Microsoft Ignite 2015 Chicago – My Experience as a MMS alumni

As I sit at Chicago-Midway airport ready to fly home, I thought I’d share some thoughts since they are fresh in my mind.  First, a bit about me.  I’ve been in the desktop management field since about 2004.  Since then, I’ve used…


  • Altiris 5.0
  • Altiris 6.0
  • Altiris 6.5
  • Altiris 7.0 (Symantec
  • Configuration Manager 2007
  • Configuration Manager 2012 and R2

I’ve also attended conferences for each of the above products almost every year.  Starting back with the smaller ManageFusion from 2005-2008, Symantec Vision, and MMS every year from 2010-2013.  They ranged in size from about 2500 at the older ManageFusion conferences to about 6000 at MMS 2013.  Another disclaimer, I’ve never attended a TechEd prior to Ignite.

As you can see, I am used to the smaller, technology specific conferences.  Even ManageFusion to MMS was quite a shock for me.  After booking Ignite, I really had no idea what to expect.  One thing I do find strange is that Ignite “sold out” at about 15K attendees, yet there were 23K in attendance?  I don’t understand that one.

Day 1 – Arrival

After some weather issues I arrived at Midway airport around 8:30 PM Sunday night.  The airport was extremely busy.  I waited in the taxi line for about 30 minutes before getting downtown.   I stayed at the Hilton Suites – Magnificent Mile.  I booked the conference a bit late so the hotel choices were a bit limited.

Not much more I can say about Sunday.  There was no Ignite airport check-in at Midway, and I arrived too late to run over to the McCormick conference center to get it.  Not the conferences fault… just bad luck with weather.

Day 2 – Monday

I got up pretty early so I wasn’t waiting in line forever to pick up my badge.  I walked over to our bus stop at the Westin which was only about a block away.  Massive line for the bus.  One bus showed up, and not everyone got on.  So we waited longer.  I am guessing it took another 20 minutes or so for the next bus to show up.  It took about an hour from the time I left my hotel and the time I walked into the conference center.

The badge check in line was surprisingly short.  They were very efficient at moving people through and getting their badges created.  Good job on that.  I then walked over to see quite a big line for backpack pickup.  It went pretty quick though.  No issues.

I first started to realize the scope of the conference size when the keynote lineup started.  a HUGE crowd slowly walked over the bridge to the Lakeside building.  They slowly filed us in to a giant ballroom.  Absolutely huge.  Took my seat way in back.  Couldn’t see much of stage, however lots of video screens showed the keynote.  I did hear a few people grumble about only having 15K seats for 23K attendees.  That’s a lot of people who couldn’t see the keynote.

Keynote content was good, but it does seem that almost 3 hours is a bit long with no break.  About halfway thru, people were constantly getting up and down to use the restrooms or leave.  A little annoying.  Here’s where things went downhill fast.  After the keynote, 15K people trying to leave all at once and go over to lunch was a mess.  I am not really sure what else could be done with that volume of people…. but what a mess.  Then we get to the lunch.  Oh boy, the lunch…

First off, I am NEVER one to complain about food or anything.  I am not expecting much.  The lunch provided Monday was absolutely horrible.  It was a box lunch of a steak or chicken sandwich, some gelatin thing I can’t even describe, a pasta salad I think, and a small desert bar.  Again, I don’t expect much but this was just bad.  I can only judge by the 10 previous conferences I attended which always had at least decent food.  Lots of complaints on this one.  I am not sure if this is the venue’s fault for providing crap food, or Microsoft’s fault for buying a cheaper option.

