deployment

Slow Software Center search results

Currently Software Center will use WMI to query all available software for the computer, then it will ask the management point for user assigned apps.

If your computer is a bit slow/old the wait time checking WMI can be painful. You can check this on the client log SCNotify_MONASH@%username%_1.log

Please vote for my Uservoice - https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/39082435-speed-up-software-centre-searches-by-returning-use

If your SQL is slow you have another problem.. You can check this on the MP UserService.log - Search for GetFilteredApplications.

SQL Fixes:
Set the right compatibility level - https://support.microsoft.com/en-au/help/3196320/sql-query-times-out-or-console-slow-on-certain-configuration-manager-d

Reindex right - https://www.scconfigmgr.com/2017/01/03/configuration-manager-sql-database-maintenance/

 

 

Task Sequence can't find a dependency that doesn't exit

When I see 'Failed to run Task Sequence - This task sequence cannot be run because the program files for XXXXXXX cannot be locataed on a distribution point'

I go to Monitoring \ Distribution Status \ Content Status. It's the quickest way to search all package objects. Today the search came up with no results.

I exported the task sequence to make sense of it, found the ID in a section about OSDSubTaskSequenceTsReferencePackages -

<variable name="OSDSubTasksequenceTsReferenceApplications" property="TsReferenceApplications"></variable>

<variable name="OSDSubTasksequenceTsReferencePackages" property="TsReferencePackages">ZZZ00019,ZZZ0001F,ZZZ00020,ZZZ00024</variable></defaultVarList></subtasksequence>

 

What happened was someone removed a driver package and deleted it. The main task sequence still referenced it. To fix I modified the main task sequence, so it kicked off new policies.

 

 

 

Deploying Office 2019 VL

Office 2019 now uses click-to-run technology instead of 'setup /admin' there are a few changes, probably for the best in the long run.

Create Config Files

First you need to download to Office Deployment tool

This is a self extracting file that spits out setup.exe and 2 sample config files - one for 32-bit and one for 64-bit.
Edit the edition you want to download. If you want the Volume License version change the Product ID to 'ProPlus2019Volume'

You don't need to add Visio or Project as they are also downloaded.

Save the file and run 'setup.exe /download configuration-Office365-x64.xml'.
This will run in the background and download into a subfolder - Office.

Now you have the files you can make configurations using these resources
https://config.office.com/ - Spits out config files for Office 365 - At time of writing it isn't made for 2019 yet but should work ok.
https://docs.microsoft.com/en-gb/DeployOffice/office2019/deploy - Documentation on customising the confiuration files.

If you want a head start I've made config files for Office, Project and Visio - Download 

Example - Office 32-Bit, exclude OneDrive and Skype, accept EULA, Silent install, some customisations from Config.office.com

Test

To test your config files run setup.exe with the configure switch

setup.exe /configure configuration-OfficeProPlus-x86.xml

 

Deploy

Create an application in SCCM - with your files.
Deployment type - Script Installer

For Detection Methods:

Office - 32-Bit: %ProgramFiles(x86)%\Microsoft Office\root\Office16\Winword.exe
Office - 64-Bit: %ProgramFiles%\Microsoft Office\root\Office16\WINWORD.EXE

Project - 32-Bit: %programfiles(x86)%\Microsoft Office\root\Office16\WINPROJ.EXE
Project - 64-Bit: %ProgramFiles%\Microsoft Office\root\Office16\WINPROJ.EXE

Visio -  - 32-Bit: %programfiles(x86)%\Microsoft Office\root\Office16\VISIO.EXE
Project - 64-Bit: %ProgramFiles%\Microsoft Office\root\Office16\VISIO.EXE

KMS

Download the Volume license app http://www.microsoft.com/downloads/details.aspx?FamilyID=878fef7e-3f4d-4d22-a423-f447c0f5bfdd
On the KMS server run the exe.

Follow the Wizard Prompts

Get your Office 2019 KMS Key from your Key Holder

Don't Click Commit! Click Cancel as you already have this configured

 

 

 

 

 

 

SCCM client = None after deploying an operating system

In an environment where you use certificates this can happen.

CLientIDManagerStartup.log will mention

Regtask: Failed to refresh MP. Error: 0x80004005

alot of times...

Below I have the 2 fixes!

Fix 1 is to take advantage of the TS Variable SMSTSPostAction to restart the computer once completed
with the value 'shutdown /r /t 0 /f'

This should ensure the cert is requested.

