How to stop an errant Advertisement in SMS 2003 / SCCM 2007
Scenario: An advertisement went out for a package that is causing havoc. Let’s say, it is rebooting servers and workstations. How do you stop it NOW!?!?! With a Big Red Stop Button (BRSB).
Below are 5 scenarios with varying speeds and success rates.
Method 1: Stop the IIS service or the SMS_OFFER_MANAGER service on all servers.
Upside: Everything stops
Downside: Everything stops including normal client communications or any other distribution
Method 2: Delete the source package files off the DP(s) update: change the ntfs folder premissions to deny any client from reading the source files. Thanks jnelson
Upside: All clients trying to run errant advertisement will say “Waiting For Content”
Downside: Copying the package source back to the DP after everything calms down.
Method 3: Delete the Advertisement (Do not do this)
Upside: Makes you feel better
Downside: Does not stop any clients until a policy refresh is triggered. You also lose all tracking of the damage you have wrought.
Method 4: Disable the Program
Upside: Prevents further execution
Downside: Does not stop any clients until a policy refresh is triggered.
Method 5: Expire the advertisement
Upside: Prevents further execution
Downside: Does not stop any clients until a policy refresh is triggered.
Summary: Best solution for Big Red Stop Button (BRSB) appears to be Method 2. Delete the files off the DP. You will need to know the PackageID. (see reports below) and the location of the DPs (see reports below).
Best order of execution to achieve BRSB
- Identify PackageID
- See report below
- See console command line below
- Identify DPs that you will need to target
- See report below
- Run a script to delete the files off the DPs
- Disable the program
- Disable the advertisement (change the execution expiration time)
- View reports on advertisement success rate so you know who to go fix
If there is desire for me to post the scripts or more screen shots on how to do this, please respond to this post, and I’ll whip more docs up.
Now that the package has stopped, the clients have received new policies to prevent the errant program from executing again. How do I get the files back on the DP? Easy, refresh the Distribution Points from the package. Refresh will keep the DP version the same. Reminder: if you update the DPs. You will be creating a new version, which may cause clients to execute this new package. (Been there)
Helpful Reports (SMS 2003)
List of All packages:
http://<ServerNameHere>/SMSReporting_<SiteCode>/Report.asp?ReportID=137
List of All Active Package Distributions:
http://<ServerNameHere>/SMSReporting_<SiteCode>/Report.asp?ReportID=141
List of All DPs:
http://<ServerNameHere>/SMSReporting_<SiteCode>/Report.asp?ReportID=138
Location of DP (SMS 2003)
\\<ServerNameHere>\smsdp$\SMSPKG
How to add NodeInfo to the SMS 2003 console?
Add the following switch to the console command line
/SMS:NodeInfo=1 or /SMS:NodeInfo=2
Adds a property sheet that contains node information such as the GUID, WMI instance data, and the named values associated with the node to a node's property page. You access the node information sheet by selecting the Node Information tab. Typically, you use this option when you develop or debug extension snap-ins that extend the SMS Administrator console.
This option can be set to 1 or 2. Setting NodeInfo to 1 places the Node Information sheet last on the property page. Setting NodeInfo to 2 places the Node Information sheet first on the property page.
SMS 2003 command line:
C:\smsadmin\bin\i386\sms.msc /SMS:NodeInfo=1
SCCM 2007 commandline
"C:\Program Files\Microsoft Configuration Manager Console\AdminUI\bin\adminconsole.msc" sms:debugview=1