Plain Text Prose

a long time ago, I posted about this stuff... http://marcusoh.blogspot.com/2010/01/listing-group-membership-of-computer-in.html http://marcusoh.blogspot.com/2010/01/listing-group-membership-of-computer-in_06.html both of which were just works in progress... and as it turns out, completely wrong! I ran into this post this morning that simplified what I was doing down to a few lines. here it is: $group = Get-MonitoringObject | Where { $_.DisplayName -eq "YourGroupName" } $MonitoringClass = Get-MonitoringClass -Name "Microsoft.Windows.Computer" $group.GetRelatedMonitoringObjects($MonitoringClass, "Recursive" ) | Select DisplayName source: http://michielw.blogspot.com/2010/12/scom-get-nested-group-members.html

in the interest of full disclosure, at some point, blogger or analytics did something... but I wasn't tracking page hits for the majority of the year so it's actually only about the last four months. unfortunately, blogger stats provide limited filtering for dates. I was hoping to have some good information to post something like this. oh well. it'll have to do. :) understanding the “ad op master is inconsistent” alert how to retrieve your ip address with powershell... sccm: content hash fails to match executing batch files remotely with psexec … sccm: client stuck downloading package with bit .tmp files in cache directory misc: netstumbler in vista... outlook 2010 does not successfully book a resource sccm: integrating dell warranty data into configmgr writing event log entries with powershell using preloadpkgonsite.exe to stage compressed copies to child site distribution points list domain controllers with powershell using powershell to replace “find” or “fi

made the switch this morning to forefront endpoint protection -- or what will be known as system center endpoint protection. most of it went okay, but there were a couple of mcafee components that made the process PAINFUL! believe it or not, the antivirus component was not it. the removal of the host intrusion prevention system (hips) and the mcafee agent itself were both more time-consuming than required, each with its own peculiarity. :/   removing hips attempting to remove the hips agent may produce an error about needing to "disable self-protect mode." I am shamelessly stealing this from the site kmit4u because the instructions are quite near perfect and don't need revising: Click Start , Run , type explorer and click OK . Navigate to: C:\Program Files\McAfee\Host Intrusion Prevention\ Double-click McAfeeFire.exe . Click Task , Unlock User Interface . Type the unlock code, and select Administrator Password . NOTE: By default, the unlock code is abcde12345

and coincidentally, blog posts with really long titles. if you run into scenarios where you find that computers with longer than 15 characters are exhibiting strange issues in an application, you can root out these computers with configmgr or AD. while the computer itself may show a longer than 15 character machine name, the records for it in AD and configmgr show a truncated value. this is interesting because the computer is registered with its long name in DNS. it can "interesting" when you see a truncated name that doesn't resolve (especially where WINS is involved and handles the resolution for netbios lookup adding further confusion.) funny enough, where you root out this problem exists kind of on the same plane for both AD and configmgr. it's the DNS host name that gives it away! take a look a these screenshots -- from SCCM and AD, respectively: (removed the computer names out of this screenshot) so what do you do with this information, now that you know?

here is something I wrote up not too long ago for the benefit of some of my coworkers. it's nothing new and might be what most of you know, but I wanted to post it up just in case. it's a question I'm asked often... so it seemed like something worthy of sharing.   How old is my data? Let me first summarize a few things. SCCM is generally configured to hold a set amount of data per given data type. In some cases, you may find that you have data that is older than the specified age value (90 today, 30 sometime soon). So what’s going on here? The short answer is, the data is still current. There are many things that comprise the composite object record. Let’s take my client for example. Here is a screen shot: As you will notice, Agent Name, Agent Site, and Agent Time all contain numbers in brackets. The [#] is an index of the property, so to speak. For example, if I were interested in Heartbeat Discovery, I would read the values this way: Agent Name[0] : Heartbeat Di

lots of posts about how to do this for clients. i found a few places where it indicated how to do this for servers. (unfortunately, it wasn't on the holy grail of screen real estate for searches -- which is right before I have to scroll, ensuring i will never find it again. :] ) component registry path navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\COMPONENTS under this path, select the component key name you're interested in such as SMS_DISCOVERY_DATA_MANAGER. locate the dword value "Verbose Logging" and set the value to 1.   tracing registry path (turns on sql tracing) navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\Tracing locate the dword value "SqlEnabled" and set the value to 1. under the path in step 1, select the component key name you're interested in such as SMS_DISCOVERY_DATA_MANAGER. ensure the value "Enabled" is set to 1. don't forget to cycle the SMS_EXECUTIVE service.