Fix 2:

From testing - after Fix 1 you may need to re-start the SCCM agent.
To do this create a scheduled task that runs on start-up

Program: Powershell

Arguments: -Command "& {start-sleep 120; restart-service ccmexec; Unregister-ScheduledTask -TaskName 'Restart SCCM Initial boot' -Confirm:$false;}"

Run whether or not user is logged on.

 

Export the scheduled task as 'RestartSCCM.xml' and create a package and command line to run at the end of OSD

SCHTASKS.exe /CREATE /RU system /XML "RestartSCCM.xml" /TN "Restart SCCM Initial boot"

 

Happy deploying!

Disabling Windows File Explorer banner advertising

Microsoft has soo much advertising power with Windows 10, they can now put banners up in Windows Explorer via updates. You may see one such as this:
'Save your documents and photos to OneDrive' or 'Get the best deal on your cloud storage with OneDrive'

The setting is called Show Sync Provider Notifications however it has been used for other purposes such as when you do a feature update

 

 

 

To prevent this from happening push out a group policy User preference
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

Value: ShowSyncProviderNotifications
Value Type: REG_DWORD
Value Data: 00000000
Base: Hex

Error message when no Asset Tag Detected

Set the computer name using the BIOS Asset Tag

If you are setting the Asset Tag the same name that the computer is, it makes sense to only have to input it once. I created a powershell script that will do the following:

If VM or Mac: Exit 0

If  computer exists in SCCM: Exit 0

If AssetTag Exists/Not empty: Set OSDComputerName to AssetTag, Exit 0

If AssetTag doesn't exist: Bring up an error message, Exit 1

 

Tested with HP and Dell machines.

Download Script https://github.com/happysccm/Files/tree/master/Check%20for%20Asset%20Tag%20-%20OSD%20AssetTag%20Check%20-%20Most%20code%20by%20Nickolaj%20and%20Dave%20Green

Update: Added optional script that uses the HP Ownership Tag

How to use:
Create a package for the script

Copy serviceUI.exe (From MDT Toolkit) to the same folder.

In the Task Sequence after initial format of the drive create a Run Command Line step using the package that you created

with the command: ServiceUI.exe -process:TSProgressUI.exe %SYSTEMROOT%\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -WindowStyle Hidden -ExecutionPolicy Bypass -File AssetTag.ps1

 

Thanks Nickolaj and Dave Green for the initial form

 

MDT Toolkit files fail to download - could not resolve source

IMG_6554

If this happens during OSD, it is likely due to 2 settings in the BIOS.

 

I recommend

WIN7 -

Boot mode: Legacy
Sata mode: AHCI

Win10-

Boot mode: UEFI
Sata mode: AHCI

 

 

From the log:
The task sequence execution engine failed executing the action (Use Toolkit Package) in the group (Initialization) with the error code 2147942561
Action output: ... ursiveCreatePath(sPath.substr(0, nPos), psa), HRESULT=800700a1 (e:\nts_sccm_release\sms\framework\core\ccmcore\path.cpp,104)
RecursiveCreatePath(sPath.substr(0, nPos), psa), HRESULT=800700a1 (e:\nts_sccm_release\sms\framework\core\ccmcore\path.cpp,104)
RecursiveCreatePath( sNormalizedPath, psa ), HRESULT=800700a1 (e:\nts_sccm_release\sms\framework\core\ccmcore\path.cpp,159)
DownloadContentLocally (pszSource, sSourceDirectory, dwFlags, hUserToken, mapNetworkAccess), HRESULT=800700a1 (e:\nts_sccm_release\sms\framework\tscore\resolvesource.cpp,3582)
TS::Utility::ResolveSource (pszPkgID, sPath, 0, hUserToken, mapNetworkAccess), HRESULT=800700a1 (e:\nts_sccm_release\sms\client\osdeployment\installsoftware\runcommandline.cpp,399)
cmd.Execute(pszPkgID,sProgramName, dwCmdLineExitCode), HRESULT=800700a1 (e:\nts_sccm_release\sms\client\osdeployment\installsoftware\main.cpp,372)
Failed to resolve the source for SMS PKGID=PS10098B, hr=0x800700a1
Install Software failed to run command line, hr=0x800700a1. The operating system reported error 2147942561: The specified path is invalid.

