Logs of an SMS Administrator at myITforum.com

To read the first article on the CAS.log, you can view it here: http://myitforum.com/cs2/blogs/mlucero/archive/2007/05/16/sms-2003-log-files-the-cas-log-revealed-part-1.aspx

Requesting content CEN0005E.2, size(KB) 21857, under context System

Submitted CTM job {CAE5F0E2-A9E8-449E-A86F-2DFDB9D44EF2} to download Content CEN0005E.2 under context System

Successfully created download  request {75A40935-5FD4-4D8E-AF29-8C772E1209FE} for content CEN0005E.2

Location update from CTM for content CEN0005E.2 and request {75A40935-5FD4-4D8E-AF29-8C772E1209FE}

Download request only, ignoring location update

Download started for content CEN0005E.2

Raising event:

[SMS_CodePage(437), SMS_LocaleID(1033)]

instance of SoftDistDownloadStartedEvent

{

            ClientID = "GUID:F5EC9167-62AB-43BB-870E-4F40A720AB52";

            DateTime = "20071026163549.724000+000";

            MachineName = "AST-TRAINING1";

            PackageId = "CEN0005E";

            PackageName = "CEN0005E";

            PackageVersion = "2";

            ProcessID = 5496;

            SiteCode = "AST";

            ThreadID = 5348;

};

Download completed for content CEN0005E.2 under context System

Hash verification succeeded for content CEN0005E.2 downloaded under context System

Download succeeded for download request {75A40935-5FD4-4D8E-AF29-8C772E1209FE}

Raising event:

[SMS_CodePage(437), SMS_LocaleID(1033)]

instance of SoftDistDownloadCompletedEvent

{

            ClientID = "GUID:F5EC9167-62AB-43BB-870E-4F40A720AB52";

            DateTime = "20071026163624.726000+000";

            MachineName = "AST-TRAINING1";

            PackageId = "CEN0005E";

            PackageName = "CEN0005E";

            PackageVersion = "2";

            ProcessID = 5496;

            SiteCode = "AST";

            ThreadID = 6280;

};

Releasing content request {75A40935-5FD4-4D8E-AF29-8C772E1209FE}

All references to Content CEN0005E.2 in cache have been removed.                   Content will be Tombstoned.

If we step through the process, we can see the download request being created and started. It is very evident where the download process actually starts and here is where we can determine how long a package takes to download by comparing the before and after timestamps. (Had I left them intact.) Once the download is complete, the hash is verified and the request is released.

Now let’s look at the log of a package which failed. In this particular case, the failure was due to a hash mismatch (during the hash verification if you’ll remember from the above logs.) The resolution in this case was to refresh the package on the DP.

Requesting content CEN0005F.1, size(KB) 4805, under context System

Submitted CTM job {A10AD9DB-0306-4127-B0A9-1182A532F5FB} to download Content CEN0005F.1 under context System

Successfully created download  request {0D2FF4EA-7DA1-442C-98A3-63FC82EF3CF3} for content CEN0005F.1

Location update from CTM for content CEN0005F.1 and request {0D2FF4EA-7DA1-442C-98A3-63FC82EF3CF3}

Download request only, ignoring location update

Download started for content CEN0005F.1

Raising event:

[SMS_CodePage(437), SMS_LocaleID(1033)]

instance of SoftDistDownloadStartedEvent

{

            ClientID = "GUID:F5EC9167-62AB-43BB-870E-4F40A720AB52";

            DateTime = "20071025213120.279000+000";

            MachineName = "AST-TRAINING1";

            PackageId = "CEN0005F";

            PackageName = "CEN0005F";

            PackageVersion = "1";

            ProcessID = 5496;

            SiteCode = "AST";

            ThreadID = 2904;

};

Download completed for content CEN0005F.1 under context System

Hash does not match expected C0AF9CA9EE8EA440E6E1B498B944286E2147562D, actual 1FC839BC858A9CC7936C17208FDC772501666DD2

Download failed for content CEN0005F.1 under context System, error 0x80091007

Download failed for download request {0D2FF4EA-7DA1-442C-98A3-63FC82EF3CF3}

Raising event:

[SMS_CodePage(437), SMS_LocaleID(1033)]

instance of SoftDistHashMismatchEvent

{

            ClientID = "GUID:F5EC9167-62AB-43BB-870E-4F40A720AB52";

            DateTime = "20071025213122.404000+000";

            MachineName = "AST-TRAINING1";

            PackageId = "CEN0005F";

            PackageName = "CEN0005F";

            PackageVersion = "1";

            ProcessID = 5496;

            SiteCode = "AST";

            ThreadID = 1016;

};

Successfully raised SoftDistHashMismatchEvent event.

