Quantcast
Channel: Configuration Manager 2012 - Security, Updates and Compliance forum
Viewing all 6382 articles
Browse latest View live

Compliance reporting on reboot, dependant on hardware inventory?

June 16, 2015, 7:25 am
$
0
0

Hi,

I have found this great blog on reports regarding reboots: http://blogs.technet.com/b/smartinez/archive/2014/06/27/reboot-pending-report-how-to-create-the-report.aspx

This is based on compliancy, triggered by a powershellscript.
I guess this is not base upon the hardware inventory then and much more accurate.

However, I don't get the concept of this compliancy (powershell) script then.
*Is it executing against every pc? If yes, then how, by the SCCM client?
*If yes, what if the pc is ofline?

Please advise.
J.

Jan Hoedt

Search

Operations Manager Alerts

June 16, 2015, 12:19 pm
$
0
0

For the two options you can select for software distribution or software update deployments:

Disable Operations Manager alerts while software updates run

Generate Operations Manager alert when a software update installation fails

Do you need to have the SCCM management pack for SCOM installed for these to work? For the first one, the SCCM agent will pause the SCOM health service during update installs. The second one I'd think you'd have to have the MP installed and the SCCM client forwards an alert to the SCOM agent which shows in Operations Manager console. If not, how does the alert for failed update get processed through SCOM? Please clarify.

Windows Update Failure - Windows Error Reporting

August 3, 2012, 11:45 am
$
0
0

I originally posted this under the Windows 2008 General forum but it was suggsted to re-post my question here.

We have some servers that we just added to our SCCM environment.  These servers are placed into a collection where no updates are currently approved.  There is a good chance prior to the addition to SCCM that there were some updates available from MS.  I've tried to manually run the windows update and get the error: 800B0100

  Could it be that the following error message is related to the "loss" of available updates after our transistion to SCCM?  Any advice would be appreciated!

Log Name:      Application
Source:        Windows Error Reporting
Date:          8/3/2012 10:05:00 AM
Event ID:      1001
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      server.domain.local
Description:
Fault bucket , type 0
Event Name: WindowsUpdateFailure
Response: Not available
Cab Id: 0

Problem signature:
P1: 7.6.7600.256
P2: 800b0001
P3: D67661EB-2423-451D-BF5D-13199E37DF28
P4: Scan
P5: 101
P6: Managed
P7:
P8:
P9:
P10:

Attached files:

These files may be available here:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_7.6.7600.256_7ee366d547bf512b2fbe156dd7b5f890708bd5e0_9ed2619a

Analysis symbol:
Rechecking for solution: 0
Report Id: 59061364-dd8d-11e1-9acc-001d09f31d5a
Report Status: 4
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Windows Error Reporting" />
    <EventID Qualifiers="0">1001</EventID>
    <Level>4</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2012-08-03T17:05:00.000000000Z" />
    <EventRecordID>3954</EventRecordID>
    <Channel>Application</Channel>
    <Computer>server.domain.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data>
    </Data>
    <Data>0</Data>
    <Data>WindowsUpdateFailure</Data>
    <Data>Not available</Data>
    <Data>0</Data>
    <Data>7.6.7600.256</Data>
    <Data>800b0001</Data>
    <Data>D67661EB-2423-451D-BF5D-13199E37DF28</Data>
    <Data>Scan</Data>
    <Data>101</Data>
    <Data>Managed</Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_7.6.7600.256_7ee366d547bf512b2fbe156dd7b5f890708bd5e0_9ed2619a</Data>
    <Data>
    </Data>
    <Data>0</Data>
    <Data>59061364-dd8d-11e1-9acc-001d09f31d5a</Data>
    <Data>4</Data>
  </EventData>
</Event>

Failed to create assembly name object for Microsoft.UpdateServices.Administration. Error = 0x80131701.

June 3, 2015, 2:55 am
$
0
0

Hi

I originally posted in the WSUS forum but was advised to post here as CM2012 related.

I am getting the above error appearing in my WSUSCtrol.log. I wondered if anyone had come across this?

I am using CM2012 R2 SP1 with WSUS 3 SP2 and WSUS-KB2720211-x64 & WSUS-KB2734608-x64 patches.  WSUS is on a separate box and SQL is on another box. The WSUS console is installed with the aforementioned patches on the CM2012 primary site.

This error reappears approx every 30 mins or so (but occasionally longer).

Thanks

Syncronizing WSUS Fails

June 8, 2015, 1:31 am
$
0
0

Hi

I have SCCM 2012 R2 installed on server 2008 r2 (offline domain- no internet connection..)

we installed WSUS 3.2 on this server and it is working fine.

when I tried connecting WSUS to SCCM, it seems to fail with errors.

