Sign in or Join FriendFeed
FriendFeed is the easiest way to share online. Learn more »

Ryan Steele › Comments

Ryan Steele
rgsteele on pull, rather than push, image with sccm - http://www.reddit.com/r...
"Enable your PXE distribution point for deployment to unknown computers, then deploy your task sequences as "Available" to the "All Unknown Computers" collection. http://technet.microsoft.com/en-ca..." - Ryan Steele
Ryan Steele
rgsteele on KB3024777 Released to Eliminate KB3004394 Woes - http://www.reddit.com/r...
"The `/norestart` switch tells `dism.exe` not to initiate a restart, but it will instead exit with a return code of 3010, which will indicate to the calling process (in this case, Windows Update) that a restart is required." - Ryan Steele
Ryan Steele
rgsteele on How to read logs? - http://www.reddit.com/r...
"As others have said, CMTrace is a nice lightweight log file viewer. You may also want to check out the [Configuration Manager Support Center](https://www.microsoft.com/en-us...) tool Microsoft released this year. It includes some additional features like a client troubleshooter, package viewer and policy viewer. The downside is it requires installation, whereas CMTrace.exe can just be copied to the machine where it's being run." - Ryan Steele
Ryan Steele
rgsteele on Task Sequence applying image to D:\ and not C:\ - http://www.reddit.com/r...
"I think this may be the answer. Just to clarify, in case /u/f-appcontroller has a non-standard drive formatting step in their TS: in the default TS there are two "Format and Partition Disk" steps, one for BIOS and one for UEFI. In the BIOS one there should be two partitions defined, one called "System Reserved (Primary)" and one called "Windows (Primary)". In the properties of the "System Reserved (Primary)" partition, "Do not assign a drive letter to this partition" should be checked." - Ryan Steele
Ryan Steele
rgsteele on Task Sequence applying image to D:\ and not C:\ - http://www.reddit.com/r...
"You mention you've tried adding TS variables, but which ones? In my case, this issue was resolved by adding a "Set Task Sequence Variable" step before the "Apply Operating System Image" step, setting `OSDPreserveDriveLetter` to `false`." - Ryan Steele
Ryan Steele
rgsteele on How much DB storage is used per user? - http://www.reddit.com/r...
"I recall that when I set up SCCM, the recovery mode on the reporting server database was set to Full, meaning the log file started taking up a huge amount of space. Launch the SQL Server Management Studio on your DB server (you may need to right-click and run as admin), navigate to Databases > ReportServer > Properties > Options and check whether Recovery Model is set to Simple or Full. If it's set to Full, change it to Simple." - Ryan Steele
Ryan Steele
rgsteele on Solar lights on the Galloping Goose? - http://www.reddit.com/r...
"When I lived in Saanich and commuted downtown by bicycle, I found the most dangerous aspect of the Galloping Goose was the wooden trestles, which are treacherously slippery when wet and downright impassible when frosty. I know of at least one person who has injured themselves from wiping out on one." - Ryan Steele
Ryan Steele
rgsteele on About to move from stand alone WSUS to SUP; what to lookout for? - http://www.reddit.com/r...
"It's off... until the SCCM client robot comes and turns it on. Which is /u/8375456's point: if there's no GPO, the SCCM client will set the registry key." - Ryan Steele
Ryan Steele
rgsteele on About to move from stand alone WSUS to SUP; what to lookout for? - http://www.reddit.com/r...
">Many of these laptops spend most of their time out of the office and not connected to a VPN. SCCM is currently not yet setup for Internet Based Client Management and I don't have DirectAccess in place (yet). That being said, it's my understanding that most of these clients will end up downloading updates directly from MS rather than my DP's I don't think this will work the way you think it will. As long as the clients are out of the office, they won't be able to contact your management point. They won't get the software update deployment until the next time they are on the corporate network. Being able to download the updates from MS doesn't help you because the client won't go download the update until it is told to. That won't happen until it contacts the MP, and it can't do that unless it's on the corporate network." - Ryan Steele
Ryan Steele
rgsteele on Adobe Acrobat XI Professional installation - http://www.reddit.com/r...
"You have encountered a bug that occurs when Acrobat has been uninstalled and re-installed. Here's the relevant post on the Adobe forums with the fix: https://forums.adobe.com/thread..." - Ryan Steele
Ryan Steele
rgsteele on A specific Windows Update refuses to install automatically - http://www.reddit.com/r...
"I think maybe you need to set the [Turn on recommended updates via Automatic Updates](http://technet.microsoft.com/en-ca...) GPO to Enabled." - Ryan Steele
Ryan Steele
rgsteele on Are User Based Deployments based on Device Affinity or Top Console User? - http://www.reddit.com/r...
"I haven't actually used User Based Deployments yet, but I was curious about the answer to this, so I did a bit of digging and found this blog post, which explains it really well: http://gosc.nl/blog... TL;DR: It will install on all PCs the user logs into, unless you specify a Requirement in the Deployment Type of the Application that Primary Device equals True." - Ryan Steele
Ryan Steele
rgsteele on Thickheaded Thursday: 11-6-2014 - http://www.reddit.com/r...