Releasing content request {0D2FF4EA-7DA1-442C-98A3-63FC82EF3CF3}

Essentially, the logs are the same until the error occurs, at which time a failure event is raised and the request is released. Again, the cure for this particular error was to refresh the package content on the DP and re-run the advertisement. Remember that errors can be found while using SMS Trace by the utilization of filter strings.

Here is the log from a successful run of a package which was re-run and the content was available in the client cache.

Requesting content CEN0005F.1, size(KB) 4805, under context System

Content for CEN0005F.1 was found in cache

Releasing content request {03AFA3C0-4B4B-49E8-9E19-B8F9507FBA38}

All references to Content CEN0005F.1 in cache have been removed.

This one is pretty straight-forward and there isn’t much to see. With the additional information provided in this article, I hope SMS administrators have a little better understanding of how the CAS.log works and how it can be used to track down distribution problems.

During my client troubleshooting, I frequently use the tool, SMS Client Center (found here http://myitforum.com/cs2/blogs/mlucero/archive/2007/05/21/sms-2003-tools-sms-client-spy.aspx). The section named "Enabled SMS Components" on the SMS Agent Actions page, is quite handy at narrowing down some problems. Generally, if I cannot get status on the components of a particular client, I'll force a policy download and application. You can follow the request and download process within the DataTransferService.log.

Every so often, I'll encounter a user who believes they need to turn off certain services to get better performance out of their machine. (Instead of just uninstalling a lot of the "extra cool things" with which they've cluttered their hard drive.) When this happens, I will start seeing these within the DataTransferService.log:

DTS job {D105BAA4-4D44-4BF5-BB12-5E45CF52AC54} has completed:
 Status : ERROR (0x80070422)
 Start time : 10/29/2007 11:26:41
 Completion time : 10/29/2007 11:26:41
 Elapsed time : 0 seconds DataTransferService 10/29/2007 11:26:41 AM 5180 (0x143C)

ERROR (0x80070422) is an indication that something is wrong with BITS. Again, using SMS Client Center, I then switch to the "Services" tab and check which SMS related services are running. When this error is present, I have yet to NOT see BITS disabled. Luckily, you can both turn it on and set its startup preference within SMS Client Center with a simple right-click and select. Once this is done, start your download and apply session again and these errors should change to the following:

DTS job {5F05040D-2520-4CF7-A97B-033BB0E159A2} has completed:
 Status : SUCCESS
 Start time : 10/29/2007 11:28:39
 Completion time : 10/29/2007 11:29:06
 Elapsed time : 27 seconds DataTransferService 10/29/2007 11:29:06 AM 5620 (0x15F4)

I hope this helps someone out there.

Business Desktop Deployment (BDD) is now Microsoft Deployment!

We are pleased to announce the RC1 release and new name for the fourth generation deployment Solution Accelerator, Microsoft Deployment. The current generation of automated deployment tools from Microsoft is increasingly unified; the same tools, utilities and products in many cases offer support and functionality for desktop and server deployment tasks. Following the trend of unified tools, the Business Desktop Deployment team has incorporated new functionality and guidance to support automated server deployment in addition to desktop deployment capabilities. This expanded feature set, with its guidance and ability to automate installation of Windows client and server operating systems - as well as applications - has effectively outgrown the current name, Business Desktop Deployment. Previous Beta releases have been using the code name "Deployment 4" to refer to Microsoft Deployment before the name was finalized.

