How to deploy Cisco ISE agents through SCCM 2012 R2
Hi,
We are deploying Cisco ISE in our setup. we need to deploy following 3 .msi & 1 .xml files to 3000 PCs through System Center 2012 R2 Configuration Manager.
The configuration.xml file must be deployed in specified (%ProgramData%\Cisco\Cisco AnyConnect Secure Mobility Client\NetworkAccessManager\newConfigFiles) location.
anyconnect-nam-win-4.0.02052-k9.msi
anyconnect-win-4.0.02052-pre-deploy-k9.msi
nacagentsetup-win-4.9.0.42.msi
configuration.xml
The above 3 .msi files should be installed silently and configuration.xml file to be copied to said location.
I want to create one package to deploy 3.msi files at once and another package for .xml file.
or
Is there anyway to create in one package to install the .msi files first and copy the .xml file as well.
Any idea please.
Regards,Ali
Hi,
Have you tried to create a script.
You can easily test this by running your script manually with psexec -s
to emulate running as SYSTEM account.
Reference:
Robocopy
https://technet.microsoft.com/en-us/library/cc733145.aspx
Windows Installer : MSIEXEC Silent Install End to END
http://sccm2o12.blogspot.com/2010/04/windows-installer-msiexec-silent.html
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]
Similar Messages
-
How to manage Work group Computer through SCCM 2012 R2
Hello..Experts,
We have to manage the Workgroup Computers both Linux and windows Environment through SCCM 2012 R2.
what are limitation associated with managing Workgroup computer both with Linux and windows Computers through SCCM.
Please help us how to achieve this.Windows devices that are Workgroup members have the same features for management as domain joined devices except that it is slightly more difficult to get the client installed on these 'unmanaged' devices.
The Linux computers have only basic support for Inventory, Application Management, and Compliance.
I hope that helps,
Nash
Nash Pherson, Senior Systems Consultant
Now Micro -
My Blog Posts
If you've found a bug or want the product worked differently,
share your feedback.
<-- If this post was helpful, please click "Vote as Helpful". -
How to deploy .msp files through SCCM 2012
Team,
Can you please help me to deploy .msp files through SCCM 2012?
Regards,
Mahadev NittureI tried to search and got few things but didn't understand to proceed with.
Please help me with this.
Regards,
Mahadev Nitture
You can use a typical/standard application deployment method (just a minor change because of MSPfile).
Here are some guides, for typical application deployment:
http://technet.microsoft.com/en-us/library/gg682159.aspx
http://www.gerryhampsoncm.blogspot.ie/2013/03/sccm-2012-sp1-step-by-step-guide-part_7075.html
Familiarise yourself with these methods, then return to the example suggested by Torsten for specific steps for MSP:
https://social.technet.microsoft.com/Forums/en-US/3dac27fd-ce4f-4d3d-946b-d08d4c7f5af5/best-way-to-deploy-an-msp?forum=configmanagerapps
Don
(Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!) -
MS Office Pro 2013 Deployment through SCCM 2012 R2
Hi Friends,
I have deployed MS Office Pro 2013 through SCCM 2012. But from Windows 7 Client Machines It's not Installing. Noticed following error in Software Center.
I'm testing two deployments before bring into production.
Test Machine 1 : Purpose = Available
From Software Center I have found Test Machine 1 is Status failed.
Test Machine 2 : Purpose = Required
From Software Center I have found Test Machine 2 is Status post due-will be retried
The following Error code is same for both Machines.
====================================================
The software change returned error code 0x87D00607(-2016410105).
====================================================
Any idea please .
Regards,AliHi,
Check out this great guide from Ronni on how to deploy Office 2013 using Configuration Manager 2012, a good read.https://gallery.technet.microsoft.com/office/How-to-Deploying-Office-0f954e7f
Are the content succefully deployed to all DPs?
