A little confused on vPro and SCCM 2012 R2

Hi folks. I have a question regarding vPro and SCCM, hopefully someone can help.
Do I need an SCS sever to integrate and provision vPro devices with SCCM 2012 R2?
I basically just want to be able to remotely provision the devices for vPro (certs ect) and take advantage of the WOL and shutdown functionality for patch management and I would rather avoid setting up an SCS server if possible. Any advice welcome, thanks in
advance.
Best,
Pete

I really suggest that you take a look at integrating SCS, because ConfigMgr only supports these versions of the AMT (http://technet.microsoft.com/en-us/library/gg682077.aspx#BKMK_SupConfigOOB):
Intel AMT version 3.2 with a minimum revision of 3.2.1
Intel AMT version 4.0, version 4.1, and version 4.2
Intel AMT version 5.0 and version 5.2 with a minimum revision of 5.2.10
Intel AMT version 6.0 and version 6.1
And all the new PCs come with newer version of AMT.
Some guides to get you started with vPro:
http://windowsmasher.wordpress.com/2013/10/05/intel-vpro-the-basics-of-vpro/
http://blogs.bamits.com.au/2012/09/integrating-sccm-2012-with-scs-81.html

Similar Messages

  • Top 4 basic issues that are encountered in SCOM 2012 and SCCM 2012

    HI,
    I need to give a presentation on the basic issues that are encountered in SCOM 2012 and SCCm 2012.
    Can anyone help me out with this?
    Thanks in advance
    Rohith Kumar

    Hi,
    I am not familiar with SCCM, so I will give some issue I encounterred in SCOM:
    1. Not monitored and grey agent, here is an article for your reference:
    http://technet.microsoft.com/en-us/library/hh212723.aspx
    2. Failed to discover and install agents, this may caused by the action account or install account does not have proper permissions to install the agents. Some time maybe the discovery rule is not enabled.
    3. Failed to import Management Pack, this may caused by references MPs are not imported to the management group, or sometime the proper referenced MPs are imported, but there may be incorrect typing in the XML file which defines the management pack.
    4. Runas account and Action account fail. If you change password for action account, you may also need to change the password everywhere the account is used in SCOM. For run as account, if the account does not have enough right to run some tasks, we may
    encounter errors. You may refer to the below link which take SQL mp for example:
    http://blogs.technet.com/b/kevinholman/archive/2010/09/08/configuring-run-as-accounts-and-profiles-in-r2-a-sql-management-pack-example.aspx
    Regards,
    Yan Li
    Regards, Yan Li

  • Cost of Intune and SCCM 2012 r2 vs SCCM 2012 r2 ICBM

    Is there any research/info on pros and cons of SCCM 2012 using intune for internet clinet management vs SCCM 2012 r2 and ICBM?  Things like cost, supportabiliy, etc.  I have seen intune vs sccm not Intune & SCCM vs SCCM and Internet Client
    Based Management. 
    Cyndy

    Hi,
    I think the reason is that you cannot manage Windows clients using the WIndows Intune Agent and integrate it with SCCM 2012. The integration with Intune and SCCM 2012 is for Mobile Device Management only so there is no possibility to install the Windows
    Intune Agent on a client and then manage it through the SCCM Admin Console.
    THe only scenario where that would work is if you manage a Windows 8.1 with the OMA-DM agent and enroll them in Intune as a mobile device with a limited set of features.
    So ICBM is still the way to go if you need all the features in SCCM or you want one console to rule them all.
    Regards,
    Jörgen  
    -- My System Center blog ccmexec.com -- Twitter
    @ccmexec

  • Windows 8.1 Mobile Device Management and SCCM 2012 R2 - 'Turn on' option missing

    I am trying to test a virtual desktop with SCCM 2012 R2 integrated with Intune. There is no Configuration Manager client on the workstation, the Intune subscription is configured and enabled for Windows enrolment, AD is synchronizing with Intune, DNS has
    the enrolment record added and resolves, the user can logon to Intune from the client using Internet Explorer and the client has had the registry key added with the DiscoveryService  configured to manage.microsoft.com. The problem is that on
    the 8.1 workstation in Workplace Settings the only option is 'Join' and the 'Turn-on' option is missing. How do I get it to appear?

