[mssms] RE: PXE Service Point from DHCP Scope

[Andreas Hammarskjöld]

Typically these devices run some sort of *nix and gets booted from that without 
any issues. What I have seen issues with as well is when Option43 is set for 
these to work, and since MS DHCP couldn't dynamically assign options until 2012 
you were up "foul word" creek. Basically each device these days require its own 
set of options, so the MS policy thing is great.

As per the 3rd party PXE stack, that's a great way to deal with this. Ip 
helpers won't help if you share phones/devices on the same subnet requiring 
other boot devices etc. It will just make things even more confusing having 
several ip-helpers per subnet.

Removed "b*ll*cks" from the email thread as that seemed to have blocked a few 
peeps over the pond with vigorous security people.

//A

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Deepak Kumar
Sent: den 6 januari 2015 19:58
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

It is not only the PC BIOS and NIC, there are all kinds of IP phones and 
devices out there now, which use PXE to "boot up", and I've seen plenty of 
issues with the way they use DHCP scope options.

>From what I've seen in practice, configuring IP helpers is worth the effort 
>for building a stable long term infrastructure, unless you're using a 3rd 
>party PXE stack, and I can see why Microsoft wouldn't want to pay the support 
>cost for other peoples' devices.

thanks,
Deepak Kumar,

Chief Technology Officer, Adaptiva.
Seattle, WA - 98033.
Tel: 425-823-4500, Cell: 425-647-9095
http://www.adaptiva.com/onesite-deep-dive/

[Description: Description: adaptiva_logo4c-small]
   Simply Works!
[email-signature-awards]

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Jason Sandys
Sent: Tuesday, January 06, 2015 9:41 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

They support the WDS portion of course because that's their code and based on 
industry standards, they "support" ip helpers. If there truly is something 
wrong with your network forwarding DHCP/PXE broadcasts/traffic or the NIC 
initiating PXE (or downloading content using TFTP), there's nothing they can 
possibly do about it no matter what. That's the hardware vendors code and 
hardware.

And that's why they recommend ip helpers. The problems most folks have seen in 
the past with PXE booting using DHCP scope options have to do with the NIC not 
doing the right thing. It had nothing to with DHCP itself. There are still 
problems today with slow PXE boot because the NIC microcode was not efficient 
enough or correct - even the Surface 3 suffered from this issue - and the only 
thing that could be done about it was going to the hw vendor and hoping that 
they had an updated BIOS for the NIC itself.

With ip helpers, the NIC doesn't have to do anything special. That's not to say 
that the NIC still can't mess it up, but it's something that I've never seen 
happen whereas with DHCP scope options, I have.

Remember what "support" means here also: it's what they tested successfully 
with and against. It doesn't mean they can fix it if it's broken. Just like 
they support Windows but if your hard drive or motherboard is bad, they can't 
fix it and will send you to the hardware vendor to fix it.

Now, throwing UEFI into the mix changes the conversation here a little but it 
still comes down to the problem above: the have been problems in the past with 
NICs not PXE booting properly with DHCP scope options in use.

J

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: Tuesday, January 6, 2015 10:43 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

So how can they support a WDS boot at all?

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Jason Sandys
Sent: den 6 januari 2015 17:20
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

But Microsoft cannot support it, it's not their process. The reason it's 
problematic has nothing to do with DHCP, it has to do with the NIC vendors. The 
DHCP portion is not the problem here and is ultimately a small portion of the 
PXE boot process. The vast majority of PXE boot is between the NIC and the 
network which Microsoft has no control over or influence upon. How could they 
support it? Thus, it's not shifting blame, it's pointing out that they can't do 
anything about it.

J

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Phil Wilcock
Sent: Tuesday, January 6, 20

[mssms] RE: PXE Service Point from DHCP Scope

[Andreas Hammarskjöld]

Agree with some of the stuff Jason, but the NIC don't have to do anything 
"special" for a straight forward DHCP server boot either. Problem is that the 
option 66,67 which was the only way you could/can do things with a MS DHCP is 
not always working well, hence the issues.

The *nix people use the siaddr field in the DCHP package for the boot server, 
and that works great. Don't forget that these people have been doing PXE boots 
before MS had a good NT version, and they don't have the issues. Since they 
don't use option 66.

I agree a 100% with below: :)

"Remember what "support" means here also: it's what they tested successfully 
with and against. It doesn't mean they can fix it if it's broken. Just like 
they support Windows but if your hard drive or motherboard is bad, they can't 
fix it and will send you to the hardware vendor to fix it."

//Andreas

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Jason Sandys
Sent: den 6 januari 2015 18:41
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

They support the WDS portion of course because that's their code and based on 
industry standards, they "support" ip helpers. If there truly is something 
wrong with your network forwarding DHCP/PXE broadcasts/traffic or the NIC 
initiating PXE (or downloading content using TFTP), there's nothing they can 
possibly do about it no matter what. That's the hardware vendors code and 
hardware.

And that's why they recommend ip helpers. The problems most folks have seen in 
the past with PXE booting using DHCP scope options have to do with the NIC not 
doing the right thing. It had nothing to with DHCP itself. There are still 
problems today with slow PXE boot because the NIC microcode was not efficient 
enough or correct - even the Surface 3 suffered from this issue - and the only 
thing that could be done about it was going to the hw vendor and hoping that 
they had an updated BIOS for the NIC itself.

With ip helpers, the NIC doesn't have to do anything special. That's not to say 
that the NIC still can't mess it up, but it's something that I've never seen 
happen whereas with DHCP scope options, I have.

Remember what "support" means here also: it's what they tested successfully 
with and against. It doesn't mean they can fix it if it's broken. Just like 
they support Windows but if your hard drive or motherboard is bad, they can't 
fix it and will send you to the hardware vendor to fix it.

Now, throwing UEFI into the mix changes the conversation here a little but it 
still comes down to the problem above: the have been problems in the past with 
NICs not PXE booting properly with DHCP scope options in use.

J

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: Tuesday, January 6, 2015 10:43 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

So how can they support a WDS boot at all?

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Jason Sandys
Sent: den 6 januari 2015 17:20
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

But Microsoft cannot support it, it's not their process. The reason it's 
problematic has nothing to do with DHCP, it has to do with the NIC vendors. The 
DHCP portion is not the problem here and is ultimately a small portion of the 
PXE boot process. The vast majority of PXE boot is between the NIC and the 
network which Microsoft has no control over or influence upon. How could they 
support it? Thus, it's not shifting blame, it's pointing out that they can't do 
anything about it.

J

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Phil Wilcock
Sent: Tuesday, January 6, 2015 10:06 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Would be nice if MSFT could update the docs to include this info, as it's a bit 
vague as to what is 'supported' and what isn't.

In this WP - http://www.microsoft.com/en-us/download/details.aspx?id=44598 it 
states:


An alternative to using IP Helpers is setting DHCP Options on the DHCP server, 
specifically DHCP Options 60 (PXE Client), 66 (Boot Server Host Name), and 67 
(Boot file Name). However, DHCP Options can be problematic and may not work 
reliably or consistently. Furthermore the use of DHCP Options to control PXE 
requests in Configuration Manager 2012 is not supported by Microsoft. Therefore 
the recommended and supported method of PXE booting client PCs that are on a 
different subnet than the DHCP or WDS/PXE Service Point servers is the use of 
IP Helpers.

But in here 
http://technet.microsoft.

RE: [mssms] RE: PXE Service Point from DHCP Scope

[Andreas Hammarskjöld]

Well that’s pretty obvious isn’t it considering our blog post before xmas? 
http://2pintsoftware.com/more-branchache-for-xmas/

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Hester Moffit
Sent: den 6 januari 2015 19:47
To: mssms
Subject: Re: [mssms] RE: PXE Service Point from DHCP Scope

Sounds like a new 'product' is being vetted out in the forums.  Looking for 
knowledge, or being sneaky here?

On Tue, Jan 6, 2015 at 11:18 AM, Andreas Hammarskjöld 
mailto:jun...@2pintsoftware.com>> wrote:
Microsoft only does cloud stuff these days, not client/server stuff. ;-) Will 
blog on this one once the iPXE things are sorted!

Courtesy to the syslinux community member Alexandre Blanchette; here is the 
closest I got to an explanation & guide on how to do this:

I've found a way to support PXE booting both UEFI and BIOS architectures
with Windows Server DHCP.

This method uses a feature introduced in WinServer 2012: DHCP policies.

First, in the the DHCP console, at the IPv4 root of the server, create a
vendor class named PXEClient (UEFI x64) with the following value:
PXEClient:Arch:7

Then create your configuration for your BIOS clients in your scope or as
global settings as usual by setting options 66 (IP or hostname of your TFTP
host) and 67 (pxelinux.0).

For the UEFI clients, you must then create a policy. In the condition page
of the wizard, add a condition with the following settings:
Criteria: Vendor Class
Operator: Equals
Value: PXEClient (UEFI x64)
Tick Append wildcard(*)

Do not configure an IP address range for the policy.

Finally configure options 66 (TFTP server) and 67 (syslinux.efi). You must
separate TFTP servers for your BIOS and UEFI clients because Microsoft DHCP
server does not send option 210 (path prefix).  Microsoft DHCP servers will
only send options listed in the Parameter Request List in the DHCPDISCOVER
packet.

One could make a cleaner setup by creating a BIOS PXEClient vendor class
and putting their options within a policy too.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] 
On Behalf Of Phil Wilcock
Sent: den 6 januari 2015 17:06

To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Would be nice if MSFT could update the docs to include this info, as it’s a bit 
vague as to what is ‘supported’ and what isn’t.

In this WP - http://www.microsoft.com/en-us/download/details.aspx?id=44598 it 
states:


An alternative to using IP Helpers is setting DHCP Options on the DHCP server, 
specifically DHCP Options 60 (PXE Client), 66 (Boot Server Host Name), and 67 
(Boot file Name). However, DHCP Options can be problematic and may not work 
reliably or consistently. Furthermore the use of DHCP Options to control PXE 
requests in Configuration Manager 2012 is not supported by Microsoft. Therefore 
the recommended and supported method of PXE booting client PCs that are on a 
different subnet than the DHCP or WDS/PXE Service Point servers is the use of 
IP Helpers.

But in here 
http://technet.microsoft.com/en-us/library/cc732351(WS.10).aspx#Using it says 
that Microsoft ‘does not recommend’ this method.

Bottom line here seems to be that it’s a bit complicated and therefore we’ll 
shift blame over to the HW vendors and not support it. Which is a shame because 
who wants to go to their Network guys and ask them to config  thousands of 
routers?

MS own all the bits here – make em play nice together!

Senior 2Pint

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: 06 January 2015 13:11
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Todd, we were wrong. DCHP server in Server 2012 got something called Policies, 
which can control the response behavior. This means you can control what we 
should reply to who. Just discovered this but think I can get it to send 
different boot loaders to different HW capabilities.

I can definitely set it to send my iPXE boot loader a different TFTP server in 
option 66, so should be doable. If so, I will blog about it.

So I will have to retract my statement, the MS DHCP server is pretty capable.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: den 5 januari 2015 08:18
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yeah, MS DHCP is pretty much the same since NT4. I would consider moving of MS 
DHCP to something like ISC since UEFI is unavoidable.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Mot

RE: [mssms] Microsoft Ignite hotels

[Jason Wallace]

I second that.  AirBNB is great - www.airbnb.co.uk/c/jwallace2?s=8
 
From: ph...@2pintsoftware.com
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Microsoft Ignite hotels
Date: Tue, 6 Jan 2015 21:26:05 +









Airbnb?
 


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Rod Trent

Sent: 06 January 2015 20:33

To: mssms@lists.myitforum.com

Subject: RE: [mssms] Microsoft Ignite hotels


 
Something close by?
J
 
Most Chicago hotels, particularly the ones selected by Microsoft, are pretty 
good. You can’t go wrong with any of them. However, transportation for 
something this large is going to be a nightmare.
 If you thought Houston was tough, Chicago is going to be even more 
challenging. Get something close to the conference center unless you’re like me 
and like to stay within running distance.
 


From: 
listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Ewing, Scott L

Sent: Tuesday, January 6, 2015 3:01 PM

To: mssms@lists.myitforum.com

Subject: [mssms] Microsoft Ignite hotels


 
I have been approved to attend the Microsoft Ignite conference in May. Given 
that the Hyatt Regency McCormick Place is sold out, what hotels do you 
recommend?
 
 





  

[mssms] Updating root CA cert in SCCM

[Steve Whitcher]

After rebuilding my workstation recently, I couldn't get it to register
with the SCCM server properly.  Eventually I found warnings in the
SMS_MP_Control_Manager component which pointed me to the issue.  The
warnings read:

*MP has rejected registration request due to failure in client certificate
(Subject Name: COMPUTER.DOMAIN.COM ) chain
validation. If this is a valid client, Configuration Manager Administrator
needs to place the Root Certification Authority and Intermediate
Certificate Authorities in the MPÆs Certificate store or configure Trusted
Root Certification Authorities in primary site settings. The operating
system reported error 2148204809: A certificate chain processed, but
terminated in a root certificate which is not trusted by the trust
provider. *

A couple of months ago, I renewed our root CA's certificate, as the old one
expires in under 2 years.  After renewing the cert, I never updated the
root CA cert in the SCCM site settings.  Thus, any computers that were
re-imaged or otherwise issued new certs since the update, have been getting
rejected by SCCM.

I updated the trusted root CA in SCCM site settings yesterday, and today my
workstation has registered successfully with the server, along with many
others that had been affected by the same issue.  However, I'm still seeing
some instances of the same error in the logs, for other computers.  Looking
at a couple of examples, it looks like computers which have certs signed by
the OLD CA certificate are now getting registration requests rejected.

As far as I can tell, I can't have both the new and old root CA certs
trusted by SCCM.  The dialog for choosing a cert looks like it can accept
multiple root CA certificates, but when I added the new one it replaced the
old cert, rather than leaving both of them trusted.

What am I doing wrong here?  How can I get SCCM to talk to computers
regardless of whether the certs are signed by the old or new CA cert?