After lunch, I went early to find my room.  I didn’t do any recon earlier in the day, and this was probably my mistake.  This conference center is HUGE, and you can get confused and lost pretty easy.  Anyway, I made it to my first session about 30 minutes early, only to find out it was already full.  A few guys made a scene at the doorway to the purple shirts.  Not sure why they had to do that, they don’t control the room size.  I was still a little ticked off because this was the only session of the week.  Ok, let’s find another session.  Walk all the way across the conference center to my second choice.  FULL AGAIN!  Not a good start here for me.  I find out about the overflow streaming that was provided.  One guy mentions that if he wanted to stream the sessions he would have stayed home and save $3,000.  I had to agree with him.

I did have better luck in my later sessions that afternoon.  The content was decent, but many speakers didn’t seem to allow much time for Q&A.  And with such huge rooms, there were at least 25 people up at the podium after the session waiting to get questions answered.

Shuttle buses didn’t leave for the hotel until 6 PM which also ticked off some people… myself included.  Once you are down there, you are kind of stuck.  I talked to a few people saying that the taxi line was about an hour long between 4 and 6 PM.  Not good.

Overall Day 2 grade – C-

I’ll give them benefit of the doubt for the day 1 issues.  Not a good first impression though.

Day 3 – Tuesday

Same story with the morning buses.  This time its raining while we wait.  About an hour from the time I leave hotel room to the time I arrive.

Sessions.  Here we go again.  This time, arrive at 8:20 AM for a 9 AM session.  FULL AGAIN.  I am about as easy going as they come… but even now I am getting wound up.  Keep in mind, my company did not pay for the conference.  This is money out of my own pocket.  So once again, my second choice is all the way across the conference center and I get in there.

Lunch.  Personally I thought it was a little better today.  Still lots of complaints on social media.

Here’s what it looks like trying to feed 23K people at once.



After lunch, I got into the sessions I wanted to.  Content was good.  Only complaint is these are listed as 300 level courses.  Not the case for most.  100, maybe 200 level.  Watered down it seemed.

Shuttle buses started at 3:45.  Much better time, but  lines were absolutely huge.  We ended up just leaving since another friend had a car and took us with him.

A good shot of Chicago from the conference center:



Large Ignite Session



Overall Day 3 grade – C

Food was a little better, but the shuttle buses and full sessions were not acceptable.


Day 4 – Wednesday

Things turn around here.  Maybe I just got lucky with shuttle buses, but 2 of them are waiting when I get over to the pickup spot.  Ride’s a bit long, but can’t control traffic.  Today I wear an old MMS 2013 shirt to put some ideas in people’s heads to bring it back to life :)


The sessions were good, the food was a little better (in my opinion).  Overall, a much better day.  Shorter lines at shuttle buses back to hotel.  Maybe I got lucky on timing or maybe they added additional buses.  No idea.

Overall Day 4 grade – B+

Can’t complain about much.  Good day.


Day 5 – Thursday

Lucked out on bus routes, session were decent.  Nothing full!

And the closing party!


I read a lot of complaints on social media (Facebook and Twitter) about long lines for food, too many people, etc.  I don’t know what people expect.  I never waited for more than 10 minutes for good food, and never more than a minute or 2 for beer.  I can’t complain at all. I thought it was a great atmosphere, great food, and a great concert.

Overall Day 5 grade – A

A great day.


I skipped Friday mornings sessions as I had an earlier flight back home.  Overall, it was a good conference and I’ll probably be back.  Hopefully they learn from their mistakes and get the issues worked out.

I’ll post another blog post in another day or 2 on what I think they can improve on.



Posted in Conferences, Microsoft Ignite, SCCM Training | Tagged , , | Leave a comment

SCCM 2012 Console Unable to Open

While installing the SCCM 2012 console on workstations for our PC techs to use, I came across a very strange problem.  A tech had installed the console on his machine, and when launching it the error “Configuration Manager cannot connect to the site (site server)”


After verifying all permissions were set correct, I found this was a machine issue, not a permissions issue.  The tech could login to the SCCM console on another machine just fine.

