View Add/Remove Program Info in Powershell

A quick and easy way to view almost everything you need to know about your add/remove programs is using the “gwmi” powershell command.

To view all options for this, just use the built-in help by typing: get-help gwmi .

To get all of the information on your add/remove programs (or technically called “Installed Software” now)… type:

gwmi -namespace “root\cimv2\sms” -class SMS_InstalledSoftware into powershell.  It may take a few seconds for everything to appear and you’ll see a huge list of all installed applications.

A coworker reminded me of the “out-gridview” command which organizes this into a much more manageable view.

The final product?  Pipe the out-gridview out and it looks like this:

 gwmi -namespace “root\cimv2\sms” -class SMS_InstalledSoftware | Out-GridView

PoweshellOutGrid

 

Everything you ever needed will be in here.  The exact name to query for when building SCCM collections, GUID, version, etc.  Limitless possibilities.  The filter is also excellent too.

Hope this helps!

 

 

Share
Posted in Powershell, SCCM 2012, Scripts | Tagged , , , , | Leave a comment

SCCM 2012 Task Sequence Failing With Error Code 0x80004005

I had a very unusual issue come up where a task sequence continuously failed right after WinPE booted.

We had complaints that our task sequence was failing on 2 existing laptops.  After checking around to make sure it wasn’t an SCCM infrastructure issue, I started looking at the laptop.

The boot image would load, then go to the default startup screen during the image process.  When hitting “next”, it immediately failed with the Error Code 0x80004005.  I’ve seen this error code in the past and usually came back to network connectivity.  Fired up the command prompt, and we had an IP. We can rule that out.

I started asking more questions about the laptop itself.  It turns out these 2 laptops recently had the motherboards replaced.  So my thinking goes back to network… obviously we have a new NIC in the laptop if the motherboard was replaced.  I open up CMtrace in WinPE, and look again.  The same 0x80004005 (failed to get client identity).

tasksequencefailed

 

cmtrace.

Now it’s starting to stir my memory…. I’ve seen this before.  I am thinking motherboard replacement… I wonder what the BIOS date/time is set to.  When building boot media, you select the self signed certificate with a distinct date range.  Sure enough, the BIOS on the laptop is set to over a year ago.  Once I changed it back to the current date/time – everything works!  BIOSdatetime

Share
Posted in SCCM 2012 | Tagged , , , | Leave a comment

Powershell Tips – Reboot Pending?

I’ve managed Configuration Manager 2007 and 2012 at a few organizations where reboots were suppressed for security patches.  Personally, I think 24-48 hours notice is plenty of time for users to reboot their workstations, however many times the decision is made way above my pay grade.

Pending reboots on a system can cause havoc with subsequent advertisements that go out.  I’ve seen many application failures on a system with a pending reboot.  Since most of our application deployments use a Powershell wrapper, I’ve been searching for a way to take a different path if a reboot is pending.  Some applications work just fine with a pending reboot on the system, others not so much.

The following Powershell command will let you determine in the script if a reboot is pending or not with SCCM.

Invoke-WmiMethod -Namespace root\ccm\clientsdk -Class CCM_ClientUtilities -Name DetermineIfRebootPending

Capture

Capture

 

Once you have this result, you could pipe it into anything with Powershell.  You could have it exit with a special exit code, do another action like write an entry into a log….. anything really.

I will be posting a few examples of this pending reboot check in the future.  Hope this helps.

 

Share
Posted in Application Packaging, Powershell, SCCM 2012 | Tagged , , | Leave a comment

Script to Set Cache Size on SCCM Clients

Here’s a quick and easy way to set or change the cache size on SCCM clients.  If your organization is anything like mine, the 5 GB default is never enough, especially using Nomad.

I also set this in my OSD task sequence for new PC builds.

Just create a package and run the following VBScript – example being a command line — %systemroot%\system32\Wscript.exe SCCMCache.vbs

Dim ClientResource
Set objShell = WScript.CreateObject (“WScript.shell”)
Set ClientResource = CreateObject(“UIResource.UIResourceMgr”)
Set CacheInfo = ClientResource.GetCacheInfo
CacheInfo.TotalSize = 27680 ‘  Change this to your new cache size in MB


Share
Posted in Application Packaging, SCCM 2007, SCCM 2012, Scripts | Leave a comment

ConfigMgr 2012 Update Scan Fails and Shows Incorrect Compliance

I ran into this a few months ago, however I am still seeing a few issues even after sending a script out to resolve it.  I figured I’d write a quick blog to show everyone what I did to resolve the issue.  It’s also important to note that the SCCM 2012 R2 SP1 update is also supposed to help with this.

