The D-spot

If you want to control the location of your packages instead of SCCM using the drive with the most available disk space, resulting in your packages being spread around several drives there are two options:

• Use a server share site system to host the distribution role. This however does not prevent the folder SMSPKGC$ from being created and his some disadvantages… (http://technet.microsoft.com/en-us/library/bb892801.aspx)
• Another option is to create an ‘no_sms_on_drive.sms’ file on all drives where you don’t want any packages located. It’s a bit simplistic but it does the trick…

Thought I’d share this since I just used this method for the first time…

Grtz,

Steve.

The System Center Configuration Manager team would like to announce that the following has been released and available for immediate download:
Configuration Manager 2007 R3 Release Candidate (RC)

The official Release Candidate for Configuration Manager 2007 R3 can be downloaded by navigating to http://connect.microsoft.com downloads section of the Configuration Manager 2007 Open Beta program. Please read the release notes, they are separate from the build and also located in the download section.

Support and Feedback:
- All registered Open Beta users can submit bugs and make product suggestions using the Feedback tools provided on Microsoft Connect. This feedback is triaged daily by members of the Product Group. It is your feedback that helps drive feature changes and improvements. See the help link on the ConfigMgr MSConnect homepage for more instructions.
- Newsgroups for ConfigMgr07 R3 can be accessed on Microsoft Connect, they are a great way to post questions and receive general support for specific R3 related questions and answers.

ConfigMgr07 R3 was announced at the 2010 Microsoft Management Summit by Brad Anderson during his keynote. Power management is at the core of the R3 release, it addresses the need that many organizations have to monitor and reduce the power consumption of their computers. ConfigMgr07 R3 Power Management leverages the power management features built into Windows to apply relevant and consistent settings to computers in the organization. There are three major components to power management in ConfigMgr07 R3:
1. Monitoring and Planning: Power Management collects information about computer usage and power settings for computers in the origination. Reports are provided to allow the administrator to analyze this data and determine optimal power management settings for computers.
2. Enforcement: Power management allows the administrator to create power plans which can be applied to collections of computers. These power plans configure Windows power management settings on computers, and different power plans can be configured for peak and non-peak working hours.
3. Compliance: After applying power plans to computers in the organization, the administrator can run reports to validate that power settings were correctly applied and to calculate power and carbon footprint savings across collections of computers.
In addition to power management, ConfigMgr07 R3 will provide customers with enhanced scale and performance support (scale to 300K managed clients per hierarchy, Active Directory delta discovery, dynamic collection updates), as well as enablement of further capabilities for operating system deployment. A full list of the R3 features can be found on Microsoft Connect at the “What’s new in R3” post.
Navigate to Microsoft Connect today and download the ConfigMgr07 R3 Release Candidate (RC) product. Please review the Release Notes before performing any installation and the help (chm) file for specific deployment and supportability guidance.
If you experience any issues with the download or the ConfigMgr Microsoft Connect site please contact, sccmtap@microsoft.com
Regards,
The Configuration Manager Customer Team

 

RTM is scheduled to be released in December 2010

Like mentioned in my previous post, I’m currently working with the SCSM 2010 in a lab environment. After reading a discussion on TechNet I wondered what the feeling must be to work in the Web Portal (Web Console) instead of the SCSM 2010 client. That’s why I installed the Web Portal on my virtual machine.

Before you can install the setup of the Web Portal you need an IIS Server to be configured. Because my VM is a DC, I installed the IIS (Web Server) Role on this machine. 

Prerequisites

• SCSM 2010 Management Server
• SQL Server 2008 SP1
• 4 GB of RAM
• IIS 7.0
• ASP.NET 2.0

Installation

Run the setup.exe (the same one you used to install the SCSM Management Server) and you’ll be presented with the “Microsoft System Center Service Manager Setup Wizard” where you have to choose to “Install the Service Manager Web Portals” .

“Getting started – Product Registration”: You can or fill in the Product Key or you can use the Trial Option (which will only last for 180 days). Read the EULA, mark it as read and click Next.

“Getting started – Installation Location”: Choose a location for the virtual website and be sure you have enough disk space to run it.

“Prerequisites – System Check Results”: The installation of the Web Portals will only proceed once all the prerequisites are fulfilled. The IIS 7.0 needs to be installed before you start the setup for the Web Portals (install the IIS role in the Server Manager).

“Configuration – Configure the Service Manager self-service portal name and port”: Choose a website name and port (the default port is 443 (HTTPS)) and select the server which will issue the SSL Certificate.

