Registry Detection Rule

Similar Messages

• Detection rule for Office 365

  Hi
  I'm about to create a application for Office 365 in Configuration Manager 2012 R2.
  I've seen recommendation to look for %programfiles%\Microsoft Office 15\root\Office15. But will that not break when office is upgraded on the client?
  In registry I've HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\O365ProPlusRetail - en-us. And for the looks of it I cannot use this if a user decides to download and install a different version than en-us.
  Any idea on what detection rule I should use for Office 365 that works for next versions of Office 365 (office 2015)?

  Using folder check for "%programfiles%\Microsoft Office 15\root\Office15", might be a bad
  idea.
  You need to use the full path to WINWORD.exe or something.
  If you install Visio using Office 365 it will end up in the same folder, and that will make wrong detection of the application!
  You don't have to worry about the version of Office when running Office 365, but you can get the version directly from the
  WINWORD.exe if you for some reason wants to use it...
  I would recommend that you don't check for the version though.
  Ronni Pedersen | Microsoft MVP - ConfigMgr | Blogs:
  www.ronnipedersen.com/ and www.SCUG.dk/ | Twitter
  @ronnipedersen

• Error: SRT: Invalid settings in Web Service Registry detected

  Hello All,
  I am trying to call a webservice from ABAP in SAP ECC 5  but it is throwing an exception when trying to execute a test run.
  <CX_AI_SYSTEM_FAULT>
  <CODECONTEXT>Local</CODECONTEXT>
  <CODE>ERROR_WEBSERVICE_RUNTIME_INIT</CODE>
  <ERRORTEXT>Error when instantiating WebService runtime (Error when initializing SOAP client application )</ERRORTEXT>
  <LANGUAGE />
  When I debugged the program i got this error message
  SRT: Invalid settings in Web Service Registry detected
  message Class : ESRT_LPREG
  Meesage No. :043
  Any pointer to this error message..What am I missing here..I guess there seems to be setting missing in one of the config tcode..
  ~kris

  Hello Krishnaraj,
                          The equivalent T-Codes for SOAMANAGER in ECC are
  wsconfig
  wsadmin
  wspublish
  Please also make sure from se80 that your web service is activated.
  In wsconfig check out whether a service exists for the service definition or not.

• Detection Rule for MSI Version failes

  Hello @ll,
  A few month ago I created an application to install Adobe Reader Version 11.0.07. The detection rule is very simple "MSI Product Code = {xxxx} and MSI Version Greater or Equal 11.0.07". Due a small mistake, some clients have installed an update for
  the Adobe Reader and the MSI Version is now 11.0.08. Shouldn't be a problem but the detection failes and the agent try to install 11.0.07.
  AppDiscovery.log
  Performing detection of app deployment type Adobe Reader Update 11.0.07(ScopeId_5951BA16-C34F-419B-8335-E0843816720D/DeploymentType_7e8e9e26-0de0-4209-af64-5f11296bd054, revision 4) for system.
  +++ Application not discovered. [AppDT Id: ScopeId_5951BA16-C34F-419B-8335-E0843816720D/DeploymentType_7e8e9e26-0de0-4209-af64-5f11296bd054, Revision: 4]
  +++ Did not detect app deployment type Adobe Reader Update 11.0.07(ScopeId_5951BA16-C34F-419B-8335-E0843816720D/DeploymentType_7e8e9e26-0de0-4209-af64-5f11296bd054, revision 4) for system.
  Used PS to verify ProductCode and ProductVersion
  ProductName ProductCode ProductVersion
  Adobe Reader XI (11.0.08) - Deutsch {AC76BA86-7AD7-1031-7B44-AB0000000001} 11.0.08
  I've no idea why the detection rule does not work

  Yes, I know those dots are required in those version numbers, that was not the point I was trying to make. I was trying to say that it returns that specific version numbers as a string instead of an integer, which causes the equation to fail.
  My Blog: http://www.petervanderwoude.nl/
  Follow me on twitter: pvanderwoude