"I'm not sure what you mean by the "awkward excuse me shuffle step", but if you're implying that having both ends of a network link set to auto-negotiate is a bad thing, nothing could be further from the truth. 99.9% of the time, both ends should be set to auto-negotiate. In the 0.01% of the time where there's some weird incompatibility between two pieces of gear and auto-negotiate isn't working, both ends should be set to the same manual setting, e.g. 100/Full. And you should NEVER have one end set to Auto and the other end set manually. This article does a good job of dispelling the myths about auto-negotiate: http://etherealmind.com/etherne..." - Ryan Steele
Ryan Steele
rgsteele on Thickheaded Thursday: 11-6-2014 - http://www.reddit.com/r...
"You could try using [Process Monitor](http://technet.microsoft.com/en-ca...) to see which process spawns the wscript.exe process. You'll need to use the "boot time logging" feature." - Ryan Steele
Ryan Steele
rgsteele on Task Sequences, Unknown Computers and Multiple Departments - http://www.reddit.com/r...
"> So if the computer name is set in that import, and the device is created in AD already you can do a completely touch free Task Sequence as SCCM will already know what to name the device and where it belongs? Yes, that is correct. I haven't used it myself, but there is a user-contributed PowerShell form available at https://gallery.technet.microsoft.com/Import-... which allows a user without the SCCM console to import the computer object." - Ryan Steele
Ryan Steele
rgsteele on Task Sequences, Unknown Computers and Multiple Departments - http://www.reddit.com/r...
"Yes, if you want to deploy to brand new computers without deploying to Unknown Computers, you will need to import the machines into SCCM. [Here's the relevant documentation in TechNet](http://technet.microsoft.com/en-us...). There are two ways to import your computer objects using the wizard: one by one or in batches using a CSV file. There's [a good step-by step guide at windows-noob](http://www.windows-noob.com/forums...) for using the batch method. Whichever method you choose, you will need to supply the desired computer name and either the MAC address or SMBIOS GUID for each machine you are importing. As for ensuring the computer object ends up in the right OU, you can actually pre-create the computer object in AD in the desired OU before initiating the deployment. When the task sequence hits the step to join the computer to the domain, it will use the computer object..." - Ryan Steele
Ryan Steele
rgsteele on Anyone able to successfully deploy Java 8u25? - http://www.reddit.com/r...
"Just out of curiosity, is there a reason you're using a vbscript to terminate Java-related processes instead of using the PSAppDeployToolkit's built-in functionality? i.e. something like `Show-InstallationWelcome -CloseApps "java,javaw,javaws,iexplore,firefox,chrome"` I've only just started exploring the toolkit and haven't yet tried deploying Java with it so I'm interested in hearing about your experiences." - Ryan Steele
Ryan Steele
rgsteele on OSD / Driver Package Selection - http://www.reddit.com/r...
"In the query you're running at the command line, you're selecting the "Name" column of the "CSProduct" table, but in the query in your task sequence, you're selecting the "Model" column of the "Win32_ComputerSystem" table. It's possible these are different values on your system. What's the result when you run this from the command prompt: `wmic computersystem get model` Also, it's not a big deal, but you're using a LIKE statement in your query when an = would serve just as well. You only need to use LIKE when you want to use a wildcard in your query (which, in SQL, is represented by the percent sign). For example, `SELECT * FROM Win32_ComputerSystem WHERE Model LIKE "Latitude%"` EDIT: What /u/abstractPotential said! :)" - Ryan Steele
Ryan Steele
rgsteele on How to find machines with/without a specific hotfix installed? - http://www.reddit.com/r...
"Glad to help!" - Ryan Steele
Ryan Steele
rgsteele on SCCM 2012 Client install failing - http://www.reddit.com/r...
">`ccmsetup 09/10/2014 9:58:08 AM 10224 (0x27F0) File 'C:\Windows\ccmsetup\Silverlight.exe' with hash '417B442E128D821119008ACEEEE6CDC2A41224377A829B6EC52BABA2724F0151' from manifest doesn't match with the file hash '37D9F8FCBD5499F1D3B9A053BD69D0B844BA9466BA0FCE7EB586B3E6B241E13D'` "Hmm, the client has Silverlight.exe, but it's not the bundle of bits I'm looking for. That's okay, I'll download it from the server!" >`ccmsetup 09/10/2014 9:58:08 AM 10224 (0x27F0) Deleted file C:\Windows\ccmsetup\Silverlight.exe` >`ccmsetup 09/10/2014 9:58:08 AM 10224 (0x27F0) Adding file 'http://FSESXSCC01.xxxxxxxxxx.local:80/SMS_DP_...' to BITS job, saving as 'C:\Windows\ccmsetup\Silverlight.exe'.` ... >`ccmsetup 09/10/2014 9:58:14 AM 10224 (0x27F0) Successfully downloaded client files via BITS. ` "All right, I've got all the files I need, now I'll install the client." >`ccmsetup 09/10/2014 9:58:14 AM 10224 (0x27F0) File 'C:\Windows\ccmsetup\Silverlight.exe' with hash..." - Ryan Steele
Ryan Steele
rgsteele on Moving from WSUS to SCCM for patching - http://www.reddit.com/r...
