Skip to main content

Posts

Showing posts from 2011

listing the group membership of a computer in opsmgr [part 3]

a long time ago, I posted about this stuff...http://marcusoh.blogspot.com/2010/01/listing-group-membership-of-computer-in.html
http://marcusoh.blogspot.com/2010/01/listing-group-membership-of-computer-in_06.htmlboth of which were just works in progress... and as it turns out, completely wrong! I ran into this post this morning that simplified what I was doing down to a few lines. here it is:$group = Get-MonitoringObject | Where { $_.DisplayName -eq"YourGroupName"}
$MonitoringClass = Get-MonitoringClass -Name "Microsoft.Windows.Computer"
$group.GetRelatedMonitoringObjects($MonitoringClass,"Recursive") | Select DisplayName
source: http://michielw.blogspot.com/2010/12/scom-get-nested-group-members.html

my 15 most popular posts of 2011

moving to endpoint protection

made the switch this morning to forefront endpoint protection -- or what will be known as system center endpoint protection. most of it went okay, but there were a couple of mcafee components that made the process PAINFUL! believe it or not, the antivirus component was not it.the removal of the host intrusion prevention system (hips) and the mcafee agent itself were both more time-consuming than required, each with its own peculiarity. :/removing hipsattempting to remove the hips agent may produce an error about needing to "disable self-protect mode." I am shamelessly stealing this from the site kmit4u because the instructions are quite near perfect and don't need revising:Click Start, Run, type explorer and click OK. Navigate to: C:\Program Files\McAfee\Host Intrusion Prevention\Double-click McAfeeFire.exe. Click Task, Unlock User Interface. Typethe unlock code, and select Administrator Password.
NOTE: By default, the unlock code is abcde12345.  After the user interface …

sccm: computers with names greater than 15 characters

and coincidentally, blog posts with really long titles.if you run into scenarios where you find that computers with longer than 15 characters are exhibiting strange issues in an application, you can root out these computers with configmgr or AD. while the computer itself may show a longer than 15 character machine name, the records for it in AD and configmgr show a truncated value.this is interesting because the computer is registered with its long name in DNS. it can "interesting" when you see a truncated name that doesn't resolve (especially where WINS is involved and handles the resolution for netbios lookup adding further confusion.)funny enough, where you root out this problem exists kind of on the same plane for both AD and configmgr. it's the DNS host name that gives it away! take a look a these screenshots -- from SCCM and AD, respectively:(removed the computer names out of this screenshot)so what do you do with this information, now that you know? well, let&…

sccm: how old is my data?

here is something I wrote up not too long ago for the benefit of some of my coworkers. it's nothing new and might be what most of you know, but I wanted to post it up just in case. it's a question I'm asked often... so it seemed like something worthy of sharing.How old is my data?Let me first summarize a few things. SCCM is generally configured to hold a set amount of data per given data type. In some cases, you may find that you have data that is older than the specified age value (90 today, 30 sometime soon). So what’s going on here? The short answer is, the data is still current. There are many things that comprise the composite object record. Let’s take my client for example. Here is a screen shot: As you will notice, Agent Name, Agent Site, and Agent Time all contain numbers in brackets. The [#] is an index of the property, so to speak. For example, if I were interested in Heartbeat Discovery, I would read the values this way: Agent Name[0] : Heartbeat Discovery
A…

enable verbose logging on a sccm server

lots of posts about how to do this for clients. i found a few places where it indicated how to do this for servers. (unfortunately, it wasn't on the holy grail of screen real estate for searches -- which is right before I have to scroll, ensuring i will never find it again. :] )component registry pathnavigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\COMPONENTSunder this path, select the component key name you're interested in such as SMS_DISCOVERY_DATA_MANAGER.locate the dword value "Verbose Logging" and set the value to 1.tracing registry path (turns on sql tracing)navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\Tracinglocate the dword value "SqlEnabled" and set the value to 1.under the path in step 1, select the component key name you're interested in such as SMS_DISCOVERY_DATA_MANAGER.ensure the value "Enabled" is set to 1.don't forget to cycle the SMS_EXECUTIVE service.

how to verify a server is running r2

locating windows server 2003 running r2 is a bit of an obscure value. with windows server 2008, you can simply check the build number. unfortunately, in 2003, it's a little more hidden. here's a couple of ways of getting the information.using configmgrin configmgr, one place the information is contained is in the view v_gs_operating_system in the name0 column:select sys.Name0, os.Name0
from v_r_system sys
innerjoin v_GS_OPERATING_SYSTEM os on os.ResourceID = sys.ResourceID
where os.Name0 like'%2003%R2%'
orderby sys.Name0
using wmiin wmi, the information is stored in win32_operatingsystem in the attribute "OtherTypeDescription" as indicated here in this msdn article.OtherTypeDescription
Data type: string
Access type: Read-only
Additional description for the current operating system version.