• Duplicate detection rule by business unit

  Hi there,
  Our CRM is used by multiple business units and they have different requirements for duplicate detection rules. For example, BU A would like to detect exact duplicate on Email Address 1 only, and BU B detects duplicates on Mobile only but allows duplicate
  email address 1.
  I have User 1 in BU A and owns the Email Address 1 duplicate check rule. Then I have User 2 in BU B trying to create a record with duplicate Email Address 1 and the Email Address 1 duplicate check rule fired. The Security role of User 2 allows
  CRUD access to Duplicate Detection Rule at business unit level.
  How do I configure so that only Mobile rule is fired for User 2, and only Email Address 1 rule is fired for User 1?
  Thanks,
  Henri

  Hello Henri,
  OOB duplicate detection is global setting and in case you will use it - the same rules would be used for all users in all BUs. To solve your problem you will have to develop own solution to implement your scenario.
  Dynamics CRM MVP/ Technical Evangelist at
  SlickData LLC
  My blog

• How to correctly set detection rules for date modified

  How are application detection rules for modified or created date calculated.  For example if I want the detection rule to use a file that was modified today or any day after today do I set it as Greater than or equal to or less then or equal to in
  the Detection rule?

  You would use Greater than Or Equal To. Greater than or equal to means that time or anything after. The latter would be that time or before
  Dustin Estes - MCP | www.dustinestes.com

• Application Detection rule

  In my case, Before deploying an application I want to detect the presence of the application by looking in hidden files and folders on the client machine, Does SCCM Application detection rule work on hidden files and folders such
  as  C:\ProgramData.?

  Sure it does (because it runs in system context). You can also use variables for specifying the path.
  Torsten Meringer | http://www.mssccmfaq.de

• Duplicate Detection Rules

  Is there anyway to create a duplicate detection rule in one entity on two different fields?  From the UI this seems not possible, but it seems like a lacking .. 
  For instance if you wanted to check a new contact against any email in email, email 2 or email 3 - you can only check across each of these fields for matches but you can't cross check them IE email to email 2 as an exact match.
  Please let me know if there is a way to accomplish this using the OOB duplicate detection.

  Hi Gaurav,
  Dont think this is possible OOB especially in Single Entity Duplicate detection rule
  where you check for duplicates in the same entity. You can have if you have
  Cross Entity Duplicate detection rule where you have option to set the base record attribute and matching record attribute.
  You can use plugins to achieve complex duplicate detection rules.
  Refer below link for the sample code:-
  http://parthimscrm.wordpress.com/2013/07/05/duplicate-detection-plugin-crm-2011/
  Hope this Helps!!!
  Thanks,
  Prasad
  Make sure to "Vote as Helpful" and "Mark As Answer",if you get answer of your question.

• I cant make that JMF registry  detect my usb logitech webcam

  Anyone can help me whit this?
  I install the driver for the cam, and y turn it on and yeah! the cam works
  but when i open de JMF Registry Editor and say to it that detect capture devices
  it dont show my cam, why? how can i do this?
  the thing is too that i have an incorporated webcam in my laptop, but i dont think that it can be
  the problem, the jmf recongize my incorporated cam but no my usb cam.
  please!!!!!!!!!!!!!!!!!! its so much urgent

  If JMF Registry Editor cannot detect it, it's likely your camera isn't supported by JMF.
  Does your camera support the VFW interface?

• Detection Rule for Office 2010 SP2 deployment

  Hello Everyone,
  Could anyone please put me on the right track configuring a Office 2010 SP2 deployment? 
  The Office 2010 SP2 is a EXE file and not a MSI and I am not sure witch Clause to use as detection method.
  Thank you

  Use the MSI guid that's found in the proplusww.msi, this file can be found from the Office installation files...

• Detection Rule in SCCM 2012

  I have been deploying some applications through SCCM 2012. Its observed that for some applications
  the installation will be successful as per software center. But for uninstallation exits with exit code 1 as per Software center But all the app associated registries and files are deleted. If I retry the uninstallation from software center then
  it will be a successful one.
  Could some one explain me reason behind this anomaly. And am sure it is not app related.