Symptom:

After deploying a new software update group, I immediately notice that about 1500 workstations showed as “compliant”.  How can this be since I haven’t even deployed any patches?  At first I thought maybe Windows Update was turned on somehow by mistake?  Nope.

After troubleshooting I found this in the WindowsUpdate.log file, which is located in the Windows directory.

WARNING: ISusInternal::GetUpdateMetadata2 failed, hr=8007000E

It seemed that the clients were failing to scan against the WSUS patch repository.

 

The Fix:

It’s important to note that the bug only seemed to affect x86 Windows 7 clients.  It appears this bug was a memory leak in the Windows Update service.

I wrote the following script and sent it out to all x86 Windows 7 workstations.

@echo off

net stop wuauserv
Sc config wuauserv type= own
cd c:\windows
ren SoftwareDistribution SoftwareDistribution.old
net start wuauserv

start /wait wusa.exe Windows6.1-KB2728379-x86.msu /quiet /norestart

exit

KB2728379 can be downloaded from here:  https://support.microsoft.com/en-us/kb/2728379

You also may want to go through your WSUS console and decline any superseded update, and unselect any outdated operating systems like XP, Office 2003, Server 2003, etc.  This makes the payload of WSUS to clients smaller as it doesn’t need to worry about these old outdated OS’s.  It’s also worth noting that I saw this behavior in both SCCM 2007 and 2012.  This makes sense, since it’s technically a Windows Update service/WSUS bug, which SCCM piggybacks off

Share
Posted in SCCM 2007, SCCM 2012, WSUS | Tagged , , , | Leave a comment

Microsoft Ignite 2015 Chicago – My Experience as a MMS alumni

As I sit at Chicago-Midway airport ready to fly home, I thought I’d share some thoughts since they are fresh in my mind.  First, a bit about me.  I’ve been in the desktop management field since about 2004.  Since then, I’ve used…

 

  • Altiris 5.0
  • Altiris 6.0
  • Altiris 6.5
  • Altiris 7.0 (Symantec
  • Configuration Manager 2007
  • Configuration Manager 2012 and R2

I’ve also attended conferences for each of the above products almost every year.  Starting back with the smaller ManageFusion from 2005-2008, Symantec Vision, and MMS every year from 2010-2013.  They ranged in size from about 2500 at the older ManageFusion conferences to about 6000 at MMS 2013.  Another disclaimer, I’ve never attended a TechEd prior to Ignite.

As you can see, I am used to the smaller, technology specific conferences.  Even ManageFusion to MMS was quite a shock for me.  After booking Ignite, I really had no idea what to expect.  One thing I do find strange is that Ignite “sold out” at about 15K attendees, yet there were 23K in attendance?  I don’t understand that one.

Day 1 – Arrival

After some weather issues I arrived at Midway airport around 8:30 PM Sunday night.  The airport was extremely busy.  I waited in the taxi line for about 30 minutes before getting downtown.   I stayed at the Hilton Suites – Magnificent Mile.  I booked the conference a bit late so the hotel choices were a bit limited.

Not much more I can say about Sunday.  There was no Ignite airport check-in at Midway, and I arrived too late to run over to the McCormick conference center to get it.  Not the conferences fault… just bad luck with weather.

Day 2 – Monday

I got up pretty early so I wasn’t waiting in line forever to pick up my badge.  I walked over to our bus stop at the Westin which was only about a block away.  Massive line for the bus.  One bus showed up, and not everyone got on.  So we waited longer.  I am guessing it took another 20 minutes or so for the next bus to show up.  It took about an hour from the time I left my hotel and the time I walked into the conference center.

The badge check in line was surprisingly short.  They were very efficient at moving people through and getting their badges created.  Good job on that.  I then walked over to see quite a big line for backpack pickup.  It went pretty quick though.  No issues.

I first started to realize the scope of the conference size when the keynote lineup started.  a HUGE crowd slowly walked over the bridge to the Lakeside building.  They slowly filed us in to a giant ballroom.  Absolutely huge.  Took my seat way in back.  Couldn’t see much of stage, however lots of video screens showed the keynote.  I did hear a few people grumble about only having 15K seats for 23K attendees.  That’s a lot of people who couldn’t see the keynote.