RE: [mssms] Microsoft Ignite hotels

[Marcum, John]

If I were you I'd stay at the Aria. :-)

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Ewing, Scott L
Sent: Tuesday, January 06, 2015 2:51 PM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Microsoft Ignite hotels

Are far as I can tell the only hotel on the conference hotel list that is close 
is the Hyatt Regency McCormick Place and it is sold out. That's why I am asking 
for recommendations from the rest. The closest available hotel on the list is, 
I think, the Hilton Chicago. It's 1.6 miles from McCormick Place.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Rod Trent
Sent: Tuesday, January 06, 2015 3:33 PM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Microsoft Ignite hotels

Something close by? :)

Most Chicago hotels, particularly the ones selected by Microsoft, are pretty 
good. You can't go wrong with any of them. However, transportation for 
something this large is going to be a nightmare. If you thought Houston was 
tough, Chicago is going to be even more challenging. Get something close to the 
conference center unless you're like me and like to stay within running 
distance.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ewing, Scott L
Sent: Tuesday, January 6, 2015 3:01 PM
To: mssms@lists.myitforum.com
Subject: [mssms] Microsoft Ignite hotels

I have been approved to attend the Microsoft Ignite conference in May. Given 
that the Hyatt Regency McCormick Place is sold out, what hotels do you 
recommend?





Confidentiality Notice: This e-mail is from a law firm and may be protected by 
the attorney-client or work product privileges. If you have received this 
message in error, please notify the sender by replying to this e-mail and then 
delete it from your computer.



Confidentiality Notice: This e-mail is from a law firm and may be protected by 
the attorney-client or work product privileges. If you have received this 
message in error, please notify the sender by replying to this e-mail and then 
delete it from your computer.

RE: [mssms] Microsoft Ignite hotels

[Phil Wilcock]

Airbnb?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Rod Trent
Sent: 06 January 2015 20:33
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Microsoft Ignite hotels

Something close by? :)

Most Chicago hotels, particularly the ones selected by Microsoft, are pretty 
good. You can't go wrong with any of them. However, transportation for 
something this large is going to be a nightmare. If you thought Houston was 
tough, Chicago is going to be even more challenging. Get something close to the 
conference center unless you're like me and like to stay within running 
distance.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ewing, Scott L
Sent: Tuesday, January 6, 2015 3:01 PM
To: mssms@lists.myitforum.com
Subject: [mssms] Microsoft Ignite hotels

I have been approved to attend the Microsoft Ignite conference in May. Given 
that the Hyatt Regency McCormick Place is sold out, what hotels do you 
recommend?

RE: [mssms] Microsoft Ignite hotels

[Michael Niehaus]

The trains in Chicago are very good too (although not always the most 
attractive :)), so don't be too afraid to stay somewhere along a convenient 
route.

http://www.transitchicago.com/assets/1/clickable_system_map/200806C.htm

Thanks,
-Michael

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Harjit Dhaliwal
Sent: Tuesday, January 6, 2015 1:11 PM
To: mssms@lists.myitforum.com
Subject: Re: [mssms] Microsoft Ignite hotels

You can use the MS Ignite forum for this.
http://channel9.msdn.com/Forums/MicrosoftIgnite

Basically, you will want to stay in the loop area south of the river which cuts 
Michigan Ave.  This will avoid your bus delays from trying to cross the bridge 
during rush hour.  Transportation to McCormick may be easier than one expects 
because there is a dedicated road only for buses and taxis (called McCormick 
Place Busway) directly to McCormick which starts from the top of Millennium 
Park.  There is also the Metra train that goes directly inside the convention 
center.  You will also want to stay in the loop area because there is 
absolutely nothing by the convention center.

-Harjit
On 1/6/2015 3:51 PM, Ewing, Scott L wrote:
Are far as I can tell the only hotel on the conference hotel list that is close 
is the Hyatt Regency McCormick Place and it is sold out. That's why I am asking 
for recommendations from the rest. The closest available hotel on the list is, 
I think, the Hilton Chicago. It's 1.6 miles from McCormick Place.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Rod Trent
Sent: Tuesday, January 06, 2015 3:33 PM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Microsoft Ignite hotels

Something close by? :)

Most Chicago hotels, particularly the ones selected by Microsoft, are pretty 
good. You can't go wrong with any of them. However, transportation for 
something this large is going to be a nightmare. If you thought Houston was 
tough, Chicago is going to be even more challenging. Get something close to the 
conference center unless you're like me and like to stay within running 
distance.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ewing, Scott L
Sent: Tuesday, January 6, 2015 3:01 PM
To: mssms@lists.myitforum.com
Subject: [mssms] Microsoft Ignite hotels

I have been approved to attend the Microsoft Ignite conference in May. Given 
that the Hyatt Regency McCormick Place is sold out, what hotels do you 
recommend?

RE: [mssms] Microsoft Ignite hotels

[Mike Schorr]

You could try to give yourself options and stay near the two Metra Electric 
lines that end in Grant Part and Millennium Park.  Metra would be a quick trip 
to McCormick as opposed to waiting on a bus.  The Hilton Chicago and some of 
the hotels North of that would only leave you with a 1-2 block walk to the 
train.  You won't want to count on cabs for that trip during rush hour.

-Mike

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Ewing, Scott L
Sent: Tuesday, January 6, 2015 2:51 PM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Microsoft Ignite hotels

Are far as I can tell the only hotel on the conference hotel list that is close 
is the Hyatt Regency McCormick Place and it is sold out. That's why I am asking 
for recommendations from the rest. The closest available hotel on the list is, 
I think, the Hilton Chicago. It's 1.6 miles from McCormick Place.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Rod Trent
Sent: Tuesday, January 06, 2015 3:33 PM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Microsoft Ignite hotels

Something close by? :)

Most Chicago hotels, particularly the ones selected by Microsoft, are pretty 
good. You can't go wrong with any of them. However, transportation for 
something this large is going to be a nightmare. If you thought Houston was 
tough, Chicago is going to be even more challenging. Get something close to the 
conference center unless you're like me and like to stay within running 
distance.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ewing, Scott L
Sent: Tuesday, January 6, 2015 3:01 PM
To: mssms@lists.myitforum.com
Subject: [mssms] Microsoft Ignite hotels

I have been approved to attend the Microsoft Ignite conference in May. Given 
that the Hyatt Regency McCormick Place is sold out, what hotels do you 
recommend?

Re: [mssms] Microsoft Ignite hotels

[Harjit Dhaliwal]

You can use the MS Ignite forum for this.
http://channel9.msdn.com/Forums/MicrosoftIgnite

Basically, you will want to stay in the loop area south of the river 
which cuts Michigan Ave.  This will avoid your bus delays from trying to 
cross the bridge during rush hour.  Transportation to McCormick may be 
easier than one expects because there is a dedicated road only for buses 
and taxis (called McCormick Place Busway) directly to McCormick which 
starts from the top of Millennium Park.  There is also the Metra train 
that goes directly inside the convention center.  You will also want to 
stay in the loop area because there is absolutely nothing by the 
convention center.


-Harjit

On 1/6/2015 3:51 PM, Ewing, Scott L wrote:


Are far as I can tell the only hotel on the conference hotel list that 
is close is the Hyatt Regency McCormick Place and it is sold out. 
That’s why I am asking for recommendations from the rest. The closest 
available hotel on the list is, I think, the Hilton Chicago. It’s 1.6 
miles from McCormick Place.


*From:*listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] *On Behalf Of *Rod Trent

*Sent:* Tuesday, January 06, 2015 3:33 PM
*To:* mssms@lists.myitforum.com
*Subject:* RE: [mssms] Microsoft Ignite hotels

Something close by? J

Most Chicago hotels, particularly the ones selected by Microsoft, are 
pretty good. You can’t go wrong with any of them. However, 
transportation for something this large is going to be a nightmare. If 
you thought Houston was tough, Chicago is going to be even more 
challenging. Get something close to the conference center unless 
you’re like me and like to stay within running distance.


*From:* listsad...@lists.myitforum.com 
 
[mailto:listsad...@lists.myitforum.com] *On Behalf Of *Ewing, Scott L

*Sent:* Tuesday, January 6, 2015 3:01 PM
*To:* mssms@lists.myitforum.com 
*Subject:* [mssms] Microsoft Ignite hotels

I have been approved to attend the Microsoft Ignite conference in May. 
Given that the Hyatt Regency McCormick Place is sold out, what hotels 
do you recommend?

RE: [mssms] Microsoft Ignite hotels

[Rod Trent]

Close, to me, is 3 miles or less.  I stayed outside of downtown last year,
and ran both ways back and forth.  I'd pass Ed waiting for his bus every
morning, cussing the wind.

 

To me, 1.6 miles isn't that far and a bus trip shouldn't be that bad.

 

Of course, this might add some fodder to your thought process when deciding
to walk (or run).

 



 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Ewing, Scott L
Sent: Tuesday, January 6, 2015 3:51 PM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Microsoft Ignite hotels

 

Are far as I can tell the only hotel on the conference hotel list that is
close is the Hyatt Regency McCormick Place and it is sold out. That's why I
am asking for recommendations from the rest. The closest available hotel on
the list is, I think, the Hilton Chicago. It's 1.6 miles from McCormick
Place. 

 

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Rod Trent
Sent: Tuesday, January 06, 2015 3:33 PM
To: mssms@lists.myitforum.com  
Subject: RE: [mssms] Microsoft Ignite hotels

 

Something close by? :)

 

Most Chicago hotels, particularly the ones selected by Microsoft, are pretty
good. You can't go wrong with any of them. However, transportation for
something this large is going to be a nightmare. If you thought Houston was
tough, Chicago is going to be even more challenging. Get something close to
the conference center unless you're like me and like to stay within running
distance.

 

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ewing, Scott L
Sent: Tuesday, January 6, 2015 3:01 PM
To: mssms@lists.myitforum.com  
Subject: [mssms] Microsoft Ignite hotels

 

I have been approved to attend the Microsoft Ignite conference in May. Given
that the Hyatt Regency McCormick Place is sold out, what hotels do you
recommend?

 

 

 

RE: [mssms] Deploy PowerShell script

[Kent, Mark]

Thanks everyone for the tips.  Turns out it was a minor syntax error, ugh.

Mark Kent (MCP)
Sr. Desktop Systems Engineer
Computing & Technology Services - SUNY Buffalo State

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Jeff Poling
Sent: Tuesday, January 6, 2015 10:32 AM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Deploy PowerShell script

I always test my command lines using Psexec -s -i.  What does the command line 
do if you test it using psexec?

The only other thing I can think of is the path to the script may be causing 
issues.  does .\ really ersolve to where the script is located when the program 
executes?

Jeff


From: ken...@buffalostate.edu
To: mssms@lists.myitforum.com
Date: Tue, 6 Jan 2015 10:18:03 -0500
Subject: [mssms] Deploy PowerShell script
We are running SCCM 2012 R2 CU1 with Windows 7 64bit clients.  I have a simple 
script that I am trying to deploy as a package/program.  The command line is:

%WINDIR%\Sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy 
Bypass -file .\Remove2010LNK.PS1

If I manually run the script from within powershell, it works fine.  If I 
deploy it from SCCM, it says it runs successfully but I can tell it does not, 
and it also completes in seconds when it should take a couple minutes.  I've 
tried sending it out via a task sequence with the same result, it says it runs 
successfully but it isn't.  The only odd thing I noted in the EXECMGR log is:

Running "C:\Windows\sysnative\WindowsPowerShell\v1.0\powershell.exe" 
-executionpolicy Bypass -file .\Remove2010LNK.PS1 with 32bitLauncher

Should it still state "with 32bitlauncher" if I am telling it to use the 64bit 
one?

My last recourse may be to take the script lines and shove it into a CMD batch 
file, but I'd really like to figure out why this isn't working.  Thanks.

Mark Kent (MCP)
Sr. Desktop Systems Engineer
Computing & Technology Services - SUNY Buffalo State

RE: [mssms] Microsoft Ignite hotels

[Mike Schorr]

The core of the hotels are going to be about that distance plus some to 
McCormick Place.  They'll have to run busses and\or embrace public 
transportation.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Ewing, Scott L
Sent: Tuesday, January 6, 2015 2:51 PM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Microsoft Ignite hotels

Are far as I can tell the only hotel on the conference hotel list that is close 
is the Hyatt Regency McCormick Place and it is sold out. That's why I am asking 
for recommendations from the rest. The closest available hotel on the list is, 
I think, the Hilton Chicago. It's 1.6 miles from McCormick Place.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Rod Trent
Sent: Tuesday, January 06, 2015 3:33 PM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Microsoft Ignite hotels

Something close by? :)

Most Chicago hotels, particularly the ones selected by Microsoft, are pretty 
good. You can't go wrong with any of them. However, transportation for 
something this large is going to be a nightmare. If you thought Houston was 
tough, Chicago is going to be even more challenging. Get something close to the 
conference center unless you're like me and like to stay within running 
distance.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ewing, Scott L
Sent: Tuesday, January 6, 2015 3:01 PM
To: mssms@lists.myitforum.com
Subject: [mssms] Microsoft Ignite hotels

I have been approved to attend the Microsoft Ignite conference in May. Given 
that the Hyatt Regency McCormick Place is sold out, what hotels do you 
recommend?

RE: [mssms] Microsoft Ignite hotels

[Ewing, Scott L]

Are far as I can tell the only hotel on the conference hotel list that is close 
is the Hyatt Regency McCormick Place and it is sold out. That's why I am asking 
for recommendations from the rest. The closest available hotel on the list is, 
I think, the Hilton Chicago. It's 1.6 miles from McCormick Place.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Rod Trent
Sent: Tuesday, January 06, 2015 3:33 PM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Microsoft Ignite hotels

Something close by? :)

Most Chicago hotels, particularly the ones selected by Microsoft, are pretty 
good. You can't go wrong with any of them. However, transportation for 
something this large is going to be a nightmare. If you thought Houston was 
tough, Chicago is going to be even more challenging. Get something close to the 
conference center unless you're like me and like to stay within running 
distance.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ewing, Scott L
Sent: Tuesday, January 6, 2015 3:01 PM
To: mssms@lists.myitforum.com
Subject: [mssms] Microsoft Ignite hotels

I have been approved to attend the Microsoft Ignite conference in May. Given 
that the Hyatt Regency McCormick Place is sold out, what hotels do you 
recommend?