Windows Server 2003 R2: Contains the string "R2".
Windows Server 2003, Windows XP, Windows 2000, and Windows NT 4.0: OtherTypeDescription is null.
you could use a powershe…

windows anti-virus exclusion list

if you manage anti-virus in any form, you are already familiar with exclusion lists. this wiki article supplies links to just about any microsoft product you can think of and all of the exclusions you may need.http://social.technet.microsoft.com/wiki/contents/articles/953.aspxpro tip: if you subscribe to the article, you can get updates whenever more products are added.

sccm: integrating dell warranty data into configmgr

UPDATE: forgot to add the preparatory step to randomize the datescriptran values.
UPDATE: greg ramsey asked me to post the script so here it is. click HERE. it's called MCO_DellWarranty.zip
UPDATE: somehow i included scott’s file in my zip which caused some confusion. i have since removed it so if you need it, be sure to visit his blog for the freshest version. thanks dionna for pointing it out!this is a process for joining dell warranty information to your configmgr discovery and inventory database. challenges in the past have been that dell was not very forthcoming with providing an easy to query, easy to access warranty database. often times it had to be delivered to you in a spreadsheet or scraped off a webpage which made for inconsistent data updates and constant script failures.historyin my time as an administrator, there have been many iterations of this that i have used. the first one was a little vbscript i wrote which would take a text dump i would get from del…

ds: logon request fails when groups > 1024

it's probably not logical for you to do this to yourself and thus there is not much to worry about. however, through a series of nesting groups, you can very well do this without thinking much about it. anyway, by the nature of the fact that I am posting this ... means I ran into it. :(for clarity, the group limitation is actually 1015 when you factor in well-known SIDs.the error messagethis is what you will see when attempting to log in:The system cannot log you on due to the following error: During a logon attempt, the user’s security context accumulated too many security IDs. Please try again or consult your system administrator.
detecting the problemif you want to see how many groups you (or some other user account) is a member of, use the following kinds of commands (may produce different results*):powershell
Get-QADUser myuserid | Select-Object -ExpandProperty allmemberof | measure
cmd shell
dsquery user -samid myuserid | dsget user -memberof -expand | find /c /v ""
* w…

getting the first and last day of the month in sql

i was putting this together for a friend of mine so i thought i would post it since it seems like a pretty useful thing to have. should be self-explanatory.-- first and last for previous month
DECLARE @FirstDayPrev DATETIME
DECLARE @LastDayPrev DATETIME-- first and last for current month
DECLARE @FirstDayCurr DATETIME
DECLARE @LastDayCurr DATETIMESet @FirstDayPrev = CONVERT(VARCHAR(25),DATEADD(mm, DATEDIFF(mm,0,getdate())-1, 0),101)
Set @LastDayPrev = CONVERT(VARCHAR(25),DATEADD(mm, DATEDIFF(mm, 0,getdate())+0, -1),101)Set @FirstDayCurr = CONVERT(VARCHAR(25),DATEADD(mm, DATEDIFF(mm, 0,getdate())+0, 0),101)
Set @LastDayCurr = CONVERT(VARCHAR(25),DATEADD(mm, DATEDIFF(mm, 0,getdate())+1, -1),101)Select @FirstDayPrev, @LastDayPrev, @FirstDayCurr, @LastDayCurr

viewing internet headers of emails in outlook 2010

this is so annoyingly obscure that I figured I'd point it out.in outlook, open the message you're interested in. in the ribbon, locate the "tags" section and click the little arrow.and there you have it...

opalis: operator console installation files

with products like kelverion, you can make short work of installing the operator console. if you have gone through this, you know what an enormous amount of time this process takes.if, however, you need all of the download files, I captured them and made them available here on my skydrive. the files are located under the OpalisOpConsole folder, split into 6 zip files. for this reason, make sure you are using an unzipping utility capable of piecing the content back together. beware! it's quite large and may take some time to download in its entirety.

open a command prompt to the directory in explorer

this is a cool trick I picked up from my coworker who picked up from a presentation. basically, you can open a command prompt to the exact folder where your explorer is pointing to. here's how.navigate to the folder you're interested in.in the address bar of explorer, type "cmd" and hit enter.this will launch a command prompt directly to the folder. perfect!