"[This TechNet blog post](http://blogs.technet.com/b...) is helpful for understanding how to manage updates. Typically, your deployment group will be named something like "Updates 2014-10-07" and will contain all the updates you're wanting to push out that day. You would deploy it to your "Dev" collection, then when you've confirmed nothing has broken, you'd manually deploy the group to your "Test" collection, and then your "Prod" collection. As for expired updates, you just do a search for expired updates, select all, right-click>Edit Membership, then uncheck all the boxes." - Ryan Steele
Ryan Steele
rgsteele on SCCM 2012 R2 + SQL Server 2008 R2 SP3 - http://www.reddit.com/r...
"Thanks for the clarification. I wondered why you would want to install a service pack which may not be supported but now I see that there is a security hotfix included in it. Guess that's something I should be looking into as well, so thanks for the heads up! Unfortunately I don't think anyone from Microsoft follows this subreddit, so getting an answer to this question may require picking up the phone, or perhaps posting in the TechNet forums." - Ryan Steele
Ryan Steele
rgsteele on BC criminal justice process for juveniles? - http://www.reddit.com/r...
"The [Dial-A-Law](http://www.cbabc.org/For-the...) site may be helpful." - Ryan Steele
Ryan Steele
rgsteele on SCCM 2012 R2 + SQL Server 2008 R2 SP3 - http://www.reddit.com/r...
"Are you hosting the database for SCCM on a shared SQL server? That's not recommended. In fact, [the license for System Center 2012 includes a license for SQL Server Standard](http://www.microsoft.com/licensi...) so there's really no reason not to put it on a separate server. I expect in most cases it's best to co-locate the database on the site server." - Ryan Steele
Ryan Steele
rgsteele on Ferrorfluid - The Magnetic Liquid - http://www.reddit.com/r...
"It's too late; the ferrorists have won." - Ryan Steele
Ryan Steele
rgsteele on I have a finance guy going to China for two and a half weeks to adopt another kid. He needs access to our systems back home to continue working- need some advice. - http://www.reddit.com/r...
"This is _absolutely_ something that a computer infected with malware could install on a USB device you brought into China (or anywhere, really)." - Ryan Steele
Ryan Steele
rgsteele on I have a finance guy going to China for two and a half weeks to adopt another kid. He needs access to our systems back home to continue working- need some advice. - http://www.reddit.com/r...
"[I take it you haven't heard about BadUSB yet?](http://www.wired.com/2014...) > The malware they created, called BadUSB, can be installed on a USB device to completely take over a PC, invisibly alter files installed from the memory stick, or even redirect the user’s internet traffic. Because BadUSB resides not in the flash memory storage of USB devices, but in the firmware that controls their basic functions, the attack code can remain hidden long after the contents of the device’s memory would appear to the average user to be deleted. And the two researchers say there’s no easy fix: The kind of compromise they’re demonstrating is nearly impossible to counter without banning the sharing of USB devices or filling your port with superglue." - Ryan Steele
Ryan Steele
rgsteele on Cannot client push over DirectAccess - possible boundary problem? - http://www.reddit.com/r...
"Are you limiting ISATAP Services to Manage Out Clients as documented [here](http://blogs.technet.com/b...)? If so, did you add the SCCM server to the DirectAccess Manage Out Clients security group? I'll second /u/roach8101 's recommendation to use the Software Update Point installation method. It works really well for DirectAccess clients." - Ryan Steele
Ryan Steele
rgsteele on How to find machines with/without a specific hotfix installed? - http://www.reddit.com/r...
"First of all, you may want to consider pushing out [KB2775511](http://support2.microsoft.com/kb...) instead, since it includes that hotfix as well as a boatload of other performance improvements. You can deploy that hotfix rollup by importing it into WSUS as explained in [this TechNet blog post](http://blogs.technet.com/b...). Now that being said, for hotfixes that are available as MSU files this technique won't work. The way I deploy these is with an Application. Your installation program will be something like wusa.exe "Windows6.1-KB2691043-x86.msu" /quiet /norestart And for your detection method, use the following PowerShell script: Get-HotFix | Where-Object {$_.HotfixID -eq 'KB2691043'} Note that you either have to set the "PowerShell Execution Policy" setting to "Bypass" under "Computer Agent" in your Client Settings (easy!) or sign your script and install the cert in the Trusted Roots certificate..." - Ryan Steele
Ryan Steele
rgsteele on SCCM 2007 installed, attempting in-place upgrade of SQL 2008 to R2 - http://www.reddit.com/r...
"Well, according to [this](http://technet.microsoft.com/en-ca...), upgrading from SQL Server 2008 to 2008 R2 _is_ supported, but you need to use the hierarchy maintenance tool to stop all CM services as documented [here](http://technet.microsoft.com/en-ca...). All that being said, I of course am required to suggest that your time might be better spent migrating to SCCM 2012 R2, seeing as 2007 is EOL, and 2012 is way better :)" - Ryan Steele
Other ways to read this feed:Feed readerFacebook