O R G A N I C / F E R T I L I Z E R: 05.12

May 24, 2012

two upcoming events i wanted to mention

hi and good morning. i wanted to mention a couple of upcoming events that may interest you.

 

1335807383

JUNE 1ST: the first is the atlanta techstravaganza event which has turned into an annual thing. not sure if you know this or not but atlanta systems management user group is a part of it and has been since the inception. the event has a great line-up of folks -- both mvp and other talent. it's a full day event with food, prizes, etc so plan accordingly. the schedule, registration, and everything else can be found at www.atltechstravaganza.com. hope you can make it!

 

image001

MULTIPLE EVENTS: the second event is windows server 2012 community roadshow which is brought to you by fellow mvps. it's a four hour event at various locations both stateside and internationally. you can get all the information at the following location: https://ws2012rocks.msregistration.com/Default.aspx

sorry atlanta peepz -- it doesn't appear there's going to be an atlanta event. the closest you'll get is charlotte. that's some poo. oh well. the others don't get the atlanta techstravaganza event! get to one or the other. they both look good... :)

May 17, 2012

"get computer/ip status" activity throws raw socket error

recently ran across this quirk trying to test a runbook in orchestrator...

PROBLEM SUMMARY

imagewhile in the runbook designer, whenever the "get computer/ip status" activity is called, it fails with the following error:

 

image

 

the error summary text in its entirety:

Raw socket error. Error: 10013 An attempt was made to access a socket in a way forbidden by its access permissions.

 

according to this microsoft article (thanks richard catley), the error translates to this:

WSAEACCES (10013)
Translation: Permission denied.
Description: An attempt was made to access a socket in a way that is forbidden by its access permissions. For example, this error occurs when a broadcast address is used for sendto but the broadcast permission is not set by using setsockopt(SO_BROADCAST). Another possible reason for the WSAEACCES error is that when the bind (Wsapiref_6vzm.asp) function is called (in Microsoft Windows NT 4 .0 Service Pack 4 [SP4] or later), another program, service, or kernel mode driver is bound to the same address with exclusive access. Such exclusive access is a new feature of Windows NT 4.0 SP4 and later, and it is implemented by using the SO_EXCLUSIVEADDRUSE option.

 

which means absolutely nothing to me -- except there is a possible permission issue somewhere. :) after posting to the technet forum, i decided to file a bug. as any decent human being does, i searched to see if the bug had already been filed. sure enough it had. it's right here if you want to read the details.

 

SOLUTION

anyway, i verified i was in local admin, etc. turns out you have to launch the console with run as administrator permissions to elevate it properly in order for the activity to have the required access. jeff fanjoy describes it in the bug.

image

 

OTHER STUFF

you may have read robert hearn's post about running the runbook tester as another user. so... what do you do in the scenario where you must run the runbook tester as a different user since there's no perceivable way to perform a runas a different user and run as administrator?

well, i couldn't find a way in the windows UI... but if you know of one, please comment up. you can do it, but it's convoluted. here you go:

  1. log in as the user.
  2. open up a cmd prompt with run as administrator.
  3. execute the following:

"C:\Program Files (x86)\Microsoft System Center 2012\Orchestrator\Runbook Designer\RunbookDesigner.exe"


what if you don't want to log on as the user? i dunno how to do that one. go figure it out, and let me know. :)

May 10, 2012

managing client remediation in configmgr 2012

picked up this article from steve rachui. been extremely negligent on writing blogs and reading blogs this last year because of some other commitments. anyway, kent agerlund lays out a process for using settings management (aka dcm) to turn off client remediation for scenarios where a targeted selection of machines (e.g. servers, domain controllers, etc) may exist under stricter change control processes that do not allow the client to reinstall itself.

anyway, check out the article here: http://blog.coretech.dk/kea/configure-client-remediation-in-configmgr-2012-to-monitor-only-using-settings-management/

May 3, 2012

ntlm authentication is not dead nor are its problems

hanging out at tec this week, a recurring theme came up more than once. it's this thing called maxconcurrentapi. here's some relevant links:

http://blogs.technet.com/b/askds/archive/2011/09/15/is-this-horse-dead-yet-ntlm-bottlenecks-and-the-rpc-runtime.aspx

http://support.microsoft.com/default.aspx?scid=kb;EN-US;928576