This Blog



What Video Game Character Are You? I am Kung Fu Master.
I am Kung Fu Master.

I like to be in control of myself. I dislike crowds, especially crowds containing people trying to kill me. Even though I always win, I prefer to avoid fights if possible.

What Video Game Character Are You?

Blogs I read

Rob Marshall @

... my god, it's full of stars

August 2008 - Posts

  • ConfigMgr R2 - Released

    Cliff Hobbs blogged on this already, but I wanted to give a shout out to Carol Bailey and Co for doing a great job on getting R2 out the door. I did play with R2 in Beta\RC, and I do like the new features it brings in to the product.

    In all honesty i've not been an advocate of the R2 method of implementing new features, as it creates mutiple code streams for a product and just over-complicates things from a support perspective. I do understand features cannot be put into a Service Pack, so obviously this is quicker way to bring these features to market. I just wonder why are not going down the Feature Pack route anymore?

    Congrats on getting R2 out the door! And Carol, take a holiday to celebrate!


  • More on: Garry Mckinnon

    Yesterday I wrote about Garry Mckinnon, and today I have to straight lift this from Slashdot.Org:

    "The BBC has published a very good profile of Gary McKinnon. It discusses his motives and methods as well as raising the question as to whether he is a malicious 'hacker' or whether he was simply obsessed with finding info about UFOs and should be praised for finding security faults in what should be extremely secure systems. This should provided stimulus for some interesting discussion on Slashdot especially between us Brits and our American friends following the confirmation of his extradition to the USA."

    It just so doesn't add up! He's either the biggest hacking mastermind of all time, or a naive but capable guy, who did whatever it took to get to sensitive information to prove\disprove the whole UFO conspiracy theories that are floating around out there.

     ... "But he did admit that he hacked into dozens of US government computer systems. In fact, he calmly detailed just how easy it was to access extremely sensitive information in those systems."

    Cough! Easy to get access to military computers?!?! Oh dear! Me thinks the network admins that secured those environments should be brought to trial for allowing sensitive information to be easily accessible! Or does the buck stop with the hacker, and not the piss poor admins?

    Just imagine setting up an MS product (ISA Server) so badly that people can just come in and tickle the internal network silly ... then, when your boss blows chunks you say it's the hackers fault for abusing the badly configured setup! You've got to laugh!

    Posted Aug 29 2008, 09:42 AM by Robs Blog
    Filed under:
  • BBC News: Hacker loses extradition appeal

    This story really gets my goat. I really feel sorry for Gary McKinnon. He's 2 weeks away from extradition to the USA, where mostly likely he'll be charged under the super-duper terrorism laws for his Indiscretions.

    He really shouldn't be labelled as a Terrorist, and he shouldn't be extradited. Instead he should be tried here. That word Terrorist, it's so confusing nowdays (intentionally made confusing I may add) ... who is, and who isn't a Terrorist?

    Take a look at the OED definition for Terrorist

    a person who uses violence and intimidation in the pursuit of political aims

    This guy hasn't shown an ounce of violence to anyone, he's just like me and you, and I'd bet he scraped his skill-set from the web and from chats with friends on IRC, instead he finds a weakness in the US Miliary\NASA computer systems (did anyone lose their jobs over their faiure to secure these secure networks?) and exploits it (bad! but not Evil!) to find out "secrets", as he puts it ... "I sought information on UFOs".

    Roll back 10 or so years ago, and he would have been questioned, his methods analysed and neutralised, and possibly either hired or released back in to the wild. Roll forward to now and this guy is about to be made an example of, to all those terrorists that couldn't achieve what he did even if they tried ... great example that'll make!

    If he gets put in prison in the USA then it's a show, a scam, and it's being done to cover up the clumsy security measures that were in-place when he managed to blaze his way through 97 odd computers.

    If you have any sympathy for the poor guy, in the UK we write to our local MP's and they take it up, please raise awareness inside the USA that this isn't acceptable behaviour. He sure did commit a crime, but not an evil one!

    Source: BBC News

    Posted Aug 28 2008, 08:21 AM by Robs Blog
    Filed under:
  • ConfigMgr 2007 RTM\SP1 - Component Status Summarizer acting like a dead duck?

    This issue won't impact many of you, and to induce the following behaviour you really need to go toggle some values most SMS Admins leave well alone. Hence why this one hasn't been spotted in the wild (there is a technet forum thread on this ...).

    Have you noticed in your environment that your Component Status Summarization data is not being replicated to the parent site?

    You prod it with the proverbial stick but it just won't respond, akin to a dead duck?