After further inspection, I saw the following entries in the C:\Program Files\Microsoft Configuration Manager\AdminConsole\AdminUILog\SMSAdminUI.log file

The performance counter ‘# exceptions’ was not found


Took awhile to figure this out, but it seems to work on most machines

  • Open a cmd prompt as admin on the problem machine
  • run “LODCTR /R”


  • Uninstall and reinstall SCCM console
  • Restart, and it should work!

Posted in SCCM 2012 | Tagged , | Leave a comment

MP has rejected a policy request from GUID xx-xx-xx-xxxx because it was not approved

Quick little tip on SCCM 2007 – if you see the following messages in your SMS_MP_CONTROL_MANAGER component of the SCCM server, here’s the fix.

MP has rejected a policy request from GUID:XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX because it was not approved. The operating system reported error 2147942405: Access is denied.


SOLUTION:  Open SQL Management Studio and run the following query on your SMS database:

select SMS_Unique_Identifier0, Name0 from V_R_System where SMS_Unique_Identifier0 = ‘GUID:XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX’

This will show you your problem client.  You can then follow the standard processes for approving a client – most easily right clicking after searching in the collections, and approving.  Some times this may work and a re-install of the SCCM client may be necessary.  Hope this helps.

Posted in SCCM 2007 | Tagged , , | Leave a comment

Clear SCCM 2012 PXE Advertisements

I just spent a half day searching through SCCM collections, databases, PXE logs, etc to find a fairly easy fix (once you find it!!)  Disclaimer:  I’m using IE Nomad with PXE Lite, however this should work on straight SCCM PXE boot from DP’s as well.

The symptom is something like this:

  • PXE boot a bare metal machine and SCCM starts imaging the workstation
  • For whatever reason (network, hardware, bad task sequence, drivers, etc) the image fails.
  • You restart the PC and try to PXE boot again.
  • Instead of PXE booting – you get the following message:  PXE Boot aborted. Booting to next device…

It seems the machine is kind of stuck in limbo at this point.  The only other way I could complete the image is use physical boot media.

Some of the troubleshooting steps I took before finding the solution:

  • Searched for the workstation MAC address in SCCM – both using a collection query and SQL.  No hits
  • Searched for IP – no hits
  • Searched by MININT name – no hits
  • Right click collections and select “clear require PXE advertisements” – no luck


Go into SCCM 2012 Console – Assets and Compliance – Device Collections – All Desktop and Server Clients

Search for Unknown





Right click any unknown records and delete them.  Then try the PXE boot again.It should work!


Posted in SCCM 2012 | Tagged , , , , , | Leave a comment

Finding Workstations or Servers Without SCCM Client Installed

A quick query that creates a collection of workstations or servers missing the SCCM client.  This is especially useful for environments without the SCCM client push enabled.

Step 1

Create a collection that you will use as a limiting collection – for example “All Windows 8 Devices”, “All Windows Servers”, etc.  In this example, we’ll use all Windows Servers.  Limit this to All Systems to catch both cliented and un-cliented machines.

An example code would look like this.

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where (SMS_R_System.OperatingSystemNameandVersion like “Microsoft Windows NT Server 5%” or SMS_R_System.OperatingSystemNameandVersion like “Microsoft Windows NT Advanced Server%” or SMS_R_System.OperatingSystemNameandVersion like “Microsoft Windows NT Server 6%”)

Step 2

Create another collection called something like “All Servers Without SCCM Client.  You’ll limit this collection to the one created above.

SQL code for this query is:

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where (SMS_R_System.Client is null  or SMS_R_System.Client = 0) and SMS_R_System.Name != “Unknown”


This should give you a collection of servers that do not have the client installed.  You can use a ping test to see which ones are active and push the client.

Posted in SCCM 2007, SCCM 2012 | Tagged , , , | Leave a comment

How to Stop an System Center Configuration Manager (SCCM) Client Push

If you ever do a big oops and hit the “install client” action on a full collection instead of a single machine, there’s an easy way to fix this before you bring your network down to a crawl.