    Yes I am using an activated version of 8.1 Enterprise, it is in a workgroup and I am logged in as a member of the local Administrator's group but not Administrator. I even joined the domain again and then removed it. Still there is only the 'Join'
    option and no 'Turn on' option. This is driving me nuts.

  • Can we re-activate Adobe patches once expired in SCUP and syncronized to WSUS and SCCM 2012 as expired?

    Hi,
    I expired a couple of Adobe patches in SCUP and published them in WSUS. They got synchronized in WSUS and SCCM as expired. After about two weeks those expired patches got cleaned from SCCM ( at least from UI).
    I want to activate them again in SCUP and re-publish as active patches in SCCM. But its not working - I've tried WSUS cleanup and  SCUP cleanup already!
    Is there any way to re-active expired patches published by SCUP in WSUS and SCCM ? & How?
    Excerpt from SCUP.Log:
    PublishItem: Item 'Reader Multi Lingual User Interface 10.1.4 Update (UpdateId:'5c22235f-a3d9-48db-95eb-a60ec1886e8e' Vendor:'Adobe Systems, Inc.' Product:'Adobe Reader')' is on the update server and is expired, no publish actions are possible.

    The key here is knowing WHY those updates were "expired" in the first place.
    Most likely they were expired because they superseded another update. If so, merely duplicating and publishing won't achieve anything, because the duplicated/re-published update will also be superseded and get promptly expired again.
    Ergo, if expired because superseded, the superseding package will need to be customized to remove the supersession references and it also will need to be republished, which also means that certain other considerations may need to be taken as well ... such
    as the fact that you now have multiple packages that will conflict with one another that no longer have the requisite supersession metadata.
    Regarding this scenario. Configuration Manager 2012 introduced the option to NOT EXPIRE superseded updates, or to defer the expiration for a specified number of days. This is not a SCUP thing; it's a ConfigMgr thing.
    Configure the ConfigMgr product to behave the way you desire. Problem solved. :)
    If YOU actually expired them in SCUP... then just UNEXPIRE them and republish. Shouldn't be any need to duplicate and republish. This is what Microsoft does all the time. Expire Update 'A' Rev 100 on Monday; publish Update 'A' Rev 101 on Patch Tuesday.
    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

  • WSUS 4.0 and SCCM 2012 SP1 Sync Errors

    SCCM 2012 SP1 is installed on a Windows 2012 Std server with the WSUS 4.0 Role installed.
    All other links I have found list a 2008 R2 Server with WSUS 3.0 SP2 hence all the "fixes" revolve around hot fixes and patches/settings for WSUS 3.0 or 2008 R2 systems.
    WSUS is set for port 8530/8531
    SCCM SUP is set for ports 8530/8531
    Both are on same machine (single site SCCM 2012 SP1 System)
    What does Bad Configuration, SUPs present but no default SUP
    mean and how do I fix it?
    Recent entry in my WCM.LOG states:
    SCF change notification triggered.~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 10:54:14.401+420><thread=6052 (0x17A4)>
    Populating config from SCF  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 10:54:14.454+420><thread=6052 (0x17A4)>
    Setting new configuration state to 1 (WSUS_CONFIG_PENDING)~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 10:54:14.481+420><thread=6052 (0x17A4)>
    Changes in active SUP list detected. New active SUP List is:~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 10:54:14.489+420><thread=6052 (0x17A4)>
        SUP0: SCCM2012.xxdomainnamexx.ORG, group = , nlb = ~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 10:54:14.496+420><thread=6052 (0x17A4)>
    Updating active SUP groups...~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 10:54:14.503+420><thread=6052 (0x17A4)>
    Bad Configuration, SUPs present but no default SUP  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 10:54:14.510+420><thread=6052 (0x17A4)>
    Default SUP not specified  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 10:54:14.525+420><thread=6052 (0x17A4)>
    Setting new configuration state to 0 (WSUS_CONFIG_NONE)~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 10:54:14.535+420><thread=6052 (0x17A4)>
    Waiting for changes for 11 minutes  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 10:54:14.543+420><thread=6052 (0x17A4)>
    Wait timed out after 11 minutes while waiting for at least one trigger event.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 11:04:54.569+420><thread=6052 (0x17A4)>
    Timed Out...~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 11:05:04.577+420><thread=6052 (0x17A4)>
    Default SUP not specified  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 11:05:04.585+420><thread=6052 (0x17A4)>
    Waiting for changes for 60 minutes  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 11:05:04.592+420><thread=6052 (0x17A4)>
    Wait timed out after 60 minutes while waiting for at least one trigger event.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 12:04:54.714+420><thread=6052 (0x17A4)>
    Timed Out...~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 12:05:04.721+420><thread=6052 (0x17A4)>
    Default SUP not specified  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 12:05:04.728+420><thread=6052 (0x17A4)>
    Waiting for changes for 60 minutes  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-14-2014 12:05:04.734+420><thread=6052 (0x17A4)>
    Randall