Keynote content was good, but it does seem that almost 3 hours is a bit long with no break.  About halfway thru, people were constantly getting up and down to use the restrooms or leave.  A little annoying.  Here’s where things went downhill fast.  After the keynote, 15K people trying to leave all at once and go over to lunch was a mess.  I am not really sure what else could be done with that volume of people…. but what a mess.  Then we get to the lunch.  Oh boy, the lunch…

First off, I am NEVER one to complain about food or anything.  I am not expecting much.  The lunch provided Monday was absolutely horrible.  It was a box lunch of a steak or chicken sandwich, some gelatin thing I can’t even describe, a pasta salad I think, and a small desert bar.  Again, I don’t expect much but this was just bad.  I can only judge by the 10 previous conferences I attended which always had at least decent food.  Lots of complaints on this one.  I am not sure if this is the venue’s fault for providing crap food, or Microsoft’s fault for buying a cheaper option.

After lunch, I went early to find my room.  I didn’t do any recon earlier in the day, and this was probably my mistake.  This conference center is HUGE, and you can get confused and lost pretty easy.  Anyway, I made it to my first session about 30 minutes early, only to find out it was already full.  A few guys made a scene at the doorway to the purple shirts.  Not sure why they had to do that, they don’t control the room size.  I was still a little ticked off because this was the only session of the week.  Ok, let’s find another session.  Walk all the way across the conference center to my second choice.  FULL AGAIN!  Not a good start here for me.  I find out about the overflow streaming that was provided.  One guy mentions that if he wanted to stream the sessions he would have stayed home and save $3,000.  I had to agree with him.

I did have better luck in my later sessions that afternoon.  The content was decent, but many speakers didn’t seem to allow much time for Q&A.  And with such huge rooms, there were at least 25 people up at the podium after the session waiting to get questions answered.

Shuttle buses didn’t leave for the hotel until 6 PM which also ticked off some people… myself included.  Once you are down there, you are kind of stuck.  I talked to a few people saying that the taxi line was about an hour long between 4 and 6 PM.  Not good.

Overall Day 2 grade – C-

I’ll give them benefit of the doubt for the day 1 issues.  Not a good first impression though.

Day 3 – Tuesday

Same story with the morning buses.  This time its raining while we wait.  About an hour from the time I leave hotel room to the time I arrive.

Sessions.  Here we go again.  This time, arrive at 8:20 AM for a 9 AM session.  FULL AGAIN.  I am about as easy going as they come… but even now I am getting wound up.  Keep in mind, my company did not pay for the conference.  This is money out of my own pocket.  So once again, my second choice is all the way across the conference center and I get in there.

Lunch.  Personally I thought it was a little better today.  Still lots of complaints on social media.

Here’s what it looks like trying to feed 23K people at once.

lunch

 

After lunch, I got into the sessions I wanted to.  Content was good.  Only complaint is these are listed as 300 level courses.  Not the case for most.  100, maybe 200 level.  Watered down it seemed.

Shuttle buses started at 3:45.  Much better time, but  lines were absolutely huge.  We ended up just leaving since another friend had a car and took us with him.

A good shot of Chicago from the conference center:

Chicago

 

Large Ignite Session

 

largesession

Overall Day 3 grade – C

Food was a little better, but the shuttle buses and full sessions were not acceptable.

 

Day 4 – Wednesday

Things turn around here.  Maybe I just got lucky with shuttle buses, but 2 of them are waiting when I get over to the pickup spot.  Ride’s a bit long, but can’t control traffic.  Today I wear an old MMS 2013 shirt to put some ideas in people’s heads to bring it back to life :)

MMSBadge

The sessions were good, the food was a little better (in my opinion).  Overall, a much better day.  Shorter lines at shuttle buses back to hotel.  Maybe I got lucky on timing or maybe they added additional buses.  No idea.

Overall Day 4 grade – B+

Can’t complain about much.  Good day.

 

Day 5 – Thursday

Lucked out on bus routes, session were decent.  Nothing full!

And the closing party!

closingparty

I read a lot of complaints on social media (Facebook and Twitter) about long lines for food, too many people, etc.  I don’t know what people expect.  I never waited for more than 10 minutes for good food, and never more than a minute or 2 for beer.  I can’t complain at all. I thought it was a great atmosphere, great food, and a great concert.

Overall Day 5 grade – A

A great day.

 

I skipped Friday mornings sessions as I had an earlier flight back home.  Overall, it was a good conference and I’ll probably be back.  Hopefully they learn from their mistakes and get the issues worked out.

I’ll post another blog post in another day or 2 on what I think they can improve on.