[mssms] RE: unscheduled SCEP scans

[Krueger, Jeff]

So it looks like you have it configured to only scan when the computer is idle 
which since this is a server I'm wondering if your scan is missing it's 
scheduled time due to the server not being idle, and it is trying to catch up 
due to a missed scan.  Is it the full scan or a quick scan that you are seeing 
in the afternoon?

Take a look at the client settings in the console, I don't know what the 
thresholds are for the computer being idle, and if just a missed scan while the 
machine is still online will trigger the forced scan, but it's worth a look.
[cid:image002.png@01D029C7.5512CAB0]

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael Mott
Sent: Tuesday, January 6, 2015 3:27 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

Marcum rant forthcoming

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Timothy Ransom
Sent: Tuesday, January 06, 2015 3:12 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

Scheduled scan completed last Friday at 9pm but another scan started this 
afternoon.

[cid:image001.jpg@01D029C6.A4639F00]

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Krueger, Jeff
Sent: Tuesday, January 06, 2015 2:58 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

What are you settings for scheduled scans in you Default Client Antimalware 
Policy?

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Timothy Ransom
Sent: Tuesday, January 6, 2015 2:53 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

I am experiencing both.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Jimmy Martin
Sent: Tuesday, January 06, 2015 2:51 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

Are they unscheduled or are they just running REAL long :)  Ive seen other 
threads discussing the EXTRA long scan times.  Has anyone seen a fix for that?


Jimmy Martin
(901) 227-8209

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Timothy Ransom
Sent: Tuesday, January 06, 2015 1:44 PM
To: mssms
Subject: [mssms] unscheduled SCEP scans

Hi,

I have several servers that perform unscheduled SCEP scans that degrade 
performance during business hours.

Has anyone else experienced this?
What can cause unscheduled SCEP scans?

Thanks,
Tim

**
GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential 
information protected by state or federal law. The information is intended only 
for use consistent with the state business discussed in this transmission. If 
you are not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution, or the taking of any action based on the 
contents is strictly prohibited. If you have received this transmission in 
error, please delete this email and notify the sender immediately. Your 
cooperation is appreciated.
**



This message and any files transmitted with it may contain legally privileged, 
confidential, or proprietary information. If you are not the intended recipient 
of this message, you are not permitted to use, copy, or forward it, in whole or 
in part without the express consent of the sender. Please notify the sender of 
the error by reply email, disregard the foregoing messages, and delete it 
immediately.


P Please consider the environment before printing this email...



**
GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential 
information protected by state or federal law. The information is intended only 
for use consistent with the state business discussed in this transmission. If 
you are not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution, or the taking of any action based on the 
contents is strictly prohibited. If you have received this transmission in 
error, please delete this email and notify the sender immediately. Your 
cooperation is appreciated.
**





CONFIDENTIALITY NOTICE: This email contains information from the sender that 
may be CONFIDENTIAL, LEGALLY PRIV

RE: [mssms] Microsoft Ignite hotels

[Rod Trent]

Something close by? :)

 

Most Chicago hotels, particularly the ones selected by Microsoft, are pretty
good. You can't go wrong with any of them. However, transportation for
something this large is going to be a nightmare. If you thought Houston was
tough, Chicago is going to be even more challenging. Get something close to
the conference center unless you're like me and like to stay within running
distance.

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Ewing, Scott L
Sent: Tuesday, January 6, 2015 3:01 PM
To: mssms@lists.myitforum.com
Subject: [mssms] Microsoft Ignite hotels

 

I have been approved to attend the Microsoft Ignite conference in May. Given
that the Hyatt Regency McCormick Place is sold out, what hotels do you
recommend?

 

[mssms] RE: unscheduled SCEP scans

[Michael Mott]

Marcum rant forthcoming

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Timothy Ransom
Sent: Tuesday, January 06, 2015 3:12 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

Scheduled scan completed last Friday at 9pm but another scan started this 
afternoon.

[cid:image001.jpg@01D029C5.44CB1380]

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Krueger, Jeff
Sent: Tuesday, January 06, 2015 2:58 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

What are you settings for scheduled scans in you Default Client Antimalware 
Policy?

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Timothy Ransom
Sent: Tuesday, January 6, 2015 2:53 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

I am experiencing both.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Jimmy Martin
Sent: Tuesday, January 06, 2015 2:51 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

Are they unscheduled or are they just running REAL long :)  Ive seen other 
threads discussing the EXTRA long scan times.  Has anyone seen a fix for that?


Jimmy Martin
(901) 227-8209

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Timothy Ransom
Sent: Tuesday, January 06, 2015 1:44 PM
To: mssms
Subject: [mssms] unscheduled SCEP scans

Hi,

I have several servers that perform unscheduled SCEP scans that degrade 
performance during business hours.

Has anyone else experienced this?
What can cause unscheduled SCEP scans?

Thanks,
Tim

**
GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential 
information protected by state or federal law. The information is intended only 
for use consistent with the state business discussed in this transmission. If 
you are not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution, or the taking of any action based on the 
contents is strictly prohibited. If you have received this transmission in 
error, please delete this email and notify the sender immediately. Your 
cooperation is appreciated.
**



This message and any files transmitted with it may contain legally privileged, 
confidential, or proprietary information. If you are not the intended recipient 
of this message, you are not permitted to use, copy, or forward it, in whole or 
in part without the express consent of the sender. Please notify the sender of 
the error by reply email, disregard the foregoing messages, and delete it 
immediately.


P Please consider the environment before printing this email...



**
GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential 
information protected by state or federal law. The information is intended only 
for use consistent with the state business discussed in this transmission. If 
you are not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution, or the taking of any action based on the 
contents is strictly prohibited. If you have received this transmission in 
error, please delete this email and notify the sender immediately. Your 
cooperation is appreciated.
**





CONFIDENTIALITY NOTICE: This email contains information from the sender that 
may be CONFIDENTIAL, LEGALLY PRIVILEGED, PROPRIETARY or otherwise protected 
from disclosure. This email is intended for use only by the person or entity to 
whom it is addressed. If you are not the intended recipient, any use, 
disclosure, copying, distribution, printing, or any action taken in reliance on 
the contents of this email, is strictly prohibited. If you received this email 
in error, please contact the sending party by reply email, delete the email 
from your computer system and shred any paper copies.

Note to Patients: There are a number of risks you should consider before using 
e-mail to communicate with us. See our Privacy & Security page on 
www.henryford.com for more detailed information as 
well as information concerning MyChart, our new patient portal. If you do not 
believe that our policy gives you the privacy and security protection you need, 
do not send e-mail

[mssms] RE: unscheduled SCEP scans

[Timothy Ransom]

Scheduled scan completed last Friday at 9pm but another scan started this 
afternoon.

[cid:image001.jpg@01D029C3.2B2D8770]

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Krueger, Jeff
Sent: Tuesday, January 06, 2015 2:58 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

What are you settings for scheduled scans in you Default Client Antimalware 
Policy?

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Timothy Ransom
Sent: Tuesday, January 6, 2015 2:53 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

I am experiencing both.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Jimmy Martin
Sent: Tuesday, January 06, 2015 2:51 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

Are they unscheduled or are they just running REAL long :)  Ive seen other 
threads discussing the EXTRA long scan times.  Has anyone seen a fix for that?


Jimmy Martin
(901) 227-8209

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Timothy Ransom
Sent: Tuesday, January 06, 2015 1:44 PM
To: mssms
Subject: [mssms] unscheduled SCEP scans

Hi,

I have several servers that perform unscheduled SCEP scans that degrade 
performance during business hours.

Has anyone else experienced this?
What can cause unscheduled SCEP scans?

Thanks,
Tim

**
GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential 
information protected by state or federal law. The information is intended only 
for use consistent with the state business discussed in this transmission. If 
you are not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution, or the taking of any action based on the 
contents is strictly prohibited. If you have received this transmission in 
error, please delete this email and notify the sender immediately. Your 
cooperation is appreciated.
**



This message and any files transmitted with it may contain legally privileged, 
confidential, or proprietary information. If you are not the intended recipient 
of this message, you are not permitted to use, copy, or forward it, in whole or 
in part without the express consent of the sender. Please notify the sender of 
the error by reply email, disregard the foregoing messages, and delete it 
immediately.


P Please consider the environment before printing this email...



**
GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential 
information protected by state or federal law. The information is intended only 
for use consistent with the state business discussed in this transmission. If 
you are not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution, or the taking of any action based on the 
contents is strictly prohibited. If you have received this transmission in 
error, please delete this email and notify the sender immediately. Your 
cooperation is appreciated.
**





CONFIDENTIALITY NOTICE: This email contains information from the sender that 
may be CONFIDENTIAL, LEGALLY PRIVILEGED, PROPRIETARY or otherwise protected 
from disclosure. This email is intended for use only by the person or entity to 
whom it is addressed. If you are not the intended recipient, any use, 
disclosure, copying, distribution, printing, or any action taken in reliance on 
the contents of this email, is strictly prohibited. If you received this email 
in error, please contact the sending party by reply email, delete the email 
from your computer system and shred any paper copies.

Note to Patients: There are a number of risks you should consider before using 
e-mail to communicate with us. See our Privacy & Security page on 
www.henryford.com for more detailed information as 
well as information concerning MyChart, our new patient portal. If you do not 
believe that our policy gives you the privacy and security protection you need, 
do not send e-mail or Internet communications to us.

**
GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential 
information protected by state or federal law.  The information is intended 
only for use consistent with the state

[mssms] Microsoft Ignite hotels

[Ewing, Scott L]

I have been approved to attend the Microsoft Ignite conference in May. Given 
that the Hyatt Regency McCormick Place is sold out, what hotels do you 
recommend?

[mssms] RE: unscheduled SCEP scans

[Krueger, Jeff]

What are you settings for scheduled scans in you Default Client Antimalware 
Policy?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Timothy Ransom
Sent: Tuesday, January 6, 2015 2:53 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

I am experiencing both.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Jimmy Martin
Sent: Tuesday, January 06, 2015 2:51 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

Are they unscheduled or are they just running REAL long :)  Ive seen other 
threads discussing the EXTRA long scan times.  Has anyone seen a fix for that?


Jimmy Martin
(901) 227-8209

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Timothy Ransom
Sent: Tuesday, January 06, 2015 1:44 PM
To: mssms
Subject: [mssms] unscheduled SCEP scans

Hi,

I have several servers that perform unscheduled SCEP scans that degrade 
performance during business hours.

Has anyone else experienced this?
What can cause unscheduled SCEP scans?

Thanks,
Tim

**
GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential 
information protected by state or federal law. The information is intended only 
for use consistent with the state business discussed in this transmission. If 
you are not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution, or the taking of any action based on the 
contents is strictly prohibited. If you have received this transmission in 
error, please delete this email and notify the sender immediately. Your 
cooperation is appreciated.
**



This message and any files transmitted with it may contain legally privileged, 
confidential, or proprietary information. If you are not the intended recipient 
of this message, you are not permitted to use, copy, or forward it, in whole or 
in part without the express consent of the sender. Please notify the sender of 
the error by reply email, disregard the foregoing messages, and delete it 
immediately.


P Please consider the environment before printing this email...



**
GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential 
information protected by state or federal law. The information is intended only 
for use consistent with the state business discussed in this transmission. If 
you are not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution, or the taking of any action based on the 
contents is strictly prohibited. If you have received this transmission in 
error, please delete this email and notify the sender immediately. Your 
cooperation is appreciated.
**





CONFIDENTIALITY NOTICE: This email contains information from the sender that 
may be CONFIDENTIAL, LEGALLY PRIVILEGED, PROPRIETARY or otherwise protected 
from disclosure. This email is intended for use only by the person or entity to 
whom it is addressed. If you are not the intended recipient, any use, 
disclosure, copying, distribution, printing, or any action taken in reliance on 
the contents of this email, is strictly prohibited. If you received this email 
in error, please contact the sending party by reply email, delete the email 
from your computer system and shred any paper copies.

Note to Patients: There are a number of risks you should consider before using 
e-mail to communicate with us. See our Privacy & Security page on 
www.henryford.com for more detailed information as well as information 
concerning MyChart, our new patient portal. If you do not believe that our 
policy gives you the privacy and security protection you need, do not send 
e-mail or Internet communications to us.

[mssms] RE: unscheduled SCEP scans

[Timothy Ransom]

I am experiencing both.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Jimmy Martin
Sent: Tuesday, January 06, 2015 2:51 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: unscheduled SCEP scans

Are they unscheduled or are they just running REAL long :)  Ive seen other 
threads discussing the EXTRA long scan times.  Has anyone seen a fix for that?


Jimmy Martin
(901) 227-8209

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Timothy Ransom
Sent: Tuesday, January 06, 2015 1:44 PM
To: mssms
Subject: [mssms] unscheduled SCEP scans

Hi,

I have several servers that perform unscheduled SCEP scans that degrade 
performance during business hours.

Has anyone else experienced this?
What can cause unscheduled SCEP scans?

Thanks,
Tim

**
GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential 
information protected by state or federal law. The information is intended only 
for use consistent with the state business discussed in this transmission. If 
you are not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution, or the taking of any action based on the 
contents is strictly prohibited. If you have received this transmission in 
error, please delete this email and notify the sender immediately. Your 
cooperation is appreciated.
**



This message and any files transmitted with it may contain legally privileged, 
confidential, or proprietary information. If you are not the intended recipient 
of this message, you are not permitted to use, copy, or forward it, in whole or 
in part without the express consent of the sender. Please notify the sender of 
the error by reply email, disregard the foregoing messages, and delete it 
immediately.


