Sign in or Join FriendFeed
FriendFeed is the easiest way to share online. Learn more »

Ryan Steele › Comments

Ryan Steele
rgsteele on Task Sequences, Unknown Computers and Multiple Departments - http://www.reddit.com/r...
"> So if the computer name is set in that import, and the device is created in AD already you can do a completely touch free Task Sequence as SCCM will already know what to name the device and where it belongs? Yes, that is correct. I haven't used it myself, but there is a user-contributed PowerShell form available at https://gallery.technet.microsoft.com/Import-... which allows a user without the SCCM console to import the computer object." - Ryan Steele
Ryan Steele
rgsteele on Task Sequences, Unknown Computers and Multiple Departments - http://www.reddit.com/r...
"Yes, if you want to deploy to brand new computers without deploying to Unknown Computers, you will need to import the machines into SCCM. [Here's the relevant documentation in TechNet](http://technet.microsoft.com/en-us...). There are two ways to import your computer objects using the wizard: one by one or in batches using a CSV file. There's [a good step-by step guide at windows-noob](http://www.windows-noob.com/forums...) for using the batch method. Whichever method you choose, you will need to supply the desired computer name and either the MAC address or SMBIOS GUID for each machine you are importing. As for ensuring the computer object ends up in the right OU, you can actually pre-create the computer object in AD in the desired OU before initiating the deployment. When the task sequence hits the step to join the computer to the domain, it will use the computer object..." - Ryan Steele
Ryan Steele
rgsteele on Anyone able to successfully deploy Java 8u25? - http://www.reddit.com/r...
"Just out of curiosity, is there a reason you're using a vbscript to terminate Java-related processes instead of using the PSAppDeployToolkit's built-in functionality? i.e. something like `Show-InstallationWelcome -CloseApps "java,javaw,javaws,iexplore,firefox,chrome"` I've only just started exploring the toolkit and haven't yet tried deploying Java with it so I'm interested in hearing about your experiences." - Ryan Steele
Ryan Steele
rgsteele on OSD / Driver Package Selection - http://www.reddit.com/r...
"In the query you're running at the command line, you're selecting the "Name" column of the "CSProduct" table, but in the query in your task sequence, you're selecting the "Model" column of the "Win32_ComputerSystem" table. It's possible these are different values on your system. What's the result when you run this from the command prompt: `wmic computersystem get model` Also, it's not a big deal, but you're using a LIKE statement in your query when an = would serve just as well. You only need to use LIKE when you want to use a wildcard in your query (which, in SQL, is represented by the percent sign). For example, `SELECT * FROM Win32_ComputerSystem WHERE Model LIKE "Latitude%"` EDIT: What /u/abstractPotential said! :)" - Ryan Steele
Ryan Steele
rgsteele on How to find machines with/without a specific hotfix installed? - http://www.reddit.com/r...
"Glad to help!" - Ryan Steele
Ryan Steele
rgsteele on SCCM 2012 Client install failing - http://www.reddit.com/r...
">`ccmsetup 09/10/2014 9:58:08 AM 10224 (0x27F0) File 'C:\Windows\ccmsetup\Silverlight.exe' with hash '417B442E128D821119008ACEEEE6CDC2A41224377A829B6EC52BABA2724F0151' from manifest doesn't match with the file hash '37D9F8FCBD5499F1D3B9A053BD69D0B844BA9466BA0FCE7EB586B3E6B241E13D'` "Hmm, the client has Silverlight.exe, but it's not the bundle of bits I'm looking for. That's okay, I'll download it from the server!" >`ccmsetup 09/10/2014 9:58:08 AM 10224 (0x27F0) Deleted file C:\Windows\ccmsetup\Silverlight.exe` >`ccmsetup 09/10/2014 9:58:08 AM 10224 (0x27F0) Adding file 'http://FSESXSCC01.xxxxxxxxxx.local:80/SMS_DP_...' to BITS job, saving as 'C:\Windows\ccmsetup\Silverlight.exe'.` ... >`ccmsetup 09/10/2014 9:58:14 AM 10224 (0x27F0) Successfully downloaded client files via BITS. ` "All right, I've got all the files I need, now I'll install the client." >`ccmsetup 09/10/2014 9:58:14 AM 10224 (0x27F0) File 'C:\Windows\ccmsetup\Silverlight.exe' with hash..." - Ryan Steele
Ryan Steele
rgsteele on Moving from WSUS to SCCM for patching - http://www.reddit.com/r...