  Hi,
  The uninstall command returns exit code 1 the first time it is run so it is applications specific, configuration manager simply reads the exit code and in this case it is 1 so you should examine the uninstall command and why it returns exit code 1.
  Regards,
  Jörgen
  -- My System Center blog ccmexec.com -- Twitter
  @ccmexec

• Windows 8.1 clients are not detecting updates deployed to them through SCCM 2012 R2

  Hello, 
  We are using SCCM 2012 R2 to deploy software updates. 
  On Windows 8.1 SCCM does not show certain updates as being needed and isn't deploying them to the clients even though Windows Update will show them as high importance. These same updates are being detected and deployed to Windows 8 clients successfully.
  I believe that the update catalog that WSUS uses may have some incorrect detection rules for the following updates:  
  2917933
  2913320
  2913270
  2913152
  2909569
  2904440
  2904266
  2903939
  2899189 
  2893984
  2893294
  2892074
  2916626
  2898785
  My automatic deployment rules include Windows 8.1 in the product category. I have even created a standalone rule for Windows 8.1 that builds a new package and the behavior is the same. 
  We only have a handful of Windows 8+ clients so this hasn't been a big issue but others may want to keep an eye out. 

  I am also running into this issue.  After "checking online for updates" on one of my machines in office I found that there were 21 important updates for my 8.1 box.  When I cross reference them in SCCM under All Software Updates, it appears these
  8.1 updates are not listed.  They are however listed for all other OS.  
  10 seconds after typing this, I went in to verify my WSUS ->  Products and Classifications settings and come to find 8.1 and 2012 R2 weren't selected, even though it's an option in SCCM.  Go figure!  This wasn't the end though.  After
  running a Synchronization, my issue still wasn't resolved.  Went back to check my settings and they again were changed back to having these OS unchecked.  Finally, a solution!  I found that in SCCM, under Administration tab, Site Configuration
  > Sites > ABC - Mysitename, right click and scroll down to "Configure Site Components" > Software Update Point.  This setting (although the same as is in WSUS) takes precedence, thus was rolling my settings back to the original configuration
  in WSUS.
  So long story short, even though my automatic deployment rules stated approve all windows 7/8/8.1 criticals/importants, 8.1 was getting skipped for the most part because my WSUS server wasn't syncing with Microsoft for all of the updates I required.  I
  did have a couple of updates that squeezed through because they were categorized as "Security Updates for Windows 8, 8.1".
  Not sure if this is the solution you were looking for, but your thread got me started in the right direction, hopefully this response helps in the same way!
  Thanks!

• Detection Method of Date Modified fails due to copied files date modified change

  I've been working through an issue for some time now and I think it's a bug with SCCM 2012 SP1. I've built literally 50 deployments in "Application Management" in SCCM 2012, but I've been chasing my tail on a few of them throwing the
  "succeeded but couldn't detect" error. The few that have given me problems are all copying text files and then detect the modified date to verify that the file is there. All worked when I initially built them in Windows 8 but are now failing
  randomly...even on a machine where they previously worked and I deleted the files to test the deployment again. 
  What I'm doing:
  My java deployment requires policies which we control with the Deployment.config, deployment.properties and java.policy files. A simple script creates the directories and copies the files. I then create a deployment type for this "ConfigFileCopy.cmd"
  and create a detection rule for each file that I am moving over. The detection rule looks for a "date modified" date between the beginning and end of the date for the day I modified the file. This allows me to modify the files to change our
  java policies and then redeploy them with the "new" modified date as the detection rule, which forces the update.
  The problem:
  When I first created my deployment, everything worked pretty well. The files copy out and the script runs successfully. There were some minor tweaks I need to make to my scripts, so I did and then updated the content for the deployment type. I believe this
  is where things go a little wonky. At this point, my deployment starts failing with the "0x87D00324" error.
  Looking through the logs, everything looks good. The reason configuration manager is failing on detecting the modified date for those files, as it turns out, is because the modified dates don't meet the criteria. So that part is properly failing the detection.
  The problem is that the modified dates are correct on the server but not the client. Looking in c:\windows\ccmcache, I can see multiple folders....presumably one for each version of the application that I updated. Looking at any of the newer content folders
  for this app, the modified dates are the date and time the file was copied out to the workstation, which is incorrect as the file hasn't been modified during that process.
  The odd part, is that this doesn't happen EVERY time on EVERY machine. My primary desktop is windows 8.1 and received the files correctly and installed without issue. My test win 8.1 laptop initially received them correctly, but then as I refined the scripts
  it began picking up the wrong modified dates and started failing.
  I found a similar issue to this existed in SCCM 2007 (http://support.microsoft.com/kb/2276865) so I suspect that this is truly just a bug that hasn't been addressed (or maybe is fixed in R2). Unfortunately
  we have business reasons we can't upgrade to R2 at this time so I'm hoping someone has experienced this and has some sort of work around that might get me by for now. If someone can confirm it is fixed in R2, that would help my case to upgrade as well.  
  I can work around the issue by changing my logic to detect any date greater than a specific date. But I shouldn't have to do that and I'm concerned there are scenarios I haven't thought of that will cause unexpected behavior or failures with that.
   