    Here is my WCM Log from this mornings "re-attempt"
    Trigger event array index 0 ended.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:22.156+420><thread=5540 (0x15A4)>
    SCF change notification triggered.~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:27.179+420><thread=5540 (0x15A4)>
    Populating config from SCF  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:27.181+420><thread=5540 (0x15A4)>
    Setting new configuration state to 1 (WSUS_CONFIG_PENDING)~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:27.194+420><thread=5540 (0x15A4)>
    No SUPs are present  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:27.199+420><thread=5540 (0x15A4)>
    Default SUP not specified  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:27.220+420><thread=5540 (0x15A4)>
    Setting new configuration state to 0 (WSUS_CONFIG_NONE)~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:27.224+420><thread=5540 (0x15A4)>
    Waiting for changes for 24 minutes  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:27.226+420><thread=5540 (0x15A4)>
    Trigger event array index 0 ended.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:37.356+420><thread=5540 (0x15A4)>
    SCF change notification triggered.~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:42.388+420><thread=5540 (0x15A4)>
    Populating config from SCF  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:42.493+420><thread=5540 (0x15A4)>
    Setting new configuration state to 1 (WSUS_CONFIG_PENDING)~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:42.541+420><thread=5540 (0x15A4)>
    Changes in active SUP list detected. New active SUP List is:~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:42.543+420><thread=5540 (0x15A4)>
        SUP0: SCCM2012.MORTONGENERAL.ORG, group = , nlb = ~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:42.546+420><thread=5540 (0x15A4)>
    Updating active SUP groups...~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:42.550+420><thread=5540 (0x15A4)>
    Default SUP not specified  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:42.553+420><thread=5540 (0x15A4)>
    Setting new configuration state to 0 (WSUS_CONFIG_NONE)~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:42.559+420><thread=5540 (0x15A4)>
    Waiting for changes for 24 minutes  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:42.562+420><thread=5540 (0x15A4)>
    Trigger event array index 1 ended.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:42.593+420><thread=5540 (0x15A4)>
    File notification triggered.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:42.596+420><thread=5540 (0x15A4)>
    File notification triggered WCM Inbox.~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:47.611+420><thread=5540 (0x15A4)>
    Waiting for changes for 24 minutes  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:47.614+420><thread=5540 (0x15A4)>
    Trigger event array index 1 ended.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:47.617+420><thread=5540 (0x15A4)>
    File notification triggered.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:47.620+420><thread=5540 (0x15A4)>
    File notification triggered WCM Inbox.~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:52.634+420><thread=5540 (0x15A4)>
    Waiting for changes for 24 minutes  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:52.637+420><thread=5540 (0x15A4)>
    Trigger event array index 0 ended.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:52.640+420><thread=5540 (0x15A4)>
    SCF change notification triggered.~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:57.761+420><thread=5540 (0x15A4)>
    Populating config from SCF  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:57.798+420><thread=5540 (0x15A4)>
    Waiting for changes for 24 minutes  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:57.813+420><thread=5540 (0x15A4)>
    Trigger event array index 1 ended.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:57.823+420><thread=5540 (0x15A4)>
    File notification triggered.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:51:57.826+420><thread=5540 (0x15A4)>
    File notification triggered WCM Inbox.~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:52:02.840+420><thread=5540 (0x15A4)>
    Waiting for changes for 23 minutes  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:52:02.843+420><thread=5540 (0x15A4)>
    Trigger event array index 1 ended.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:52:02.846+420><thread=5540 (0x15A4)>
    File notification triggered.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:52:02.849+420><thread=5540 (0x15A4)>
    File notification triggered WCM Inbox.~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:52:07.863+420><thread=5540 (0x15A4)>
    Waiting for changes for 23 minutes  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 07:52:07.866+420><thread=5540 (0x15A4)>
    Wait timed out after 23 minutes while waiting for at least one trigger event.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 08:15:30.913+420><thread=5540 (0x15A4)>
    Timed Out...~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 08:15:40.917+420><thread=5540 (0x15A4)>
    Default SUP not specified  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 08:15:40.920+420><thread=5540 (0x15A4)>
    Waiting for changes for 60 minutes  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 08:15:40.923+420><thread=5540 (0x15A4)>
    Wait timed out after 60 minutes while waiting for at least one trigger event.  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 09:15:31.041+420><thread=5540 (0x15A4)>
    Timed Out...~  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 09:15:41.045+420><thread=5540 (0x15A4)>
    Default SUP not specified  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 09:15:41.048+420><thread=5540 (0x15A4)>
    Waiting for changes for 60 minutes  $$<SMS_WSUS_CONFIGURATION_MANAGER><03-17-2014 09:15:41.051+420><thread=5540 (0x15A4)>
    Randall

