The Windows Installer CreatingCustomReportsByUsingSQLViews.msi package provides information that will help you to create custom reports, determine which Configuration Manager SQL views contain the information you need for your reports, and identify a path between the necessary SQL views and determine what columns can be used to join them.
Here is the link to download the tool:
http://www.microsoft.com/downloads/details.aspx?FamilyId=87BBE64E-5439-4FC8-BECC-DEB372A40F4A&displaylang=en.
Sunday, October 2, 2011
Wednesday, September 28, 2011
MMC stops working when running queries in large environment
Few months back my patching team comaplins that during patch cycle the MMC get hanged and become unresponsive. During patch cycle thousands of computers needs to be quried to put in a collection. This usually happens in large SCCM environment. Here is the resolution.
Go to the adminUI.log and find the ErrorCode = 2152205056
if this is the error then fillow the below steps -
1. Run WBEMTest and connect to Root.
2. Click 'Open Instance', enter __ProviderHostQuotaConfiguration=@ and click OK.
3. Locate the MemoryPerHost property and double click it to bring up the editor.
4. Change the value to 536870912 and click Save Property. [Note: 536870912 is 512MB written in Bytes.
5. Locate the HandlesPerHost property, note the current value, set it to 8192 and click Save Property.
6. Click Save Object, exit WBEMTest and reboot the site server and test again.
Note : Make sure that you have saved the curren value some where.
Go to the adminUI.log and find the ErrorCode = 2152205056
if this is the error then fillow the below steps -
1. Run WBEMTest and connect to Root.
2. Click 'Open Instance', enter __ProviderHostQuotaConfiguration=@ and click OK.
3. Locate the MemoryPerHost property and double click it to bring up the editor.
4. Change the value to 536870912 and click Save Property. [Note: 536870912 is 512MB written in Bytes.
5. Locate the HandlesPerHost property, note the current value, set it to 8192 and click Save Property.
6. Click Save Object, exit WBEMTest and reboot the site server and test again.
Note : Make sure that you have saved the curren value some where.
Sunday, September 25, 2011
WSUS Maintenance: failed synchronization
You may have received error from wsyncmgr.log stating " Sync failed: LocalDBOtherError: SqlException: Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding.~~at Microsoft.UpdateServices.DatabaseAccess.DBConnection.DrainObsoleteConnections(SqlException e). Source: Microsoft.SystemsManagementServer.SoftwareUpdatesManagement.WSyncAction.WSyncAction"
You can Resolve the issue in following ways
- ReIndex the WSUS 3.0atabase
http://gallery.technet.microsoft.com/ScriptCenter/en-us/6f8cde49-5c52-4abd-9820-f1d270ddea61
-Run WSUS Cleanup wizard
Run the WSUS Server Clean-up Wizard from the bottom of the WSUS hierarchy to the top and NEVER from the top down.
Run the WSUS Server Clean-Up Wizard throughout the hierarchy on a monthly basis.
http://gallery.technet.microsoft.com/ScriptCenter/en-us/fd39c7d4-05bb-4c2d-8a99-f92ca8d08218
------------------OR--------------------
-Open WSUS administration console, select Options, and then Server Cleanup Wizard
-This wizard will remove unneeded content and computers that have not contacted the server for 30 days(Default) or more. Select all possible options, and then click Next.
- It will begin the cleanup process, and will present a summary of its work when it is finished. Click Finish to complete the process
You can Resolve the issue in following ways
- ReIndex the WSUS 3.0atabase
http://gallery.technet.microsoft.com/ScriptCenter/en-us/6f8cde49-5c52-4abd-9820-f1d270ddea61
-Run WSUS Cleanup wizard
Run the WSUS Server Clean-up Wizard from the bottom of the WSUS hierarchy to the top and NEVER from the top down.
Run the WSUS Server Clean-Up Wizard throughout the hierarchy on a monthly basis.
http://gallery.technet.microsoft.com/ScriptCenter/en-us/fd39c7d4-05bb-4c2d-8a99-f92ca8d08218
------------------OR--------------------
-Open WSUS administration console, select Options, and then Server Cleanup Wizard
-This wizard will remove unneeded content and computers that have not contacted the server for 30 days(Default) or more. Select all possible options, and then click Next.
- It will begin the cleanup process, and will present a summary of its work when it is finished. Click Finish to complete the process
Checking SMS/SCCM site information publishing in Active Directory
This happens If Active Directory Schema is not extended and the computer holding SCCM server does not have full rights on Active directory container. This can be rectified in following way...