Microsoft Deployment is the next version of Business Desktop Deployment (BDD) 2007. It unifies the tools and processes required for desktop and server deployment into a common deployment console and collection of guidance. Microsoft Deployment adds integration with current Microsoft deployment technologies - System Center Configuration Manager 2007, Windows Deployment Services, and the Windows Automated Installation Kit - to create a single path for image creation and automated installation. Microsoft Deployment adds integration with recently released Microsoft deployment technologies to create a single path for image creation and deployment, including:

• System Center Configuration Manager 2007 Operating System Deployment
• Windows Automated Installation Kit
• Windows Deployment Services with new multicast technology
• Application Compatibility Toolkit 5.0
• User State Migration Tool 3.0.1
• 2007 Office system
• Windows Server 2008 Server Manager for automated server role definition

Enhanced Program on Microsoft Connect

This release candidate also offers an enhanced Microsoft Connect portal including technical frequently asked questions, deployment tips and tricks, a recommended 10-step program for new users to quickly get acquainted with deployment accelerators, customer-ready Solution Accelerator informational materials, and deployment-related conference presentations.

Microsoft Deployment combines the guidance and toolset from previous releases of Business Desktop Deployment and Beta releases of Windows Server Deployment. This release continues to support Zero Touch Installation (ZTI) of desktop operating systems using Systems Management Server (SMS) 2003 with the Operating System Deployment Feature Pack and adds new deployment and task sequencing capabilities for desktops and servers using System Center Configuration Manager 2007. Microsoft Deployment also continues to provide Lite Touch Installation (LTI) support without infrastructure requirements and adds capabilities for Windows Server 2003 and pre-release versions of Windows Server 2008.

New Features in Microsoft Deployment

Microsoft System Center Configuration Manager 2007 support, with the following features:

• Full support for Windows Vista, Windows XP, and Windows Server 2003 deployments with Microsoft Deployment and Configuration Manager 2007.
• Complete integration into the Configuration Manager 2007 admin console and task sequencing capabilities.
• Quick start Configuration Manager 2007 operating system deployments using one wizard to create needed task sequences and packages.
• Extension of the Configuration Manager 2007 task sequencing capabilities with new actions.
• Feature parity with BDD 2007 and SMS 2003, including dynamic package installation, automatic determination of state store location, computer backup, and database settings.
• Installation support for computers unknown to the Configuration Manager 2007 database
• Added support for offline patching
• Support for offline and online language pack installation
• Deployment monitoring:
• Updated Management Pack for System Center Operations Manager 2007

Lite Touch Installation (LTI) support for Windows Server 2008:

• Support for deploying Windows Server 2008 Beta 3 and potentially RC1 (to be verified after RC1 release), including support for Server Core installation options.
• Automated server role definition using Server Manager

Lite Touch Installation (LTI) enhancements:

• Enhanced disk and network interface cards (NICs) configuration options, including support for static TCP/IP configuration.
• Design changes to ease the migration from LTI to Configuration Manager 2007.
• Support for multiple task sequence templates. New sample templates include:
• Client template: Windows Vista, Windows XP
• Server template: Windows Server 2003, Windows Server 2008
• Replace scenario template
• Ability to invoke web service calls
• Support for web service calls from rules
• Web services can be invoked as part of the rules processing performed by Microsoft Deployment, using new rules that can be defined in CustomSettings.ini.
• Support for BDD 2007 upgrade or side-by-side installation with Microsoft Deployment.

Lite Touch Installation (LTI) multicast support:

• Deployment Workbench supports multicast transmission of operating system images when performing LTI deployments from Windows Server 2008 servers that are running Windows Deployment Services.

Microsoft Deployment RC1 is available as a download in the Microsoft Deployment Connection Program on Microsoft Connect.

Download Now!

Received from Microsoft late yesterday:

********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: October 24, 2007
********************************************************************

Summary
=======
The following bulletin has undergone a minor revision increment.
Please see the appropriate bulletin for more details.

  * MS06-067

Bulletin Information:
=====================

* MS06-067

  - http://www.microsoft.com/technet/security/bulletin/ms06-067.mspx
  - Reason for Revision: Revised to include MS06-065 as a bulletin
    that is replaced by this bulletin. 
  - Originally posted: November 14, 2006
  - Updated: October 24, 2007
  - Bulletin Severity Rating: Critical
  - Version: 1.1

Most people probably already have this tool, but I use it quite often and thought that I should post a link to the download. It is VERY handy for understanding the WMI and how it is organized. Personally, I prefer this tool over many others.

http://www.microsoft.com/downloads/details.aspx?familyid=6430F853-1120-48DB-8CC5-F2ABDC3ED314&displaylang=en

Enjoy!