P Please consider the environment before printing this email...


**
GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential 
information protected by state or federal law.  The information is intended 
only for use consistent with the state business discussed in this transmission. 
 If you are not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution, or the taking of any action based on the 
contents is strictly prohibited.  If you have received this transmission in 
error, please delete this email and notify the sender immediately.  Your 
cooperation is appreciated.
**

Re: [mssms] unscheduled SCEP scans

[Gailfus, Nick]

Do you have it set to scan as soon as the computer is available? For
example, our weekly scan is done on Sunday but if the computer is off it
will scan Monday ASAP.

Nick Gailfus
Computer Technician
p. 602.953.2933  f. 602.953.0831
nick.gail...@leonagroup.com | www.leonagroup.com



On Tue, Jan 6, 2015 at 12:43 PM, Timothy Ransom 
wrote:

> Hi,
>
>
>
> I have several servers that perform unscheduled SCEP scans that degrade
> performance during business hours.
>
>
>
> Has anyone else experienced this?
>
> What can cause unscheduled SCEP scans?
>
>
>
> Thanks,
>
> Tim
>
>
>
> **
> GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential
> information protected by state or federal law. The information is intended
> only for use consistent with the state business discussed in this
> transmission. If you are not the intended recipient, you are hereby
> notified that any disclosure, copying, distribution, or the taking of any
> action based on the contents is strictly prohibited. If you have received
> this transmission in error, please delete this email and notify the sender
> immediately. Your cooperation is appreciated.
>
> **
>
>

[mssms] RE: unscheduled SCEP scans

[Jimmy Martin]

Are they unscheduled or are they just running REAL long :)  Ive seen other 
threads discussing the EXTRA long scan times.  Has anyone seen a fix for that?


Jimmy Martin
(901) 227-8209

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Timothy Ransom
Sent: Tuesday, January 06, 2015 1:44 PM
To: mssms
Subject: [mssms] unscheduled SCEP scans

Hi,

I have several servers that perform unscheduled SCEP scans that degrade 
performance during business hours.

Has anyone else experienced this?
What can cause unscheduled SCEP scans?

Thanks,
Tim

**
GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential 
information protected by state or federal law. The information is intended only 
for use consistent with the state business discussed in this transmission. If 
you are not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution, or the taking of any action based on the 
contents is strictly prohibited. If you have received this transmission in 
error, please delete this email and notify the sender immediately. Your 
cooperation is appreciated.
**




This message and any files transmitted with it may contain legally privileged, 
confidential, or proprietary information. If you are not the intended recipient 
of this message, you are not permitted to use, copy, or forward it, in whole or 
in part without the express consent of the sender. Please notify the sender of 
the error by reply email, disregard the foregoing messages, and delete it 
immediately.

P Please consider the environment before printing this email...

[mssms] unscheduled SCEP scans

[Timothy Ransom]

Hi,

I have several servers that perform unscheduled SCEP scans that degrade 
performance during business hours.

Has anyone else experienced this?
What can cause unscheduled SCEP scans?

Thanks,
Tim
**
GDOL CONFIDENTIALITY NOTICE: This transmission may contain confidential 
information protected by state or federal law.  The information is intended 
only for use consistent with the state business discussed in this transmission. 
 If you are not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution, or the taking of any action based on the 
contents is strictly prohibited.  If you have received this transmission in 
error, please delete this email and notify the sender immediately.  Your 
cooperation is appreciated.
**

[mssms] RE: PXE Service Point from DHCP Scope

[Deepak Kumar]

It is not only the PC BIOS and NIC, there are all kinds of IP phones and 
devices out there now, which use PXE to "boot up", and I've seen plenty of 
issues with the way they use DHCP scope options.

>From what I've seen in practice, configuring IP helpers is worth the effort 
>for building a stable long term infrastructure, unless you're using a 3rd 
>party PXE stack, and I can see why Microsoft wouldn't want to pay the support 
>cost for other peoples' devices.

thanks,
Deepak Kumar,

Chief Technology Officer, Adaptiva.
Seattle, WA - 98033.
Tel: 425-823-4500, Cell: 425-647-9095
http://www.adaptiva.com/onesite-deep-dive/

[Description: Description: adaptiva_logo4c-small]
   Simply Works!
[email-signature-awards]

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Jason Sandys
Sent: Tuesday, January 06, 2015 9:41 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

They support the WDS portion of course because that's their code and based on 
industry standards, they "support" ip helpers. If there truly is something 
wrong with your network forwarding DHCP/PXE broadcasts/traffic or the NIC 
initiating PXE (or downloading content using TFTP), there's nothing they can 
possibly do about it no matter what. That's the hardware vendors code and 
hardware.

And that's why they recommend ip helpers. The problems most folks have seen in 
the past with PXE booting using DHCP scope options have to do with the NIC not 
doing the right thing. It had nothing to with DHCP itself. There are still 
problems today with slow PXE boot because the NIC microcode was not efficient 
enough or correct - even the Surface 3 suffered from this issue - and the only 
thing that could be done about it was going to the hw vendor and hoping that 
they had an updated BIOS for the NIC itself.

With ip helpers, the NIC doesn't have to do anything special. That's not to say 
that the NIC still can't mess it up, but it's something that I've never seen 
happen whereas with DHCP scope options, I have.

Remember what "support" means here also: it's what they tested successfully 
with and against. It doesn't mean they can fix it if it's broken. Just like 
they support Windows but if your hard drive or motherboard is bad, they can't 
fix it and will send you to the hardware vendor to fix it.

Now, throwing UEFI into the mix changes the conversation here a little but it 
still comes down to the problem above: the have been problems in the past with 
NICs not PXE booting properly with DHCP scope options in use.

J

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: Tuesday, January 6, 2015 10:43 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

So how can they support a WDS boot at all?

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Jason Sandys
Sent: den 6 januari 2015 17:20
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

But Microsoft cannot support it, it's not their process. The reason it's 
problematic has nothing to do with DHCP, it has to do with the NIC vendors. The 
DHCP portion is not the problem here and is ultimately a small portion of the 
PXE boot process. The vast majority of PXE boot is between the NIC and the 
network which Microsoft has no control over or influence upon. How could they 
support it? Thus, it's not shifting blame, it's pointing out that they can't do 
anything about it.

J

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Phil Wilcock
Sent: Tuesday, January 6, 2015 10:06 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Would be nice if MSFT could update the docs to include this info, as it's a bit 
vague as to what is 'supported' and what isn't.

In this WP - http://www.microsoft.com/en-us/download/details.aspx?id=44598 it 
states:


An alternative to using IP Helpers is setting DHCP Options on the DHCP server, 
specifically DHCP Options 60 (PXE Client), 66 (Boot Server Host Name), and 67 
(Boot file Name). However, DHCP Options can be problematic and may not work 
reliably or consistently. Furthermore the use of DHCP Options to control PXE 
requests in Configuration Manager 2012 is not supported by Microsoft. Therefore 
the recommended and supported method of PXE booting client PCs that are on a 
different subnet than the DHCP or WDS/PXE Service Point servers is the use of 
IP Helpers.

But in here 
http://technet.microsoft.com/en-us/library/cc732351(WS.10).aspx#Using it says 
that Microsoft 'does not recommend' this method.

Bot

Re: [mssms] RE: PXE Service Point from DHCP Scope

[Hester Moffit]

Sounds like a new 'product' is being vetted out in the forums.  Looking for
knowledge, or being sneaky here?

On Tue, Jan 6, 2015 at 11:18 AM, Andreas Hammarskjöld <
jun...@2pintsoftware.com> wrote:

>  Microsoft only does cloud stuff these days, not client/server stuff. ;-)
> Will blog on this one once the iPXE things are sorted!
>
>
>
> Courtesy to the syslinux community member Alexandre Blanchette; here is
> the closest I got to an explanation & guide on how to do this:
>
>
>
> I've found a way to support PXE booting both UEFI and BIOS architectures
>
> with Windows Server DHCP.
>
>
>
> This method uses a feature introduced in WinServer 2012: DHCP policies.
>
>
>
> First, in the the DHCP console, at the IPv4 root of the server, create a
>
> vendor class named PXEClient (UEFI x64) with the following value:
>
> PXEClient:Arch:7
>
>
>
> Then create your configuration for your BIOS clients in your scope or as
>
> global settings as usual by setting options 66 (IP or hostname of your TFTP
>
> host) and 67 (pxelinux.0).
>
>
>
> For the UEFI clients, you must then create a policy. In the condition page
>
> of the wizard, add a condition with the following settings:
>
> Criteria: Vendor Class
>
> Operator: Equals
>
> Value: PXEClient (UEFI x64)
>
> Tick Append wildcard(*)
>
>
>
> Do not configure an IP address range for the policy.
>
>
>
> Finally configure options 66 (TFTP server) and 67 (syslinux.efi). You must
>
> separate TFTP servers for your BIOS and UEFI clients because Microsoft DHCP
>
> server does not send option 210 (path prefix).  Microsoft DHCP servers will
>
> only send options listed in the Parameter Request List in the DHCPDISCOVER
>
> packet.
>
>
>
> One could make a cleaner setup by creating a BIOS PXEClient vendor class
>
> and putting their options within a policy too.
>
>
>
> //A
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:
> listsad...@lists.myitforum.com] *On Behalf Of *Phil Wilcock
> *Sent:* den 6 januari 2015 17:06
>
> *To:* mssms@lists.myitforum.com
> *Subject:* [mssms] RE: PXE Service Point from DHCP Scope
>
>
>
> Would be nice if MSFT could update the docs to include this info, as it’s
> a bit vague as to what is ‘supported’ and what isn’t.
>
>
>
> In this WP - http://www.microsoft.com/en-us/download/details.aspx?id=44598
> it states:
>
>
>
> An alternative to using IP Helpers is setting DHCP Options on the DHCP
> server, specifically DHCP Options 60 (PXE Client), 66 (Boot Server Host
> Name), and 67 (Boot file Name). However, DHCP Options can be problematic
> and may not work reliably or consistently. Furthermore the use of DHCP
> Options to control PXE requests in Configuration Manager 2012 is *not
> supported by Microsoft.* Therefore the recommended and supported method
> of PXE booting client PCs that are on a different subnet than the DHCP or
> WDS/PXE Service Point servers is the use of IP Helpers.
>
>
>
> But in here
> http://technet.microsoft.com/en-us/library/cc732351(WS.10).aspx#Using it
> says that Microsoft ‘does not recommend’ this method.
>
>
>
> Bottom line here seems to be that it’s a bit complicated and therefore
> we’ll shift blame over to the HW vendors and not support it. Which is a
> shame because who wants to go to their Network guys and ask them to config
>  thousands of routers?
>
>
>
> MS own all the bits here – make em play nice together!
>
>
>
> Senior 2Pint
>
>
>
> *From:* listsad...@lists.myitforum.com [
> mailto:listsad...@lists.myitforum.com ] *On
> Behalf Of *Andreas Hammarskjöld
> *Sent:* 06 January 2015 13:11
> *To:* mssms@lists.myitforum.com
> *Subject:* [mssms] RE: PXE Service Point from DHCP Scope
>
>
>
> Todd, we were wrong. DCHP server in Server 2012 got something called
> Policies, which can control the response behavior. This means you can
> control what we should reply to who. Just discovered this but think I can
> get it to send different boot loaders to different HW capabilities.
>
>
>
> I can definitely set it to send my iPXE boot loader a different TFTP
> server in option 66, so should be doable. If so, I will blog about it.
>
>
>
> So I will have to retract my statement, the MS DHCP server is pretty
> capable.
>
>
>
> //A
>
>
>
> *From:* listsad...@lists.myitforum.com [
> mailto:listsad...@lists.myitforum.com ] *On
> Behalf Of *Andreas Hammarskjöld
> *Sent:* den 5 januari 2015 08:18
> *To:* mssms@lists.myitforum.com
> *Subject:* [mssms] RE: PXE Service Point from DHCP Scope
>
>
>
> Yeah, MS DHCP is pretty much the same since NT4. I would consider moving
> of MS DHCP to something like ISC since UEFI is unavoidable.
>
>
>
> //A
>
>
>
> *From:* listsad...@lists.myitforum.com [
> mailto:listsad...@lists.myitforum.com ] *On
> Behalf Of *Mote, Todd
> *Sent:* den 5 januari 2015 00:15
> *To:* mssms@lists.myitforum.com
> *Subject:* [mssms] RE: PXE Service Point from DHCP Scope
>
>
>
> Yea, I don’t think MS DHCP has changed in  quite a while.  It would be
> nice to see an architecture aware update for MS DHCP in Win10 server maybe,

[mssms] RE: PXE Service Point from DHCP Scope

[Jason Sandys]

They support the WDS portion of course because that's their code and based on 
industry standards, they "support" ip helpers. If there truly is something 
wrong with your network forwarding DHCP/PXE broadcasts/traffic or the NIC 
initiating PXE (or downloading content using TFTP), there's nothing they can 
possibly do about it no matter what. That's the hardware vendors code and 
hardware.

And that's why they recommend ip helpers. The problems most folks have seen in 
the past with PXE booting using DHCP scope options have to do with the NIC not 
doing the right thing. It had nothing to with DHCP itself. There are still 
problems today with slow PXE boot because the NIC microcode was not efficient 
enough or correct - even the Surface 3 suffered from this issue - and the only 
thing that could be done about it was going to the hw vendor and hoping that 
they had an updated BIOS for the NIC itself.

With ip helpers, the NIC doesn't have to do anything special. That's not to say 
that the NIC still can't mess it up, but it's something that I've never seen 
happen whereas with DHCP scope options, I have.

Remember what "support" means here also: it's what they tested successfully 
with and against. It doesn't mean they can fix it if it's broken. Just like 
they support Windows but if your hard drive or motherboard is bad, they can't 
fix it and will send you to the hardware vendor to fix it.

Now, throwing UEFI into the mix changes the conversation here a little but it 
still comes down to the problem above: the have been problems in the past with 
NICs not PXE booting properly with DHCP scope options in use.