"[This TechNet blog post](http://blogs.technet.com/b...) is helpful for understanding how to manage updates. Typically, your deployment group will be named something like "Updates 2014-10-07" and will contain all the updates you're wanting to push out that day. You would deploy it to your "Dev" collection, then when you've confirmed nothing has broken, you'd manually deploy the group to your "Test" collection, and then your "Prod" collection. As for expired updates, you just do a search for expired updates, select all, right-click>Edit Membership, then uncheck all the boxes." - Ryan Steele
Ryan Steele
rgsteele on SCCM 2012 R2 + SQL Server 2008 R2 SP3 - http://www.reddit.com/r...
"Thanks for the clarification. I wondered why you would want to install a service pack which may not be supported but now I see that there is a security hotfix included in it. Guess that's something I should be looking into as well, so thanks for the heads up! Unfortunately I don't think anyone from Microsoft follows this subreddit, so getting an answer to this question may require picking up the phone, or perhaps posting in the TechNet forums." - Ryan Steele
Ryan Steele
rgsteele on BC criminal justice process for juveniles? - http://www.reddit.com/r...
"The [Dial-A-Law](http://www.cbabc.org/For-the...) site may be helpful." - Ryan Steele
Ryan Steele
rgsteele on SCCM 2012 R2 + SQL Server 2008 R2 SP3 - http://www.reddit.com/r...
"Are you hosting the database for SCCM on a shared SQL server? That's not recommended. In fact, [the license for System Center 2012 includes a license for SQL Server Standard](http://www.microsoft.com/licensi...) so there's really no reason not to put it on a separate server. I expect in most cases it's best to co-locate the database on the site server." - Ryan Steele
Ryan Steele
rgsteele on Ferrorfluid - The Magnetic Liquid - http://www.reddit.com/r...
"It's too late; the ferrorists have won." - Ryan Steele
Ryan Steele
rgsteele on I have a finance guy going to China for two and a half weeks to adopt another kid. He needs access to our systems back home to continue working- need some advice. - http://www.reddit.com/r...
"This is _absolutely_ something that a computer infected with malware could install on a USB device you brought into China (or anywhere, really)." - Ryan Steele
Ryan Steele
rgsteele on I have a finance guy going to China for two and a half weeks to adopt another kid. He needs access to our systems back home to continue working- need some advice. - http://www.reddit.com/r...
"[I take it you haven't heard about BadUSB yet?](http://www.wired.com/2014...) > The malware they created, called BadUSB, can be installed on a USB device to completely take over a PC, invisibly alter files installed from the memory stick, or even redirect the user’s internet traffic. Because BadUSB resides not in the flash memory storage of USB devices, but in the firmware that controls their basic functions, the attack code can remain hidden long after the contents of the device’s memory would appear to the average user to be deleted. And the two researchers say there’s no easy fix: The kind of compromise they’re demonstrating is nearly impossible to counter without banning the sharing of USB devices or filling your port with superglue." - Ryan Steele
Ryan Steele
rgsteele on Cannot client push over DirectAccess - possible boundary problem? - http://www.reddit.com/r...
"Are you limiting ISATAP Services to Manage Out Clients as documented [here](http://blogs.technet.com/b...)? If so, did you add the SCCM server to the DirectAccess Manage Out Clients security group? I'll second /u/roach8101 's recommendation to use the Software Update Point installation method. It works really well for DirectAccess clients." - Ryan Steele
Ryan Steele
rgsteele on How to find machines with/without a specific hotfix installed? - http://www.reddit.com/r...