locating windows server 2003 running r2 is a bit of an obscure value. with windows server 2008, you can simply check the build number. unfortunately, in 2003, it's a little more hidden. here's a couple of ways of getting the information.   using configmgr in configmgr, one place the information is contained is in the view v_gs_operating_system in the name0 column: select sys.Name0, os.Name0 from v_r_system sys inner join v_GS_OPERATING_SYSTEM os on os.ResourceID = sys.ResourceID where os.Name0 like '%2003%R2%' order by sys.Name0   using wmi in wmi, the information is stored in win32_operatingsystem in the attribute "OtherTypeDescription" as indicated here in this msdn article . OtherTypeDescription Data type: string Access type: Read-only Additional description for the current operating system version. Windows Server 2003 R2: Contains the string "R2". Windows Server 2003, Windows XP, Windows 2000, and Windows NT 4.0: OtherTypeDescr

if you manage anti-virus in any form, you are already familiar with exclusion lists. this wiki article supplies links to just about any microsoft product you can think of and all of the exclusions you may need. http://social.technet.microsoft.com/wiki/contents/articles/953.aspx pro tip: if you subscribe to the article , you can get updates whenever more products are added.

UPDATE : forgot to add the preparatory step to randomize the datescriptran values. UPDATE : greg ramsey asked me to post the script so here it is. click HERE . it's called MCO_DellWarranty.zip UPDATE: somehow i included scott’s file in my zip which caused some confusion. i have since removed it so if you need it, be sure to visit his blog for the freshest version. thanks dionna for pointing it out! this is a process for joining dell warranty information to your configmgr discovery and inventory database. challenges in the past have been that dell was not very forthcoming with providing an easy to query, easy to access warranty database. often times it had to be delivered to you in a spreadsheet or scraped off a webpage which made for inconsistent data updates and constant script failures.   history in my time as an administrator, there have been many iterations of this that i have used. the first one was a little vbscript i wrote which would take a text dump i w

it's probably not logical for you to do this to yourself and thus there is not much to worry about. however, through a series of nesting groups, you can very well do this without thinking much about it. anyway, by the nature of the fact that I am posting this ... means I ran into it. :( for clarity, the group limitation is actually 1015 when you factor in well-known SIDs.   the error message this is what you will see when attempting to log in: The system cannot log you on due to the following error: During a logon attempt, the user’s security context accumulated too many security IDs . Please try again or consult your system administrator .   detecting the problem if you want to see how many groups you (or some other user account) is a member of, use the following kinds of commands (may produce different results*): powershell Get-QADUser myuserid | Select-Object -ExpandProperty allmemberof | measure cmd shell dsquery user -samid myuserid | dsget user -memberof -expand |

i was putting this together for a friend of mine so i thought i would post it since it seems like a pretty useful thing to have. should be self-explanatory. -- first and last for previous month DECLARE @FirstDayPrev DATETIME DECLARE @LastDayPrev DATETIME -- first and last for current month DECLARE @FirstDayCurr DATETIME DECLARE @LastDayCurr DATETIME Set @FirstDayPrev = CONVERT ( VARCHAR (25),DATEADD(mm, DATEDIFF(mm,0,getdate())-1, 0),101) Set @LastDayPrev = CONVERT ( VARCHAR (25),DATEADD(mm, DATEDIFF(mm, 0,getdate())+0, -1),101) Set @FirstDayCurr = CONVERT ( VARCHAR (25),DATEADD(mm, DATEDIFF(mm, 0,getdate())+0, 0),101) Set @LastDayCurr = CONVERT ( VARCHAR (25),DATEADD(mm, DATEDIFF(mm, 0,getdate())+1, -1),101) Select @FirstDayPrev, @LastDayPrev, @FirstDayCurr, @LastDayCurr

this is so annoyingly obscure that I figured I'd point it out. in outlook, open the message you're interested in. in the ribbon, locate the "tags" section and click the little arrow. and there you have it...

with products like kelverion , you can make short work of installing the operator console. if you have gone through this, you know what an enormous amount of time this process takes. if, however, you need all of the download files, I captured them and made them available here on my skydrive . the files are located under the OpalisOpConsole folder, split into 6 zip files. for this reason, make sure you are using an unzipping utility capable of piecing the content back together. beware! it's quite large and may take some time to download in its entirety.

this is a cool trick I picked up from my coworker who picked up from a presentation. basically, you can open a command prompt to the exact folder where your explorer is pointing to. here's how. navigate to the folder you're interested in. in the address bar of explorer, type "cmd" and hit enter. this will launch a command prompt directly to the folder. perfect!

