Sign in or Join FriendFeed
FriendFeed is the easiest way to share online. Learn more »

Ryan Steele › Comments

Ryan Steele
rgsteele on User Collection Based on OU and Not Include Child OUs - http://www.reddit.com/r...
"Something like `select * from SMS_R_User where SMS_R_User.UserOUName = "MYDOMAIN/LONDON/USERS" and SMS_R_User.ResourceId not in (select SMS_R_User.ResourceID from SMS_R_User where SMS_R_User.UserOUName = "MYDOMAIN/LONDON/USERS/CONTRACTORS")` If you want to exclude any and all sub-OUs, you could do something like `select * from SMS_R_User where SMS_R_User.UserOUName = "MYDOMAIN/LONDON/USERS" and SMS_R_User.ResourceId not in (select SMS_R_User.ResourceID from SMS_R_User where SMS_R_User.UserOUName like "MYDOMAIN/LONDON/USERS/%")`" - Ryan Steele
Ryan Steele
rgsteele on Help with Maintenance Windows - http://www.reddit.com/r...
"Hmm... as long as that box isn't checked, the business hours shouldn't apply. You could try changing them and see if it has any effect, though. You may also want to look at `C:\Windows\CCM\Logs\RebootCoordinator.log` on one of the servers and see if there's anything interesting in there." - Ryan Steele
Ryan Steele
rgsteele on Help with Maintenance Windows - http://www.reddit.com/r...
"In the Software Center app on your servers, under "Computer maintenance" on the "Options" tab, is "Automatically install or uninstall required software and restart the computer only outside of the specified business hours" checked, by any chance?" - Ryan Steele
Ryan Steele
rgsteele on Updating the WIM with IE - http://www.reddit.com/r...
"I believe it's possible, but you need to make sure all the prerequisites are deployed. Specifically, there is one that is classified as a "Feature Pack" so you need to make sure that category is enabled in your Software Updates settings. There's an article here which may be helpful: http://myitforum.com/myitfor... If it's still not working, you can try updating the WIM using Offline Servicing: http://mwesterink.wordpress.com/2013..." - Ryan Steele
Ryan Steele
rgsteele on Thoughts on best way to avoid an in-advert SCCM OSD disaster (learning from Emory Win7 Incident) - http://www.reddit.com/r...
">platform-locked to only be able to run from 32-bit Vista Why not just configure the deployment to only run from PXE and Media? Doesn't that have the same effect? Or are you on 2007 and this is a new feature in 2012?" - Ryan Steele
Ryan Steele
rgsteele on Deploy Adobe Acrobat XI Pro *with* transform file - http://www.reddit.com/r...
"The Adobe Customization Wizard produces two files: the MST file, and a Setup.ini file. Just verify that the MST file you created is referenced in the Setup.ini file. Then you just need to call Setup.exe without any parameters. This is the "bootstrapper deployment" referenced [here](http://www.adobe.com/devnet-...). You can also edit the Setup.ini to include the latest Acrobat update in the installation. [Here's a video.](http://tv.adobe.com/watch...)" - Ryan Steele
Ryan Steele
rgsteele on Differentiating Similar Hardware During OSD - http://www.reddit.com/r...
">The name is dynamic based on the subnet they're on and serial, so no specific name needed. Just to clarify: if you are planning on implementing /u/mathui's suggestion, your task sequence will no longer determine the computer name. You will need to specify it when importing the computer objects. See [this article on windows-noob.com](http://www.windows-noob.com/forums...) to see how it works. If these are new machines and you've got a barcode scanner kicking around, you may be able to grab the MAC address by scanning a barcode on the cardboard box the system came in." - Ryan Steele
Ryan Steele
rgsteele on Pushing applications to specific security groups - sccm2012sp1 - http://www.reddit.com/r...
"Yes, you can use a query of the membership of an AD security group to populate a collection, but why not just add devices directly to the collection? In other words, use the membership of the collection to keep track of licensing, rather than the membership of the security group. The only reason I can see for using an AD security group would be if the security group was also performing another duty, e.g. it's being used to filter the application of a related GPO. One thing to keep in mind is that it may take up to ten minutes for a change to the security group to be reflected by the collection membership. (This is assuming that your delta discovery interval and the collection membership evaluation interval have been left at their default settings of five minutes, which is recommended.) If you give us some more details about the issue you're having with the query rule we may be able to provide more assistance." - Ryan Steele
Ryan Steele
rgsteele on Deploying updates, but users not being notified - http://www.reddit.com/r...
"In my experience, most users have been conditioned to "block out" any and all balloon notifications. "Password expiration notification? Nope, never saw it." You may find the [PowerShell App Deployment Toolkit](https://psappdeploytoolkit.codeplex.com) useful. It allows you to create a deployment that pops up a dialog explaining that software is ready to be installed and gives the user the option to defer the installation to a later time." - Ryan Steele
Ryan Steele
rgsteele on New to Victoria questions - http://www.reddit.com/r...