Like many SMS administrators out there, I have had my share of problems with clients. Primarily I have clients which work fine for a while, then just drop off the face of the earth. It could be because it's been turned off for longer than our security polices allow and thus falls out of AD, or it could be because of many other reasons which can only be explained by our users. (In other words, "why did you do THAT?")

This error message is one I will tackle in this post: (This post assumes that you have enabled the Advertised Program Client Agent on your site server.)

Software Distribution Site Settings for the client are missing from WMI. execmgr 9/15/2006 5:27:51 PM 2832 (0x0B10)

Essentially, this means that the Software Distribution Agent is not enabled on the machine. From my experience, there is a fast way to resolve this problem if you use the tool, Client Center. (Which you can read about here: http://myitforum.com/cs2/blogs/mlucero/archive/2007/05/21/sms-2003-tools-sms-client-spy.aspx)

A common problem I've seen on clients which exhibit this error is that they have no site assignment. In our environment, this is generally caused by the machine being assigned to an incorrect OU within AD. That is the first area I check. Once I have verified that the client is in the correct OU, I fire off discovery and wait for it to appear in the All Systems collection.

With Client Center, I then assign the client to the proper site and start watching the client logs for activity. If execmgr.log does not indicate that the SD component has installed, I just use Client Center to download and apply policies. Within about 5 minutes, the SD agent gets enabled and I can perform the remaining tasks which I do in order to bring a client's SMS data up to snuff: (All with Client Center)

Full Hardware Inventory
Full Software Inventory
Verify Running SMS related services
Check Execution History
Re-verify Assigned Site, Client Version, GUID and MP

Generally, these steps will bring most clients back online and their gears start whirring and clanking. (Those are technical terms.)

If you have run out of relaxing things to do on your Saturdays, try this website and its wonderful collection of light reading.

http://csrc.nist.gov/publications/index.html

ENJOY!

********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: October 10, 2007
********************************************************************

Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

  * MS07-060 - Critical
  * MS07-058 - Important
  * MS07-057 - Critical
  * MS07-045 - Critical
  * MS07-027
  * MS06-068
  * MS06-006
  * MS05-032

Bulletin Information:
=====================

* MS07-060 - Critical

  - http://www.microsoft.com/technet/security/bulletin/ms07-060.mspx
  - Reason for Revision: Bulletin Updated: Hyperlink updated for the
    Microsoft Mactopia Web site to the correct download location
    of the 11.3.8 Update in the Deployment Information section. 
  - Originally posted: October 9, 2007
  - Updated: October 10, 2007
  - Bulletin Severity Rating: Critical
  - Version: 1.1
   
* MS07-058 - Important

  - http://www.microsoft.com/technet/security/bulletin/ms07-058.mspx
  - Reason for Revision: Updating bulletin to show XP professional
    x64 Edition Service Pack 2 as affected software. 
  - Originally posted: October 9, 2007
  - Updated: October 10, 2007
  - Bulletin Severity Rating: Important
  - Version: 1.1
   
* MS07-057 - Critical

  - http://www.microsoft.com/technet/security/bulletin/ms07-057.mspx
  - Reason for Revision: Revised to correct the What does the update
    do? section for CVE-2007-3893 
  - Originally posted: October 9, 2007
  - Updated: October 10, 2007
  - Bulletin Severity Rating: Critical
  - Version: 1.1
   
* MS07-045 - Critical

  - http://www.microsoft.com/technet/security/bulletin/ms07-045.mspx
  - Reason for Revision: Bulletin revised to correct the name of an
    affected file in the bulletin text only. 
  - Originally posted: August 14, 2007
  - Updated: October 10, 2007
  - Bulletin Severity Rating: Critical
  - Version: 1.3
   
* MS07-027

  - http://www.microsoft.com/technet/security/bulletin/ms07-027.mspx
  - Reason for Revision: Revised to include missing folder
    information for Internet Explorer 7 for Windows Server 2003 
  - Originally posted: May 8, 2007
  - Updated: October 10, 2007
  - Bulletin Severity Rating: Critical
  - Version: 1.4
   
