Update proxy settings used by Software Updates role in SCCM 2007

~ Vitalie Ciobanu

Few months  ago I had an interesting problem at a client site that took me a while to resolve. So I want to post it here, maybe it will help others…

After a successful upgrade from SMS 2003 to SCCM 2007 SP1, I configured software update point, synchronized with Microsoft update to get the list of updates for products I needed and created a new list with updates required by clients. When I tried to deploy software updates it should download the updates to my SCCM server. Well, this step failed. PatchDownloader.log reported the following:
Trying to connect to the root\SMS namespace on the XYZ-SCCM machine
Connected to \\XYZ-SCCM\root\SMS
Trying to connect to the \\XYZ-SCCM\root\sms\site_XYZ namespace on the machine
Connected to \\XYZ-SCCM\root\sms\site_XYZ
Download destination = \\XYZ-SCCM\WsusContent\08123a3c-c7fd-43a4-a4ce-80089b1267df.1\WindowsXP-KB938828-x86-ENU.exe
Contentsource = http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsxp-kb938828-x86-enu_ba3f0cbe4ba5736d4254732e41fe058697b76ebc.exe
Downloading content for ContentID = 8170, FileName = WindowsXP-KB938828-x86-ENU.exe
Try username DOMAIN\USERNAME from the registry
Proxy enabled proxy server ISAserver:8080
HttpSendRequest failed 12007
Download http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsxp-kb938828-x86-enu_ba3f0cbe4ba5736d4254732e41fe058697b76ebc.exe to C:\DOCUME~1\ADMINI~1.LAB\LOCALS~1\Temp\2\CAB3B.tmp returns 12007
ERROR: DownloadContentFiles() failed with hr=0x80072ee7

First I thought it was a stupid error, as I set (and checked twice) all correct information. Looks like proxy information was old and not updating with what I have set later in SCCM. So I needed to remove old information and set the new ones again.

I have checked the registry and I couldn’t do much as username and password was encrypted. Well, I used upddwnldcfg.exe (from <ConfigMgrInstallationFolder>\bin\i386\00000409 folder on a x86 machine) to delete all proxy information stored in the registry and added the new username, password and server’s IP address. After this, downloading updates worked perfectly. More information about configuring proxy settings using upddwnldcfg.exe, you can find here: http://technet.microsoft.com/en-us/library/bb892795.aspx

SCCM 2007 description of all log files

~ Vitalie Ciobanu

Another very good resource I just found! The description of all log files in ConfigMgr 2007. See bellow an example and follow the link for the full post: http://technet.microsoft.com/en-us/library/bb892800.aspx.

Management Point Log Files

If management points are installed in the site hierarchy, management point log files are stored in the SMS_CCMLOGS folder on the management point computer. The following table lists and describes the management point log files.

Log File Name Description
MP_Ddr.log Records the conversion of XML.ddr records from clients, and copies them to the site server
MP_GetAuth.log Records the status of the site management points
MP_GetPolicy.log Records policy information
MP_Hinv.log Converts XML hardware inventory records from clients and copies the files to the site server
MP_Location.log Records location manager tasks
MP_Policy.log Records policy communication
MP_Relay.log Copies files that are collected from the client
MP_Retry.log Records the hardware inventory retry processes
MP_Sinv.log Converts XML hardware inventory records from clients and copies them to the site server
MP_Status.log Converts XML.svf status message files from clients and copies them to the site server

Issue with Windows XP SP3 Volume License

~ Vitalie Ciobanu

A few days ago I had to make an image with Windows XP SP3 with all needed applications for lite touch installation.

Everything went well and I was happy until I entered the mini-setup phase on the first computer with that image applied on it. I received an error regarding the product key. I guess I tried a dozen of product keys but none of them worked. After reading the message again and more careful, I realized that the problem was with my Windows XP media – it was not a VL media. And I realized this because the message said to look for a product key on the Certificate of Authenticity (COA) sticker and not my License Agreement…

Resolution

Got another media with Windows XP SP3 VL and made a repair. During the repair phase, I provided the VL product key and it worked. Next time I entered the mini-setup, I filled in required info and that was it.

How Microsoft IT is using Configuration Manager 2007

~ Vitalie Ciobanu

Do you know how Microsoft IT manages thousands of servers worldwide in multiple countries for a large number of departments and customers using SCCM 2007?
If no, then you should listen to this 30 minutes podcast: Microsoft IT Business Case for System Center Configuration Manager 2007 in a Data Center.