“Configuration – Select the Service Manager Database”: This is the page where the info is required of the Service Manager Management Server. As you can notice in the screenshot the SCSM database I use is the ServiceManager which is created on the SRV2008 SQL Server.

“Configuration – Configure The Account For The Service Manager Portals”: I kept the default setting (Local System Account).

“Configuration – Help Improve System Center Service Manager”: Off course I’m willing to participate in the Customer Experience Improvement Program!

“Configuration – Installation Summary”: You can check if all the settings and components you configured are correct. If so, press Install.

“Finished – Setup Completed Successfully”: As you can see in the text on the top of the page two portals were created. One for the end-user and one for the analyst.

On the bottom of the page you can see the additional option to open the “Encryption or Restore Wizard”. In this wizard you’re able to generate a key which can be used to encrypt or restore your settings.

More info:

The Self Service Portal

Google

Today I installed the SCSM 2010 in a lab environment and there where some issues I encountered during the installation. These issues will be explained during the series of screenshots.

Prerequisites:

• SQL Server 2008 SP1
• Domain with Active Directory
• Connection to the internet
• 4 GB of RAM
• Authorization Manager Hotfix (975332)
• .NET Framework 3.5 SP1

Installation:

When clicking on the setup.exe (which has been extracted to the temp folder of the used profile) the installer began to download & install the .NET Framework 3.5 SP1.

“System Center Service Manager 2010 Setup” page installing the .NET Framework 3.5 SP1.

Once the .NET Framework was installed, the “Microsoft System Center Service Manager Setup Wizard” opened and I could choose between the “SM Management Server” and the “SM Data Warehouse Management Server”. I could notice a difference here for the requested memory. The “SM Management Server” needs 4 GB of RAM whereas the “SM Data Warehouse Management Server” needs 8 GB of RAM.

On the “Getting Started” page I did not register the software because I’m using it in a lab environment. If you are going to implement the software in your enterprise, be sure to request a license from Microsoft.

On the “Installation Location” page I didn’t change anything. Note that the System Center Service Manager only requires 1GB of free space!

The wizard is “Checking for requirements…”

On this page – “System Check Results” – I encountered some issues. First, my virtual machine did not have 4 GB of RAM allocated. I changed this and re-ran the installation. This issue was covered but the wizard showed me that the “Authorization Manager Hotfix” was not installed. I subscripted on the Microsoft webpage in order to receive the hotfix in my inbox. The email contained a link to the download location and a password for the .exe file. The .exe file will extract to a default location and the following file is generated: “Windows6.1-KB975332-x64.msu”. Run this file and the hotfix will be installed.

On the “Configure The Service Manager Database” page I lost some time because I did not install the SP1 for the SQL Server. Because of this the wizard could not locate the freshly installed SQL Server 2008. Once SP1 was installed, the wizard could locate the SQL Server and I decided to create a new database for the SCSM, called “ServiceManager”.

On the “Configure the Service Manager management group” I chose the name “ServiceManagers”. The persons in this group will be able to manage the SCSM 2010. The “sm\ServiceManagers” stands for the AD Group “ServiceManagers” in the domain “SM”.

“Configure The Account For Service Manager Services”

“Configure The Service Manager Workflow Account”

“Help Improve System Center Service Manager”

“Use Microsoft Update To Help Keep Your Computer Secure And Up-To-Date"

“Installation Summary”. Short overview of the completed wizard.

“Setup Completed Successfully”

“System Manager Management Console”. I’m now completely ready to go for it…

More info:

Documentation on Management Server

Documentation on Data Warehouse Management Server

Info on the installation of the Service Manager 2010 Beta 2 Data Warehouse Management Server

SCUG.be – System Center User Group

… and off course: Google

Microsoft released an update for the company’s free operating system deloyment solution.  If you’re planning to migrate to Windows 7, Server 2008 R2 or Office 2010, MDT is the tool you need.  Here at the D Spot we have blogged a lot about MDT already.  Keep yourself up to date and read our MDT related posts.

What has changed in MDT 2010 Update 1

 

For native MDT users (Lite Touch Installation)

Support for Office 2010. Easily configure Office 2010 installation and deployment settings through the Deployment Workbench and integration with the Office Customization Tool.

Improved driver importing. All drivers are inspected during the import process to accurately determine what platforms they really support, avoiding common inaccuracies that can cause deployment issues.

 

For ConfigMgr 2007 users (Zero Touch)

New User Driven Installation deployment method. An easy-to-use UDI Wizard allows users to initiate and customize an OS deployment on their PCs that’s tailored to their individual needs.

Support for Configuration Manager R3 Prestaged Media.For those deploying Windows 7 and Office 2010 along with new PCs, a custom OS image can easily be loaded in the factory and then customized once deployed.