Event Viewer shows the following errors\warnings:

 error id 364 - windows server update service (content file download faild. reason: HTTP status 404)

error id 10032

warning id 10021

error id 1016 sms_wsus_control_manager

error id 1016 sms_notification_server

IIS is working, I am able to go to page, WSUS also working fine as itself.

all services are running, and SQL also OK :)

I can also see on sms_wsus_control_manager log:

Sync failed. will retry in 60 minutes $$<SMS_WSUS_SYNC_MANAGER><"DATE"><thread=4900 (0x1324)> Setting sync alert to active state on site "site_name".....


can anyone help me solving this problem?

Thank you

Failed software update returns error code 0x87D00668

July 6, 2012, 10:39 am
$
0
0

We are using Secunia CSI to create and publish 3rd party software update packages to SCCM 2012.  I have one client computer running Windows 7 Pro x64 that is having a problem with one update.  When the user tries to install the Adobe Reader update in Software Center it fails and returns the following error.

The software change returned error code 0x87D00668(-2016410008).

I haven't been able to find any information on this error code.  I was just wondering if anyone else has encountered this error and might have any information on it??

Provide Security and critical updates automatically?

June 17, 2015, 4:26 am
$
0
0

Hi,

Is there a possibility to automatically provide (NOT install) security and cricital updates to systems.
ADR installs them automatically but I just would like to make them available for some servers so we can trigger the install during a maintenance window.

Please advise.
J.

Jan Hoedt

folder renamed with exe in file server

June 17, 2015, 9:03 am
$
0
0

HI

our file server folder renamed with exe & hidden original folder , we are using frofrunt antivirus , but it cannot remove this virus

Pls help us to clean that virus

(kabe.exe file run in autorun.inf file)

Search

How do software updates work on laptops that are removed from the network every night by employees to take home after a deadline has been reached?

June 17, 2015, 8:04 am
$
0
0

Does a laptop have to be connected to the domain/network in order to know that a deadline has been reached for software updates, or does the policy stay with it and kick in no matter if it is connected or not?

Thanks

SCCM - Software updates deployment to user collection.

June 17, 2015, 11:51 am
$
0
0

Hi All,

Would like to know if the there is a way to deploy software update group to user collection in SCCM 2012 R2?

Regards,

Export Software Update Group -> Import into another SCCM 2012 instance.

May 14, 2013, 10:50 pm
$
0
0

I'm about to migrate from SCCM 2007 to 2012 in the second of our 5 domains.

The first environment is now working as it should and I want to export the software update groups I've created (metadata only) from my completed environment into a new SCCM 2012 instance on a different domain.

Does anyone know if this is possible? I'm happy to download the updates in the other environment, but would prefer not to manually create an identical software update group again and again.

Thanks!


SCEP 2012 R2 and EMET 5.2 exclusions

June 17, 2015, 2:56 pm
$
0
0

I am beginning to evaluate Enhanced Mitigation Experience Toolkit (EMET) 5.2 and I was wondering if I need to add any System Center Endpoint Protection (SCEP) 2012 R2 exclusions for the EMET client?

Thanks in advance!

Portland Public Schools / Systems Administrator II

Patching Servers with Adobe Reader, Microsoft Office Installed

June 17, 2015, 8:41 pm
$
0
0

Hi,

We're running SCCM 2012 R2 and looking at patching our servers (2008R2, 2012, 2012R2) that have Adobe Reader, Microsoft Office installed.  Only a handful of servers have those applications and was looking for some ideas at deploying reader and office updates.

We deploy Windows updates to the servers monthly, PROD, TEST and DEV, on different days.  A Software Update Group is created monthly with the Windows patches and then deployed to the servers on their respective days.

The simplest way I can think of is to just add Reader and Office updates to the Windows Updates Software Update Group.  But if I do that, will it install Adobe reader on those servers that don't have it (I can see Reader 10.0.1 that doesn't seem to be an update but the actual application itself)?

Expired = No
Superceded = No
Product = Adobe Reader
Reader 10.0.1
Reader 10.1.1 Update
Reader 10.1.10 Update
Reader 10.1.11 Update
Reader 10.1.12 Update
Reader 10.1.13 Update
Reader 10.1.14 Update
Reader 10.1.2 Update
Reader 10.1.3 Update
Reader 10.1.4 Update
Reader 10.1.5 Update
Reader 10.1.6 Update
Reader 10.1.7 Update
Reader 10.1.8 Update
Reader 10.1.9 Update
Reader 11.0.01 Update
Reader 11.0.02 Update
Reader 11.0.03 Update
Reader 11.0.04 Update
Reader 11.0.05 Update

Office shouldn't be an issue as searching for Office only brings up Definition Update, Security Update, Service Pack and Update.  So those servers without Office installed will just ignore these updates.