Software Push 1

First, I stop the SMS Exec service, and browse to your <SCCM install dir>\inboxes\ folder.  You should see tons of records in this folder.  Just select all files (minus the top 2 folders), and delete them.  You should then have an empty folder like this – then you can restart the SMS Exec service and be good to go!


Posted in SCCM 2007, SCCM 2012 | Tagged , , | Leave a comment

System Center 2012 R2 Release Date October 18, 2013

The title says it all.  We finally have a release date for System Center 2012 R2 (and also Win 8.1). 

Here’s a good link via WindowsITPro that highlights some of the new features of R2

It’s quite a bit of reading, and much doesn’t apply to me.  I didn’t see anything earth shattering – but its worth an hours read.


Posted in System Center 2012, Windows OS | Tagged , , , | Leave a comment

SCCM 2012 SP1 CU2 Released

A few days late to the game, but I see SCCM 2012 SP1 CU2 has been released.

Download here:

From the release notes:

Administrator Console

  • The Add Site Server Roles Wizard incorrectly blocks adding a site server when the first word of the server’s fully qualified domain name is longer than 15 characters.
  • Multiple nodes and property sheets in the Administrator Console can now be announced correctly by screen reader software.

Application Virtualization

  • Virtual Application packages that are saved on a Distributed File System (DFS) share may not migrate from Configuration Manager 2007 to Configuration Manager 2012. Errors that resemble the following are logged in the MIGMCTRL.log file:

    Failed to connect to share \\production\dfs\Virtual Applications\App Source : Error 0x80070520
    Impersonation is reverted.
    Set the status of the entity Virtual Application 1 to Failed.
    Set the status of the job entity Virtual Application 1 to Failed.
    Microsoft.ConfigurationManagement.Migration.MigrationException: Failed to connect to share \\production\dfs\Virtual Applications\App Source : Error 0x80070520

  • Nonalphanumeric characters in the CertificateIssuers string cause site assignments not to work
    ( )

    in a System Center 2012 Configuration Manager Site environment.

Operating system deployment

  • Task Sequences may ignore the Multicast Only flag when downloads are performed within the full operating system instead of Windows PE.
  • A task sequence that has multiple “Install Application” steps may fail. Additionally, the following error message is logged in the SMSTS.log file:

    Error Task Sequence Manager failed to execute task sequence. Code 0x80004005

  • Clients may not download a new operating system image when custom ports are defined for the site server. The SMSTS.log file will contain error messages that resemble the following:

    WinHttpQueryHeaders() returns status code 404 (Not Found)
    SendWinHttpRequest failed. 80190194.
    DownloadFile failed. 80190194.
    Error downloading file from$/CAS0000A/sccm?/install_ipremote.cmd to C:\_SMSTaskSequence\Packages\CAS0000A\install_ipremote.cmd
    DownloadFiles failed. 80190194.

  • Cumulative Update 2 offers limited support for deployment of Windows PE 3.1-based images. These images must be completed before they are added to the site server. If later changes are needed, they can be made by using the Deployment Image Servicing and Management (DISM) tool. Any Distribution Points that have the old image must be updated.

    The following optional components have to be installed beforehand:


    The following operations are not supported:

    • Installing additional optional component through Configuration Manager
    • Adding drivers
    • Setting scratch space
    • Configuring prestart command
    • Configuring background image file
    • Enabling and disabling command prompt support (debug mode)

Asset Intelligence

  • “Software 09B – Computers with infrequently used software installed” reports do not contain accurate data for Windows Installer-based applications that are updated.

Mobile device management

  • Windows Mobile 6.5 devices no longer receive application policies after the site server is upgraded from the release version of Configuration Manager 2012 to Configuration Manager 2012 Service Pack 1.

Software distribution

  • The content status of a package is stuck in the “In progress – Waiting for Content” status
    ( )

    in System Center 2012 Configuration Manager SP1.

