Friday, December 26, 2014

Tuesday, November 11, 2014

Relaxing @ radisson blu

Sad Star Trek

We got free admission to star teak exhibit.  Did not realize that props don't have to be exciting. 

Monday, November 10, 2014

OSD driver and tbleshooting

Chaos vs control freak. 
Generic deployment package for drivers that are not specific

Boot image pr 5 
      Nics, VMware mouse, 

Os drivers. 
Everything needs a driver.  No exclamation points

HP soft paq.  Fp vs http download
    Select model 
     Searches for download and dis 
       Dl and extract

Dell
Use cab file downloader

The win pe driver pack works well for other manufacturer



Lenovo
  Use update tool. Can use the tool to export
   Gets an exe   Need to extract
    /very silent. Cmd line switches in xml
    Configman switches are published sometimes

#mmsosd.  For .?


Dpinst.exe.  

Folder specifics, model aliases. On deployment guide. Aliases

MDT driver injection
Rules from custom settings.ini
Task sequence step set variable. %model

Scenario.   Pnp
Mdt copies all the files that go with a pnp I'd

Config man copies files locally but then injects into the oS
Pnp find.exe.  Newer version   Can be run to gather xml pnp info from a machine
pnpenum 
R
To copy the drivers
     Bdd.log.   Smsts.log,   Look for file on C drive
Dism inject the drivers
   Dism.log. Setup act.log
Setup install the drivers
    Setupapi.dev.log
   
Dump totextfielfrompaused.  

Deploy vista. Blog.   Bing drivers powershell is king
If drivers are downloaded you can powershell the import to the site
Shift  F10 in setup window if you delete text file
Driver ranking. Lookup the code 

Drivers as applications

Break the signing if you mod the driver

Deployment artist.com

Stealing with pride. Book

Add updates that require multiple reboots to reference image.  Microsoft may be allowing downloadable patched wims. 

Johann does not believe that offline servicing works
    Core tech has scripting in lite touch to replace this functionality 

Silect.com configmgr extension to create baselines

How to dev web services for configman.  Johann. Coming up

Codeplex.com.   Front end. 

Ramsey. Top ten OSD best practices
http://gregramsey.net/2014/10/31/10-1-best-practices-for-os-deployment-with-configmgr-2012-r2/

















 Book




CI

Compliant gets less info than non compliant
Check for scep service is one that was demoed

Start the service for remediation

Parse the event log for windows installer  gives you the who?

Registry WMi 

Security compliance manager. Can translate a GPO to 
Should be in slide deck. 

Powershell exec policy. Can be set in client settings

View report from actual client in control panel. 

Cmd line in client tools send schedule   To gather baselines. 

Search for a file like Dropbox which gets you rich info about the file
Looking in user space for apps

UI++ - ConfigMgrFTW! http://ow.ly/3u7Lv6




State of configman

Weave pack 
CU5
Maintenance window types


Of are key off info
Toolkit
Servicing extension
Client query

Support center
Connect to machines to troubleshoot

Ceviewer from support tools in toolkit
Deployment troubleshooter

Core tech blog

System center universe usa Dallas

Right click tools.  Now micro
Posh at she'll client action tools

Software update manager
Casum. Auto deploy. Through powershell


Blog.coretech.dk

Import driver tool


UI plus plus
Ad auth
Apptree 

Steventhompsonmvp.wordpress.com

David o brien  update inventory

Binary Wmi explorer
Wmie.codeplex.com.   












Minn snow

Snow after 85 deg is a little adjustment

Thursday, November 06, 2014

Tuesday, November 04, 2014

Shooting

Good grouping

F22 day

Good day after a long drive


Thursday, May 15, 2014

Matt Reynolds.

Speed it up

Windows is fast

Peter viglagen. Original 

Windows performance toolkit

Majority of slow boots.   Desktop time machine

Don't tie the login to the network

Check for disk load first
Auto start services check
Services group  needs to finish before next service starts
Productivityagent
Delayed auto start service


Windows performance toolkit

Download. Start. Save
Makes evtl file
Windows performance analyzer
Speaker bult accelerators


Roaming causesroblems
He happens asynchronously

Files.   Work folders 

Gpo
Software installs just suck
Accidentally set 'always wait for the network'


Bootxray.  Ms service



(Organize desktop by project)








