servers for new projects. Demand for IT projects greatly exceeds IT capacity. IT is redeploying IT resources (which causes further delays).
Solution – Virtualization adds the flexibility by harnessing the full power of our hardware, decreasing server provisioning time, and freedom to test configuration changes and new solutions without commitment of hardware expenses.

Problem - Current Maintenance and testing is done on “test” servers which can add unnecessary hardware expense, its manual, time consuming and difficult to recover in the event of problem.
Solution - VMotion and DRS.
VMotion and DRS enable non-disruptive maintenance
a. enables VM migration without downtime for applications and users.
b. DRS makes it easy to perform server maintenance without downtime for applications and users.
c. Snap shot technology gives us recovery in a few minutes from any change made to a server instead of a few days.
d. Test servers that are virtualized don’t use hardware resources unless they’re turned on. Test servers that have been virtualized don’t need a separate “test” server set aside through the ability to recover from snapshots.

Problem- Complex / hardware dependent environments create unreliability. Out of warranty production servers make us vulnerable to high amounts of downtime due to lack of resources.
- Fact: 1 of 4 organizations had significant disruption in their systems. 24% of those outages were > 24 hours
- Fact: Almost 60% of surveyed companies incurred significant financial trouble as a result.
Current solution- Rebuilding servers from backup, if out of warranty hardware fails we don’t have a plan in place. This creates slow, significant downtime, is hardware, driver, firmware dependent.
Potential solution- Standby server – Expensive, hard to maintain
Current solution- Clustering – Complexity
Proposed Solution - Using virtual hardware coupled with the HA (High Availability) and VMotion components of VMWare. Added benefits of these solutions include;

a. High Availability – automatically restarts VM’s.
b. Hardware independent.
c. Easy to implement and configure.
d. Replication of system state ensures a VM has all it needs to startup.
e. Easier testing.
f. More reliable
G. Achieve company recovery time objectives.
H. Make disaster recovery faster and more reliable through automation.

Problem - Complex OS and software recovery processes creates vulnerability and added downtime when OS and software corruption occur.

Current Solution – Attempt to resolve through diagnostics and as a last resort we’ll do a manual reinstallation and configuration.
Proposed Solution- Software and OS recovery issue is resolved with VMWare Infrastructure backups.

Non-disruptive to applications and users

Provide Off-host backup using standard backup software

Restoration is simplified and more reliable.

Time to restore or resolve takes minutes instead of hours or days