">1. Where is a good barber? Preferably not one that will cost me an arm and a leg. What's your favorite? I go to Victory Barber and Brand, they charge $35 for a cut and shampoo. If you're looking for something cheaper, Jimmy's Barber Shop charges $12 or something. Ask for Vic or Artor, they are the best barbers there IMO. >6. Where do small Indie bands play here? The Copper Owl (above Paul's Motor Inn on Douglas St. ) and Logan's Pub. In fact, an AMAZING garage rock band called [Black Valley Gospel](http://blackvalleygospel.bandcamp.com) is playing TONIGHT, June 19, at the Copper Owl! Come see us! Er, I mean, them!" - Ryan Steele
Ryan Steele
rgsteele on Update to CU1 Packages - http://www.reddit.com/r...
">under my site properties it is still showing as not being on CU1 (build 5.00.7958.1000 instead of 5.00.7958.1203) This is expected behavior. [Here's how to check whether you have CU1 installed.](http://blogs.technet.com/b...)" - Ryan Steele
Ryan Steele
rgsteele on SCCM 2012 R1 Change to Task Sequence Boot image - http://www.reddit.com/r...
"Welcome to Reddit, RDAdams! I'm afraid your question isn't very clear about what the problem is. What do you mean by "change the boot image"? Are you making a change to an existing boot image, or are you selecting a different boot image for the task sequence to use? What do you mean by "get the system to recognize that"? Are you getting an error when you try to deploy an operating system? If so, what's the error? If not, why do you believe the change is not recognized?" - Ryan Steele
Ryan Steele
rgsteele on Application Deployment - Creating a dependency on an uninstall? - http://www.reddit.com/r...
"If you're using the "Supersedence" method I suggested, that won't be a problem. Just create a collection with the users/devices to get the old version and deploy your application to that collection. (Don't deploy the old version to all users as "available" assuming that it will only be installed when requested. If an "available" deployment supersedes an installed application, it will be installed automatically.)" - Ryan Steele
Ryan Steele
rgsteele on Application Deployment - Creating a dependency on an uninstall? - http://www.reddit.com/r...
"You could specify that the earlier version of the application "supersedes" the newer version, and select the option in the supersedence settings to require the superseded application to be uninstalled. What about the reboot? Well, if it's an MSI, you could add the "REBOOT=Force" command line parameter to the uninstall command for the application being replaced for each deployment type. If not, you'd have to create an uninstall script which runs the uninstaller, then performs a reboot, and put that in the uninstall command for each deployment type. I'm not sure whether having the uninstaller reboot the computer will confuse the SCCM client or not. I'm also not sure whether the "Should Configuration Manager enforce specific behavior" selection on the User Experience tab in the deployment properties applies to the uninstaller as well. If it does, that would be the best option. If none of that works, I think the fourth option is probably your best bet." - Ryan Steele
Ryan Steele
rgsteele on Thickhead Thursday - June 12, 2014 - http://www.reddit.com/r...
"Haven't seen that myself, but I googled the error code and found a few posts that indicate that the error can be ignored. What's happening is Windows Server Backup is creating a temporary volume that's attached to the VSS. Windows Search tries to index it and the error occurs when the volume is disconnected. [Here's a blog post about it.](http://www.mcbsys.com/techblo...)" - Ryan Steele
Ryan Steele
rgsteele on Apple planning on randomizing MAC addresses with iOS 8 - http://www.reddit.com/r...
"As others have commented, the randomized MAC address is only used when the device is scanning for available networks. The real MAC is used when connecting." - Ryan Steele
Ryan Steele
rgsteele on Program install runs fine standalone, but not aas part of OS deployment TS. - http://www.reddit.com/r...
"If the batch file is being run from a UNC path, then `cd /D "%~DP0PROGRAM"` won't work. You should use the `%~dp0` in the call to msiexec instead: call msiexec.exe /Passive /L*v "%PROGRAM_BASE%\install.log" /i "%~dp0PROGRAM.msi" ADDLOCAL="all" INSTALLDIR="%PROGRAM_BASE%" LICENSESERVER="%LSERVER%"" - Ryan Steele
Ryan Steele
rgsteele on New Machines showing up in different container in ADUC - http://www.reddit.com/r...
"Did you reuse the names of existing computer objects in AD? If you have an existing computer object named "Foo" in AD and you tell SCCM to name your new computer "Foo", when the task sequence performs the domain join step, AD will see that there is already a computer object with that name and it will reuse it." - Ryan Steele
Ryan Steele
rgsteele on Deleting a deployment doesn't stop a deployment? - http://www.reddit.com/r...
"When you deploy an application to a client with SCCM, three things happen: 1. The SCCM client creates a new folder in C:\Windows\ccmcache 2. The contents of the "content location" folder for the applicable deployment type are copied to the folder 2. The SCCM client runs the "installation program" command specified in that deployment type, with the folder created in step 1 as the current directory. That's it. If you've got something called "update.exe" being pushed to the clients, you must have another deployment that is pushing it. When you say SCCM is pushing Update.EXE to the clients, what do you mean exactly? Where on the client are you finding Update.EXE?" - Ryan Steele
Ryan Steele
rgsteele on Chocolatey Apps - SCCM Importable Catalog (200 Apps!) - http://www.reddit.com/r...