Byod. Ms it

Dharmendra Thotakura; Marc Hurley
Something
Kartthik  jayavel

Test








Ms it zero touch

Dharmendra Thotakura; Marc Hurley

Automate publishing

Workload increased but manpower decreases

D through priorities


1000 apps in the environment coming


Content replication and deploy errors take more time







Mac mgmt

Karan Daftary; Preeti Rastogi 


Needs enrollment point role and ms cert
Change the client props to cover 


Has client tool for gathering info for troubleshooting


Settings mgmt
Custom settings
With plist or shell scripts

Compliance through policies

Software deploy

Application model
   Wrap Mac install using cmapputil
       .app .pkg. .mpkg. .dmg

Only required deployments for devices


Compliance. Configuration items


May need a change to the client settings to get installed apps

Cert renewal
User enabled

R2 and sp1 are supports on os 10.9

Configman cu4 

No client push
No native software install
No software updates manage
No maintenance windows
No remote control

See Technet for details


Linux and Unix
Core
Hdwe software inventory
Classic software
Endpoint for Linux. Not unix
Uses OMI infra
Chm server interfaces
Full and delta inventory
Packages nd programs



Wednesday, May 14, 2014

Johan and Michael

Smspxe.log
Iphelpers. The nic is hard coded
Ip helpers were part of the original design
Bios update sometimes works.  Pxe-rom
7 files in SMS boot. Need check box  in deploy this boot image on boot source tab

Language settings. Add lang pack as package
Make a mandatory due to location
Must master the skills of notepad
Defaultgateway.ini
Can set for ip range
Verify with powershell   Mdtbuildlab
Cscript .\ztigather.wsf /inifile: c:\desktopcontent/file
Modify the unattended.xml
Can also install packages in the ini

Would write to local folder minint

Deploymentbunny. Custom settings


Update agent during OSD
Create a package. 

Refresh encrypted 3rd party encryption
Rebuild and Restore

Making updates work. 
Wsus lite touch for non configured clients
Look for kent agerlund updates
Set wsus in custom.ini


Bit locker key for windows to go.  Bit locker to go is used, no tpm chip
Install bit locker admin tools server
Verify that the tools are the same

MBAM not direct supported in configman or lite touch
Tim Nilimaa. Channel 9   Me am to sequencers


Client does not find policy
You need Chris nackers   Smstsdownlaodretrycount. Or delay


Run the cleanup stuff
Dism /image:c:test\offline  /cleanup-image
Before sysprep
Does not work on win7
Deployment image servicing and management tool


MP in DMZ. 
Mp on primary site in DMZ 
Neil Peterson. Cross forest support in configman. 4 posts
Rob Marshall  configmgr switchmp. Changes host file
She'd task that punches it into the registry

Barebones in branch offices
Lite touch can enable PXE
Or
Offline media
Server running vm
Hp micro server gen 8

Offline media version control
Deployment guys web site
Johann does a web service to check date on file and then update


Oops.  
Myitforum if you deploy an bad thing. Then deny the DP
Deployment guys put in a shut off to look for a file then stop so you can make a file and bail
Collection variable. For same check


X86. Unattended.xml and WSIM On x64

Wrappers. Pshell and vb
Pshell and run as executable. 




Windows 8 black belt

Sami laiho


Developed steady state

Ctrl new task in task manager
Ctrl shift right click. Win explorer

If something is broken run process monitor

Use a methodology
Know when to give up
Document. But only in electrical system

Notepad
Type .log in file and save
Dumps date into doc when opened


Error message ctl c.  Ctrl b to copy and paste
Net helpmsg number. Translates the error

Snipping tool
Esc out and you can get copy. Ctrl print screen

Psr problem steps recorder
Review for slide show



Teamviewer 
VPro realvnc.com


Boot to win 8 install media
Copy sethc.exe
Reboot 
Bang on chirt key
Net user admin change password

To put it back take ownership and reset acl and perms

System is better than admin
Whoa I / all

Learn to diag threads not procresses
Procexp. Process explorer

Takedown.exe

Remember integrity levels
Mandatory labels

Perfmon /res
Perfmon /rel
Msconfig
Services.msc and only use the Microsoft services

Auto runs 

Winperf

Win re. On a boot drive

Hklm reg replace image file execution. Display switch

Getting cmd with system. Don't run explorer with system rights



Deny policy 
Admin can override policy

Software policy key deny system. 