 

Build and Capture fails if KB3160005 IE sec cumulative update is installed


Update: Adding more scratch space to the boot wim seems to have resolved the problem on Windows 10, Windows 7 seems to still have issues.

Update: This update is also in Windows 10 CU 3163018, causing the same error. No workaround yet 

If your build and capture is failing at the capture step make sure you don't have the cumulative Security Update for IE11 KB3160005. It's somehow stopping the registry load part of the step.

 

Adding Admin Elevated websites to trusted sites/intranet/etc

admin portal shortcut

It's very easy to customize the trusted sites for users by using group policy preferences without locking the settings down however what about websites that need to be ran as a different user?

To work around this I created a simple C Sharp program that sets the registry before launching the site in IE

 

Zones:
Value Setting
------------------------------
0 My Computer
1 Local Intranet Zone
2 Trusted sites Zone
3 Internet Zone
4 Restricted Sites Zone

Create the Installer:

Compile the package and copy it to where you want it on the clients system. Then create a shortcut to the exe.

Copy the exe and shortcut to your network share.
Create an Install.bat:

Deploy!

 

Hey Cortana! How do I add additional speeches during OSD so you work?

cortana

For Cortana to work with your language you need to install the appropriate speech pack however if you are connected to an enterprise WSUS you won't be able to see additional downloads for your language.

To work around this you can get the language cab files from the 'Windows 10 Features on Demand' iso available via volume license and MSDN downloads, then use dism commands to apply the desired language packages. Currently the available ones are

  • German - Germany (Microsoft-Windows-LanguageFeatures-Speech-de-de-Package.cab)
  • English - Australia (Microsoft-Windows-LanguageFeatures-Speech-en-au-Package.cab)
  • English - Canada (Microsoft-Windows-LanguageFeatures-Speech-en-ca-Package.cab)
  • English - United Kigndom (Microsoft-Windows-LanguageFeatures-Speech-en-gb-Package.cab)
  • English - India (Microsoft-Windows-LanguageFeatures-Speech-en-in-Package.cab)
  • English - United States (Microsoft-Windows-LanguageFeatures-Speech-en-us-Package.cab)
  • Spanish - Spain (Microsoft-Windows-LanguageFeatures-Speech-es-es-Package.cab)
  • French - France (Microsoft-Windows-LanguageFeatures-Speech-fr-fr-Package.cab)
  • Italian - Italy (Microsoft-Windows-LanguageFeatures-Speech-it-it-Package.cab)
  • Japanese - Japan (Microsoft-Windows-LanguageFeatures-Speech-ja-jp-Package.cab)
  • Chinese - China (Microsoft-Windows-LanguageFeatures-Speech-zh-cn-Package.cab)
  • Chinese - Hong Kong (Microsoft-Windows-LanguageFeatures-Speech-zh-hk-Package.cab)
  • Chinese - Taiwan (Microsoft-Windows-LanguageFeatures-Speech-zh-tw-Package.cab)

Note: Cortana is currently only available in United States, Japan, Australia, and Canada and India (in English) however having the speech packs installed will help your deployment if other markets open up.

You can also install the Text to speech pack along side. For example

Microsoft-Windows-LanguageFeatures-TextToSpeech-en-au-Package.cab adds Aussie Catherine and British James however Cortana doesn't use them.

Cortana speech settings

 

To deploy during OSD create a package with the desired speech packs and an Install.bat file. The following  example of install.bat sets up English-Australia and also adds text to speech voices, you can add additional packages by changing the PackagePath:

DISM /Online /Add-Package /PackagePath:Microsoft-Windows-LanguageFeatures-TextToSpeech-en-au-Package.cab
DISM /Online /Add-Package /PackagePath:Microsoft-Windows-LanguageFeatures-Speech-en-au-Package.cab

And then create a Run Command Line step in the task sequence referencing the package with Disable 64-bit file system redirection

OSD Cortana Speech

install.bat

 

To set the default Speech Language you need to modify the default user reg. This can be achieved in 3 commands during the task sequence

Load Default User Registry

reg load HKU\DefaultTemp "C:\Users\Default\NTUSER.DAT"

Set Default SpeechRecognizer

reg add "HKU\DefaultTemp\Software\Microsoft\Speech_OneCore\Settings\SpeechRecognizer" /v RecognizedLanguage /t REG_SZ /d en-AU /F

Unload Default User Registry

 reg unload HKU\DefaultTemp

OSD default profile