SCCM 2012 R2 using Multiple Task Sequences via PXE

In SCCM 2007 if you advertise multiple OSD task sequences to a collection, we can select the required task sequences in Win PE boot mode. This helps us to select required windows version when installing (Ex -Windows 7 32bit or 64bit).

But in SCCM 2012 R2 this is rather different. We have to do few changes and these changes are really make some sense. Good thinking by Microsoft.

  1. Create the Task Sequence
    This can be built in task sequence or custom task sequence.2
  2. Deploy the Task Sequence, when deploying select available in purpose.1
  3. When client start the network boot, you are required to press F12. If F12 is not pressed Client computer will go to the next boot device and boot. This make sense because this Task sequence is deployed as available not required. so when windows PE boots, the multiple task sequences will be desplyed and you can select the required task sequence.
    3

    These new changes are really valuable, using these we can deploy the OS upgrade or OS deployments to every computer, and because the F12 press requirement to deploy the task sequence, normal Client boot up will not be interrupted. Also we can deploy multiple task sequences to different Operating system versions.

    These are small things but might give high impact on automation.

    Hope this post is helpful.

Monitor Virus guard definition level from SCCM 2012 compliance management ( Symantec End point protection )

 

Compliance settings in SCCM are really important feature when you customize it to meet organizational requirements. When managing compliances, SCCM 2012 is having direct methods of alert subscriptions and better reporting’s than SCCM 2007. It also supports PowerShell scripts.

In this post I will introduce a method to monitor the compliances of install virus guards and its definition levels.

Example

I will take Symantec End point protection as my virus guard. If my virus guard application did not receive an update within seven days, it will be a none-compliant computer. We can monitor this from alerts, alert subscription and reporting.  

First of all you have to find the location of your virus guard’s definition file location.

Symantec Endpoint protection

  • C:\ProgramData\Symantec\Definitions\VirusDefs\definfo.dat

Avast virus guard

  • C:\Program Files\Alwil Software\Avast5\defs\aswdefs.ini

Then use the following script, change the file location according to your virus program.

Option Explicit

Dim VirusDefCfg, FileSys, FSO, LastModified, DateDifference, noSymantecPresent
VirusDefCfg = “C:\ProgramData\Symantec\Definitions\VirusDefs\definfo.dat”
noSymantecPresent = 9999

Set FileSys = CreateObject(“Scripting.FileSystemObject”)
Set FSO = CreateObject(“Scripting.FileSystemObject”)

If FileSys.FileExists(VirusDefCfg) <> True Then

WScript.Echo noSymantecPresent
WScript.Quit

End If

 

LastModified = FSO.GetFile(VirusDefCfg).DateLastModified

DateDifference = DateDiff(“d”, LastModified, Now())

WScript.Echo DateDifference

 

  • SCCM create new configuration Item

Fill the details and add the script. Make sure to select Script, data type Integer and VB script.

 

Image

 

  • Go to compliance rules, New rule , rule type value, Less than – 7, this will make sure if value return more than 7 days , computer will be none compliant.

 Image

  • Create a compliance baseline and add this configuration item for that. Then deploy that compliance baseline to your desired collection.
  • After schedule time reached you can view the compliance from
    • Monitoring – Deployment – Compliance baseline
    • Reporting – compliance and settings management – summery compliance by configuration baseline.

This script can be used on any virus guard program, you have to find the location of the definition file location and add it to the VirusDefCfg variable.

Hope this is useful , 

How to prompt Collection to a Report in SCCM 2012

 

SCCM 2012 reporting structure is lot more different than SCCM 2007. It uses SSRS, which means when we need to edit or create a report we need to use Report builder application that installs with SQL. When creating a report for general SQL query, you can type the query in report builder, save it and can run from SCCM console. On creating these kind of reports are explained in TechNet and some blogs. But I couldn’t find how to create a prompt, in example prompt for a collection or site name before running the report. So I have decided to publish my knowledge on creating these.

I will use this simple scenario

To find computers that installed Microsoft Silverlight filtered by Collection name.

This is query that I’m gonna use.

Select V_R_SYSTEM.Name0,v_Add_Remove_Programs.DisplayName0,v_Add_Remove_Programs.InstallDate0 from v_R_System left join v_Add_Remove_Programs on v_Add_Remove_Programs.ResourceID=V_R_SYSTEM.ResourceID left join v_ClientCollectionMembers on v_ClientCollectionMembers.ResourceID=V_R_SYSTEM.ResourceID where v_ClientCollectionMembers.CollectionID= @CollID and v_Add_Remove_Programs.DisplayName0=’Microsoft Silverlight’

Step 1

  • Go to SCCM console – Reports – Create report

Image 

  • After click next report will open up in Report Builder.

Image 

  • Right click on Data sets and click Add Data set.
  • Select Use dataset embedded in my report and select data source. Type the above query as follows.

Image 

  • Click fields and click ok
  • Right click on Data Sets and click Add Data Set again. Fill the details as follows and press OK.

Image 

SELECT
  v_Collection_Alias.CollectionID ,v_Collection_Alias.Name
FROM
fn_rbac_Collection(@UserSIDs) v_Collection_Alias
WHERE
 v_Collection_Alias.CollectionType = 2

  • Right Click on report, where the empty area of report page and select properties. Go to reference tab, Click ADD on assemblies.
  • Add following assemblie  –  SrsResources, culture=neutral
  • And Click OK.