WPT. 

Windows message analyzer
Enable powershell removing on client


Win 8.1. Shift reboot













Windows on a chip. Byod

Milan aslander
Adam Bethany 

 Licensing can be covered by cl
Software assurance covers the license
Usb3
Encrypt it or lose it
Tpm is not used
San policy. Allows USB to be seen, but not the local hd
Grab the amazement and make sure they understand what it means for securityadmin
Hibernation is turned off by default
Shut down the machine to enable the reboot
Admin access creation


Admin can see the local drives if he makes them active

Takes a a wim
Wtgcreator.exe
Deployed to app catalog


Application data security in the cloud

Knox security bubble 
Allows logged in user to access docs and apps but not bring them out of the bubble


Mdm apps

Registry. Contains metadata
Get the PowerPoint 


Status codes in registry

App comes from bits

Bitsadmin tool. Monitor progress

Wns windows notification service

Performance test app
Bing translator

Appv5 sp2. Support 8.1
  

Device ownership for mobile apps


Company portal availability


Tuesday, May 13, 2014

Sccm jewels

Johann YouTube videos

Hydration kits
Powershell deploy,met toolkit


Ola.hallengren.com
SQL maintenance
Rebuild indexes (currently broken)
Create a database to store the tool
Index check
Maintenancesolution
Start SQL agent
Creates a number of tasks
Index optimize can be set to a specific db

RUFUS
Http://Rufus.akeo.ie

Technet driver injector


Unprovisiioned computers delegation
Technet


MDT
Get and store variables
UDI


PS APP deployment kit
Psappdeploytoolkit.codeplex.com/releases/view/110492
Has a help file
Can pull updates from sccm as well
Run as a package if you need to rerun


Application approval automation
Installs as a service 
Uses manager field in ad

Can be done wih orchestrator and runbooks

Application importer
Ui for importing mis/mst



Auto documentation tool
David obrien 
Need word  and 
Can be run from workstation



Visio icons
Teched gallery


Mstools 
Content library explorer
Collection evaluation explorer
Dp job manager

Config man support center. Requires dot net 4.5
Download. Client log files. One stop shop
Data collection creates a zip file. 
Viewer can open bundle or zip file
Powershell and GUI support

Client operations
Client center.   Scmclictr.codeplex.com. Different versions 
Psrightclicktools,codeplex.com
Configmgr inbox. Smug.co.uk/wmug

Regkeytomof

Poshcat. Client actions tool

Jason sandys startup script. Blog.configmgrrftw.com

System center central

Links,on Technet wiki page





Error lookup in cmtrace
Can help define error message








Teched 2014


Niehaus Michael 
Win pe 5.1.  Only for wimboot

Dism cleanup. Start component cleanup 
Remove base

Wimboot
Mostly for small drives
Compressed boot file 
Creates recovery drive boots from that and builds
Small fast disks
Designed for tablets. 
Optimized wim 
Bare metal. Uefi

Enterprise ie 11. Allows 11 to be run as 8 with group policy to define what needs 8

Registry can put the change info into a log file

 Export start layout. Gp can then push that out
   
Kiosk
Assigned access
Windows key 5 times takes you to sign in screen
Windows embedded industry
Locked down. 

Configman Tuesday

Jim Dempsey 
Sccm azure
Unify enable protect

Links to kent agerlunds preso

 http://blogs.technet.com/b/heyscriptingguy/archive/2004/12/06/how-can-i-assign-a-new-upn-to-all-my-users.aspx



http://t.co/z5rEsNI1Br. Kent's links for expert section

Win8.1


Enterprise mode adds compatibility and management   Crowd sourcing



Red highlights ads settings
User and domains user space merge



Early adopters input drove decisions. 
Http://blog.coretek.dk 
Allows set start color. Inject to default user hive

Using zero touch so copy profile was not useful. 
Export apps folder layout.  Xcopy into image

Uefi mainly for pre boot malware prevention

Secure boot dell internally keeps secure boot and uefi on. 

Set ts media variable based on deployment id

Powershell check for uefi

Branded screen for naming
Djoin for remote ad join
Refresh. And reset
Shift restart takes you to os reset

Out-gridview. Powershell

Pinning apps
Www.ramseyg.com




Mobile devices
People centric 












Cert. email. VPN. Wifi. Profiles
Under company resource access   Compliance settings

SCEP. Certificate supply for client 
Via NDES

Extensions are under admin  

See the effects in. compliance config items

Project my screen app. For putting mobile phone on projector. 