-open Active Directory Users and Computers.
-On the View menu, click Advanced Features.
The Active Directory Computers and Users window displays additional Active
Directory information, including displaying the System container. You will grant
rights to the System container to allow the Configuration Manager site server to
publish data to Active Directory.
-In the console tree, expand domain( name of your domain), and then click
System.
-On the Action menu, click Properties.
-Click the Security tab.
The System Properties dialog box displays the security permissions on the
System container. Notice that the Configuration Manager site server computer
(SMSServer) is not listed.
-Click Add.
The Select Users, Computers, or Groups dialog box appears.
-Click Object Types.
The Object Types dialog box appears.
-Under Object types, click Computers, and then click OK.
-In the Enter the object names to select field, type smsserver name and then click OK.
- The Select Users, Computers, or Groups dialog box appears. Notice that the
Configuration Manager site server computer is now listed with
Read rights.
-Under Permissions for SMSSERVER, click Full Control under Allow, and then
click Advanced.
The Advanced Security Settings for System dialog box appears displaying the
rights for various accounts.
-Under Name, click on SMS SERVER name, and then click Edit.
The Permission Entry for System dialog box appears displaying the rights for
SMSServer$.
-In the Apply onto field, click This object and all child objects, and then click
OK.
The Advanced Security Settings for System dialog box appears.
-Click OK.
The System Properties dialog box appears.
-Click OK.
The Active Directory Computers and Users window appears. You can leave this
window open if you want to view information that Configuration Manager
publishes to Active Directory after installation.
---------------------------
Logs to check
Hman.log for the following information
" Active Directory DS Root:DC= Domainname here,DC=com
Searching for the System Management Container.
System Management container exists.
Site objects existing in AD: cn=SMS-Site-Site code here.
Searching for SMS-Site- Site Object.
SMS-Site- exists, updating.
SMS-Site-< Site Code here> successfully updated. "
---------
sitecomp.log for the following information
Publish Servers in Active Directory.
DS Root:DC=SCCMSERVER,DC=DOMAINNAME ,DC=com
Searching for the System Management Container.
LDAP://CN=System Management,CN=System,DC=SCCMSERVER,DC=DOMAINNAME,DC=com container exists.
Site System is the Default Management Point.
No Fallback Status Point installed on the Site
Size of Signing Certificate: 0
Signing Certificate:
Checking configuration information for server: SECONDARY.
SECONDARY is the Default MP.
Updated MP Configuration for SECONDARY.
Installing Security settings on site system ...
Security settings are up to date for SECONDARY.
Installing DNS publishing settings on site system ...
DNS publishing settings are up to date for SECONDARY.
Publishing SECONDARY(SECONDARYSERVER NAME.SCCMSERVER.DOMAINNAME.com) as a Management Point into Active Directory.
SMS-MP-SECONDARY SERVER SITE CODE -SECONDARY successfully updated.
-open Active Directory Users and Computers.
-On the View menu, click Advanced Features.
The Active Directory Computers and Users window displays additional Active
Directory information, including displaying the System container. You will grant
rights to the System container to allow the Configuration Manager site server to
publish data to Active Directory.
-In the console tree, expand domain( name of your domain), and then click
System.
-On the Action menu, click Properties.
-Click the Security tab.
The System Properties dialog box displays the security permissions on the
System container. Notice that the Configuration Manager site server computer
(SMSServer) is not listed.
-Click Add.
The Select Users, Computers, or Groups dialog box appears.
-Click Object Types.
The Object Types dialog box appears.
-Under Object types, click Computers, and then click OK.
-In the Enter the object names to select field, type smsserver name and then click OK.
- The Select Users, Computers, or Groups dialog box appears. Notice that the
Configuration Manager site server computer is now listed with
Read rights.
-Under Permissions for SMSSERVER, click Full Control under Allow, and then
click Advanced.
The Advanced Security Settings for System dialog box appears displaying the
rights for various accounts.
-Under Name, click on SMS SERVER name, and then click Edit.
The Permission Entry for System dialog box appears displaying the rights for
SMSServer$.
-In the Apply onto field, click This object and all child objects, and then click
OK.
The Advanced Security Settings for System dialog box appears.
-Click OK.
The System Properties dialog box appears.
-Click OK.
The Active Directory Computers and Users window appears. You can leave this
window open if you want to view information that Configuration Manager
publishes to Active Directory after installation.
---------------------------
Logs to check
Hman.log for the following information
" Active Directory DS Root:DC= Domainname here,DC=com
Searching for the System Management Container.