  This outlines the behavior. It's apparently by design. 
  "SCCM has a habit of changing the ‘Date Modified’ timestamp of all files it delivers when it detects an ‘upgrade’ of the source files for that application. It typically does not touch the timestamp
  of the source files if it delivers a brand new install to a client that has never received the software, however if a single file in the source folder is changed for that application, then SCCM tries to use a previous version of the application in the cache
  (C:\windows\ccmcache) and only downloads the new file that has change. This results in all files having their ‘Data Modified’ timestamp changing (except for the brand new file). Therefore determining if that application has delivered
  successfully using ‘Date Modified’ timestamps is not recommended. The key to seeing this process in action is looking at the file properties in the
  C:\windows\ccmcache\<sccm code> folder for that application, particularly before and after a file is updated in the original source SCCM application folder."
  http://blog.kloud.com.au/tag/sccm/

• SCUP detection for APSB14-01 failed for Adobe Reader version 10.1.2

  The detection rule ran and found that the patch was not required for reader version 10.1.2.
  Anyone know how the detection rule works and what is it looking for?

  Further investigation shows that the update is for "Acrobat and Reader".  The users have Acrobat 9.4.2 and Reader 10.0.1 and the update has a link to 10.0.2 readme, so it was assumed only Reader 10 was being modified.  Acrobat 9.4.2 is what is actually being updated, but the patch doesn't reference 9.x.  Confusing to everyone.
  Thanks for confirming no 10.0.2 update for Reader (whew)!
  Russell

• CSA 5.1 & Rule 596

  Rule 596 (Network Access Control) generates a TON of noise. Any best practices on tuning this one?
  Obviously, cloning the module this one belongs to, "Rootkit Lockdown Module", and setting the new Network Access Control rule built inside to "Deny" instead of "Priority Deny" will allow exception rule creation, but...
  Does anyone recommend anything different, such as simply adding Application Classes to the list of apps that this rule should not apply to?
  Any suggestions are appreciated...

  I just checked a fresh install of CSA 5.1 and rule 596 is a high priority deny for all ip traffic.
  I do not agree with changing that rule to straight deny or to deny server only. The reason that rule kicks in is because your systems are "Set" as rootkit detected. If that is a true positive, you should clean the rootkits, not just do something to reduce the alerts. You can check this by going to Events > Status Summary and seeing how many hosts are listed in "Untrusted rootkit detected".
  I recommend changing the "Set" Rootkit detected rule itself to monitor. This is one of the 2 set rules in the System Hardening module (or rule 46 in a fresh install). Then use event suppression to keep these alerts out of your main event view if there are too many of them (I'm guessing Symantec will come up). But remember, these are potentially rootkits we're talking about here so you still want to keep an eye on them even if you suppress the events.
  I do not recommend changing rule 596 to straight deny or to deny server connections only. The rootkit lockdown module is meant for dealing with machines that have rootkits. This rule applies to servers as well so you can still see tons of alerts if CSA thinks your servers have rootkits.