 

For all users

A smooth and simple upgrade process. Installing MDT 2010 Update 1 will preserve your existing MDT configuration, with simple wizards to upgrade existing deployment shares and Configuration Manager installations.

Many small enhancements and bug fixes. Made in direct response to feedback received from customers and partners all around the world, MDT 2010 Update 1 is an indispensible upgrade for those currently using MDT (as well as a great starting point for those just starting).

Continued support for older products. MDT 2010 Update 1 still supports deployment of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Office 2007.

 

Download binaries and documentation at Microsoft.

The populair PDF reader and writer from Adobe are often plagued by critical vulnerabilities. Therefore updating and patching Adobe Reader and Adobe Acrobat applications is highly necessary.

Here is how to slipstream the Reader 9.3.3 patch into the 9.3 source, suppress the automatic updates, and acrobat.com online services.

First step: get the sources.

Download sources

Adobe Reader 9.3: AdbeRdr930_en_US.msi

Adobe Reader 9.3.2 Patch: AdbeRdrUpd932_all_incr.msp

Adobe Reader 9.3.3 Patch: AdbeRdrUpd933_all_incr.msp

Adobe Customization Wizard 9: CustWiz90_en_US.exe

Because the upgrade path is 9.3 > 9.3.2 > 9.3.3, we also need the 9.3.2 patch file.

In the second step we need to create a network installation point (administrative installation point). I use C:\temp\reader933\adminpoint, you can choose your own.

Perform an administrative installation

1. Copy the sources to a directory of your choose, for example:
   

   C:\temp\reader933\sources

2. Create a distribution point folder (a folder where the installer can install the uncompressed program files)
   

   C:\temp\reader933\adminpoint

3. Open a command prompt and execute this command:
   

   Msiexec /a <path of AdbeRdr930_en_US.msi>

   With the /a parameter, you’re extracting the MSI to the administrative installation point (folder).

   

   When asked, point to the administrative installation point created in step 2 and hit Install.

   

   

   Admin point has been created:

   

   The 9.3 source files are extracted, now we will slipstream the 9.3.2 and 9.3.3 patches.

4. Apply the 9.3.2 patch:
   

   msiexec /a <path of msi at distribution point> /p <path of Reader 9.3.2.msp>

   for example in my situation:

   msiexec /a “C:\Temp\reader933\adminpoint933\AdbeRdr930_en_US.msi” /p “C:\Temp\adobereader\sources\AdbeRdrUpd932_all_incr.msp”

   

   

   

   

5. Then apply the 9.3.3 path:
   

   msiexec /a “C:\Temp\reader933\adminpoint933\AdbeRdr930_en_US.msi” /p “C:\Temp\adobereader\sources\AdbeRdrUpd933_all_incr.msp”

   

   

   

   

   Last step is to create a transform file. Here you can disable automatic updates and apply custom settings.

Create a transform file (.mst) using the Adobe Customization Wizard:

Run Adobe’s Customization Wizard and open the extracted MSI (leave other files in place). Then change the settings to suit your needs, use the screenshots as an example (this are our adaptations).

Create new key: AVGeneral (in HKCU\Software\Adobe\Acrobat Reader\9.0)

DWORD: bCheckForUpdatesAtStartup

Value: 0

Create new DWORD: OptIn (in HKCU\Software\Adobe\CommonFiles\Usage\Reader 9)

Value: 0

Before saving the package, create an empty setup.ini file in the root of your admin point. If you don’t create this file the Customization Wizard will throw the error: “Setup.ini not found”. (thanks Terry for letting me know)

Save the package, and you’re done.

Add sites to the Trust Manager

We needed to add some sites to the Trust Manager, this step isn’t necessary in the deployment process. We added this IP ranges to the Trust Manager:

172.33.*

172.75.*

Use this .reg file to deploy via scripting:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\TrustManager]

[HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\TrustManager\cDefaultLaunchURLPerms]

“tHostPerms”=”version:2|172.33.*:2|172.75.*:2″

Import via Customization Wizard should also work, although I didn’t tested the import feature. If somesome has experience with importing these settings, please share and make a comment!

Deployment:

I use this command line to deploy my slipstreamed Adobe Reader via ConfigManager 2007:

msiexec /i “path\AdbeRdr930_en_US.msi” TRANSFORMS=”path\AdbeRdr930_en_US.msi” /qb REBOOT=ReallySuppress /log “path\reader933.txt”

This kit will help you complete a Proof of Concept (PoC) at your organization, at a customer or get familar with some Microsoft products in a lab environment.