  • Orchestrator and SCCM 2012 integration: run task sequence and install assigned applications/packages?

    Dear,
    We do not have Orchestrator running in our SCCM 2012 R2 environment. Though I wonder if we could accomplish the following scenario with it:
    Task sequence Windows 7 => Orchestrator step which queries assigned installations to the computer object and installs them one by one.
    Could you advise?
    Kind regards,
    Stev.
    SteveWonB

    > > Define "assigned to computer objects". How is this done technically?
    Well, computer objects are members of collections via AD memberships, like the collection "W7-Google-Chrome" (exists of 100 computer objects).
    Deploy of packages is done to these collections. So a computer member of  "W7-Google-Chrome"  will automatically get Google Chrome.
    Some computers are member of 30 collections, some of 80.
    Goal is to have the task sequence run all applications/packages assigned (with their reboots if needed).
    Kind regards,
    Steven
    SteveWonB

  • Compatibility Windows 10 and SCCM 2012 R2

    Hi,
    Is SCCM 2012 R2 compatible with Windows 10?
    Will we need to update MDT 2013 or if they will be a new version? What about USMT?
    When may we expect to have a fully compatible solution for Windows 10?
    Thanks,

    Hi,
    It is explained it this blog post
    http://blogs.technet.com/b/configmgrteam/archive/2014/09/30/windows-10-enterprise-management-with-sc-configmgr-and-intune.aspx
    I haven't seen any offical statement of how long after Windows 10 is released in RTM that these products will be released as well, as we are getting closer more information will come I assume.
    And USMT is included in ADK preview that is available here:http://www.microsoft.com/en-us/download/details.aspx?id=45522
    If windows 10 is compatable with SCCM 2012 R2, I would say yes it works is it supported no, as Windows 10 isn't released.
    regards,
    Jörgen
    -- My System Center blog ccmexec.com -- Twitter
    @ccmexec

  • Driver issues with HP Z440 and SCCM 2012 R2?

    Greetings, we received our first charges of Z440 workstations last week. We immediately downloaded the HP Z440 driverpack from http://ftp.hp.com/pub/caps-softpaq/cmit/HP_Driverpack_Matrix_x64.html and imported those into our System Center Configuration Manager 2012 R2. Of course we did use the Win 8.1 drivers to inject into our boot image and wie normally imported the Windows 7 drivers for the Windows 7 deployment.Well, unfortunately SCCM WinPE5 does not show any drives installed, even with the correct drivers installed. We even tried to import  the WinPE 5 driver pack and the drivers from SoftPaq download manager, but none of those seemed to work. Is there any known issues with Z440s drivers and SCCM? Please help me out on this, it's pretty urgent. Thank you & kind regards