System Management container exists.
Site objects existing in AD: cn=SMS-Site-Site code here.
Searching for SMS-Site-
SMS-Site-
SMS-Site-< Site Code here> successfully updated. "
---------
sitecomp.log for the following information
Publish Servers in Active Directory.
DS Root:DC=SCCMSERVER,DC=DOMAINNAME ,DC=com
Searching for the System Management Container.
LDAP://CN=System Management,CN=System,DC=SCCMSERVER,DC=DOMAINNAME,DC=com container exists.
Site System is the Default Management Point.
No Fallback Status Point installed on the Site
Size of Signing Certificate: 0
Signing Certificate:
Checking configuration information for server: SECONDARY.
SECONDARY is the Default MP.
Updated MP Configuration for SECONDARY.
Installing Security settings on site system ...
Security settings are up to date for SECONDARY.
Installing DNS publishing settings on site system ...
DNS publishing settings are up to date for SECONDARY.
Publishing SECONDARY(SECONDARYSERVER NAME.SCCMSERVER.DOMAINNAME.com) as a Management Point into Active Directory.
SMS-MP-SECONDARY SERVER SITE CODE -SECONDARY successfully updated.
Query for client does not receive advertisement
This will list all clients that never get advertisement.
Log on to SQL Server Management Studio and run this query against SCCM database
select distinct count(v_ClientAdvertisementStatus.resourceid) as [Number of Adverts],sys.Active0,sys.Client0,sys.Client_Version0,sys.Netbios_Name0,
sys.Operating_System_Name_and0,sys.Obsolete0,
sys.Resource_Domain_OR_Workgr0,sys.User_Domain0,
sys.User_Name0 from v_R_System sys right join v_ClientAdvertisementStatus on sys.resourceid=v_ClientAdvertisementStatus.resourceid where sys.ResourceID not in (select distinct ResourceID from v_ClientAdvertisementStatus where v_ClientAdvertisementStatus.LastStateName = 'Succeeded') group by sys.Active0,sys.Client0,sys.Client_Version0,
sys.Netbios_Name0,sys.Operating_System_Name_and0,
sys.Obsolete0,sys.Resource_Domain_OR_Workgr0,
sys.User_Domain0,sys.User_Name0
Log on to SQL Server Management Studio and run this query against SCCM database
select distinct count(v_ClientAdvertisementStatus.resourceid) as [Number of Adverts],sys.Active0,sys.Client0,sys.Client_Version0,sys.Netbios_Name0,
sys.Operating_System_Name_and0,sys.Obsolete0,
sys.Resource_Domain_OR_Workgr0,sys.User_Domain0,
sys.User_Name0 from v_R_System sys right join v_ClientAdvertisementStatus on sys.resourceid=v_ClientAdvertisementStatus.resourceid where sys.ResourceID not in (select distinct ResourceID from v_ClientAdvertisementStatus where v_ClientAdvertisementStatus.LastStateName = 'Succeeded') group by sys.Active0,sys.Client0,sys.Client_Version0,
sys.Netbios_Name0,sys.Operating_System_Name_and0,
sys.Obsolete0,sys.Resource_Domain_OR_Workgr0,
sys.User_Domain0,sys.User_Name0
Management Point Rejected policy request: Broken Clients
- Check MPStatus.log :Error will look like this " MP has rejected a policy request from GUID:A2062E3F-655F-4F4A-97C9-2E6D41B31D72 because it was not approved. The operating system reported error 2147942405: Access is denied"
- ClientIDManagerStartup.log indicate that the client has been registered? That's the first step. If not, no policies can be downloaded (client will automatically retry the registation process every 10 minutes You can see that happen in the ClientIDManagerStartup.log. There's nothing you have to do to attempt the re-registration process)
- Run a query to get the computer name using GUID
Log on to SQL Server Management Studio and run this query against SCCM database
select * from dbo.system_data where smsid0 = 'GUID'
- This Query will return computer name. Find the PC locate then and uninstall. would be good if you use delcert comannd after uninstalling.
- Install the Client , take a look of MPstatus/ Clientidpstartup.log, I am sure you will receive a success message.
Management Point verification
- Do a check on MPsetup.log. check the last line in the log "MP is install successfully. If you find any problem in MPSetup.log, then verify MPMSI.log for more information on the issue.
- Do a check on IIS , check if virtual directory named SMS_MP under default website is created.
- check MPcontarol.log for the status code "200"
- Check with following URL's
http://
http://
Subscribe to:
Posts (Atom)