Allowing you to quickly evaluate the new Microsoft desktop technologies, including Windows 7, Office 2010, Internet Explorer 8, and Application Virtualization (AppV) with Microsoft Desktop Optimization Pack technology.

It will also familiarize you with some of the important deployment tools provided by Microsoft to assist with your broader deployment efforts. This PoC isn’t meant to be comprehensive training mechanism but rather an introductory set of modules to familiarize you with tools and technologies.

Included in the package:

• Microsoft Assessment and Planning Toolkit (MAP)
• Microsoft Application Compatibility Toolkit (ACT)
• Microsoft Office Migration and Planning Manager (OMPM) (A tool to assess and upgrade Office versions and files, like macro compatibility for example)
• Microsoft Deployment Toolkit (MDT)
• Windows 7 Enterprise 90-day Trial image
• Microsoft Office Professional Plus 2010
• Office 2010 with Application Virtualization (App-V)

In short, a package that any consultant arriving on a mission around Windows 7 should have.

Download: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=26301cd1-cc72-4dd8-819e-12ef48322743

Recently I had a problem with my Windows 7 clients (built with my new and freshly created image) where they would not get activated by the KMS server. After some research I noticed that the KMS counter was not updated with new client and so my KMS server would never reach the point where it would actually start activating my clients (25 clients).

The reason for the KMS server not updating it’s counter was the fact that all my clients where reporting to the KMS server with the same Client Machine ID (CMID) which I noticed trough the events it reported in the Key Management Service event log of my KMS server.

If you ‘Bing’ on this one you will get lot’s of posts where this is due to the sysprep command which is not ran with the /generalize parameter. This parameter removes all hardware dependencies and when building a new client, it will create a new CMID.

However I did use the /generalize parameter so why do I get the same behavior. The solution is simple but it did take me some time to notice that  I seemed to have missed the <skiprearm> setting in my xml answer file. This setting should be removed before using the image in a production environment! If not you’ll end up rebuilding your image like me…

More info: http://support.microsoft.com/kb/929829

Grtz,
Steve.

As my first contribution to the D-Spot I would like to give some more detailed information about a specific Microsoft Tool: ACT 5.5. This tool is mainly used to retrieve information from one or more computers. More info about the ACT can be found here.

The Microsoft Application Compatibility Toolkit (ACT) version 5.5 contains the necessary tools and documentation to evaluate and mitigate application compatibility issues before deploying Windows 7, Windows Vista®, a Windows Update, or a new version of Windows® Internet Explorer® in your environment.

1. Prerequisites

Before installing the ACT you need to have an SQL server installed. These are the SQL server versions you can use:

• SQL Server 2005
• SQL Server 2005 Express
• SQL Server 2008
• SQL Server 2008 Express

The client OS you can install the ACT on are all the client OS between Windows XP SP2 and Windows 7. The server OS needs to be at least Windows Server 2003 SP2.

Last but not least you also need the .NET Framework 2.0 or newer.

2. Installation of the ACT 5.5

When launching the installer of the ACT (Application Compatibility Toolkit.msi) a wizard starts and you need to go through the 6 steps. The wizard will ask you some questions about the SQL server database, log files, etc.

 

3. Different topologies

 

4. The Application Compatibility Manager (ACM)

This is the main tool you use to manage the DCP’s (Data Collector Package) and all the retriever information from all the machines you ran the ACT on. The ACT is dependent from an agent (called a DCP) which you create in the ACM. In the following screenshots you can see how to create such a Data Collector Package.

   

Once you saved the msi-file you can start to distribute the package among all the computers you want the ACT to retrieve the information from. There are several ways to do this:

• Put the file on the network share
• Put the file on the local drive of the computer
• Put the file in a GPO
• Put the file in a startup/logon script.

If the file has been run on a computer you’ll receive the information in the ACM. In the following set of screenshots the DCP will be run on a local machine and outputting the data to the same machine.

When the output is available in the ACM we can analyze all the information:

• Which programs are installed on the machine(s)?
• Which computers have been scanned?
• Which devices are discovered during the process?

Be aware:

The “ACT Log Processing Service” needs to be started otherwise there will be no output shown in the ACM.

Last week I installed an Office 2010 KMS server. I had to install it on top of an existing Windows 7 KMS server. So I downloaded the Office 2010 KMS host license pack and activated the machine. No issues so far. After I installed Visio 2010 on my machine I saw that i had installed and activated a premium version.

Visio 2010 comes preinstalled with a Premium KMS client key. Remember to enter the appropriate KMS key as needed in your image. See also http://technet.microsoft.com/en-us/library/ee624357.aspx