"First of all, you may want to consider pushing out [KB2775511](http://support2.microsoft.com/kb...) instead, since it includes that hotfix as well as a boatload of other performance improvements. You can deploy that hotfix rollup by importing it into WSUS as explained in [this TechNet blog post](http://blogs.technet.com/b...). Now that being said, for hotfixes that are available as MSU files this technique won't work. The way I deploy these is with an Application. Your installation program will be something like wusa.exe "Windows6.1-KB2691043-x86.msu" /quiet /norestart And for your detection method, use the following PowerShell script: Get-HotFix | Where-Object {$_.HotfixID -eq 'KB2691043'} Note that you either have to set the "PowerShell Execution Policy" setting to "Bypass" under "Computer Agent" in your Client Settings (easy!) or sign your script and install the cert in the Trusted Roots certificate..." - Ryan Steele
Ryan Steele
rgsteele on SCCM 2007 installed, attempting in-place upgrade of SQL 2008 to R2 - http://www.reddit.com/r...
"Well, according to [this](http://technet.microsoft.com/en-ca...), upgrading from SQL Server 2008 to 2008 R2 _is_ supported, but you need to use the hierarchy maintenance tool to stop all CM services as documented [here](http://technet.microsoft.com/en-ca...). All that being said, I of course am required to suggest that your time might be better spent migrating to SCCM 2012 R2, seeing as 2007 is EOL, and 2012 is way better :)" - Ryan Steele
Ryan Steele
rgsteele on SCCM 2007 installed, attempting in-place upgrade of SQL 2008 to R2 - http://www.reddit.com/r...
"Out of curiosity, what are you hoping to accomplish by upgrading SQL Server?" - Ryan Steele
Ryan Steele
rgsteele on Cumulative Update 3 for SCCM 2012 R2 is out. - http://www.reddit.com/r...
"The official documentation pretty much covers it: http://technet.microsoft.com/en-us..." - Ryan Steele
Ryan Steele
rgsteele on Odd issue on a few machines trying to deploy an app - http://www.reddit.com/r...
"When you say the .net install is set to not do a reboot, I presume you mean you're running the installer with the /norestart switch? And I'm assuming you've made the ".net 4.5.2" Application a prerequisite of the "Autodesk DWG trueview 2105" application? I suspect what's happening is the .net installer is exiting with error code "1641", which means "Hard Reboot". In other words, the installer thinks the computer should be restarted before any other installations occur. If you have "Determine behavior based on return codes" selected on the User Experience tab of the Deployment Type, the SCCM client will reboot the computer immediately after an installation process returns this code. Compare with the behavior seen when an installer terminates with return code 3010 ("Soft Reboot"): in this case, the SCCM client will not perform the reboot until all the other installation tasks are performed. If you believe Autodesk will install successfully despite .net's "hard reboot" not having been..." - Ryan Steele
Ryan Steele
rgsteele on Problem Setting W7 Product Key - http://www.reddit.com/r...
"If you use a GPO, it will reset existing users' homepages. (Yes, you can use a GP Preference set to not re-apply, but it will still change everyone's home page once). By setting the home page in the unattend.xml, it only applies the setting to the default user profile, meaning that users logging in for the first time will get your selected homepage the first time they launch IE but are free to change their homepage to whatever they want after that." - Ryan Steele
Ryan Steele
rgsteele on MBAM non-TPM USB startup key conundrum - http://www.reddit.com/r...
"There is a "Deny write access to removable drives not protected by Bitlocker" group policy, would that address your data security concerns? I have never implemented Bitlocker with a USB unlock key or used this GPO, but I can't imagine that they would conflict." - Ryan Steele
Ryan Steele
rgsteele on Slimming Driver Packs - http://www.reddit.com/r...
"I don't think the scan takes that long, maybe a minute or two? In theory, if you had a driver package that contained only the exact drivers required by a specific machine, it would be slightly quicker to apply with Apply Driver Package. It is worth the effort required to streamline the driver package? I was curious about the exact differences between the two ways to apply drivers and found this informative article: http://blogs.catapultsystems.com/mlist... Driver packages are replicated just like any other content. And no, your task sequence does not have to be set to "download content locally" before applying. The "Auto Apply Drivers" step connects to the SCCM server directly to download only the required drivers. (I should point out that this means you cannot use auto apply with an "offline media" type of deployment.)" - Ryan Steele
Ryan Steele
rgsteele on Slimming Driver Packs - http://www.reddit.com/r...