And here is the full article about this business case. I found it very interesting…

April 2012 update: How Microsoft IT Deployed System Center 2012 Configuration Manager. Direct link to PDF file.

PXE Boot not working after restart

~ Vitalie Ciobanu

In case you have PXE Boot working normally but suddenly it is not working anymore, it may be because of the WDS service. This might sound strange but sometimes Windows Deployment Services (WDS) Server does not start after restarting the server, even if it is set to automatically start. It happened to me a few times….

Starting the service fixed the problem (in my case) every time. I didn’t tried, but maybe configuring delayed start for this service will fix the problem in the future.

“The hash value is not correct”

~ Vitalie Ciobanu
Here is another error related to Task Sequence and MDT 2008. After creating and advertising a task sequence, most probably you will run it :). Make sure you have the latest version of your packages on the distribution point, otherwise you will receive an error while running the task sequence. This will be something like “Task Sequence: your task sequence name has failed with the error code (0x80091007). For more information, please contact you system administrator or helpdesk operator.”

In the log file you will find this: “The hash value is not correct.”

What you can do to resolve this? Two  things:

  1. to update your distribution point with the latest version of the packages. To be sure the package was updated successfully, you can put a txt file somewhere and verify if it is on the DP.
  2. modify the advertisement to not download the files locally but access the files directly from the DP, although I’d not recommend it.

“The ConfigMgr Provider reported an error”

~ Vitalie Ciobanu

Today I came across an interesting problem in ConfigMgr while creating a Windows Vista image of reference computer. And again, ConfigMgr 2007 displays the error with not much intuitive help.

I’m using Microsoft Deployment Toolkit 2008 with ConfigMgr 2007 when I need to deploy an operating system. At the end of the imported Task Sequence, after the wizards creates the .wim image, it copies the image to a share specified by me. During this step I received the following error: “Error while importing Microsoft Deployment Toolkit Task Sequence. Details: The ConfigMgr Provider reported an error”.

Checking smsprov.log I have found the error code – 5. Yes, 5 :). From the log file: “Failed to make a copy of the source WIM file due to error 5”. Nice… what could I say? Shortly, error 5 is about permissions.

I started to play with share permission. Granted read permission to admin account I was using and to the ConfigMgr computer account but I had no success. Granted full control permissions to these accounts. Same error :(.

Well, the problem was because ConfigMgr is accessing local shares using NT AUTHORITYSYSTEM account and not computer account (the shared folder was on the same computer). I granted full control permissions to SYSTEM account and next time I run the task sequence to create an image of the reference computer, it was ok and the image was copied to my shared folder.

Using Group Policy to deploy Office 2007

~ Vitalie Ciobanu

Last week I tested how Office 2007 installs via Group Policy.

I created a software installation package and it worked successful; except the fact that it is not fully installed when a user logs on and that it will not upgrade (or remove) the existing version of Office even if I added the Office 2003 package that should be upgraded. After the Office 2007 installs, the users will have both version of Office – 2007 and 2003.

This is because Microsoft changed a little the way Office 2007 installs; and here they explain why they did this. Bellow are some considerations from that article:

  • Difficulties with scheduling installation, consistently managing network bandwidth, and providing feedback on the status of the installation.
  • Limited ability to customize features or user settings before installation of the 2007 Office system. You cannot use Office Customization Tool to create an .msp file. All customizations have to be made in the Config.xml file.

So, the best way to install Office 2007 in a medium organization is to use System Center Essentials or Configuration Manager in a large organization. Using these tools you can know exactly what features to install, when to install and how to install or upgrade Office 2007 suite.

Group Policy – User Configuration Logon script

~ Vitalie Ciobanu

Something I have learned the other day…

I had to install a small .msi using Group Policy, using a logon script. As it was a small package and not very important, I used a User Configuration Logon script.I created and linked a new GPO to a specific OU with some users (with no admin privileges) and client computers only. The script run well and the package installed very quickly on all machines in that OU.

The problem was that I have another OU with member servers and at the moment I logged on to one server using a normal user account, I had the package installed right after first logon. This is because I configured User Configuration logon script instead of Computer Configuration startup script.

What I’ve learned? That I should plan more careful even the installation of a small package.