J

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Andreas Hammarskjöld
Sent: Tuesday, January 6, 2015 10:43 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

So how can they support a WDS boot at all?

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Jason Sandys
Sent: den 6 januari 2015 17:20
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

But Microsoft cannot support it, it's not their process. The reason it's 
problematic has nothing to do with DHCP, it has to do with the NIC vendors. The 
DHCP portion is not the problem here and is ultimately a small portion of the 
PXE boot process. The vast majority of PXE boot is between the NIC and the 
network which Microsoft has no control over or influence upon. How could they 
support it? Thus, it's not shifting blame, it's pointing out that they can't do 
anything about it.

J

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Phil Wilcock
Sent: Tuesday, January 6, 2015 10:06 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Would be nice if MSFT could update the docs to include this info, as it's a bit 
vague as to what is 'supported' and what isn't.

In this WP - http://www.microsoft.com/en-us/download/details.aspx?id=44598 it 
states:


An alternative to using IP Helpers is setting DHCP Options on the DHCP server, 
specifically DHCP Options 60 (PXE Client), 66 (Boot Server Host Name), and 67 
(Boot file Name). However, DHCP Options can be problematic and may not work 
reliably or consistently. Furthermore the use of DHCP Options to control PXE 
requests in Configuration Manager 2012 is not supported by Microsoft. Therefore 
the recommended and supported method of PXE booting client PCs that are on a 
different subnet than the DHCP or WDS/PXE Service Point servers is the use of 
IP Helpers.

But in here 
http://technet.microsoft.com/en-us/library/cc732351(WS.10).aspx#Using it says 
that Microsoft 'does not recommend' this method.

Bottom line here seems to be that it's a bit complicated and therefore we'll 
shift blame over to the HW vendors and not support it. Which is a shame because 
who wants to go to their Network guys and ask them to config  thousands of 
routers?

MS own all the bits here - make em play nice together!

Senior 2Pint

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: 06 January 2015 13:11
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Todd, we were wrong. DCHP server in Server 2012 got something called Policies, 
which can control the response behavior. This means you can control what we 
should reply to who. Just discovered this but think I can get it to send 
different boot loaders to different HW capabilities.

I can definitely set it to send my iPXE boot loader a different TFTP server in 
option 66, so should be doable. If so, I will blog about it.

So I will have to ret

Re: [mssms] Rebuild secondary site

[Jeremy Sihassen]

Hi Greg,

if you need to rebuild a secondary site in SCCM 2007 you'll have to
completely re-install the server.
In case you cannot delete the site from the Console then you can use
delsite tool.

2015-01-06 8:59 GMT+01:00 greg franklin :

> Hi Guys,
>
> We are in SCCM 2007 R2 environment.
>
> Recently we struck up with one issue.
>
> The problem is one of my Secondary site's  SCCM installation was
> completely broken. The SCCM Services, as well as the installation folder is
> not visible, except for a folder in its "C:\Program Files (x86)\".we have
> some packages are in it.
>
> Now we want to Rebuild that secondary site as well as push the packages
> which are in previously.
>
> Shall any one explains the process of how to do it.
>
>
> --
> Thanks & Regards,
> Greg Franklin
>
>

[mssms] Inventorying App-V Apps

[Marcum, John]

I need to inventory app-v apps that are installed on clients via ConfigMgr 
and/or App-V stand alone. For testing I deployed some app-v apps from CM to a 
couple of test machines. I ensured that I have enabled the AppV Client Package, 
AppV Client Application, Virtual Application Packages and Virtual Applications 
hardware inventory classes in the client agent settings. Based on the content 
of this http://technet.microsoft.com/en-us/library/dn581927.aspx document I'd 
expect to see the inventory in either v_GS_VIRTUAL_APPLICATION_PACKAGES or 
v_GS_VIRTUAL_APPLICATIONS or both. I'm sure HINV has run but there's no data in 
either of those views. Using WMI explorer I see that there is data in 
root\AppV\AppvClientPackage though. Should I have data in 
v_GS_VIRTUAL_APPLICATION_PACKAGES or v_GS_VIRTUAL_APPLICATIONS? Why do I not?


John Marcum
MCITP, MCTS, MCSA
  Desktop Architect
   Bradley Arant Boult Cummings LLP


  [H_Logo]




Confidentiality Notice: This e-mail is from a law firm and may be protected by 
the attorney-client or work product privileges. If you have received this 
message in error, please notify the sender by replying to this e-mail and then 
delete it from your computer.

[mssms] RE: PXE Service Point from DHCP Scope

[Andreas Hammarskjöld]

So how can they support a WDS boot at all?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Jason Sandys
Sent: den 6 januari 2015 17:20
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

But Microsoft cannot support it, it's not their process. The reason it's 
problematic has nothing to do with DHCP, it has to do with the NIC vendors. The 
DHCP portion is not the problem here and is ultimately a small portion of the 
PXE boot process. The vast majority of PXE boot is between the NIC and the 
network which Microsoft has no control over or influence upon. How could they 
support it? Thus, it's not shifting blame, it's pointing out that they can't do 
anything about it.

J

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Phil Wilcock
Sent: Tuesday, January 6, 2015 10:06 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Would be nice if MSFT could update the docs to include this info, as it's a bit 
vague as to what is 'supported' and what isn't.

In this WP - http://www.microsoft.com/en-us/download/details.aspx?id=44598 it 
states:


An alternative to using IP Helpers is setting DHCP Options on the DHCP server, 
specifically DHCP Options 60 (PXE Client), 66 (Boot Server Host Name), and 67 
(Boot file Name). However, DHCP Options can be problematic and may not work 
reliably or consistently. Furthermore the use of DHCP Options to control PXE 
requests in Configuration Manager 2012 is not supported by Microsoft. Therefore 
the recommended and supported method of PXE booting client PCs that are on a 
different subnet than the DHCP or WDS/PXE Service Point servers is the use of 
IP Helpers.

But in here 
http://technet.microsoft.com/en-us/library/cc732351(WS.10).aspx#Using it says 
that Microsoft 'does not recommend' this method.

Bottom line here seems to be that it's a bit complicated and therefore we'll 
shift blame over to the HW vendors and not support it. Which is a shame because 
who wants to go to their Network guys and ask them to config  thousands of 
routers?

MS own all the bits here - make em play nice together!

Senior 2Pint

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: 06 January 2015 13:11
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Todd, we were wrong. DCHP server in Server 2012 got something called Policies, 
which can control the response behavior. This means you can control what we 
should reply to who. Just discovered this but think I can get it to send 
different boot loaders to different HW capabilities.

I can definitely set it to send my iPXE boot loader a different TFTP server in 
option 66, so should be doable. If so, I will blog about it.

So I will have to retract my statement, the MS DHCP server is pretty capable.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: den 5 januari 2015 08:18
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yeah, MS DHCP is pretty much the same since NT4. I would consider moving of MS 
DHCP to something like ISC since UEFI is unavoidable.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Mote, Todd
Sent: den 5 januari 2015 00:15
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yea, I don't think MS DHCP has changed in  quite a while.  It would be nice to 
see an architecture aware update for MS DHCP in Win10 server maybe, but that's 
probably reaching.  I'll defer crossing the UEFI river as long as I can.



From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: Sunday, January 4, 2015 1:06 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yeah, since the PXE standard is a bit soft around the edges I can see why. It's 
been interesting working with the Linux/*nix PXE people, they taught me a lot 
about this. And they do it all by DHCP, not proxy at all, and never had any 
issues. :-/

But their DHCP servers are way more sophisticated/complicated than MS DHCP. 
Below is an example of ISC DHCP config:


allow bootp;
allow booting;
next-server 10.1.1.2; # core.smidsrod.lan

# Disable ProxyDHCP, we're in control of the primary DHCP server
option ipxe.no-pxedhcp 1;

# Make sure the iPXE we're loading supports what we need,
# if not load a fu

[mssms] RE: PXE Service Point from DHCP Scope

[Jason Sandys]

But Microsoft cannot support it, it's not their process. The reason it's 
problematic has nothing to do with DHCP, it has to do with the NIC vendors. The 
DHCP portion is not the problem here and is ultimately a small portion of the 
PXE boot process. The vast majority of PXE boot is between the NIC and the 
network which Microsoft has no control over or influence upon. How could they 
support it? Thus, it's not shifting blame, it's pointing out that they can't do 
anything about it.

J

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Phil Wilcock
Sent: Tuesday, January 6, 2015 10:06 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Would be nice if MSFT could update the docs to include this info, as it's a bit 
vague as to what is 'supported' and what isn't.

In this WP - http://www.microsoft.com/en-us/download/details.aspx?id=44598 it 
states:


An alternative to using IP Helpers is setting DHCP Options on the DHCP server, 
specifically DHCP Options 60 (PXE Client), 66 (Boot Server Host Name), and 67 
(Boot file Name). However, DHCP Options can be problematic and may not work 
reliably or consistently. Furthermore the use of DHCP Options to control PXE 
requests in Configuration Manager 2012 is not supported by Microsoft. Therefore 
the recommended and supported method of PXE booting client PCs that are on a 
different subnet than the DHCP or WDS/PXE Service Point servers is the use of 
IP Helpers.

But in here 
http://technet.microsoft.com/en-us/library/cc732351(WS.10).aspx#Using it says 
that Microsoft 'does not recommend' this method.

Bottom line here seems to be that it's a bit complicated and therefore we'll 
shift blame over to the HW vendors and not support it. Which is a shame because 
who wants to go to their Network guys and ask them to config  thousands of 
routers?

MS own all the bits here - make em play nice together!

Senior 2Pint

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: 06 January 2015 13:11
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Todd, we were wrong. DCHP server in Server 2012 got something called Policies, 
which can control the response behavior. This means you can control what we 
should reply to who. Just discovered this but think I can get it to send 
different boot loaders to different HW capabilities.

I can definitely set it to send my iPXE boot loader a different TFTP server in 
option 66, so should be doable. If so, I will blog about it.

So I will have to retract my statement, the MS DHCP server is pretty capable.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: den 5 januari 2015 08:18
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yeah, MS DHCP is pretty much the same since NT4. I would consider moving of MS 
DHCP to something like ISC since UEFI is unavoidable.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Mote, Todd
Sent: den 5 januari 2015 00:15
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yea, I don't think MS DHCP has changed in  quite a while.  It would be nice to 
see an architecture aware update for MS DHCP in Win10 server maybe, but that's 
probably reaching.  I'll defer crossing the UEFI river as long as I can.



From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: Sunday, January 4, 2015 1:06 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yeah, since the PXE standard is a bit soft around the edges I can see why. It's 
been interesting working with the Linux/*nix PXE people, they taught me a lot 
about this. And they do it all by DHCP, not proxy at all, and never had any 
issues. :-/

But their DHCP servers are way more sophisticated/complicated than MS DHCP. 
Below is an example of ISC DHCP config:


allow bootp;
allow booting;
next-server 10.1.1.2; # core.smidsrod.lan

# Disable ProxyDHCP, we're in control of the primary DHCP server
option ipxe.no-pxedhcp 1;

# Make sure the iPXE we're loading supports what we need,
# if not load a full-featured version
ifexists ipxe.http
  and exists ipxe.menu
  and exists ipxe.nfs
  and ( ( exists ipxe.pxe
  and exists ipxe.bzimage
  and exists ipxe.elf
  and exists ipxe.comboot
  and exists ipxe.iscsi
  ) or (
  exists ipxe.efi
  ) ) {
filename "nfs://nas.smidsrod.lan/raid/boot/boot.ipxe";
#filenam

[mssms] RE: PXE Service Point from DHCP Scope

[Krueger, Jeff]

It's timely that this topic came up, as I just recently put a request in to our 
network team to change from DHCP options to IP helper.  I came across this blog 
post as a nice write up of two approaches. 
http://techthoughts.jakemorrison.name/pxe-booting-wds-dhcp-scope-vs-ip-helpers/

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Phil Wilcock
Sent: Tuesday, January 6, 2015 11:06 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Would be nice if MSFT could update the docs to include this info, as it's a bit 
vague as to what is 'supported' and what isn't.

In this WP - http://www.microsoft.com/en-us/download/details.aspx?id=44598 it 
states:


An alternative to using IP Helpers is setting DHCP Options on the DHCP server, 
specifically DHCP Options 60 (PXE Client), 66 (Boot Server Host Name), and 67 
(Boot file Name). However, DHCP Options can be problematic and may not work 
reliably or consistently. Furthermore the use of DHCP Options to control PXE 
requests in Configuration Manager 2012 is not supported by Microsoft. Therefore 
the recommended and supported method of PXE booting client PCs that are on a 
different subnet than the DHCP or WDS/PXE Service Point servers is the use of 
IP Helpers.

But in here 
http://technet.microsoft.com/en-us/library/cc732351(WS.10).aspx#Using it says 
that Microsoft 'does not recommend' this method.

Bottom line here seems to be that it's a bit complicated and therefore we'll 
shift blame over to the HW vendors and not support it. Which is a shame because 
who wants to go to their Network guys and ask them to config  thousands of 
routers?

MS own all the bits here - make em play nice together!

Senior 2Pint

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: 06 January 2015 13:11
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Todd, we were wrong. DCHP server in Server 2012 got something called Policies, 
which can control the response behavior. This means you can control what we 
should reply to who. Just discovered this but think I can get it to send 
different boot loaders to different HW capabilities.

I can definitely set it to send my iPXE boot loader a different TFTP server in 
option 66, so should be doable. If so, I will blog about it.

So I will have to retract my statement, the MS DHCP server is pretty capable.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: den 5 januari 2015 08:18
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yeah, MS DHCP is pretty much the same since NT4. I would consider moving of MS 
DHCP to something like ISC since UEFI is unavoidable.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Mote, Todd
Sent: den 5 januari 2015 00:15
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yea, I don't think MS DHCP has changed in  quite a while.  It would be nice to 
see an architecture aware update for MS DHCP in Win10 server maybe, but that's 
probably reaching.  I'll defer crossing the UEFI river as long as I can.