    Well, firstly each Site server will summarizer it's own status messages for Offer, Component and Site System, wrap this up in a SUM file then replicate to it's Parent Site server (obviously only if this feature is enabled!). This is so that the Parent does not have to summarizer nn amount of child sites status messages. Overwhelm the server it could, so instead this summarization is performed by the owner of the status messages. I do believe this hasn't changed since the SMS 2.0 days, and is an effective way of managing the problem of summarization and replication of this data upwards.

    You can check the usual log files, ending up in COMPSUMM, and you notice that nothing is ever put in to a SUM file for replication to the Parent Site server.

    Again I have to say *** 99.9% of you WON'T ever experience this problem ***

    That 0.1% that do suffer from the problem probably have done two things:

    1. Firstly, they have modified the Replication Priority for the Component Status Summarizer from MEDIUM to HIGH or LOW at the Child site.
    2. Secondly, they have reverted the change back to MEDIUM at the Child site.

    If you are suffering from this problem, then go check your COMPSUMM log, make sure it definately isn't attempting to put together the SUM file for replicatioh, and that you are set to Replication Priority Medium. If so, now go check your SCF and pull up next to the <SMS_COMPONENT_STATUS_SUMMARIZER> Component definition, check out the Replication tag. Usually looks like this:


    If it says Medium instead of Normal then there is the problem. ConfigMgr is looking for three values, High, Normal and Low. Therefore Medium is ignored, the replication of summarization data is skipped, and you don't see summarization data at the Parent. The child site will continue to summarize, but it just won't get around to producing and replicating a SUM file to the Parent Site server.

    I reproduced this in my home test lab and can confirm all of the above.

    Three ways out of this:

    1. Change to HIGH\LOW (LOW best option, only if you are impacted, leave the Component Status Summarizer alone if you are not experiencing the problem)
    2. Keep at MEDIUM but edit the SCF (I totally recommend that you DO NOT do this)
    3. Wait for the impending hot-fix from Microsoft or for it to be rolled in to the next product service pack (Best path if you are unaffected)

    By default, the out of the box SCF file has the correct definition so this bug activates ONLY if you modify Replication Priority for this specific component. Please do not tinker on your production environment to reproduce this problem, do it in the lab if you are unaffected but interested.

    Force be with you and all that Wink



  • WMUG Exclusive - Irrefutable proof that moon landings where faked!!!

    Yes ... another great scoop for WMUG!

    After much trawling of the web, I finally stumbled in to a site that had all the answers, with photo comparisons and analysis proving that those moon landings where truely faked (and that aliens where involved!)

    Without much further ado, I link you to >here<

    No more BS NASA, we are on to you big time!

  • Configuration Manager - List of log files

  • ConfigMgr SP1 installation causes BSOD

    Had an interesting problem yesterday, ConfigMgr RTM upgrade to SP1 two thirds of the way through induced a BSOD.

    Hard to troubleshoot, system reboots and all you're left with is a minidump (depending on your OS configuration for debugging) and a partially completed ConfigMgrSetup log file.

    ConfigMgrSetup log file indicates that the failure point took place around where the WinPE boot images are updated. You can go really far in terms of digging on this one, or just drop back, get the minidump and parse it in the Microsoft debugging tools.

    Once you sort out your Symbols and analyse the dump, you'll be closer to identifying what causes the BSOD. In my case, it turned out to be a driver called SRTSP.SYS that belongs to the Symantec Anti-Virus suite.

    Yep you read that right! It was the Anti-Virus software that Blue Screened the Operating System. Most disappointing, but from experience, and from talking to other Admins ... Anti-Virus is a plague we all have to tolerate, and it causes unusual and unpredictable behaviour to take place.

    If you've not debugged a minidump, or forgotten the steps (for us oldies!) then here's a great article on Ghacks by Martin on how to get the process up and running.

    I'd like to dedicate this blog posting to Larus Bulat, who cusses and curses about Anti-Virus software causing him no end of headaches, and who made me smile when I realised that the problem I was dealing with was entirely due to those pesky Anti-Virus products.