Regards,
Jörgen
-- My System Center blog ccmexec.com -- Twitter
@ccmexec -
Hi,
Please help me with the below issue, iam trying to deploy Service pack 1 on Windows 7 , 32 Bit OS
SP1 does not get installed when the machine is set to Japanese Language, software push through sccm 2012 , it does gets installed of installed manually, by remoting into the machine
also it gets installed through sccm when the machine is set to english language,
Thank you
Tanoj
OSLM ENGINEER - SCCM 2007 & 2012Hi Friends,
we are deploying the SP1 via SCCM 2012 , and the success rate is around 50 %, its a Light touch installation where user will initiate the installation via Software Center ( Web based )
i was able to gather few errors , and this are the errors which failed during SP1 Installation 0x800f0828,
some errors which sccm reports display are
11171
10008
10021-
17031 -
1602 - User Cancelled installation
113 - No more internal file identifiers available
10070 - File handle reference is no longer available
10050 - A socket operation encountered a dead network
11170 - The task sequence manager could not successfully complete execution of the task sequence
i could not find the reason for some of the errors, also i am looking for a fix/woraround if any
Also i have noticed that in few computers the task seq failed at a place where after the sp1 installation a reboot happens and then PGP BYPASS utility is uninstalled, it did not start the PGP bypass uninstall after reboot
is there a way to cut short the Task seq and keep it simple ?
right now its like this
1. checking for prerequisite : checks for OS Name and OS version
2. installs PGP Bootgaurd Bypass
3. System Restart
4. Installing Windows 7 Service Pack 1
5. Final Restart
6. uninstall PGP Bootgaurd Bypass
Regards
Tanoj
OSLM ENGINEER - SCCM 2007 & 2012 -
Not able to install sccm agent in sccm 2012 servers after cu3 update
not able to install sccm agent in sccm 2012 servers after cu3 update
MSI: Setup was unable to register the CCM_Service_HostingConfiguration endpoint
The error code is 80041002 ,below URl specify fix to uninstall Management point ,but in sccm 2012 secondary site canot unintall management point ,please help to install agent in config manager servers
https://blogs.technet.com/b/configurationmgr/archive/2013/11/25/hotfix-quot-error-25150-setup-was-unable-to-register-the-ccm-service-hostingconfiguration-endpoint-quot-when-you-try-to-install-the-client-agent-in-configuration-manager.aspx
ankithExcellent Article!!!!!! Pls check here, Follow the same steps
http://eskonr.com/2013/09/sccm-configmgr-2012-sp1-cu3-installationcollections-upgrade-clients/
This too
http://it.peikkoluola.net/2013/11/18/update-sccm-2012-to-sp1-cu3/
Thanks, Prabha G -
hi All,
I have faced mentioned error in Win7's ccmexec.log file doing windows pacth deployment on windows 7 by sccm 2012 Sp1
system task 'policyevaluator_unlock ' returned error code 0x8000fff
Kirpal SinghThanks for reporting this symptom. We investigated and found that this error occurs when user unlocks the workstation. Due to this error, ccmexec service doesn’t request for user required policies when user
unlocks the workstation. We will investigate and address this symptom. Other than user unlock, all other user policy scenarios will be functioning as expected. The client will process user policies when user logs on as well as in the regular user policy polling
schedule”.
BC -
How to create an exclusion into an SCCM 2012 to not discover Non Windows OS
How to create an exclusion into an SCCM 2012 to not discover Non Windows OS
I assume they are in your AD. In that case your only option is to not discover them by not including their OUs in your
Active Directory System Discovery.
My Blog: http://www.petervanderwoude.nl/
Follow me on twitter: pvanderwoude -
How to repackage "jre-7u72-windows-i586.exe" application and deploy through SCCM 2012
Hi,
Along with IE 11 we are planning to deploy "jre-7u72-windows-i586.exe"
Created transform file for "jre-7u72-windows-i586.exe" by using Adminstudio Installshield.
Identified vendor .MSI file at
%AppData%\LocalLow\Sun\Java\jre1.7.0_72\jre1.7.0_72.msi"
%AppData%\LocalLow\Sun\Java\jre1.7.0_72\Data1.cab
Created Transform file
Created transform file for "jre-7u72-windows-i586.exe" by using Adminstudio Installshield with the Tuner feature
My queries:
Do we have any best practices while repackaging “jre-7u72-windows-i586.exe?” by Adminstudio
How to deploy the jre-7u72-windows-i586.exe application assuming with parallel deployment of IE
11.