"Nice! When I heard about Chocolatey, integrating it with SCCM was the first thing I thought of. I'm definitely checking this out on Monday. >does anyone know of a site where people post/share thier SCCM "Packages/Applications"? I'd love a site where i could grab the latest version of FileZilla, and import it, and submit the latest version of Java for others to grab.... I've been thinking about this a lot lately. The problems that need to be solved, as I see them: * You can't redistribute the installers for copyright reasons, so the solution needs to download the installer directly from the company's site * The solution needs to allow the admin to specify where to store the installers, and what kind of organization scheme to use * The package definitions need to be audited, to make sure a malicious party doesn't create a package that installs malware I don't think any of these issues are insurmountable." - Ryan Steele
Ryan Steele
rgsteele on best method to deploy Chrome to machines - http://www.reddit.com/r...
"From https://support.google.com/chrome... : >Q: What if a user already has the consumer version of Chrome when I push out Chrome for Business? >A: There is only one version of Chrome on a machine at any given time. When the MSI notices that the consumer version of Chrome is already there, it will remove it and update the user's shortcuts. The next time the user launches Chrome, Chrome for Business is used. >This should look seamless to the user, but sometimes behaves inconsistently. You may want to uninstall the consumer version of Chrome before pushing out the MSI." - Ryan Steele
Ryan Steele
rgsteele on TreeSize Pro alternative? - http://www.reddit.com/r...
"If you're looking for something graphical, there's [KDirStat](http://kdirstat.sourceforge.net/)." - Ryan Steele
Ryan Steele
rgsteele on What to do with old Windows updates? - http://www.reddit.com/r...
"[I believe it may in fact be possible.](http://social.technet.microsoft.com/Forums...)" - Ryan Steele
Ryan Steele
rgsteele on What to do with old Windows updates? - http://www.reddit.com/r...
"I haven't tried it myself, but I think you can do this by selecting the "If software updates are not available on preferred distribution point or remote distribution point, download content from Microsoft Update" option on your deployments, and delete the update packages from your distribution points. See this post on the Technet forums: http://social.technet.microsoft.com/Forums..." - Ryan Steele
Ryan Steele
rgsteele on Enterprise desktop management - http://www.reddit.com/r...
"Which Shavlik product are you using? Shavlik Patch? To be honest, I've had some issues with Shavlik and have been thinking about ditching it for Ninite, so I'd be interested to hear about your experiences." - Ryan Steele
Ryan Steele
rgsteele on Unable to Import Intel NIC - http://www.reddit.com/r...
"Glad to hear you got it solved. Just out of curiosity, though, were you trying to import a Windows 7 driver into the boot image? If you've got SCCM 2012 SP1, it uses WinPE 4.0, which is based on Windows 8. You would need to import the Windows 8 NIC driver into the boot image, even if you're using it to deploy Windows 7." - Ryan Steele
Ryan Steele
rgsteele on Do commands have to be explicitly run as an admin in Windows 8.1? - http://www.reddit.com/r...
"Sounds like you're not running an elevated command prompt. Right-click the command prompt icon and click "Run as admin". This has been the way the command prompt has worked since the Vista days, unless you had UAC disabled." - Ryan Steele
Ryan Steele
rgsteele on "No updates are available" on client? - http://www.reddit.com/r...
"When you are using SCCM to manage updates on the client, the updates no longer appear under Windows Update. Instead, they will be listed in the Software Center. Have a look at Step 3 of this article: http://www.windows-noob.com/forums..." - Ryan Steele
Ryan Steele
rgsteele on SCCM 2012 R2 CPL needing UAC elevation on Win7 - http://www.reddit.com/r...
"Like /u/runandbecome, I have noticed sometimes when I close the Configuration Manager control panel applet, I get a prompt asking whether the program ran correctly. It gives you the option to apply "compatibility" settings. I would guess that in your case, you or someone else has clicked the button to apply compatibility settings, which causes Windows to prompt you to elevate whenever you launch it after that. I would guess that you can fix that by finding the .cpl file (a Google search seems to think it's called SMSCFGRC.cpl), right-clicking it and going into Properties, then removing the compatibility setting. As for why Windows prompts to ask whether the program ran correctly, I would assume that the control panel applet is returning a non-zero exit code for some reason, which Windows detects as an error. If I had more time I would dig into the logs to figure out why it's doing that, but..." - Ryan Steele
Ryan Steele
rgsteele on Trying to deploy an MSI with a batch file as a package (SCCM 2012 R2) - http://www.reddit.com/r...
"Does the local system account on your workstations have the rights to access the UNC path you put in? Because that's the account the installation process runs under. I'm willing to bet that it doesn't. But you don't want to use the UNC path in the batch file anyway, because by default SCCM copies the files in your package to the local hard drive and executes them from there. In fact, unless you've selected the "Run from distribution point" option in the deployment, you can take the %~dp0 out entirely and it will work just fine. Running an installer from a hardcoded UNC path in an SCCM package is like ordering a pizza for delivery, then driving to the restaurant and dining there :)" - Ryan Steele
Other ways to read this feed:Feed readerFacebook