System Center Clients…SMH

Had a System Center client out there that would not install during a push installation.  Took a look in the ccmsetup.log file and discovered the following error: MSI: Setup was unable to create the WMI namespace CCM The error code is 80041002. Error 1603.

Quick & Easy Fix

The fix that worked for me was to…

  1. Stop the Windows Management Instrumentation service and set it to Disabled.  If you don’t disable it, it will restart automatically.
  2. Went into the %windir%\system32\wbem folder and renamed the Repository folder to Repository.old.
  3. I restarted the WMI service and set it to Automatic.
  4. I re-pushed the client from the SCCM console and everything installed just fine.

So What Brought This On?

Well we are in the process of adding a new SAN to our network at one of our locations.  The path to the roaming profile folders will need to change as a result of this.  However, we only need to make this change for a group of users at a specific location and whose roaming profile is currently pointing to the old server.

PowerShell to the Rescue!

Whenever I get the chance to write a PowerShell script, I get sorta excited about it.  Since we are still on Windows XP SP3 over here, I don’t get the chance to do a lot of cool stuff and all of our servers are not yet running Windows Server 2008 (even though we are getting there).

So I decided to write a handy script that will automate this process for me.  There are a few things to be aware of when running this script.
I ran into an issue when I attempted to run the script from a Domain Controller.  I was getting the message Set-ADUser : Insufficient access rights to perform the operation.  There must be some type of security setting or something that disallows this Active Directory editing locally.

So I tried pointing it to a server running Windows Server 2003 by using the -Server parameter but got the following message: Unable to contact the server.  This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services running.  This would be because it’s a Windows 2003 Server Domain Controller (duh).

So I pointed it to another domain controller running Windows Server 2008 and it worked just fine.

The Script

<#

.SYNOPSIS

Changes the roaming profile path of all Downtown user accounts in Active Directory to a new location.

.DESCRIPTION

Searches Active Directory for all users whos profiles reside on OLDNAS and changes their profile path to a share on NEWNAS

.EXAMPLE

PS C:\>Change-ProfilePath-for-Downtown-Users

#>

# Import the AD Module

Import-Module ActiveDirectory -ErrorAction SilentlyContinue

# Get credentials

$AdminCredentials = Get-Credential

# Get users from Active Directory

$Users = Get-ADUser -Filter {ProfilePath -like "\\OLDNAS\profiles*"} -Properties ProfilePath | Sort SamAccountName

# Loop through the users and change their profile paths

ForEach ($User in $Users ) {

Write-Host "Changing Profile for User:" $User .Name

$ProfilePath = "\\NEWNAS\PROFILES$\" + $User .SamAccountName

Set-ADUser $User -ProfilePath $ProfilePath -Credential $AdminCredentials -Server "lafayettedc2.citysecurities.local"

}

The Problem

The other day I was faced with a simple little issue to solve.  I had the Serial Number/Service Tag for a Dell server but I had no idea where it was physically located nor did I know the name of the server.  This would have not been a problem with our clients because we name our clients the same as the Service Tag.  But, our servers are named differently.

System Center Configuration Manager to the Rescue…Again!

So I decided to use SCCM reporting to solve this problem since SCCM collects all sorts of data anyway.  I created a custom report called Computers with a specific Dell ServiceTag.  The following is the SQL statement that I wrote.

SELECT SYS.Netbios_Name0, SYS.AD_Site_Name0, SYS.Operating_System_Name_and0
FROM v_GS_PC_BIOS BIOS
JOIN v_R_System SYS on SYS.ResourceID = BIOS.ResourceID
WHERE BIOS.SerialNumber0 LIKE @serialNumber
ORDER BY SYS.Netbios_Name0

  1. Click the Prompts button and add a prompt property
  2. Name: serialNumber and Prompt text: Serial Number
  3. Check the Provide a SQL statement box and enter the following:

    begin
    if (@__filterwildcard = '')
    select distinct SerialNumber0 from v_GS_PC_BIOS order by SerialNumber0
    else
    select distinct SerialNumber0 from v_GS_PC_BIOS
    WHERE SerialNumber0 like @__filterwildcard
    order by SerialNumber0
    end

That should do it.

Sluggish VMware Console

I have been meaning to post this simple fix for a while now but I’m been ridiculously busy over the past several months.  I hope to get back into the routine of blogging again more frequently.

Anyway, after I installed Windows Server 2008 R2 on a few VMs that I created, I noticed that video performance was sluggish when using the VMware Console.  This is an easy fix but it’s a pain.  Here’s what I did to resolve the issue.

Update the Driver to Fix It!

  1. Login to Windows Server 2008 R2 on the VM.
  2. Click Start and in the search box type either compmgmt.msc or Computer Management–whichever one that you like.
  3. In the Computer Management console select Device Manager.  In the center pane (or right pane if you do not have the Actions pane open), expand Display adapters.
  4. Right-click on the display adapter that appears and select Update Driver Software… from the context menu.
  5. Select Browse my computer for driver software.
  6. In the Search for driver software in this location: box, type or browse to: C:\Program Files\Common Files\VMware\Drivers\wddm_video.  Click the Next button.
  7. The search should find the VMware SVGA 3D (Microsoft Corporation – WDDM) driver.  Click the Close button and Yes to restart the computer.