    The problem cannot be replicated. My Z440 has an 1TB WD SATA drive attached to port 0 of sSATA 6 Gb/s. Download and install the ´Windows Assessment and Deployment Kit (Windows ADK) for Windows 8.1 Update´:   https://www.microsoft.com/en-US/download/details.aspx?id=39982 Download and extract the ´Intel Rapid Storage Technology Enterprise Utility and Driver for Microsoft Windows (64-bit Editions)´, 4.1.0.1046 B(12 Nov 2014), sp69762.exe:http://h20564.www2.hp.com/hpsc/swd/public/detail?sp4ts.oid=6978829&swItemId=wk_139802_1&swEnvOid=4059 Copy the IRST driver “64bit_RSTe_4.1.0.1046_F6_Drivers” abd sub folders into “C:\z440_x64\64bit_RSTe_4.1.0.1046_F6_Drivers” Open the ´Deployment and Imaging Tools Environment´ command window as administrator and create bootable USB media:copype amd64 c:\winpe_x64 Dism /Mount-image /ImageFile:c:\winpe_x64\media\sources\boot.wim /index:1 /MountDir:c:\winpe_x64\mountDism /Add-Driver /image:C:\winpe_x64\mount /driver:C:\z440_x64 /recurseDism /Get-Drivers /image:C:\winpe_x64\mountdism /unmount-wim /Mountdir:c:\winpe_x64\mount /commitMakeWinPEMedia /UFD c:\winpe_x64 d: Boot Z440 to F10 Setup.Set Factory Defaults and exit.Boot to WinPE media created above.I also tested the wim file as the boot image in SCCM 2012. The hard drive is detected correctly. 

  • WSUS 4.0, SQL server, and SCCM 2012 version help

    I am trying to get to the bottom of a version question.
    We currently have SCCM 2012 R2 up and running, with a DB on a separate server version MSQL 2008 R2. Now we also are using the WSUS integration. I am being told WSUS 4.0 cannot be ran on SQL server 2008 R2, so they could only install and use WSUS version
    3.0.
    Can anyone out there please shed some light on my version items from above?
    Thank you

    I am being told WSUS 4.0 cannot be ran on SQL server 2008 R2, so they could only install and use WSUS version 3.0.
    (Pedantically speaking this is true because there is no such beast as "WSUS 4".)
    However, WSUS v6.2 (Windows Server 2012) and WSUS v6.3 (Windows Server 2012 R2) can most certainly be installed on SQL Server 2008 R2, and the official documentation is at
    http://technet.microsoft.com/en-us/library/hh852344.aspx
    However, the *preferred* installation methodology, unless you've expressly chosen to use a remote SQL Server, is to use the Windows Internal Database feature which is built into Windows Server 2012 and 2012 R2.
    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

  • IIS and SCCM 2012 R2

    Hi
    I have 2 forest (Forest A only root domain (Server C=MP/DP)), (Forest B, 1 root domain(Server A=SCCM Primary) and 1 child domain (Server B=MP/DP)). I root domain forest A i have Windows 2012 R2 with SCCM 2012 R2 CU4 and another server with SQL 2012
    R2.
    I child domain i have MP and DP
    Another forest (not trusted) i have a MP and DP. i use untrusted forest in SCCM 2012.
    When i test my IIS i root domain(server A), open Internet Explorer and type:
    http://servername/sms_mp/.sms_aut?mplist (no problem) i view all MP.
    http://servername/sms_mp/.sms_aut?mplist (no problem) i view certificate
    When i test my IIS i child domain (serverB), open Internet Explorer and type:
    http://servername/sms_mp/.sms_aut?mplist (no problem) i view all MP.
    http://servername/sms_mp/.sms_aut?mplist (no problem) i view certificate
    When i test my IIS i another forest (server C), open Internet Explorer and type:
    http://servername/sms_mp/.sms_aut?mplist (no problem) i view certificate
    http://servername/sms_mp/.sms_aut?mplist
    (The web site cannot display the page ERROR HTTP 500) It's normal? If Yes why?
    Thanks

    Hi,
    I think this is related to IIS authentication, so you may get an answer from IIS forum:
    http://forums.iis.net/
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