atlanta smug (atlsmug) coming up 4/22/11

hi all.in case you're not on the mailing list, I just wanted to let you know that we have another user group meeting coming up april 22, 2011. yes, that's good friday. no, we didn't realize it. :)at any rate, if you can make it out, we'd be happy as punch to have you. if not, you can always join virtually. if you're so inspired, you can come out for part of it and join virtually for the other part. anyway, all the details and registration links are at http://www.atlsmug.org/1/post/2011/04/atlanta-systems-management-user-group-4222011.html.here's a real quick agenda:Presenters
Agenda
Time Start
Time End

Breakfast
9:30
9:50
ATLSMUG
Opening
9:50
10:00
Dan Newton
v.Next Year – What You Need to Know About the Upcoming 2012 System Center Releases
10:05
11:00
Greg Cameron
Delivering and Managing the Private Cloud with System Center 2012
11:05
12:00

Lunch Break
12:05
12:25
John Rush (Shavlik)
3rd-Party Software Patching Using SCCM and Shavlik SCUPdates
12:30
1:30
Duncan McAlynn
DCM vs ACS: An Au…

sccm: client stuck downloading package with bit .tmp files in cache directory

honestly, it's very early (by my standards). my creativity is not quite awake yet hence the very bad subject name of this post. I can't really find a good error message that would capture the essence of this problem. so... I guess you'll just have to read my rambling instead.let's get started. when this problem spurs up it looks as if the client is attempting to download the package but never gets anywhere with it. what's the first thing any sccm admin does? read logs, yes. one of the best ways I've found of reading logs is to start by running a search against the logs directory and dumping out anything matching the package id, advertisement id, etc to a new txt file. this is what I found.in the cas.log, the client is clearly getting the policy and location of the package.Matching DP Location found 0 - \\mySMSServer\SMSPKGC$\XYZ00017\
Requesting content XYZ00017.1, size(KB) 60833, under context S-0-0-00-1111111111-1111111111-111111111-111111 with priority Low
Tar…

sccm: content hash fails to match

back in 2008, I wrote up a little thing about how distribution manager fails to send a package to a distribution point. even though a lot of what I wrote that for was the failure of packages to get delivered to child sites, the result was pretty much the same. when the client tries to run the advertisement with an old package, the result was a failure because of content mismatch.I went through an ordeal recently capturing these exact kinds of failures and corrected quite a number of problems with these packages. the resulting blog post is my effort to capture how these problems were resolved. if nothing else, it's a basic checklist of things you can use.DETECTIONstatus messagestake a look at your status messages. this has to be the easiest way to determine where these problems exist. unfortunately, it requires that a client is already experiencing problems. there are client logs you can examine as well such as cas, but I wasn't even sure I was going to have enough material to …

how to use dropbox to synchronize windows 7 sticky notes

you may remember awhile back, I wrote up some steps on how to use windows live mesh to achieve sticky notes synchronization. live mesh, sync, and now mesh again, was a great product to use for this purpose because you could point to the folder and tell it to sync it. unfortunately, I didn't find it very reliable and by the comments I read, neither did a lot of my readers.this morning, I got quite frustrated by a couple of things going on. first of all, no sync! second, digsby! sticky notes and digsby are two things I've come to rely on. there's some talk about a protocol change (or using old protocols or something like that) I read that pointed to digsby's msn having connection problems while using windows live mesh. while live mesh was running, msn would drop off. according to their blog, it's a known issue and will be revised in a future release.anyway, so here I am. I decided to get rid of mesh in favor of something I've been using awhile and have come to lo…

powershell: naming functions and cmdlets

creating stuff in powershell and are curious about how to name it?  you already know the verb-noun format, but what are the right verbs to use?use the get-verb cmdlet!Verb Group
---- -----
Add Common
Clear Common
Close Common
Copy Common
Enter Common
Exit Common
Find Common
Format Common
Get Common
Hide Common
Join Common
Lock Common
Move Common
New Common
Open Common
Pop Common
Push Common
Redo Common
Remove Common
Rename Comm…

opalis: guidance on troubleshooting failed workflows

as you move into deeper integration stories with opalis, it’s probable that you’re going to run into situations where the expected outcome isn’t quite as you dreamed.now why is this?  it’s usually because as you write the process, it isn’t completely determined what you’ll need.  this manifests itself often for me (anyway) as security related problems.  the most common reason this occurs is that you are designing as your own account and running your workflows as the opalis action service account.so, if you would, allow me to offer a little guidance on this.repeat to yourself: i am not the opalis action account.  this has a profound effect in separating you from your delusion that the universe does not want you to succeed today.  the point really is to remember that that testing console runs as the user launching the opalis client.  here's a demonstration by pete. review your audit history.  it's object specific but sometimes you can glean problems occurring by viewing the aud…