Perform these steps after you have installed VMware Tools.

Banging My Head

Today and late yesterday I was banging my head on the wall trying to install SharePoint 2010 on a newly imaged server running Windows Server 2008 R2.  I ran the Pre-Requisite Installer (i.e. PreRequisiteInstaller.exe) found on the media for SharePoint 2010.  I was consistently getting the error message from the wizard along the lines of the installation failed due to a pending restart of the computer.

I took a look at the log files and found these entries in the log that gave a hint as to what might be the issue.

Install process returned (0X3E9=1001)
[In HRESULT format] (0X800703E9=-2147023895)
Last return code (0X3E9=1001)
Error: A pending restart blocks the installation

I looked around for answer but could find nothing.  That would directly resolve the issue.  So I went out to Windows Updates and applied all of the latest updates and this somehow resolved it for me.

Just wanted to pass this along just in case anyone else was having an issue with this.

P.S. I am aware that some people have fixed this issue by editing or deleting a few keys in the registry but this did not resolve the issue for me.  I’d encourage you to try those first to see if they work.

The Saga

I’ve definitely been beating my head on the desk with this one for a few days but finally found a solution thanks in part to Google.  I was attempting to install Additional Drivers for a printer that was shared/installed on a print server running Windows Server 2008 R2.  If you are reading this, then you no doubt have experienced the severe shortcoming by Microsoft in this area of O/S functionality.  It’s simply broken and I’m surprised that they have yet to fix it (I guess they want us all to move to Windows 7 ASAP).

When attempting to install the x86 User Mode drivers, I was first prompted for the location of the drivers.  Then soon after I was prompted for the Windows Server x86 installation media.  Huh?  Come to find out, the installer wanted the ntprint.inf file.  Unfortunately, there’s no easy way to get to this file because the installer will not accept it from the C:\Windows\inf folder or from the latest Windows Server 2008 media directly.

The solution is to utilize the Windows AIK‘s imagex tool to mount the install.wim file so that you can grab the ntprint.inf (and all of the other files necessary for installation).  So here’s how I got it resolved.

How to Install the ntprint.inf File on Windows Server 2008 R2

  1. Download and install the Windows AIK.   This particular one is for Windows Vista and Windows Server 2008.  Here’s the one for Windows 7 and Windows Server 2008 R2.  I didn’t perform these steps with the latter but if anyone wants to give it a shot, let me know.
  2. Insert the installation media for Windows Server 2008 32-bit and go to [drive]:\sources\ folder.
  3. Copy the install.wim file to a temporary folder–let’s say C:\TEMP.
  4. Create a folder to act as a mount point–let’s say C:\MOUNT will act as the mount point.
  5. After installing the Windows AIK on a server, go into the installation directory for Windows AIK.  On my machine it’s, C:\Program Files\Windows AIK.
  6. In the Windows AIK folder type the following command to mount the image: imagex /mount C:\TEMP\install.wim 1 C:\MOUNT.  This will mount the image in the C:\MOUNT folder so that you can browse its contents.
  7. Once the image is mounted go to C:\MOUNT\Windows\System32\DriverStore\FileRepository\ntprint.inf_xxxxxxxx, where the string of x’s represent a hexadecimal number.
  8. Within my particular install.wim file, there were 2 folders with the ntprint.inf_ name, so copy both of them to a network location that is accessible by your print server.
  9. Once the files have been copied go back to your print server and attempt to install the drivers again.  But, this time, when it asks for the ntprint.inf files, direct the installer to the network location that you copied the folders to.  I choose just 1 of the 2 folders that I copied (this first one) and the installation completed for me–printer installed just fine.
  10. (Cleanup) Go back to the Windows AIK and run imagex /unmount C:\MOUNT to unmount the image.

This sparred me a few brain cells so I hope to save a few of yours as well.  Good luck.

Debriefing

Just added a new branch office to our organization and in keeping with the new standards that I have imposed for server operating systems, all servers at this location are running Windows Server 2008 R2.  I had read awhile back that there were a few things to be aware of when creating a SCCM Secondary Site in Windows Server 2008 R2. These secondary sites will only be Management Points and Distribution Points.  So here’s how I got it all to work.

Remote Differential Compression (RDC)

According to the TechNet articleon this very same topic, “site servers and branch distribution points require Remote Differential Compression (RDC) to generate package signatures and perform signature comparison. By default, RDC is not installed on Windows Server 2008 or Windows Server 2008 R2 and must be enabled manually.”

  1. Launch Server Manager.  Select Features then Add New Features.
  2. Select Remote Differential Compression.  Click Next then Install.