From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: Sunday, January 4, 2015 1:06 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yeah, since the PXE standard is a bit soft around the edges I can see why. It's 
been interesting working with the Linux/*nix PXE people, they taught me a lot 
about this. And they do it all by DHCP, not proxy at all, and never had any 
issues. :-/

But their DHCP servers are way more sophisticated/complicated than MS DHCP. 
Below is an example of ISC DHCP config:


allow bootp;
allow booting;
next-server 
10.1.1.2;
 # core.smidsrod.lan

# Disable ProxyDHCP, we're in control of the primary DHCP server
option ipxe.no-pxedhcp 1;

# Make sure the iPXE we're loading supports what we need,
# if not load a full-featured version
ifexists ipxe.http
  and exists ipxe.menu
  and exists ipxe.nfs
  and ( ( exists ipxe.pxe
  and exists ipxe.bzimage
  and exists ipxe.elf
  and exists ipxe.comboot
  and exists ipxe.iscsi
  ) or (
  exists ipxe.efi
  ) ) {
filename "nfs

[mssms] RE: PXE Service Point from DHCP Scope

[Andreas Hammarskjöld]

Microsoft only does cloud stuff these days, not client/server stuff. ;-) Will 
blog on this one once the iPXE things are sorted!

Courtesy to the syslinux community member Alexandre Blanchette; here is the 
closest I got to an explanation & guide on how to do this:

I've found a way to support PXE booting both UEFI and BIOS architectures
with Windows Server DHCP.

This method uses a feature introduced in WinServer 2012: DHCP policies.

First, in the the DHCP console, at the IPv4 root of the server, create a
vendor class named PXEClient (UEFI x64) with the following value:
PXEClient:Arch:7

Then create your configuration for your BIOS clients in your scope or as
global settings as usual by setting options 66 (IP or hostname of your TFTP
host) and 67 (pxelinux.0).

For the UEFI clients, you must then create a policy. In the condition page
of the wizard, add a condition with the following settings:
Criteria: Vendor Class
Operator: Equals
Value: PXEClient (UEFI x64)
Tick Append wildcard(*)

Do not configure an IP address range for the policy.

Finally configure options 66 (TFTP server) and 67 (syslinux.efi). You must
separate TFTP servers for your BIOS and UEFI clients because Microsoft DHCP
server does not send option 210 (path prefix).  Microsoft DHCP servers will
only send options listed in the Parameter Request List in the DHCPDISCOVER
packet.

One could make a cleaner setup by creating a BIOS PXEClient vendor class
and putting their options within a policy too.

//A

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Phil Wilcock
Sent: den 6 januari 2015 17:06
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Would be nice if MSFT could update the docs to include this info, as it's a bit 
vague as to what is 'supported' and what isn't.

In this WP - http://www.microsoft.com/en-us/download/details.aspx?id=44598 it 
states:


An alternative to using IP Helpers is setting DHCP Options on the DHCP server, 
specifically DHCP Options 60 (PXE Client), 66 (Boot Server Host Name), and 67 
(Boot file Name). However, DHCP Options can be problematic and may not work 
reliably or consistently. Furthermore the use of DHCP Options to control PXE 
requests in Configuration Manager 2012 is not supported by Microsoft. Therefore 
the recommended and supported method of PXE booting client PCs that are on a 
different subnet than the DHCP or WDS/PXE Service Point servers is the use of 
IP Helpers.

But in here 
http://technet.microsoft.com/en-us/library/cc732351(WS.10).aspx#Using it says 
that Microsoft 'does not recommend' this method.

Bottom line here seems to be that it's a bit complicated and therefore we'll 
shift blame over to the HW vendors and not support it. Which is a shame because 
who wants to go to their Network guys and ask them to config  thousands of 
routers?

MS own all the bits here - make em play nice together!

Senior 2Pint

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: 06 January 2015 13:11
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Todd, we were wrong. DCHP server in Server 2012 got something called Policies, 
which can control the response behavior. This means you can control what we 
should reply to who. Just discovered this but think I can get it to send 
different boot loaders to different HW capabilities.

I can definitely set it to send my iPXE boot loader a different TFTP server in 
option 66, so should be doable. If so, I will blog about it.

So I will have to retract my statement, the MS DHCP server is pretty capable.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: den 5 januari 2015 08:18
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yeah, MS DHCP is pretty much the same since NT4. I would consider moving of MS 
DHCP to something like ISC since UEFI is unavoidable.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Mote, Todd
Sent: den 5 januari 2015 00:15
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yea, I don't think MS DHCP has changed in  quite a while.  It would be nice to 
see an architecture aware update for MS DHCP in Win10 server maybe, but that's 
probably reaching.  I'll defer crossing the UEFI river as long as I can.



From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: Sunday, January 4, 2015 1:06 PM
To: mssms@lists.myitforum.com
Subject

[mssms] RE: PXE Service Point from DHCP Scope

[Phil Wilcock]

Would be nice if MSFT could update the docs to include this info, as it's a bit 
vague as to what is 'supported' and what isn't.

In this WP - http://www.microsoft.com/en-us/download/details.aspx?id=44598 it 
states:


An alternative to using IP Helpers is setting DHCP Options on the DHCP server, 
specifically DHCP Options 60 (PXE Client), 66 (Boot Server Host Name), and 67 
(Boot file Name). However, DHCP Options can be problematic and may not work 
reliably or consistently. Furthermore the use of DHCP Options to control PXE 
requests in Configuration Manager 2012 is not supported by Microsoft. Therefore 
the recommended and supported method of PXE booting client PCs that are on a 
different subnet than the DHCP or WDS/PXE Service Point servers is the use of 
IP Helpers.

But in here 
http://technet.microsoft.com/en-us/library/cc732351(WS.10).aspx#Using it says 
that Microsoft 'does not recommend' this method.

Bottom line here seems to be that it's a bit complicated and therefore we'll 
shift blame over to the HW vendors and not support it. Which is a shame because 
who wants to go to their Network guys and ask them to config  thousands of 
routers?

MS own all the bits here - make em play nice together!

Senior 2Pint

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Andreas Hammarskjöld
Sent: 06 January 2015 13:11
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Todd, we were wrong. DCHP server in Server 2012 got something called Policies, 
which can control the response behavior. This means you can control what we 
should reply to who. Just discovered this but think I can get it to send 
different boot loaders to different HW capabilities.

I can definitely set it to send my iPXE boot loader a different TFTP server in 
option 66, so should be doable. If so, I will blog about it.

So I will have to retract my statement, the MS DHCP server is pretty capable.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: den 5 januari 2015 08:18
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yeah, MS DHCP is pretty much the same since NT4. I would consider moving of MS 
DHCP to something like ISC since UEFI is unavoidable.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Mote, Todd
Sent: den 5 januari 2015 00:15
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yea, I don't think MS DHCP has changed in  quite a while.  It would be nice to 
see an architecture aware update for MS DHCP in Win10 server maybe, but that's 
probably reaching.  I'll defer crossing the UEFI river as long as I can.



From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: Sunday, January 4, 2015 1:06 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yeah, since the PXE standard is a bit soft around the edges I can see why. It's 
been interesting working with the Linux/*nix PXE people, they taught me a lot 
about this. And they do it all by DHCP, not proxy at all, and never had any 
issues. :-/

But their DHCP servers are way more sophisticated/complicated than MS DHCP. 
Below is an example of ISC DHCP config:


allow bootp;
allow booting;
next-server 10.1.1.2; # core.smidsrod.lan

# Disable ProxyDHCP, we're in control of the primary DHCP server
option ipxe.no-pxedhcp 1;

# Make sure the iPXE we're loading supports what we need,
# if not load a full-featured version
ifexists ipxe.http
  and exists ipxe.menu
  and exists ipxe.nfs
  and ( ( exists ipxe.pxe
  and exists ipxe.bzimage
  and exists ipxe.elf
  and exists ipxe.comboot
  and exists ipxe.iscsi
  ) or (
  exists ipxe.efi
  ) ) {
filename "nfs://nas.smidsrod.lan/raid/boot/boot.ipxe";
#filename "http://boot.smidsrod.lan/boot.ipxe";;
}
elsif exists user-class and option user-class = "iPXE" {
# We're already using iPXE, but not a feature-full version,
# and possibly an out-of-date version from ROM, so load a more
# complete version with native drivers
# Allow both legacy BIOS and EFI architectures
if option arch = 00:06 {
filename "ipxe-x86.efi";
} elsif option arch = 00:07 {
filename "ipxe-x64.efi";
} elsif option arch = 00:00 {
filename "ipxe.pxe";
}
}
elsif exists user-class and option user-class = "gPXE" {
# If someone has an old version of gPXE burned into their ROM,
# load a more recent iPXE
filename "ipxe.pxe";
}
elsif option arch = 00:06 {
# EFI 32-bit
# I like to use iPXE-provided drivers, so

[mssms] RE: Deploy PowerShell script

[Phil Wilcock]

Here's the command line I use in the lab within a package/program for PS 
scripts run in SCCM on 64bit Win7/8/8.1 clients and works fine.

powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile 
-WindowStyle Hidden -File C:\temp\wotevs.ps1

cheers

Phil

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kent, Mark
Sent: 06 January 2015 15:18
To: mssms@lists.myitforum.com
Subject: [mssms] Deploy PowerShell script

We are running SCCM 2012 R2 CU1 with Windows 7 64bit clients.  I have a simple 
script that I am trying to deploy as a package/program.  The command line is:

%WINDIR%\Sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy 
Bypass -file .\Remove2010LNK.PS1

If I manually run the script from within powershell, it works fine.  If I 
deploy it from SCCM, it says it runs successfully but I can tell it does not, 
and it also completes in seconds when it should take a couple minutes.  I've 
tried sending it out via a task sequence with the same result, it says it runs 
successfully but it isn't.  The only odd thing I noted in the EXECMGR log is:

Running "C:\Windows\sysnative\WindowsPowerShell\v1.0\powershell.exe" 
-executionpolicy Bypass -file .\Remove2010LNK.PS1 with 32bitLauncher

Should it still state "with 32bitlauncher" if I am telling it to use the 64bit 
one?

My last recourse may be to take the script lines and shove it into a CMD batch 
file, but I'd really like to figure out why this isn't working.  Thanks.

Mark Kent (MCP)
Sr. Desktop Systems Engineer
Computing & Technology Services - SUNY Buffalo State

RE: [mssms] RE: Deploy PowerShell script

[Jeff Poling]

>From an elevated command prompt, run psexec -s -i 
 
Another alternative is to run the following from an elevated command prompt:
 
psexec -s -i cmd.exe
 
This will open a command prompt as system and then you can run whatever 
commands you want and it will simulate how the configmgr client will run them
 
Jeff
 
From: dratl...@humana.com
To: mssms@lists.myitforum.com
Subject: [mssms] RE: Deploy PowerShell script
Date: Tue, 6 Jan 2015 15:43:44 +









Here are two quick links, I think its basically psexec –s –i.

 
http://blogs.technet.com/b/askds/archive/2008/10/22/getting-a-cmd-prompt-as-system-in-windows-vista-and-windows-server-2008.aspx

 
http://windowsitpro.com/systems-management/psexec

 

Daniel Ratliff

 


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Kent, Mark

Sent: Tuesday, January 06, 2015 10:38 AM

To: mssms@lists.myitforum.com

Subject: [mssms] RE: Deploy PowerShell script


 
Could you show me what the syntax of what that command should look like?  
Sorry, haven’t used psexc in forever.
 

Mark Kent (MCP)
Sr. Desktop Systems Engineer
Computing & Technology Services - SUNY Buffalo State

 


From: 
listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Daniel Ratliff

Sent: Tuesday, January 6, 2015 10:29 AM

To: mssms@lists.myitforum.com

Subject: [mssms] RE: Deploy PowerShell script


 
Why are you calling it via sysnative? Does your script only work with 64-bit 
PowerShell? If you are going to do that, don’t try to control it via the 
script, let SCCM determine the proper architecture.

 
What happens when you run your script manually with psexec –s? This will 
emulate the SYSTEM account, just like deploying from SCCM.

 

Daniel Ratliff

 


From:
listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Kent, Mark

Sent: Tuesday, January 06, 2015 10:18 AM

To: mssms@lists.myitforum.com

Subject: [mssms] Deploy PowerShell script


 
We are running SCCM 2012 R2 CU1 with Windows 7 64bit clients.  I have a simple 
script that I am trying to deploy as a package/program.  The command line is:

 
%WINDIR%\Sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy 
Bypass -file .\Remove2010LNK.PS1 

 
If I manually run the script from within powershell, it works fine.  If I 
deploy it from SCCM, it says it runs successfully but I can tell it does not, 
and it also completes in seconds when it should take a couple minutes.  I’ve 
tried sending
 it out via a task sequence with the same result, it says it runs successfully 
but it isn’t.  The only odd thing I noted in the EXECMGR log is:
 
Running "C:\Windows\sysnative\WindowsPowerShell\v1.0\powershell.exe" 
-executionpolicy Bypass -file .\Remove2010LNK.PS1 with 32bitLauncher
 
Should it still state “with 32bitlauncher” if I am telling it to use the 64bit 
one?
 
My last recourse may be to take the script lines and shove it into a CMD batch 
file, but I’d really like to figure out why this isn’t working.  Thanks. 

 
Mark Kent (MCP)
Sr. Desktop Systems Engineer
Computing & Technology Services - SUNY Buffalo State
 
 


The information transmitted is intended only for the person or entity to which 
it is addressed

and may contain CONFIDENTIAL material. If you receive this material/information 
in error,

please contact the sender and delete or destroy the material/information.
 
 


The information transmitted is intended only for the person or entity to which 
it is addressed

and may contain CONFIDENTIAL material.  If you receive this 
material/information in error,

please contact the sender and delete or destroy the material/information.