–Brett

 

Share
Posted in Conferences, Microsoft Ignite, SCCM Training | Tagged , , | Leave a comment

SCCM 2012 Console Unable to Open

While installing the SCCM 2012 console on workstations for our PC techs to use, I came across a very strange problem.  A tech had installed the console on his machine, and when launching it the error “Configuration Manager cannot connect to the site (site server)”

Console

After verifying all permissions were set correct, I found this was a machine issue, not a permissions issue.  The tech could login to the SCCM console on another machine just fine.

After further inspection, I saw the following entries in the C:\Program Files\Microsoft Configuration Manager\AdminConsole\AdminUILog\SMSAdminUI.log file

The performance counter ‘# exceptions’ was not found

THE FIX

Took awhile to figure this out, but it seems to work on most machines

  • Open a cmd prompt as admin on the problem machine
  • run “LODCTR /R”

LdCtr

  • Uninstall and reinstall SCCM console
  • Restart, and it should work!


Share
Posted in SCCM 2012 | Tagged , | Leave a comment

MP has rejected a policy request from GUID xx-xx-xx-xxxx because it was not approved

Quick little tip on SCCM 2007 – if you see the following messages in your SMS_MP_CONTROL_MANAGER component of the SCCM server, here’s the fix.

MP has rejected a policy request from GUID:XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX because it was not approved. The operating system reported error 2147942405: Access is denied.

 

SOLUTION:  Open SQL Management Studio and run the following query on your SMS database:

select SMS_Unique_Identifier0, Name0 from V_R_System where SMS_Unique_Identifier0 = ‘GUID:XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX’

This will show you your problem client.  You can then follow the standard processes for approving a client – most easily right clicking after searching in the collections, and approving.  Some times this may work and a re-install of the SCCM client may be necessary.  Hope this helps.

Share
Posted in SCCM 2007 | Tagged , , | Leave a comment

Clear SCCM 2012 PXE Advertisements

I just spent a half day searching through SCCM collections, databases, PXE logs, etc to find a fairly easy fix (once you find it!!)  Disclaimer:  I’m using IE Nomad with PXE Lite, however this should work on straight SCCM PXE boot from DP’s as well.

The symptom is something like this:

  • PXE boot a bare metal machine and SCCM starts imaging the workstation
  • For whatever reason (network, hardware, bad task sequence, drivers, etc) the image fails.
  • You restart the PC and try to PXE boot again.
  • Instead of PXE booting – you get the following message:  PXE Boot aborted. Booting to next device…

It seems the machine is kind of stuck in limbo at this point.  The only other way I could complete the image is use physical boot media.

Some of the troubleshooting steps I took before finding the solution:

  • Searched for the workstation MAC address in SCCM – both using a collection query and SQL.  No hits
  • Searched for IP – no hits
  • Searched by MININT name – no hits
  • Right click collections and select “clear require PXE advertisements” – no luck

Solution:

Go into SCCM 2012 Console – Assets and Compliance – Device Collections – All Desktop and Server Clients

Search for Unknown

 

PXEFailureSCCM

 

 

Right click any unknown records and delete them.  Then try the PXE boot again.It should work!

 

Share
Posted in SCCM 2012 | Tagged , , , , , | Leave a comment

Finding Workstations or Servers Without SCCM Client Installed

A quick query that creates a collection of workstations or servers missing the SCCM client.  This is especially useful for environments without the SCCM client push enabled.

Step 1

Create a collection that you will use as a limiting collection – for example “All Windows 8 Devices”, “All Windows Servers”, etc.  In this example, we’ll use all Windows Servers.  Limit this to All Systems to catch both cliented and un-cliented machines.

An example code would look like this.

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where (SMS_R_System.OperatingSystemNameandVersion like “Microsoft Windows NT Server 5%” or SMS_R_System.OperatingSystemNameandVersion like “Microsoft Windows NT Advanced Server%” or SMS_R_System.OperatingSystemNameandVersion like “Microsoft Windows NT Server 6%”)

Step 2

Create another collection called something like “All Servers Without SCCM Client.  You’ll limit this collection to the one created above.

SQL code for this query is:

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where (SMS_R_System.Client is null  or SMS_R_System.Client = 0) and SMS_R_System.Name != “Unknown”

 

This should give you a collection of servers that do not have the client installed.  You can use a ping test to see which ones are active and push the client.

Share
Posted in SCCM 2007, SCCM 2012 | Tagged , , , | Leave a comment
« Older