  • Helix gen.2 very slow with USB 3.0 and SCCM 2012 OSD

    Hello there, i have a problem with our Helix gen.2. i would like deploy the OSD with SCCM 2012 and so i insert the USB 3.0 Dongle driver in WinPE. The Download and WIM installation is very fast but slows down after the OSD TS insert all Drivers for the system an makes a reboot. After the reboot the machine runs very slow over the network (1GB) and over 20 Hours and breaks down with a unsigned Error Message 80004005. i change the driver to an old version for the UBS 3.0 but it doesn´t helps so i need help from you. with best regards andré

    What OS are you deploying on the box, 7 or 8.1?
    Did you import the drivers from the Helix2 SCCM driver pack for the appropriate OS into a Driver Package?
    Did you also add the USB 3.0 drivers specific to the OS being deployed into that same Driver Package?
    Do you have an Apply Drivers task that references this driver package in the task sequence?  If so, you should be able to find the task ID in the SMSTS.log file and verfiy it is running.

  • Applocker with Windows Installer rules and SCCM 2012

    Hi,
    We have been running Applocker since two years on Windows 7 Enterprise clients with SCCM 2007 as management and distribution tool.
    This setup was working fine until we migrated to SCCM 2012 and started to encounter problems with msi-packages not being able to self-heal when the source was the sccm client cache.
    We have recreated this scenario in a lab environment.
    Our setup is this:
    Windows 2008 R2 (DC)
    Windows 7 Enterprise SP1 (Client)
    Standard user (not admin)
    SCCM 2012 R2 (upgraded from 2007)
    Applocker with these rules:
    Executable Default rules enabled (Enforced)
    Windows Installer Default rules enabled (Enforced)
    Exception for %WINDIR% (where SCCM cache is located)
    Script Default Rules enabled (Enforced)
    Application msi-package with self-heal (omus) and advertised shortcuts
    We install the application from the sccm cache (%windir%\ccmcache) and then trigger a self-heal (user components being copied to the user profile).
    What we see on the client is: Error 1718. File C:\Windows\ccmcache\54\application.msi was rejected by digital signature policy.
    Event log is showing: Event 1008: The installation of
    C:\Windows\ccmcache\54\application.msi
    is not permitted due to an error in software restriction policy processing. The object cannot be trusted.
    It looks like the file cannot be evaluated by Applocker and therefore is not trusted. We get an Access Denied error when testing AppLocker-policy with the following PS-command,
    Get-AppLockerPolicy -Effective | Test-AppLockerPolicy -Path C:\Windows\ccmcache\54\application.msi. This command works fine when accessing files in the cache-folder on a SCCM2007-client.
    For testing purposes we recreated a similar folder structure: C:\Windows\Folder1\Folder2\application.msi where the user has no permissions on Folder2 and read on the other folders and the File.msi.
    This is how the permissions look like in SCCM 2012 (no user permissions on %Windir%\ccmcache). Applocker cannot evaluate the trust-level of application.msi.
    The GPO setting “Bypass traverse checking” is set to everyone.
    As we can see, the permissions are the same on SCCM 2007 client cache (%Windir%\syswow64\ccm\cache) but we do not have this issue there.
    Has anyone got Applocker (with windows installer rules actived) to work with SCCM 2012 and windows installer self-heal?

    More info. I found some people also encounter this same issue, but specific msi, take a look at
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/2ad92754-f01e-410e-97db-7a9bc81586db/msiinstaller-event-1008-when-trying-to-install-3ds-max-2011-after-group-policies-apply-on-domain?forum=winserverGP
    Juke Chou
    TechNet Community Support

  • Search or Report on the CVE ID using SCUP 2011 and SCCM 2012.