Image 

  • Go to parameters and now you can see there are two parameters. CollID and UserSIDs. Right click on UserSIDs and select properties.
  • Select parameter properties – Internal
  • Default values, select specific value and ADD
    Value – =SrsResources.UserIdentity.GetUserSIDs(User!UserID)

Image 

  • Click OK. Select CollID, right click and properties
  • Add followings

Prompt                 – Collection
Available Values – Select get values from Query
Dataset                – Dataset2
Value Field          – CollectionID
Label Field           Name

  • Click OK

 

Image 

 

  • Go to insert and select table
  • Select dataset 1 and next
  • Place the fields as follows

Image 

  • Click next and table will generate
  • Make sure that UserSIDs will first in parameters, because CollID will depend on its value. You can change its location by moving down and UP.
  • Save the report and run the report from SCCM Console. You can get report like following

 Image

 

I have explained on how to prompt for a collection. Using same way you can adjust this report to prompt for other details, Product name, Site code ect

Hope this is helpful.

Report on Computers that USB Storage devices are plugged (Flash drives)

Hi all

SCCM is having reports with too much information’s. But most of these are irrelevant for our use. So I think it’s always better to have your own way of reports by writing custom queries.

One of my customer requested that they want to monitor all computers that plugging USB storage devices and time. I have searched this on SCCM and other forums, but couldn’t find anything, but there is lot of reports giving so many details on USB devices. So I have opened the SCCM database tables and wrote a custom query. Then add this query to a report. Customize it. And create an email subscription to this report. Now every morning IT manager will get a report on all the computers and time of USB pen drives are plugged in. tell me its not cool.  

So this is the full steps

  1. Enable Asset IntelligenceAssent intelligence should be enabled and you have to enable the Win32_USBDevice inventory Class.

    If you are doing this first time then you have to wait till next hardware cycle to complete. Then only all the USB device information will populate to the database.

    13

  2. Create the SQL Query
    I have created the following script to get required information. This script gather data from two tables USB_DEVICE_DATA and USB_DEVICE_HIST. second table is the history table. And I will filter these data only for USB Storage devices (USBSTOR). I only required knowing the computer that USB flash drives have plugged in and the time. So I have only generating the SystemName00 and TimeKey column.

select USB_DEVICE_DATA.SystemName00, USB_DEVICE_DATA.TimeKey from USB_DEVICE_DATA where 
dbo.USB_DEVICE_DATA.Service00 = ‘USBSTOR’
union all 
select USB_DEVICE_HIST.SystemName00, USB_DEVICE_HIST.TimeKey from USB_DEVICE_HIST
where dbo.USB_DEVICE_HIST.Service00 = ‘USBSTOR’
order by TimeKey desc

This query will produce the list of computers of all time. But in my scenario I only need to know USB storage devices that plugged in on last 2 days. So I have modified the SQL query to following.

select USB_DEVICE_DATA.SystemName00, USB_DEVICE_DATA.TimeKey from USB_DEVICE_DATA

where

dbo.USB_DEVICE_DATA.Service00 = ‘USBSTOR’ and TimeKey > GETDATE() – 2

union all

select USB_DEVICE_HIST.SystemName00, USB_DEVICE_HIST.TimeKey from USB_DEVICE_HIST

where dbo.USB_DEVICE_HIST.Service00 = ‘USBSTOR’ and TimeKey > GETDATE() – 2

order by TimeKey desc

 

  • Create the Customize Report
  • In SCCM console select monitoring tab, right click on reports and select create report.
  • Select SQL based report, Give a name and path of the report.  Click next11

     

  • Then it will Open SQL server Report builder application
  • Right Click on Datasets and select Add Dataset
  • Select  Dataset embedded to my report
  • Select  the available data source
  • Copy and paste the query as following image12
  • Click Fields and it will automatically add fields.
  • Click OK
  • Click insert and select Table, Table Wizard
  • Select the created dataset Next, then Drag two fields to the Values.
  • Click Next and select the style and finish.
  • Add your report headers, Logos and everything that your requirements and Save the report.
  • Select the Report from Console and click Run.14

If your SCCM database is populated with data, following report is displayed.

Note – all data will report after the Hardware cycle of SCCM Client. when Same USB plugged to the same computer, Hardware cycle should run in middle.

SCCM 2012 Startup Error .Net Framework Initialization Error – Unable to find a version of the runtime to run this application

SCCM 2012 Startup Error

Recently I experienced this error when I opened SCCM 2012 console after the first install. I had full fill all the prerequisites before the installation of SCCM 2012 setup.

This error is due to a miss match of .NET Framework for SCCM 2012.

After following steps the error got solved.

For SCCM 2012 .NET Framework 4 required. This is required in prerequisites.

  1. Find the current .NET Framework version. You can identify this by checking the .NET folder name. Its located in C:\Windows\Microsoft.NET\Framework\
    EX          C:\Windows\Microsoft.NET\Framework\v4.0.30128.
    .NET version is 4.0.30128.
  2. Open notepad as run as administrator and open the Microsoft.ConfigurationManagement.exe.config  file located in (SCCM install location) C:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\bin
  3. Added following lines after </applicationSettings> tag.
    <startup>
    <supportedRuntime version=”4.0.30128″ />
    </startup>
    Use your server’s .NET framework version.
  4. Save the file and exit. Start the SCCM Consol. It should start now.

NOTE – Use the exact .NET framework version of your SCCM server to the startup tag.