  • ConfigMgr client install failure - Errors 1708 & 1603 in

    Seen an interesting issue where the CCMSETUP parameters incorrectly specify MP as SMSMP, resulting in failure and exotic errors appearing in the CLIENT.MSI and CCMSETUP logs:

    Just need to fire up CLIENT.MSI in SMSTRACE, find Return value 3 and you'll possibly see the following:

    WARNING: The path passed for the TRK file is empty.
    SMSMP cannot be specified without SMSSITECODE
    MSI (s) (1C!94) [10:10:37:046]: Product: Configuration Manager Client -- Error 25001. Setup failed due to unexpected circumstances
    The error code is 80004005

    Error 25001. Setup failed due to unexpected circumstances
    The error code is 80004005
    MSI (s) (1C:0C) [10:10:37:046]: Machine policy value 'DisableRollback' is 0
    MSI (s) (1C:0C) [10:10:37:093]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
    Action ended 10:10:37: SmsSetClientConfigInit. Return value 3.
    MSI (s) (1C:0C) [10:10:37:093]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
    MSI (s) (1C:0C) [10:10:37:093]: No System Restore sequence number for this installation.
    MSI (s) (1C:0C) [10:10:37:093]: Unlocking Server
    Action ended 10:10:37: INSTALL. Return value 3.

    At the tail-end of the CLIENT.MSI log file:

    MSI (s) (1C:0C) [10:10:37:328]: Note: 1: 1708
    MSI (s) (1C:0C) [10:10:37:328]: Product: Configuration Manager Client -- Installation operation failed.

    MSI (s) (1C:0C) [10:10:37:390]: Cleaning up uninstalled install packages, if any exist
    MSI (s) (1C:0C) [10:10:37:390]: MainEngineThread is returning 1603
    MSI (s) (1C:54) [10:10:37:500]: Destroying RemoteAPI object.
    MSI (s) (1C:D0) [10:10:37:500]: Custom Action Manager thread ending.
    === Logging stopped: 20-08-2008  10:10:37 ===
    MSI (c) (1C:20) [10:10:37:500]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied.  Counter after decrement: -1
    MSI (c) (1C:20) [10:10:37:500]: MainEngineThread is returning 1603
    === Verbose logging stopped: 20-08-2008  10:10:37 ===

    CCMSETUP log file drops out at the following section: SmsSetClientConfigInit

    MSI: Action 13:55:32: SmsSetClientConfigInit. Setting SMS configuration ccmsetup
    MSI: Setup failed due to unexpected circumstances
    The error code is 80004005 ccmsetup
    Installation failed with error code 1603 ccmsetup

    It's a classic mistake, easily overlooked.

    CCMSETUP should be saying "Command line parameters for CCMSETUP incorrectly specified, unknown parameter SMSMP identified", but it doesn't as you can see above



  • ConfigMgr 2007 and Windows Server 2008

    I've recently spent a fair bit of time working on ConfigMgr R2 residing upon Windows Server 2008. There are a few issues in there that you'll need to become aware of, but it's not that difficult to get underway.

    I was going to write up a good article on this one, but it seems I was literally only a few days ahead of some of the other posters out there, for example the Deployment Guys have a good posting on the subject.

    Keep an eye on this procedure, don't follow these instructions to the letter, it's not a work sheet\tick list. You DON'T need to install the Domain Controller role on the Windows Server 2008 target server (the guy does state this is only a prereq for his lab!!!!)

    Anyways I thought I'd link up to that posting rather than put up my own (I know, such a lazy cheater I am!!!!)

    All I'd add is to be mindful of being in Native mode, and requesting the certificates from a Windows 2003 Root CA (or subordinate) from Windows 2008.  There is a two-step shuffle work-around required, firstly a patch to modify the Web enrolment website files on the CA itself to support Vista\Server 2008, and then once you've retrieved the certificate the steps for moving the certificate+keys from the User store to the Computer store.

    Firstly, the Server 2008 to Server 2003 CA issue is discussed here (Along with a side-issue on V3 PKI certificates not being supported on ConfigMgr 2007, always handy to know this stuff even if it's not applicable now)

    And the second step is required because the web enrolment ActiveX component cannot reach the Computer Store (Server 2008, change in security architechure for Iexplore) and thus the certificate+key is stored in the User's certificate store instead. No good for ConfigMGr, so the steps to move the certificates are covered off here, but keep in mind the certificate template MUST have "export keys" ticked before you issue the certificate for this to work:

    Rushed I am, new task master I have. But I will try to squeeze more time out to review this posting, see what i've missed, answer any comments et al.


  • ConfigMgr Visio stencils

    Rod Trent over at myITforum posted a link to a download that contains Visio stencils and an example diagram ... had to link this here, as it's VERY HANDY!

    Thanks Rod,

  • NxtGenUG Silverlight Manic Miner

    The NxtGen User group put together Manic Miner running on Silverlight!


    Check it out, classic retro graming at it's finest!


Copyright -, Inc. - 2010 All Rights reserved.
Powered by Community Server (Commercial Edition), by Telligent Systems