  

[mssms] RE: Deploy PowerShell script

[Daniel Ratliff]

Here are two quick links, I think its basically psexec -s -i.

http://blogs.technet.com/b/askds/archive/2008/10/22/getting-a-cmd-prompt-as-system-in-windows-vista-and-windows-server-2008.aspx

http://windowsitpro.com/systems-management/psexec

Daniel Ratliff

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kent, Mark
Sent: Tuesday, January 06, 2015 10:38 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: Deploy PowerShell script

Could you show me what the syntax of what that command should look like?  
Sorry, haven't used psexc in forever.

Mark Kent (MCP)
Sr. Desktop Systems Engineer
Computing & Technology Services - SUNY Buffalo State

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Daniel Ratliff
Sent: Tuesday, January 6, 2015 10:29 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: Deploy PowerShell script

Why are you calling it via sysnative? Does your script only work with 64-bit 
PowerShell? If you are going to do that, don't try to control it via the 
script, let SCCM determine the proper architecture.

What happens when you run your script manually with psexec -s? This will 
emulate the SYSTEM account, just like deploying from SCCM.

Daniel Ratliff

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Kent, Mark
Sent: Tuesday, January 06, 2015 10:18 AM
To: mssms@lists.myitforum.com
Subject: [mssms] Deploy PowerShell script

We are running SCCM 2012 R2 CU1 with Windows 7 64bit clients.  I have a simple 
script that I am trying to deploy as a package/program.  The command line is:

%WINDIR%\Sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy 
Bypass -file .\Remove2010LNK.PS1

If I manually run the script from within powershell, it works fine.  If I 
deploy it from SCCM, it says it runs successfully but I can tell it does not, 
and it also completes in seconds when it should take a couple minutes.  I've 
tried sending it out via a task sequence with the same result, it says it runs 
successfully but it isn't.  The only odd thing I noted in the EXECMGR log is:

Running "C:\Windows\sysnative\WindowsPowerShell\v1.0\powershell.exe" 
-executionpolicy Bypass -file .\Remove2010LNK.PS1 with 32bitLauncher

Should it still state "with 32bitlauncher" if I am telling it to use the 64bit 
one?

My last recourse may be to take the script lines and shove it into a CMD batch 
file, but I'd really like to figure out why this isn't working.  Thanks.

Mark Kent (MCP)
Sr. Desktop Systems Engineer
Computing & Technology Services - SUNY Buffalo State



The information transmitted is intended only for the person or entity to which 
it is addressed
and may contain CONFIDENTIAL material. If you receive this material/information 
in error,
please contact the sender and delete or destroy the material/information.



The information transmitted is intended only for the person or entity to which 
it is addressed
and may contain CONFIDENTIAL material.  If you receive this 
material/information in error,
please contact the sender and delete or destroy the material/information.

[mssms] RE: Deploy PowerShell script

[Kent, Mark]

Oh and at first I didn't call sysnative, but when I started having problems and 
looked online it seemed like a number of folks were suggesting this should be 
done with an PS script on 64bit machines.

Mark Kent (MCP)
Sr. Desktop Systems Engineer
Computing & Technology Services - SUNY Buffalo State

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Daniel Ratliff
Sent: Tuesday, January 6, 2015 10:29 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: Deploy PowerShell script

Why are you calling it via sysnative? Does your script only work with 64-bit 
PowerShell? If you are going to do that, don't try to control it via the 
script, let SCCM determine the proper architecture.

What happens when you run your script manually with psexec -s? This will 
emulate the SYSTEM account, just like deploying from SCCM.

Daniel Ratliff

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Kent, Mark
Sent: Tuesday, January 06, 2015 10:18 AM
To: mssms@lists.myitforum.com
Subject: [mssms] Deploy PowerShell script

We are running SCCM 2012 R2 CU1 with Windows 7 64bit clients.  I have a simple 
script that I am trying to deploy as a package/program.  The command line is:

%WINDIR%\Sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy 
Bypass -file .\Remove2010LNK.PS1

If I manually run the script from within powershell, it works fine.  If I 
deploy it from SCCM, it says it runs successfully but I can tell it does not, 
and it also completes in seconds when it should take a couple minutes.  I've 
tried sending it out via a task sequence with the same result, it says it runs 
successfully but it isn't.  The only odd thing I noted in the EXECMGR log is:

Running "C:\Windows\sysnative\WindowsPowerShell\v1.0\powershell.exe" 
-executionpolicy Bypass -file .\Remove2010LNK.PS1 with 32bitLauncher

Should it still state "with 32bitlauncher" if I am telling it to use the 64bit 
one?

My last recourse may be to take the script lines and shove it into a CMD batch 
file, but I'd really like to figure out why this isn't working.  Thanks.

Mark Kent (MCP)
Sr. Desktop Systems Engineer
Computing & Technology Services - SUNY Buffalo State



The information transmitted is intended only for the person or entity to which 
it is addressed
and may contain CONFIDENTIAL material. If you receive this material/information 
in error,
please contact the sender and delete or destroy the material/information.

[mssms] RE: Deploy PowerShell script

[Kent, Mark]

Could you show me what the syntax of what that command should look like?  
Sorry, haven't used psexc in forever.

Mark Kent (MCP)
Sr. Desktop Systems Engineer
Computing & Technology Services - SUNY Buffalo State

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Daniel Ratliff
Sent: Tuesday, January 6, 2015 10:29 AM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: Deploy PowerShell script

Why are you calling it via sysnative? Does your script only work with 64-bit 
PowerShell? If you are going to do that, don't try to control it via the 
script, let SCCM determine the proper architecture.

What happens when you run your script manually with psexec -s? This will 
emulate the SYSTEM account, just like deploying from SCCM.

Daniel Ratliff

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Kent, Mark
Sent: Tuesday, January 06, 2015 10:18 AM
To: mssms@lists.myitforum.com
Subject: [mssms] Deploy PowerShell script

We are running SCCM 2012 R2 CU1 with Windows 7 64bit clients.  I have a simple 
script that I am trying to deploy as a package/program.  The command line is:

%WINDIR%\Sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy 
Bypass -file .\Remove2010LNK.PS1

If I manually run the script from within powershell, it works fine.  If I 
deploy it from SCCM, it says it runs successfully but I can tell it does not, 
and it also completes in seconds when it should take a couple minutes.  I've 
tried sending it out via a task sequence with the same result, it says it runs 
successfully but it isn't.  The only odd thing I noted in the EXECMGR log is:

Running "C:\Windows\sysnative\WindowsPowerShell\v1.0\powershell.exe" 
-executionpolicy Bypass -file .\Remove2010LNK.PS1 with 32bitLauncher

Should it still state "with 32bitlauncher" if I am telling it to use the 64bit 
one?

My last recourse may be to take the script lines and shove it into a CMD batch 
file, but I'd really like to figure out why this isn't working.  Thanks.

Mark Kent (MCP)
Sr. Desktop Systems Engineer
Computing & Technology Services - SUNY Buffalo State



The information transmitted is intended only for the person or entity to which 
it is addressed
and may contain CONFIDENTIAL material. If you receive this material/information 
in error,
please contact the sender and delete or destroy the material/information.

RE: [mssms] Deploy PowerShell script

[Jeff Poling]

I always test my command lines using Psexec -s -i.  What does the command line 
do if you test it using psexec?
 
The only other thing I can think of is the path to the script may be causing 
issues.  does .\ really ersolve to where the script is located when the program 
executes?
 
Jeff
 
From: ken...@buffalostate.edu
To: mssms@lists.myitforum.com
Date: Tue, 6 Jan 2015 10:18:03 -0500
Subject: [mssms] Deploy PowerShell script

We are running SCCM 2012 R2 CU1 with Windows 7 64bit clients.  I have a simple 
script that I am trying to deploy as a package/program.  The command line is:  
%WINDIR%\Sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy 
Bypass -file .\Remove2010LNK.PS1   If I manually run the script from within 
powershell, it works fine.  If I deploy it from SCCM, it says it runs 
successfully but I can tell it does not, and it also completes in seconds when 
it should take a couple minutes.  I’ve tried sending it out via a task sequence 
with the same result, it says it runs successfully but it isn’t.  The only odd 
thing I noted in the EXECMGR log is: Running 
"C:\Windows\sysnative\WindowsPowerShell\v1.0\powershell.exe" -executionpolicy 
Bypass -file .\Remove2010LNK.PS1 with 32bitLauncher Should it still state “with 
32bitlauncher” if I am telling it to use the 64bit one? My last recourse may be 
to take the script lines and shove it into a CMD batch file, but I’d really 
like to figure out why this isn’t working.  Thanks.   Mark Kent (MCP)Sr. 
Desktop Systems EngineerComputing & Technology Services - SUNY Buffalo State 

  

[mssms] RE: Deploy PowerShell script

[Daniel Ratliff]

Why are you calling it via sysnative? Does your script only work with 64-bit 
PowerShell? If you are going to do that, don't try to control it via the 
script, let SCCM determine the proper architecture.

What happens when you run your script manually with psexec -s? This will 
emulate the SYSTEM account, just like deploying from SCCM.

Daniel Ratliff

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kent, Mark
Sent: Tuesday, January 06, 2015 10:18 AM
To: mssms@lists.myitforum.com
Subject: [mssms] Deploy PowerShell script

We are running SCCM 2012 R2 CU1 with Windows 7 64bit clients.  I have a simple 
script that I am trying to deploy as a package/program.  The command line is:

%WINDIR%\Sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy 
Bypass -file .\Remove2010LNK.PS1

If I manually run the script from within powershell, it works fine.  If I 
deploy it from SCCM, it says it runs successfully but I can tell it does not, 
and it also completes in seconds when it should take a couple minutes.  I've 
tried sending it out via a task sequence with the same result, it says it runs 
successfully but it isn't.  The only odd thing I noted in the EXECMGR log is:

Running "C:\Windows\sysnative\WindowsPowerShell\v1.0\powershell.exe" 
-executionpolicy Bypass -file .\Remove2010LNK.PS1 with 32bitLauncher

Should it still state "with 32bitlauncher" if I am telling it to use the 64bit 
one?

My last recourse may be to take the script lines and shove it into a CMD batch 
file, but I'd really like to figure out why this isn't working.  Thanks.

Mark Kent (MCP)
Sr. Desktop Systems Engineer
Computing & Technology Services - SUNY Buffalo State



The information transmitted is intended only for the person or entity to which 
it is addressed
and may contain CONFIDENTIAL material.  If you receive this 
material/information in error,
please contact the sender and delete or destroy the material/information.

[mssms] Deploy PowerShell script

[Kent, Mark]

We are running SCCM 2012 R2 CU1 with Windows 7 64bit clients.  I have a simple 
script that I am trying to deploy as a package/program.  The command line is:

%WINDIR%\Sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy 
Bypass -file .\Remove2010LNK.PS1

If I manually run the script from within powershell, it works fine.  If I 
deploy it from SCCM, it says it runs successfully but I can tell it does not, 
and it also completes in seconds when it should take a couple minutes.  I've 
tried sending it out via a task sequence with the same result, it says it runs 
successfully but it isn't.  The only odd thing I noted in the EXECMGR log is:

Running "C:\Windows\sysnative\WindowsPowerShell\v1.0\powershell.exe" 
-executionpolicy Bypass -file .\Remove2010LNK.PS1 with 32bitLauncher

Should it still state "with 32bitlauncher" if I am telling it to use the 64bit 
one?

My last recourse may be to take the script lines and shove it into a CMD batch 
file, but I'd really like to figure out why this isn't working.  Thanks.

Mark Kent (MCP)
Sr. Desktop Systems Engineer
Computing & Technology Services - SUNY Buffalo State

RE: [mssms] SCCM 2012 reports not running for standard user

[Greg Thomas]

In your reports viewer role, add Read permissions where you already have Run Report and on Collections.
At the moment you are technically able to "run the reports" because you can access them, but you don't have access to read any data from the db so no drop downs are populated and no data is returned even on reports without drop down menus.
On Jan 6, 2015 8:23 AM, "Krueger, Jeff"  wrote:







Go into the Administration node > security> security roles and look at what you have set for permissions on your reporting role.  Should look something similar
 to: 
 
From: listsadmin@lists.myitforum.com [mailto:listsadmin@lists.myitforum.com]
On Behalf Of PDunn@nlh.nl.ca
Sent: Tuesday, January 6, 2015 6:50 AM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] SCCM 2012 reports not running for standard user
 
Garth,  thanks for the response.


Hopefully this is what your this is what you are talking about


Within the properties for the Reporting Services Point role, I have a user name set.  It is an Active Directory account.


When I check the rights for that account against the ReportServer database, it has db_owner, public and RSExecRole role membership.  Against the CM database, the account has public and smsschm_users role membership.
  Against the Master database it has Public and RSExecRole role membership.  Against the ReportServerTempDB database it has db_owner, public and RSExecRole role membership.


It this what you were referring too?


Paul 


From:        Garth Jones 

To:        "mssms@lists.myitforum.com" 

Date:        01/05/2015 05:58 PM

Subject:        RE: [mssms] SCCM 2012 reports not running for standard user

Sent by:        listsadmin@lists.myitforum.com







If you are not seeing any data it is most likely because of how RBA is setup. How exactly did you setup the reporting role?

 

 

From:
listsadmin@lists.myitforum.com [mailto:listsadmin@lists.myitforum.com]
On Behalf Of PDunn@nlh.nl.ca
Sent: Monday, January 5, 2015 12:05 PM
To: mssms@lists.myitforum.com
Subject: [mssms] SCCM 2012 reports not running for standard user 
  
Hi, 

I am having an issue running reports from the SQL Server Reporting Services URL.  I have two accounts,  an elevated account the is part of Domain Admins and has the "Full Administrator" security role within SCCM 2012 and a standard user account that has no
 domain privileges.  My standard account though is part of an AD group for SCCM reporting that I am trying to grant privileges to run reports.


If I start IE with my standard account, none of the drop downs (for Collection , etc) populate.  Thought if the report has no drop downs iI will get the report headign information but no data.


If I start IE with my elevated account I can run reports fine. 