IIS7.5

There are a few things that need to be done in IIS7.5 to get things to work.  Even in IIS6 there were/are several configuration steps that needed to be performed in order to get this to work.  Some of these steps are similar to what you need to do if running IIS6.

  1. Launch Server Manager.
  2. Select Features then Add Features.
  3. Select Background Intelligent Transfer Service (BITS) which will then require that Web Server (IIS) and Remote Server Administration Tools be installed.
  4. Select Add Required Role Services.
  5. Click  Next.
  6. At the Role Services step select WebDAV Publishing, ASP.NET and Add Required Role Services.
  7. (Optional) I checked ASP just in case I wanted to make this server a Reporting Point in the future.
  8. Select Windows Authentication under Security.
  9. Under IIS Management Compatibility select the following: IIS 6 Metabase Compatibility, IIS 6 WMI Compatibility.
  10. Click Next then Install.

WebDAV Configuration

  1. Once IIS7.5 is installed open the IIS Manager.  To keep things simple and to avoid any future problems, I rename the Default Website to SMSWEB.  There will be no other websites running off of this particular server so it’s not a problem.
  2. Select SMSWEB and in the Features View select WebDAV Authoring Rules.
  3. Once in the screen select Enable WebDAV from the Actions pane then select Add Authoring Rule…
  4. Allow access to: All Content, Allow access to this content to: All Users, Permissions: Read
  5. Select WebDAV Settings.
  6. Set Allow Anonymous Property Queries to True.  Set Allow Custom Properties to False.  Set Allow Property Queries with Infinite Depth to True.  Set Allow Hidden Files to be Listed to True.  In the Action pane click Apply.

Final Configurations

There is one more thing that needs to be done to prepare for installing the Secondary Site now that we have IIS7.5 and WebDAV configured correctly.  You may already be aware that this step needs to be taken, but I’ll list it anyway for those that have no clue or might forget.

  1. Go to Active Directory Users and Computers.
  2. From the View menu item in the MMC console select Advanced Features if it’s not already checked.
  3. Expand the System container and right-click on System Management  and select Properties.
  4. Go to the Security tab and add the Secondary Site server to the list granting it Full Control.

Now you are ready to add this site as a Secondary Site in SCCM. Update (Mar 23, 2012)

  1. Also be sure to add the computer account of the primary site server to the Local Administrators group of the secondary site server.

Update (Apr 10, 2012)

  1. Open up IIS Manager.
  2. Expand the SMSWEB site.
  3. Right-click on the CCM_CLIENT folder and select Edit Permissions.
  4. Click the Security tab and grant the Everyone group Read permissions.

Update (Apr 11, 2012)There are a few additional Secondary Site settings that I found need to be made especially if you are using a custom port number for your Management Point.  Here we use a custom port number and I ran into an issue with clients not updating correctly.  What I discovered was that the Windows Firewall needed to have a custom rule added to it so that clients could communicate properly.

  1. Launch Server Manager on the Secondary Site server.
  2. Expand Configuration > Windows Firewall with Advanced Security
  3. Right-click on Inbound Rules and select New Rule.
  4. The New Inbound Rule Wizard will launch.  Select Port (Rule that controls connections for a TCP or UDP port)
  5. Select TCP for the protocol and in the Specific local ports: box enter the custom port number for the management point(s) in your environment.
  6. Allow the connection.
  7. Set the rule to apply to Domain, Private and Public (or whatever is relevant in your environment).
  8. Set the name to World Wide Web Services (HTTP Traffic-In) – SCCM or whatever you’d like for it to be.

One other thing that I changed was to add the Default Application Pool account and the application pool for the distribution point (if applicable) to the IIS_IUSRS group.  Since these users cannot be found easily using Select Users, Computers, Service Accounts, or Groups dialog box you have to enter them a certain way.

  • For the DefaultAppPool enter IIS APPPOOL\DefaultAppPool.
  • For the SMS Distribution Points Pool enter IIS APPPOOL\SMS Distribution Points Pool.
  • Be sure to change the Location to the local machine.

Latest Resources

Here are a few of the latest resources that I’ve been using in my web design work.  These resources/sites have been very helpful and have saved me a tremendous amount of time.

Border-Radius.com

border-radius.com

http://border-radius.com/

Probably my favorite site right now for doing rounded corners because it’s the easiest and quickest that I have found.  You just simply place a value in the boxes that correspond to a specific corner of the box and the CSS is generated inside the box automatically.  It’s great for generating code for rounding corners on a box where you don’t need all of the corners rounded.  Great tool.

CSS Sprit.es

http://css-sprit.es/css-sprit.es

I’ve been doing a fair amount of sprite work lately on designing the new rebornweb.com website.  This site has been a good help in doing this.  There is one thing that I think the site could do better.  After uploading the images, it’d be nice to be able to order them and/or reorder them instead of being surprised as to where the images will line up (i.e. whether or not an image is on the left or right, etc.).  It also requires flash as I think it’s using the jQuery uploader or something but other than that, I like the sample code and image generation.

Follow

Get every new post delivered to your Inbox.