* MS06-068

  - http://www.microsoft.com/technet/security/bulletin/ms06-068.mspx
  - Reason for Revision: Clarified that MS05-032 is only replaced
    when both MS06-068 and MS07-045 are installed. For more
    information, see What updates does this release replace? in
    the section, Frequently Asked Questions (FAQ) Related to This
    Security Update 
  - Originally posted: November 14, 2006
  - Updated: October 10, 2007
  - Bulletin Severity Rating: Critical
  - Version: 1.2
   
* MS06-006

  - http://www.microsoft.com/technet/security/bulletin/ms06-006.mspx
  - Reason for Revision: V1.1 (October 10, 2007): Added Microsoft
    Knowledge Base Article 937986 to Caveats which documents
    the currently known issues that customers may experience when
    they install this security update. 
  - Originally posted: February 14, 2006
  - Updated: October 10, 2007
  - Bulletin Severity Rating: Critical
  - Version: 1.1
   
* MS05-032

  - http://www.microsoft.com/technet/security/bulletin/ms05-032.mspx
  - Reason for Revision: Clarified that MS05-032 is replaced only
    when both MS06-068 and MS07-045 are installed. For more
    information, see Why am I receiving this update in the
    section, Frequently asked questions (FAQ) related to this
    security update. 
  - Originally posted: June 14, 2005
  - Updated: October 10, 2007
  - Bulletin Severity Rating: Moderate
  - Version: 2.2

********************************************************************
Title: Microsoft Security Bulletin Re-Release
Issued: October 10, 2007
********************************************************************

Summary
=======
The following bulletin has undergone a major revision increment.
Please see the bulletin for more detail.

  * MS07-056 - Critical

Bulletin Information:
=====================

* MS07-056 - Critical

- http://www.microsoft.com/technet/security/bulletin/ms07-056.mspx
- Reason for Revision: Revised to include Windows XP Professional
    x64 Edition in the Affected Software section; Known Issues
    set to none; Corrected missing file information to the
    bulletin text for Outlook Express 6.0 Service Pack 1 on
    Windows 2000 Service pack 4 and Outlook Express 5.5 Service
    Pack 2 on Windows 2000 Service pack 4. 
- Originally posted: October 9, 2007
- Updated: October 10, 2007
- Bulletin Severity Rating: Critical
- Version: 2.0

********************************************************************
Title: Microsoft Security Bulletin Re-Releases
Issued: October 9, 2007
********************************************************************

Summary
=======
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

  * MS05-004

Bulletin Information:
=====================

* MS05-004

- http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx
- Reason for Revision: Bulletin updated as Windows Server 2003
    Service Pack 2 and Windows Vista have been added to the
    "Affected Software" sections for .NET Framework 1.0 Service
Pack 3 KB886906 and .NET Framework 1.1 Service Pack 1 KB886903.
- Originally posted: February 8, 2005
- Updated: October 9, 2007
- Bulletin Severity Rating: Important
- Version: 4.0
       

There was a request on the forums today for a report which would yield some information about advertisements which had not succeeded. I responded with the following: (MOF file is attached.) 

Report Name - Status of Advertisements which have NOT Succeeded

SELECT     vAI.CollectionID, vAI.AdvertisementName, vRS.Netbios_Name0, vCAS.LastStatusMessageIDName, vCAS.LastStatusTime
FROM         v_ClientAdvertisementStatus AS vCAS INNER JOIN
                    v_R_System AS vRS ON vCAS.ResourceID = vRS.ResourceID INNER JOIN
                    v_AdvertisementInfo AS vAI ON vCAS.AdvertisementID = vAI.AdvertisementID
WHERE     (vCAS.LastStatusMessageID <> 10009) AND (vCAS.LastStatusMessageID <> 10008) AND vAI.CollectionID = @CollID

Prompt: Name = CollID

begin
if (@__filterwildcard = '')
SELECT DISTINCT CollectionID, Name FROM v_Collection ORDER BY Name
else
SELECT DISTINCT CollectionID, Name FROM v_Collection
WHERE CollectionID like @__filterwildcard
ORDER BY Name
end