Or should I just create separate SUG for Adobe Reader, Microsoft Office and separate collections of servers that have these applications installed and then deploy these SUG to them.  Which is quite a bit more overhead involved.

Any suggestions would be most appreciated.  Thanks.


Strange situation with a superseded update

June 18, 2015, 4:54 am
$
0
0

Hi all,

I have a strange situation with an superseded update. I maintain my sccm db and remove all  superseded updates. And now I have a problem. For all new xp x64 installations i discover that I required one security update (KB29009921) https://support.microsoft.com/en-us/kb/2909921. This update is no longer in my db because it was superseded by kb2936068 https://support.microsoft.com/en-ie/kb/2936068 and was removed. But the last one don't support any more XP!

How can I add again this update in my db and included in a SUG? In WSUS I've check and is still there.

Thanks.

SCCM Security Roles

February 4, 2015, 12:03 am
$
0
0

Hi,

I have the following requirement for the site admins roles

1) They should be able to add the machines to the collections.

2) Do a client Push

3) Able to see visible members only for the collections they have access

What I have noticed that they are able to create and delete collections which I dont want. 

Current roles are :

Application Administrator
Read-only Analyst
Remote Tools Operator
Report Users

Can i prevent this from happening by modifying the roles permissions ?

Search

Config Manager 2012 R2 Windows Updates For Internet Based Clients?

June 17, 2015, 8:20 pm
$
0
0
Can you configure Internet Based Clients to only collect approvals from and send status to your Update point, but actually download the update installer files from Microsoft's servers so external laptops don't waste your company bandwidth downloading Windows Updates?

Duplicate containers in Compliance Settings after SP1 installation

June 18, 2015, 8:10 am
$
0
0

Following the otherwise seemingly successful installation of ConfigMgr 2012 R2 SP1 we see an issue opening previously existing Email Profiles. The console crashes:

Problem signature:


  Problem Event Name: CLR20r3

  Problem Signature 01: LRE420M52QQYT0KWXNWESOVVMQF5I2RH

  Problem Signature 02: 5.0.8239.1000

  Problem Signature 03: 552ce699

  Problem Signature 04: Microsoft.ConfigurationManagement.DialogFramework

  Problem Signature 05: 5.0.8239.1000

  Problem Signature 06: 552ce69b

  Problem Signature 07: 45

  Problem Signature 08: 135

  Problem Signature 09: System.TypeLoadException

  OS Version: 6.3.9600.2.0.0.400.8

  Locale ID: 2057

  Additional Information 1: 5861

  Additional Information 2: 5861822e1919d7c014bbb064c64908b2

  Additional Information 3: d1d9

  Additional Information 4: d1d94a13d3609d6b740644c12508f581

On closer inspection we see there are a few duplicate objects in the console tree:

There are some odd-looking entries in the

AdminUI.log including:

There are > 1 actions of the same type or same name defined - ignoring action CompliancePoliciesNodeName\r\nSystem.ArgumentException\r\nFound duplicate named action\r\n   at Microsoft.ConfigurationManagement.AdminConsole.ConsoleUtilityClass.AddActionToActiveActionList(Object sender, ScopeNode scopeNode, IResultObject resultObject, List`1& activeActions, ActionDescription action, Boolean isActive)

Anyone got any suggestions?

Thanks

John

Is it possible to copy a package?

June 18, 2015, 6:52 am
$
0
0

Hello,

I have Sccm 2012 and I'm looking a way to copy a package (with deploy configuration, scripts, etc) from one collection to other collection because I want to avoid create the same package for 12 collections but I'm not be able to find a way to do it.

Thnak you in advance for the Help.

Crowti / Cryptowall 3.0 virus incident

June 18, 2015, 4:40 am
$
0
0

Hi,

I am having issues where Crowti.A / Cryptowall 3.0 had infected some network shares. While thankfully damage was minimal and recoverable I am a bit concerned that SCEP 2012 is not detecting it ?

Can someone confirm for my piece of mind that this virus is detectable - the MS documentation says it is but I am finding that the detection happens when the html file is dropped to the network share which is after the files have been encrypted, a bit late by then.

Many thanks for your assistance.

Brian

How to remove ADR from a device collection

June 18, 2015, 10:10 am
$
0
0
We have an ADR that deploys updates, the ADR is assigned to several different device collections. However I now need to remove the ADR assignment from one of these device collections but I can't figure out how to do it?

davidh

Viewing all 6382 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>