    I am in the process of deploying SCCM 2012 on a single server since we have a small environment, as a Primary Site Server.  The SQL databases are located on a separate SQL 2008 cluster.  I also have SCUP 2011 installed on the SCCM 2012 server.
    I am starting to use SCUP as the facilitator to publish 3rd party patches into SCCM and I would like to be able to report on the CVE number that an update has.  I know that not all updates have a CVE and that microsoft updates usually publish this in
    the MSID article.
    My question is if there is anyway to report on this CVE code from within System Center Configuration Manager?  If the data is in the xml file in SCUP and I can read it there, does that information get discarded when published to SCCM or does it remain
    with the update but hidden in the SQL DB?  If it is hidden, I'm sure we can report on it but I would like to know if anyone else is pursuing this or had any other ideas for reporting on the CVE or searching for the CVE in SCCM 2012?
    Thanks in advance.
    Jason Apt, Microsoft Certified Master | Exchange 2010
    My Blog

    Yes, I know this is an old post, but I’m trying to clean them up. Did you solve this problem, if so what was the solution?
    To my knowledge nothing was added to R2 that would give you the CVE. I think this can be done as a custom solution but it would take a while to do the R&D and write the solution.
    Garth Jones | My blogs: Enhansoft and
    Old Blog site | Twitter:
    @GarthMJ

  • SCVMM and SCCM 2012 R2 - Deploying VM's - Which method

    Hi guys,
    Looking at deploying SCCM 2012 R2 and SCVMM 2012 R2. I've used SCCM 2012 quite a lot in a previous environment, but not SCVMM.
    I'm aware SCVMM is for bare-metal Hyper-V (as well as Xen and ESXi), and for managing the virtual environment, but do I create VM templates and create my VM Servers within SCVMM, or just the shell and PXE boot into a SCCM Task Sequence to deploy the OS?
    Will also be running Orchestrator too.... So to deploy a VM would a runbook be used to create a VM shell in SCVMM, and then kick off a TS in SCCM?
    Or should I be building the server templates and basically replicating some of SCCM's OSD capability for VM servers in SCVMM?
    Thanks - Steve

    Thx Stevehoot.
    Yes, you might see that there are some "overlapping" technologies involved, but please remember that SCCM is the general approach, that has been supporting physical servers/computers since day one. This requires PXE boot for the VMs as well, in order to
    deploy the OS, install the agent and then the applications.
    Using VMM for VM deployment, the VMM agent will handle this all for you and you can manage your datacenter from this single console. Currently, Gen2 has lacking support in some areas, like service templates in VMM, VM roles in Azure Pack and replication
    to Azure using Microsoft Azure Site Recovery. 
    Moving forward, it would be smart if you could invest in deployment using VMM if the majority of your workloads will be on virtual machines. What we basically sees in the field is that people are using SCCM to deploy their traditional applications onto these
    servers where service templates may not be the right solution. But again, then SCCM is something that kicks in post the VM deployment. 
    -kn
    Kristian (Virtualization and some coffee: http://kristiannese.blogspot.com )

Maybe you are looking for

  • How to insert a Jquery slideshow to a template based html page?

    I would like to insert a simple jquery slideshow into an existing div in an html page which is linked to a template page. Do I add the js files and code to the template html or the child html where I want the slideshow? Do I need to divorce the page

  • Radeon 9250 Blue Screen on Shut Down

    Problem with Radeon 9250 graphics card -- blue screen on Start | Shut Down, PC will not shut down, instead reboots. Blue screen message: ati2dvag.dll TERMINAL_SERVER_DRIVER_MADE_INCORRECT_MEMORY_REFERENCEScreenshot Radeon beta windows 7 driver packag

  • Can the IMAQ 1424 be configured for other digital cameras?

    I hope the answer is yes! Because when I read: �Compatible with Cohu, Dalsa, Hamamatsu, Kodak, and Pulnix cameras� I didn�t take that to mean �ONLY COMPATIBLE with Cohu, Dalsa, Hamamatsu, Kodak, and Pulnix cameras� That is to say I was operating unde

  • Why does the screen change when I type certain letters?

    Something is wrong.  When I am typing along, all of a sudden the screen changes and I am no longer on mail but back to the home page.  I have checked the batteries in my wireless keyboard and track pad.  They are ok.  imac semms very hot.   I have sh

  • Can I Choose to ONLY Sync MP3 Format?

    I have the 160 Classic iPod 4th G.  My music library is too large to fit.  Instead of going thorough and creating an enormous playlist to fit on the iPod, is there a way I can choose to only sync MP3 and AAC files...in other words, I want to leave of