Do we uninstall lower versions of Java when installing any newer versions like jre-7u72-windows-i586.exe?
if yes then how to handle
Do we install jre-7u72-windows-i586.exe application without uninstallations of any lower version of JAVA , if yes then how to handle
Looking for best practices / Customizations ?
Thanks, appreciate your help.
Han,
Gc.HanumareddyAlternatively, why not actually reference Oracle official documentation or post in their forums (because as Torsten said, this really has nothing to do with ConfigMgr or Microsoft even).
http://java.com/en/download/help/msi_install.xml looks to be a great place to start.
Jason | http://blog.configmgrftw.com | @jasonsandys -
Windows 8.1 clients are not detecting updates deployed to them through SCCM 2012 R2
Hello,
We are using SCCM 2012 R2 to deploy software updates.
On Windows 8.1 SCCM does not show certain updates as being needed and isn't deploying them to the clients even though Windows Update will show them as high importance. These same updates are being detected and deployed to Windows 8 clients successfully.
I believe that the update catalog that WSUS uses may have some incorrect detection rules for the following updates:
2917933
2913320
2913270
2913152
2909569
2904440
2904266
2903939
2899189
2893984
2893294
2892074
2916626
2898785
My automatic deployment rules include Windows 8.1 in the product category. I have even created a standalone rule for Windows 8.1 that builds a new package and the behavior is the same.
We only have a handful of Windows 8+ clients so this hasn't been a big issue but others may want to keep an eye out.I am also running into this issue. After "checking online for updates" on one of my machines in office I found that there were 21 important updates for my 8.1 box. When I cross reference them in SCCM under All Software Updates, it appears these
8.1 updates are not listed. They are however listed for all other OS.
10 seconds after typing this, I went in to verify my WSUS -> Products and Classifications settings and come to find 8.1 and 2012 R2 weren't selected, even though it's an option in SCCM. Go figure! This wasn't the end though. After
running a Synchronization, my issue still wasn't resolved. Went back to check my settings and they again were changed back to having these OS unchecked. Finally, a solution! I found that in SCCM, under Administration tab, Site Configuration
> Sites > ABC - Mysitename, right click and scroll down to "Configure Site Components" > Software Update Point. This setting (although the same as is in WSUS) takes precedence, thus was rolling my settings back to the original configuration
in WSUS.
So long story short, even though my automatic deployment rules stated approve all windows 7/8/8.1 criticals/importants, 8.1 was getting skipped for the most part because my WSUS server wasn't syncing with Microsoft for all of the updates I required. I
did have a couple of updates that squeezed through because they were categorized as "Security Updates for Windows 8, 8.1".
Not sure if this is the solution you were looking for, but your thread got me started in the right direction, hopefully this response helps in the same way!
Thanks! -
Deploy Windows 8 To Go through SCCM 2012 SP1
First a little backgroud:
I have SCCM 2012 SP1 with MDT 2012 Update 1 integrated. I am using an MDT UDI task sequence to deploy windows 8 and it works perfectly. My Windows 8 image is fairly thin (only containing OS updates and C++ runtimes), and I am using the MDT database
and an MDT task sequence in SCCM 2012 to dynamically set a list of SCCM Applications to install as well as settings based on location.
Now I want to get Windows To Go provisioning working in SCCM 2012 SP1. I had a powershell script that preparied the drive and applied a thick image (including office and other apps) to it then updated unattend.xml with a computer name and the domain join
info. That worked for me however I'd like to levarage the dynamic task sequence that I described above to build these To Go sticks the same as my other Windows 8 machines without having to keep updating the thick image evertime something changes.
There isn't much info out there that Iv'e found on setting up SCCM 2012 SP1 to provision windows to go here are the two that I have found
http://ixrv.blogspot.com/2012/10/provisioning-windows-8-to-go-with.html
http://technet.microsoft.com/en-us/library/jj651035.aspx
I followed the instructions in the first link and was able to run the Windows to Go Creator program and apply the prestaged wim to the USB stick. I rebooted from the USB stick Windows PE started and started to run my task sequence then it errored out on
the apply image step. At this point it occured to me that the MDT SCCM task sequence was probably not setup for prestaged media and or Windows To Go.