"The first thing I do after I download the drivers for, say, Windows 7 64-bit is to do a search on the folder I've extracted them to for folders named "x86", "Win32", "32bit", "XP", "Win2k", etc. I don't know how HP fares here but it seems Lenovo is too lazy to actually go through their driver packs and remove anything that isn't actually needed for the OS/bitness the driver pack is intended for. I've been able to cut the size of my driver packs in half this way. (Watch out though—occasionally a driver in a folder named, say, "Vista" may actually be applicable to Windows 7 as well.) How are you applying the drivers in your TS: with the "Auto Apply Drivers" step, or "Apply Driver Package"? If you use "Auto Apply Drivers", only the needed drivers are downloaded, which will speed things up. The big caveat here if you're deploying multiple desktop OSes is that sometimes a driver claims to be the "best available" driver for, say, Windows 7, when in fact it is from a driver pack for Windows..." - Ryan Steele
Ryan Steele
rgsteele on Will you be blocking iOS8 downloads this coming Wed, Sept 17th for bandwidth reasons ? - http://www.reddit.com/r...
"Updates are signed, but not per-device." - Ryan Steele
Ryan Steele
rgsteele on Question on update group statistics - http://www.reddit.com/r...
"You may want to reconsider your update strategy. There isn't any reason to limit the deployment of an update to an application-specific collection like that, because if you deploy an update to a client that doesn't need it, it just gets skipped. You will likely find this arrangement becomes too complex to manage. The recommended approach is to build collections like Servers, Workstations, Workstation Pilot Group, etc. Then your SUG might be something like "Updates - Sept. 2014". Put all the updates you're deploying that month in the SUG and deploy it to your pilot groups, then deploy it to your main groups when you're satisfied there aren't any problems. Every few months, combine the previous months' groups into one single "Updates 2014" group and deploy it (to catch any systems that were offline for an extended period, or have just been imaged)." - Ryan Steele
Ryan Steele
rgsteele on Tips for a new SCCM 2007 Sys Admin - http://www.reddit.com/r...
"> I build a VM with our most current image, which is usually a few months old, and install Updates via Windows Updates. I then capture the new image using Capture Media. Just FYI, this isn't recommended--you should be starting with a fresh OS install each time you build a new image. This blog post explains why: http://blogs.technet.com/b..." - Ryan Steele
Ryan Steele
rgsteele on So I want to learn Norwegian.. - http://www.reddit.com/r...
"[These folks](http://eidsvoldsofn.com) may be able to point you in the right direction." - Ryan Steele
Ryan Steele
rgsteele on How to generate report of computer names, associated users, and serial numbers? - http://www.reddit.com/r...
"First, just a clarification: I didn't write the blog post or the SQL query. In fact, as I indicated in my post, I don't think this is a particularly good approach. That being said, yes, you will need to wait for the SCCM client to perform its hardware inventory before the information will appear in the SCCM database." - Ryan Steele
Ryan Steele
rgsteele on An Update for the System Center 2012 Configuration Manager Support Center is now available - http://www.reddit.com/r...
"If you haven't seen this tool yet, it's very handy for troubleshooting clients. You can either install and run it on an affected client, or install it on your own machine and connect to one remotely. You can initiate tasks like client policy retrieval and application deployment evaluation. It also lets you view log files, including opening a "log group", meaning events from multiple logs are displayed in a single list." - Ryan Steele
Ryan Steele
rgsteele on Best practice for removing a shortcut - http://www.reddit.com/r...
"Using a batch script isn't a terrible approach, but why not detect "installation" based on whether the shortcut exists? What's the point of creating a separate file?" - Ryan Steele
Other ways to read this feed:Feed readerFacebook