Based on Google searches, I have added the following security to the "Report Viewers" Security role:

 1. set Read permissions to Yes for Site 
 2. set View Asset Intelligence to Yes for Software Titles 

 Note: this did not fix the issue 

I have granted the AD group datareader permissions on the SCCM SQL Server and REportign server databases...this did not work.  Just to check, I granted the group "SysAdmin" privileges to the databases..did not work either and have since removed.


Anyone have any idea what set of permissions I am missing? 

Thanks and Happy New Year, 

Paul 
 




CONFIDENTIALITY NOTICE: This email contains information from the sender that may be CONFIDENTIAL, LEGALLY PRIVILEGED, PROPRIETARY or otherwise protected from disclosure. This email is intended for use only by the person or entity to whom it is addressed. If
 you are not the intended recipient, any use, disclosure, copying, distribution, printing, or any action taken in reliance on the contents of this email, is strictly prohibited. If you received this email in error, please contact the sending party by reply
 email, delete the email from your computer system and shred any paper copies.

Note to Patients: There are a number of risks you should consider before using e-mail to communicate with us. See our Privacy & Security page on www.henryford.com for more detailed information as well as information concerning MyChart, our new patient portal.
 If you do not believe that our policy gives you the privacy and security protection you need, do not send e-mail or Internet communications to us.

RE: [mssms] SCCM 2012 reports not running for standard user

[Krueger, Jeff]

Go into the Administration node > security> security roles and look at what you 
have set for permissions on your reporting role.  Should look something similar 
to: [cid:image001.png@01D0298A.1815EC60]

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of pd...@nlh.nl.ca
Sent: Tuesday, January 6, 2015 6:50 AM
To: mssms@lists.myitforum.com
Subject: RE: [mssms] SCCM 2012 reports not running for standard user

Garth,  thanks for the response.

Hopefully this is what your this is what you are talking about

Within the properties for the Reporting Services Point role, I have a user name 
set.  It is an Active Directory account.

When I check the rights for that account against the ReportServer database, it 
has db_owner, public and RSExecRole role membership.  Against the CM database, 
the account has public and smsschm_users role membership.  Against the Master 
database it has Public and RSExecRole role membership.  Against the 
ReportServerTempDB database it has db_owner, public and RSExecRole role 
membership.

It this what you were referring too?

Paul


From:Garth Jones mailto:ga...@enhansoft.com>>
To:"mssms@lists.myitforum.com" 
mailto:mssms@lists.myitforum.com>>
Date:01/05/2015 05:58 PM
Subject:RE: [mssms] SCCM 2012 reports not running for standard user
Sent by:
listsad...@lists.myitforum.com




If you are not seeing any data it is most likely because of how RBA is setup. 
How exactly did you setup the reporting role?


From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of 
pd...@nlh.nl.ca
Sent: Monday, January 5, 2015 12:05 PM
To: mssms@lists.myitforum.com
Subject: [mssms] SCCM 2012 reports not running for standard user

Hi,

I am having an issue running reports from the SQL Server Reporting Services 
URL.  I have two accounts,  an elevated account the is part of Domain Admins 
and has the "Full Administrator" security role within SCCM 2012 and a standard 
user account that has no domain privileges.  My standard account though is part 
of an AD group for SCCM reporting that I am trying to grant privileges to run 
reports.

If I start IE with my standard account, none of the drop downs (for Collection 
, etc) populate.  Thought if the report has no drop downs iI will get the 
report headign information but no data.

If I start IE with my elevated account I can run reports fine.

Based on Google searches, I have added the following security to the "Report 
Viewers" Security role:
 1. set Read permissions to Yes for Site
 2. set View Asset Intelligence to Yes for Software Titles
 Note: this did not fix the issue

I have granted the AD group datareader permissions on the SCCM SQL Server and 
REportign server databases...this did not work.  Just to check, I granted the 
group "SysAdmin" privileges to the databases..did not work either and have 
since removed.

Anyone have any idea what set of permissions I am missing?

Thanks and Happy New Year,
Paul





CONFIDENTIALITY NOTICE: This email contains information from the sender that 
may be CONFIDENTIAL, LEGALLY PRIVILEGED, PROPRIETARY or otherwise protected 
from disclosure. This email is intended for use only by the person or entity to 
whom it is addressed. If you are not the intended recipient, any use, 
disclosure, copying, distribution, printing, or any action taken in reliance on 
the contents of this email, is strictly prohibited. If you received this email 
in error, please contact the sending party by reply email, delete the email 
from your computer system and shred any paper copies.

Note to Patients: There are a number of risks you should consider before using 
e-mail to communicate with us. See our Privacy & Security page on 
www.henryford.com for more detailed information as well as information 
concerning MyChart, our new patient portal. If you do not believe that our 
policy gives you the privacy and security protection you need, do not send 
e-mail or Internet communications to us.

[mssms] RE: PXE Service Point from DHCP Scope

[Andreas Hammarskjöld]

Todd, we were wrong. DCHP server in Server 2012 got something called Policies, 
which can control the response behavior. This means you can control what we 
should reply to who. Just discovered this but think I can get it to send 
different boot loaders to different HW capabilities.

I can definitely set it to send my iPXE boot loader a different TFTP server in 
option 66, so should be doable. If so, I will blog about it.

So I will have to retract my statement, the MS DHCP server is pretty capable.

//A

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Andreas Hammarskjöld
Sent: den 5 januari 2015 08:18
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yeah, MS DHCP is pretty much the same since NT4. I would consider moving of MS 
DHCP to something like ISC since UEFI is unavoidable.

//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Mote, Todd
Sent: den 5 januari 2015 00:15
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yea, I don't think MS DHCP has changed in  quite a while.  It would be nice to 
see an architecture aware update for MS DHCP in Win10 server maybe, but that's 
probably reaching.  I'll defer crossing the UEFI river as long as I can.



From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andreas Hammarskjöld
Sent: Sunday, January 4, 2015 1:06 PM
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Yeah, since the PXE standard is a bit soft around the edges I can see why. It's 
been interesting working with the Linux/*nix PXE people, they taught me a lot 
about this. And they do it all by DHCP, not proxy at all, and never had any 
issues. :-/

But their DHCP servers are way more sophisticated/complicated than MS DHCP. 
Below is an example of ISC DHCP config:


allow bootp;
allow booting;
next-server 10.1.1.2; # core.smidsrod.lan

# Disable ProxyDHCP, we're in control of the primary DHCP server
option ipxe.no-pxedhcp 1;

# Make sure the iPXE we're loading supports what we need,
# if not load a full-featured version
ifexists ipxe.http
  and exists ipxe.menu
  and exists ipxe.nfs
  and ( ( exists ipxe.pxe
  and exists ipxe.bzimage
  and exists ipxe.elf
  and exists ipxe.comboot
  and exists ipxe.iscsi
  ) or (
  exists ipxe.efi
  ) ) {
filename "nfs://nas.smidsrod.lan/raid/boot/boot.ipxe";
#filename "http://boot.smidsrod.lan/boot.ipxe";;
}
elsif exists user-class and option user-class = "iPXE" {
# We're already using iPXE, but not a feature-full version,
# and possibly an out-of-date version from ROM, so load a more
# complete version with native drivers
# Allow both legacy BIOS and EFI architectures
if option arch = 00:06 {
filename "ipxe-x86.efi";
} elsif option arch = 00:07 {
filename "ipxe-x64.efi";
} elsif option arch = 00:00 {
filename "ipxe.pxe";
}
}
elsif exists user-class and option user-class = "gPXE" {
# If someone has an old version of gPXE burned into their ROM,
# load a more recent iPXE
filename "ipxe.pxe";
}
elsif option arch = 00:06 {
# EFI 32-bit
# I like to use iPXE-provided drivers, so therefore give ipxe.efi
# to all non-iPXE clients, use snponly.efi if you have unsupported
# or misbehaving NICs
filename "ipxe-x86.efi";
#filename "snponly-x86.efi";
}
elsif option arch = 00:07 {
# EFI 64-bit
# I like to use iPXE-provided drivers, so therefore give ipxe.efi
# to all non-iPXE clients, use snponly.efi if you have unsupported
# or misbehaving NICs
filename "ipxe-x64.efi";
#filename "snponly-x64.efi";
}
elsif option arch = 00:00 {
# Legacy BIOS x86 mode
# I like to use iPXE-provided drivers, so therefore give ipxe.pxe
# to all non-iPXE clients, use undionly.kpxe if you have unsupported
# or misbehaving NICs
filename "ipxe.pxe";
#filename "undionly.kpxe";
}
else {
# Unsupported client architecture type, so do nothing
}


//A

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Mote, Todd
Sent: den 4 januari 2015 19:18
To: mssms@lists.myitforum.com
Subject: [mssms] RE: PXE Service Point from DHCP Scope

Unfortunately, I don't control which networks all of our systems get put on.  
All Windows on one network and all of our *nix systems on separate ones to make 
use of IPHelpers is unrealistic here.  I use DHCP to control whether to PXE to 
SCCM, WDS, or Cobbler for *nix, on a per system basis with reservation options, 
or scope with scope options where it makes sense.  It's worked great for a 
number of years, and we've never 

RE: [mssms] SCCM 2012 reports not running for standard user

[PDunn]

Garth,  thanks for the response.

Hopefully this is what your this is what you are talking about

Within the properties for the Reporting Services Point role, I have a user 
name set.  It is an Active Directory account.

When I check the rights for that account against the ReportServer 
database, it has db_owner, public and RSExecRole role membership.  Against 
the CM database, the account has public and smsschm_users role membership. 
 Against the Master database it has Public and RSExecRole role membership. 
 Against the ReportServerTempDB database it has db_owner, public and 
RSExecRole role membership.

It this what you were referring too?

Paul


From:   Garth Jones 
To: "mssms@lists.myitforum.com" 
Date:   01/05/2015 05:58 PM
Subject:RE: [mssms] SCCM 2012 reports not running for standard 
user
Sent by:listsad...@lists.myitforum.com



If you are not seeing any data it is most likely because of how RBA is 
setup. How exactly did you setup the reporting role?
 
 
From: listsad...@lists.myitforum.com [
mailto:listsad...@lists.myitforum.com] On Behalf Of pd...@nlh.nl.ca
Sent: Monday, January 5, 2015 12:05 PM
To: mssms@lists.myitforum.com
Subject: [mssms] SCCM 2012 reports not running for standard user
 
Hi, 

I am having an issue running reports from the SQL Server Reporting 
Services URL.  I have two accounts,  an elevated account the is part of 
Domain Admins and has the "Full Administrator" security role within SCCM 
2012 and a standard user account that has no domain privileges.  My 
standard account though is part of an AD group for SCCM reporting that I 
am trying to grant privileges to run reports. 

If I start IE with my standard account, none of the drop downs (for 
Collection , etc) populate.  Thought if the report has no drop downs iI 
will get the report headign information but no data. 

If I start IE with my elevated account I can run reports fine. 

Based on Google searches, I have added the following security to the 
"Report Viewers" Security role: 
  1. set Read permissions to Yes for Site 
  2. set View Asset Intelligence to Yes for Software Titles 
  Note: this did not fix the issue 

I have granted the AD group datareader permissions on the SCCM SQL Server 
and REportign server databases...this did not work.  Just to check, I 
granted the group "SysAdmin" privileges to the databases..did not work 
either and have since removed. 

Anyone have any idea what set of permissions I am missing? 

Thanks and Happy New Year, 
Paul 

RE: [mssms] Application naming

[Roland Janus]

I see, but that's too much customization for us.

PSappdeploy may be useful, but I'm also not so sure if I want to do that for
everything or just some specific ones.

 

Thanks!

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Christian Joy
Sent: Dienstag, 6. Januar 2015 04:13
To: mssms@lists.myitforum.com
Subject: RE: [mssms] Application naming

 

I use Ninite and PSAppdeploy for most apps.  I made a powershell script for
each application that will:

1.   Create a ninite offline installer

2.   Create a folder to store this version which is something like
"Firefox32.0.2" to keep it simple

3.   Copy in the stock PSappdeploy files/folders and modify for the
application (including what apps cant be running, etc.)

4.   Create an application with the right details for name and version

5.   Distribute it as needed

6.   Setup a "dummy" software detection script to run which is just
"exit 1" so if I don't fix it, it will always error out on the detection.

 

I then manually, and if you know of a way to automate these PLEASE let me
know:

1.   Give it the app icon, I just have a folder full of their icons

2.   Install it on a test machine, then I have a command I store in a
wiki that will pull the details I need for detection such as MSI code, file
version, registry information, etc.  I then put that into the application's
detection

3.   Supersede the old version and retire the old version and move it to
an "old" folder

 

So I don't manually set the version ever, but it's always unique.  Works
really well for my uses.

 

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Roland Janus
Sent: Monday, 5 January 2015 11:07 PM
To: mssms@lists.myitforum.com  
Subject: [mssms] Application naming

 

How are you naming your applications?

Specifically, are you using the version field or are you adding the version
(also?) to the name?

 

I ask because, because you can't have two versions of the same app name

 

Example (made up):

 

Name: Adobe Acrobat Reader X, Version: 10.0

Name: Adobe Acrobat Reader X, Version: 10.1

 

wouldn't work as name has to be unique, although the add app wizard would
create "copy" entries, so are you adding the version to name and leave
version blank or are you adding it to both?

 

Like that:

Name: Adobe Acrobat Reader X (10.0), Version: 10.0

Name: Adobe Acrobat Reader X (10.1), Version: 10.1

 

What about Publisher?

 

It is actually meant like that I guess: Publisher: Adobe, Name: Acrobat
Reader, Version: 10.1

You do that or a mix?

 

-R

 

 

 

 

 

[mssms] Rebuild secondary site

[greg franklin]

Hi Guys,

We are in SCCM 2007 R2 environment.

Recently we struck up with one issue.

The problem is one of my Secondary site's  SCCM installation was completely
broken. The SCCM Services, as well as the installation folder is not
visible, except for a folder in its "C:\Program Files (x86)\".we have some
packages are in it.

Now we want to Rebuild that secondary site as well as push the packages
which are in previously.

Shall any one explains the process of how to do it.


-- 
Thanks & Regards,
Greg Franklin