So my question is am I on the right track? Do I just need to examine each step in my task sequence and make sure that it will work properly with my Prestaged/Windows To Go stick? If so has anyone actually gotten this to work that could give me some advice?
Or is it asking too much to have a dynamic Windows To Go task sequence and I should just be building a thick image and using a second task sequence specifically for Windows to go?
are there any other resources for Windows To Go with SCCM that I'm missing?
Thanks,
TonyFirst of all sorry I missed your last three posts I have to check my email notifications. I'll try to answer all of them even though I think the last part is the only one where you are still stuck.
When I created my prestaged media I didn't put anything into it except for the the OS image and my PE image. On the Select Application and Select Package screen in the prestaged media wizard remove any application or packages that are added automatically.
The task sequence is supposed to be smart enough to know if the version of the package that is on the prestaged media is out of date and go to a DP to get it but that didnt work for me. The only way I was able to get it to work was to remove all the packages
from the prestaged media even the Customsettings package, the MDT toolkit package, USMT, etc..
http://social.technet.microsoft.com/Forums/en-US/configmgrosd/thread/d729d0ff-829f-4af8-91af-2131b3355fd0/
This thread which is about prestaged media in SCCM 2007 helped me to understand how prestaged media is supposed to work. Basically what I learned is that once the computer is rebooted from the ToGo stick into PE the task sequence will run the same as any
other task sequence installing any applications and setting up your ToGo stick just like any other computer that runs the task sequence they dont need to be in your prestaged media for this to happen.
You shouldn't need to worry about partitioning WTGCreator.exe will partition the ToGo stick for you I'm just using the standard MDT Integrated partitioning in my task sequence. The one thing that I did was set the Windows To Go Creator package to "run from
distribution point" which speed things up because then it didnt download the prestaged wim then apply it to the USB drive.
Is it booting into PE then rebooting? Did you check the "Allow unattend operating system deployment" check box when you made your prestaged media? If so it wants you to have set the task sequence to run in a task sequence variable SMSTSPreferredAdvertID
to the task sequence ID you want to run. I'd just remake the media and leave that box unchecked.
Good luck and let me know how it works for you. I'll check back sooner this time I promise. -
Hi all. I have always had challenges trying to 'prove' the importance of 802.1x and some of the advanced functionality provided by Cisco ISE. The OG150 (www.og150.com) is an automated penetration testing drop box. Once plugged into the network, it will automatically dial home (establish a reverse SSH tunnel) and performs a penetration test with a security report of the penetration test results emailed to you. This is ALL automated upon connection to the network, and takes about 7 minutes.
I will be using this box to demonstrate to customers the benefits of using 802.1x with Cisco ISE.802.1X offers the following benefits:
•Visibility—802.1X provides greater visibility into the network because the authentication process provides a way to link a username with an IP address, MAC address, switch, and port. This visibility is useful for security audits, network forensics, network use statistics, and troubleshooting.
•Security—802.1X is the strongest method for authentication and should be used for managed assets that support an 802.1X supplicant. 802.1X acts at Layer 2 in the network, allowing you to control network access at the access edge.
•Identity-based services—802.1X enables you to leverage an authenticated identity to dynamically deliver customized services. For example, a user might be authorized into a specific VLAN or assigned a unique access list that grants appropriate access for that user.
•Transparency—In many cases, 802.1X can be deployed in a way that is transparent to the end user.
•User and device authentication—802.1X can be used to authenticate devices and users. -
CRM2013 Silent deployment through SCCM 2012 R2
Hello.
First of all im sorry, if im posting in the wrong Forum - but this seemed as the correct one.
I want to deploy CRM 2013 Outlook Client, through Software center - but i cant seem to get it working.
I cant seem to find a way, to disable / accept the License Agreement automatically, so that our Domain Users can enjoy a completely silent CRM deployment.
I have tried several guides, and i have also tried with SetupClient.exe /A - and the "guide" completes, but theCrmClient_32.msi dosent work.
I would really appreciate, if some of you guys would help me out :)
We are using SCCM 2012 R2
DatatechnicianLooks like you need the /Q switch for this
http://msdn.microsoft.com/en-us/library/hh699665.aspx
/Q
Quiet mode installation. This parameter requires a configuration file in XML format. The /i parameter contains the name of the XML configuration file. No dialog boxes or error messages will appear on the display screen. To capture error message information,
include the log file parameter (/L or /LV).
