Saturday, December 6, 2014

Remove ActiveSyncDevice Fails after restore user in Active Directory

The other day i had an issue at customer site that complain about two ActiveSync issues:
  1. User cannot sync with new device.
  2. Administrator cannot remove Active Sync device from user.
Both issues came from the same user, that was restored from backup couple of days before.
First issue was fixed by adding inheritance permissions for the object in Active Directory Users and Computers and in ADSI Edit. from some reason the backup software didn't set this automatically.

Wednesday, September 24, 2014

Install SCCM 2012 R2 Cumulative Update 3

SCCM Cumulative Update (CU) consider to be a non major update to the system. due to that fact, updating the primary site server will not automatically updates the clients.
In addition, there are post tasks to complete.
In this post i will cover how to update SCCM server and clients with CU and other post installations.

Wednesday, July 23, 2014

Configure Internet Explorer 10 or 11 settings with GPO

Lately i get a lot of questions about the ability (or inability) of editing internet explorer 10 or 11 settings with domain GPO.

Microsoft decided to deprecated old Internet Explorer Maintenance (IEM) in favor of more robust tools like Group Policy Preferences (GPP), Administrative Templates (.admx), and the Internet Explorer Administration Kit 11 (IEAK 11).
Because of this change, any settings that you previously configured with IEM will no longer work on computers where Internet Explorer 10 or newer is installed, regardless of the Windows version it’s been installed on. You must update your settings using Group Policy Preferences, Administrative Templates (.admx), or the Internet Explorer Administration Kit (IEAK).

Wednesday, May 7, 2014

Exclude updates from Automatic Deployment Rule (ADR) in SCCM 2012

Sometimes it is necessary to exclude some updates from automatically distribute to clients.
When using Automatic Deployment Rule (ADR) in sccm 2012, all updates that meet the criteria that was configured will added to the associated software updates group, and will be eventually distribute to clients.

Exclude updates from ADR
Find the desire ADR, under Software Library node go to Software Updates -> Automatic Update Rules.
In the ADR properties, go to Software Updates tab and add a Title with - (minus) and the name of the update you would like to exclude.

Sunday, May 4, 2014

Failed to execute SQL cmd exec [sp_CP_CheckNewAssignedMachine] - SCCM 2012 client push fail to start

Recently i faced an issue with SCCM 2012 R2 server and client push installation. (From my research it can be relevant to SCCM 2012 SP1 too).
Environment:
  • SCCM 2012 R2
  • SQL installed separately on cluster environment
Issue:
When configuring client push installation to servers and workstations as in the picture below, an error in CCM.Log stared and client fail to start installation on server type objects.

Exclude Computers From Automatically Push SCCM Client

In many situation i was needed to exclude specific computers (mostly servers), from getting SCCM client to be installed after configuring site-wide automatic client push installation method.

There is an option for editing the registry and add ExcludeServers list with all computers names that SCCM client shouldn't be install.

Basically, adding the ExcludeServers list with computer names will sets the install flag for that resource which prevent from the client to be installed automatically.

Sunday, April 13, 2014

SCCM 2012 client push configure installation and troubleshooting


SCCM client push requirement
Disable firewall or open the necessary ports:

Port


Remark
80
TCP


443
TCP

native mode management point
445
TCP


135
TCP
UDP


In addition, the following needs to be open as well:
o   ICMP (ping) from server to client.
o   BITS service needs to enable.
o   Add the following as exceptions to the Windows Firewall:
Outbound and inbound: File and Printer Sharing
Inbound: Windows Management Instrumentation (WMI)
For complete list of ports used by the client:

Monday, March 3, 2014

Create Custom XML For OSD In SCCM

Lately I was needed to deploy custom Windows 7 image with SCCM 2012 (2007 should be the same).
In my search over the internet I didn't found any full guide that goes through all the required steps, so I decided to document it.
The requirements was:
·         Upgrade Windows XP with new Windows 7 image.
·         Backup domain profiles only (except My Documents).
·         Do not backup files on drive D.
·         Backup printers.
·         Format hard drive
·         Configure additional language.
·         Move computer to different OU.