ConfigMGR 2012 MVP Experts Panel session recording is on Channel9 with@jarwidmark @JasonSandys@ramseyg @agerlundchannel9.msdn.com/Events/TechEd/…
Sent 8m ago
From TweetDeck


Monday, May 12, 2014

Teched day 2

Ramseyg. Twitter dell guy
Out gridview
Show parMeter
Copy creates syntax
Simulation
@jasonsandys
Mplist
1000 people in session

Smspxe.log.  Server
X:/windows/temp/smsts.log

Smsts.log. Make bigger with smarts.ini file. 10 meg
Log level=0. More verbose. 
Edit winpe.wim to get file to build
Iosdinkection.xml
Add timeout to sequence to allow time for troubleshooting

Slshare=\\.  Puts log file on server

Kent
All systems collection 
Ceviewer
 Export collections with script

Steve SQL legend
Steve Thompson 
Built in maintenance backup task
Sccm sp1 later 
Db backup and compression





Sunday, May 11, 2014

Config man Teched. 2014

DeploymentResearch. Web
Steve Thompson   Db

Mp replica. Shortens up request time but is optional. 

SQL db on mp 

Bandwidth  networking  only what config man knows about

Db rule of thumb. 3-5 mb per client
Agerlund avidmark. Steve Thompson 

Hydration kit from deployment research
Install mdt. 
Copy file to correct folder
Hyper. V. And VMware

You can also put content folder on USB drive

Set log file sizes
Change recovery model to simple

Controlling MP selection during OSDwmug.co.uk/wmug/b/r0b/arc…#TEPRC10 

Ola.hallengren.com
Index optimization on the SQL db

Apply script then turn on optimization



Sent 4m ago
From Twitter for Mac


configmgr
troubleshooter

Jason sanduz client install script

Ccmeval. Log file to understand client problem and correct 

Configuration item.  Registry, script   Deployed from baseline

Compliance management webinar

Channel9 sessions.  On demand 



Coretech has a tool for looking at content and moving it


Lunch


Install software updates in sequence. Will break if it gets too many updates
Make sure your reference image is up to date

Windows recovery can be on machine
Windows ADK 3rd version necessary
Can update older version

Use 5.0. WinPE

Vamt 4.0

Driver. Copy inject install

Boot image in less than 5 sec
RAM disk bump in registry

MDT. Adds 280 features
Lite touch
Zero touch

Johann. Mdt features
1.dynamic deployment
     Lists of applications
     Can test simulate
       Powershell.  Testenv. Folder. Custom settings.ini
             Run gather script to test
             
Computer naming
Osdcomputername=(%serialnumber%,12). Names machine truncate

Download gather script from Johan's blog

Real time monitoring
Powershell, excel, config man
Remote into machine in winpe

Execute runbooks

Adds knowledge factory

Simulate application installs with application type


Install apps in sod sequence will do 10 apps

Create a reference image.   Updates. Run times. Dot net framework
MDT 2013 lite touch
   Software updates always works. But you need a separate wsus
    Easy  and fast
    Flexible and compatible
   Copy profile. Copies from admin to default user. Enabled in unattended.xml
   
Set-oupermissions.ps1. Sets permissions for domain join user

DUI wizard can query ou for machine name

Can also set user device affinity to install user targeted apps

DUI wizard can query for a list of apps and install them on new machine build
Can do a build your own page

Client installs with cu update

   



LInk to Jason Sandy's startup script for ConfigMgr Client:blog.configmgrftw.com/configmgr-clie… #teprc10

Global condition  as an app requirement
Makes a custom app requirement

Create a blank hdwe model condition which can then be filled in as a requirement
Could we use this as a condition for if java 7 is installed


Get approval requests from WMi to send emails
From Kent's blog. 

Powershell toolkit for applications 


https://psappdeploytoolkit.codeplex.com

Software update management



Kent script to create update rules
Uses a cmdlet that was added to allow creation In folders 

Query for servers excluding those that are not managed

Core tech update manager 2013

Software updates dashboard
Software updates summaryKEA. Look for links. 
Computer uptime in hours

Restart plan helps with updates
System center updates publisher.2011.  For client updates. Scup




Use twitter. 
Kent project plan
   Order of things