  • Content status may show a state of “Unknown” when a distribution point on a Configuration Manager 2007 Secondary Site is upgraded to Configuration Manager 2012.
  • Status messages from pull-distribution points are now routed through management points instead of directly to site servers. This decreases the site server performance effect of having multiple pull-distribution points.

Updated list of supported Linux and UNIX clients

  • The list of supported UNIX and Linux platforms is updated to include x86 and x64 versions of the following:
    • Ubuntu 12.04
    • Ubuntu 10.04
    • Oracle Linux 5
    • Oracle Linux 6
    • CentOS 5
    • CentOS 6
    • Debian 5
    • Debian 6

Site systems

  • Status Manager may not process changes to built-in Status Filter Rules on localized Configuration Manager installations. Entries similar to the following may be logged in the STATMGR.log file:

    ERROR: The component item for SMS_STATUS_MANAGER in the master site control file does not contain property list items for a status filter named “SMS_STATUS_MANAGER”, or those property lists are corrupt or badly formatted.

  • Installation of the Client Notification component (bgbisapi.msi) will fail on sites that have custom websites (SMSWEB) or custom ports that are defined. The BGBSetup.log will contain the following errors messages:
    bgbisapi.msi exited with return code: 1603
    Backing up X:\Program Files\Microsoft Configuration Manager\logs\bgbisapiMSI.log to X:\Program Files\Microsoft Configuration Manager\logs\bgbisapiMSI.log.LastError
    Fatal MSI Error – bgbisapi.msi could not be installed

    The bgbisapiMSI.log will also contain errors that resemble the following:

    ERROR: Failed to configure sms ports ‘0x80020009′.
    ERROR: Failed to process port information.
    Product: BGB http proxy — Internal Error 25011. 80020009
    Internal Error 25011. 80020009
    CustomAction CcmCreateIISVirtualDirectories returned actual error code 1603

  • Active Directory User and Group Discovery methods may not update group relationship data when the “Enable delta discovery” option is selected.

Configuration Manager SDK

  • The CPApplet.CPAppletMgr Automation object returns error 0x80040154 when you use the object on a 64-bit operating system that has Configuration Manager Compatibility Shims (32BitCompat.msi) installed.


Cumulative Update Setup Wrapper (Installer)

  • The installer can now be run again on the same site server to create or to re-create deployment assistance items (packages and programs).
  • The installer can update the Administrator Console directly when the installer is run on a site server or on a workstation where the console is installed. Earlier versions of the installer only copied the Administrator Console update (.msp) to the file system, and the console update had to be installed separately. The previous installation method of installing the update manually is still supported.
  • The logging format is improved to increase detail for tracking progress or for troubleshooting installation failures.

Posted in SCCM 2012 | Leave a comment

VMWare Workstation with Windows Server 2012 Black Screen After VMWare Tools Install

Had an interesting issue today while recreating a new SCCM 2012 SP1 lab environment.  I loaded it up on VMWare Workstation (yeah, I know, the OTHER guys)…. and then installed VMWare tools on my Server 2012 VM.  After a reboot I noticed I could see the BIOS, then a bootup sequence with Windows, then all black.  Could tell my mouse went into something…

After digging a bit I found the fix.

Under the VM settings, go to display and check “Accelerate 3D graphics”.  Force a reboot and it should come up just fine.

Posted in Server 2012, VMWare | Tagged , , , , | 2 Comments

New Microsoft Zero-Day Internet Explorer Vulnerability

It looks like there’s a pretty serious zero day vulnerability that’s currently being exploited.

No word if Microsoft is planning on releasing an out of band patch or waiting until patch Tuesday next week.

Some details and links (including the planned “OpsUSA” attack)

Microsoft FIX IT Utility –

FBI Flash DDOS Scripts

Krebs on Security

Attack information: (adult language)

Publicized Target list:

Posted in Patch Management | Tagged , , , , | Leave a comment
« Older