hi all. in case you're not on the mailing list, I just wanted to let you know that we have another user group meeting coming up april 22, 2011. yes, that's good friday. no, we didn't realize it. :) at any rate, if you can make it out, we'd be happy as punch to have you. if not, you can always join virtually. if you're so inspired, you can come out for part of it and join virtually for the other part. anyway, all the details and registration links are at http://www.atlsmug.org/1/post/2011/04/atlanta-systems-management-user-group-4222011.html . here's a real quick agenda: Presenters Agenda Time Start Time End Breakfast 9:30 9:50 ATLSMUG Opening 9:50 10:00 Dan Newton v.Next Year – What You Need to Know About the Upcoming 2012 System Center Releases 10:05 11:00 Greg Cameron Delivering and Managing the Private Cloud with System Center 2012 11:05 12:00 Lunch Break 12:05 12:25 John Rush (Shavlik) 3rd-Party Software Patching Using S

honestly, it's very early (by my standards). my creativity is not quite awake yet hence the very bad subject name of this post. I can't really find a good error message that would capture the essence of this problem. so... I guess you'll just have to read my rambling instead. let's get started. when this problem spurs up it looks as if the client is attempting to download the package but never gets anywhere with it. what's the first thing any sccm admin does? read logs, yes. one of the best ways I've found of reading logs is to start by running a search against the logs directory and dumping out anything matching the package id, advertisement id, etc to a new txt file. this is what I found. in the cas.log, the client is clearly getting the policy and location of the package. Matching DP Location found 0 - \\mySMSServer\SMSPKGC$\XYZ00017\ Requesting content XYZ00017.1, size (KB) 60833, under context S-0-0-00-1111111111-1111111111-111111111-111111 with prior

if you're looking for how to offer remote assistance in windows 7, here's a command line you can issue to do this: %windir%\system32\msra.exe /offerra

back in 2008, I wrote up a little thing about how distribution manager fails to send a package to a distribution point . even though a lot of what I wrote that for was the failure of packages to get delivered to child sites, the result was pretty much the same. when the client tries to run the advertisement with an old package, the result was a failure because of content mismatch. I went through an ordeal recently capturing these exact kinds of failures and corrected quite a number of problems with these packages. the resulting blog post is my effort to capture how these problems were resolved. if nothing else, it's a basic checklist of things you can use.   DETECTION status messages take a look at your status messages. this has to be the easiest way to determine where these problems exist. unfortunately, it requires that a client is already experiencing problems. there are client logs you can examine as well such as cas, but I wasn't even sure I was going to have enough m

you may remember awhile back, I wrote up some s teps on how to use windows live mesh to achieve sticky notes synchronization . live mesh, sync, and now mesh again, was a great product to use for this purpose because you could point to the folder and tell it to sync it. unfortunately, I didn't find it very reliable and by the comments I read, neither did a lot of my readers. this morning, I got quite frustrated by a couple of things going on. first of all, no sync! second, digsby ! sticky notes and digsby are two things I've come to rely on. there's some talk about a protocol change (or using old protocols or something like that) I read that pointed to digsby 's msn having connection problems while using windows live mesh. while live mesh was running, msn would drop off. according to their blog, it's a known issue and will be revised in a future release. anyway, so here I am. I decided to get rid of mesh in favor of something I've been using awhile and have co

creating stuff in powershell and are curious about how to name it?  you already know the verb-noun format, but what are the right verbs to use? use the get-verb cmdlet ! Verb Group ---- ----- Add Common Clear Common Close Common Copy Common Enter Common Exit Common Find Common Format Common Get Common Hide Common Join Common Lock Common Move Common New Common Open Common Pop Common Push Common Redo Common Remove Common Rename

as you move into deeper integration stories with opalis, it’s probable that you’re going to run into situations where the expected outcome isn’t quite as you dreamed. now why is this?  it’s usually because as you write the process, it isn’t completely determined what you’ll need.  this manifests itself often for me (anyway) as security related problems.  the most common reason this occurs is that you are designing as your own account and running your workflows as the opalis action service account. so, if you would, allow me to offer a little guidance on this. repeat to yourself: i am not the opalis action account.   this has a profound effect in separating you from your delusion that the universe does not want you to succeed today.  the point really is to remember that that testing console runs as the user launching the opalis client.  here's a demonstration by pete. review your audit history.  it's object specific but sometimes you can glean problems occurring by viewing