Gerry Hampson | Blog:
www.gerryhampsoncm.blogspot.ie | LinkedIn:
Gerry Hampson | Twitter:
@gerryhampson
Hello.
Ive found the solution my self :)
SetupClient.exe /quiet /passive /norestart
I didnt thought that you could have a /q and /p at the same time
Datatechnician -
Deploying Office 2013 through SCCM 2012 SP1 leaves Office 2010 Tools and Sharepoint behind
I apologize in advance, but I have searched similar topics to this, but I haven't seen an answer yet that describes where and how to accomplish this. I'm also a bit new to SCCM and I'm still finding the nuances.
Scenario: Running SCCM 2012 SP1. Office 2013 32bit is added as an application and deployed properly with an accompanied .msp file stored in the source folder. The configuration is to have Office
2010 uninstalled silently. The deployment runs flawless and the user doesn't know otherwise. Success in anyone's book, right?
Except... Office 2010 Tools and SharePoint Workspace 2010 are left over. Manual uninstallation is not an option. This is for hundreds of PC's in several global locations.
I've seen it hinted to write a script. That's fine I suppose, but what do I write, where do I store the script, and can I have SCCM2012 automatically run it before the installation of 2013?
Our favorite IT tool Google hasn't quite returned what I'm looking for. Does anyone here have ideas or perhaps have experienced a similar issue?
Thanks,1st, save the following content as a XML file on a server share, named as "config.xml".
<Configuration Product="ProPlus">
<Display Level="none" CompletionNotice="no" SuppressModal="yes" AcceptEula="yes" />
<Setting Id="SETUP_REBOOT" Value="Never" />
</Configuration>
Run the following script during or before the installation of Office 2013:
"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall ProPlus /config \\servershare\Config.xml
For more SCCM specific topics, we'd recommend you to visit the SCCM forums at:
http://technet.microsoft.com/en-us/systemcenter/gg191847
Max Meng
TechNet Community Support -
How to deploy the Workspace Agent Services as a Window Service!
Hi all,
does anyone know how to install the Workspace Agent Service back as a Windows Service after i re-installed an reconfigured the workspace completly i do not see the Agent anymore in my Windows Services. I sure would like to avoid to have to uninstall and set it up completely again.
The agent start file is located in common\workspacert\9.5.0.0\bin.
Your help is much appreciated
Cheers
AndréI hit the same problem after reinstalling workspace.
It seems that the config tool does not create the workspace agent service on subsequent configurations.
A quick search of the configtool.log from the original installation/configuration yields the following:
com.hyperion.avalanche.config.CoreService, INFO, Running command: D:\Hyperion\common\workspacert\9.5.0.0\bin\wksagent.exe -RegService -Auto -Name HyS9Core1 -DisplayName Hyperion Workspace - Agent Service -Description HyS9Core1, Provides service infrastructure to run services locally
Dropping the above line at the command prompt fixed the issue for me.
Cheers,
Aaron
Edited by: user8871938 on 15-Feb-2010 06:56
Maybe you are looking for
-
Pages 5.2 opens all kinds of other document formats (even old .doc Versions), but cannot open Pages 08 etc. of its own kind? I have to use NeoOffice to open my documents of many years of work. Is there an option to organize a corporate complain to A
-
Has Anyone got HttpDownloadBean to work?
Hi, using JDev 9.0.2.822 (part of 9iDS install) I have created a workspace and project. I run the filedownloadmain.jsp file, it runs OK within the IDE and I can see the contents of my "download_dir" directory but when I attempt to initiate the downlo
-
Hi, I have started using the client object model so that i do not have to go to sharepoint admins to perform some basic operations on remote server. While assigning list item level permission i am getting following error, could you please help. thank
-
How do i resubmit my correct email address to apple?
How do i change submit my correct email address to Apple I misspelled my email address when setting up my i phone Now i'm unable to receive verificatn email ?
-
BPEL issue in getting a response
Hi All, I am using a BPEL composite which is storing a file and after uploading the file sends back a message and status of the file upload. The file is uploading and it is also sending response which has both msg and status. But in my BPEL composit