Sherry Kissinger at myITforum.com

Scriptlogic MSI Studio - Quick Review

I've been meaning to install MSIStudio from Scriptlogic for a while to check it out, and I finally had time.  I created (and edited, post-creation) a basic response transform, and repackaged a really old install (it was so old, folder names had to be 8 char!).  For both, I was quite satisfied with how it functioned, and the plethora of customizations, especially post-creation; just editing the .msi or .mst. via right-click, edit.

Having used both Wise & AdminStudio in the past, the methods were very familiar to me.  With that background, it's likely I wasn't a good person to test how a new ConfigMgr admin might understand how to use the app.  But if you've used other Transform Editors, it's a very familiar layout.

If you work for a company which has a large department that needs to keep track of project status during package creation, one of the other vendors' offerings may be a better fit.  But if you are a small to mid-size company with few people that would create a transform or repackage something, this would definitely fit the bill.  I was able to quickly find everything I'd ever had to find when customizing an install: regkeys, files, permissions, custom actions, properties, what the entry in ARP looks like.  I could create my own vbscript custom action, I could add my own Components and Features, and I could add to the upgrade list of GUIDs.  I could mess with the order of InstallExecuteSequence, or delete items within the sequence.  I know that's not a definitive list--but that's pretty much everything I've ever had to do when customizing an install as an admin.

I couldn't figure out how to import a .reg for stamping the .mst; but manually creating the Component, and Feature, then manually creating the regkeys in the registry, copying them over, editing them to be [ ] variables, then in the registry table moving the regkeys from their component to my component, building & saving worked.  So it's possible to stamp your mst; but it was slightly painful!  Although more likely... I just didn't know how to do an import regkey action within my custom component.

As an extra bonus, I checked the prices of the 'standard' full license for the other 2 vs. MSI Studio Standard.  MSI Studio was easily 1/3rd to 1/4th the price of those others.

It should be noted I didn't test all of the options available--just the 2 that I've used most of the time.  Creating a transform is the main one.  Repackaging something is generally the absolute last choice to an admin--the vendor usually has an MSI.  Even if that MSI is buried inside of a setup.exe.  That just means you have to look harder to find it!

win32_servercomponent - what is it?

I'd like to know, too!  Actually Rob Olson (the Dude from www.dudeworks.com) believes it was an earlier beta WMI class for Windows Server 2008.  When it went RTM it was likely renamed win32_serverfeature.

So, what's the big deal?  Not much.  It's just that it's a class that is on by default (set to TRUE) in your sms_def.mof for Configuration Manager.  I'm fairly certain everyone can change that in their SMS_DEF.MOF from TRUE to FALSE.  You could probably even delete the whole section without any guilt whatsoever.

Now that you've cleaned up... if you want reported what it likely was supposed to report...  add this edit to the bottom of your SMS_DEF.MOF:

[ SMS_Report     (TRUE),
  SMS_Group_Name ("Server Feature"),
  SMS_Class_ID   ("CUSTOM|SERVER_FEATURE|1.0") ]

class Win32_ServerFeature : SMS_Class_Template
{
 [SMS_Report (TRUE), key ] uint32 ID;
 [SMS_Report (TRUE)      ] uint32 ParentID;
 [SMS_Report (TRUE)      ] string Name;
};

This edit is for Windows Server 2008, Server Features.  For example, this is the data you would get back.  You can see this box has WSUS, and IIS installed.  And you can also see which features are dependent on other installed features by looking at ParentID.

What might this be useful for?  Well, not much yet that I can see in the near future.  But one day you'll have gotten rid of all of your older Server OS'.  At that point, wouldn't it be great to find "all servers with IIS + xyz features" using this instead of Add/Remove Programs or something else?  If you don't think you need this quite yet (Server 08 is a year+ away) add it as FALSE until someone asks for "what Server Features are installed on our Windows Server 2008 boxes".  Then all you'd have to do is change it to TRUE.

Dell OMCI SMBiosSettings - Hardware Inventory Extension

By request, the WakeOnLan settings out of the WMI Namespace created by Dell's Open Manage Client Instrumentation; the Dell_SMBIOSSettings, specifically the WakeOnLan attributes.  Below is the mof edit; to be added to the bottom of sms_def.mof on your primary site servers, inboxes\clifiles.src\hinv.  Note most of the attributes are FALSE.  If you determine you would like those additional attributes, at any time you can change them from FALSE to TRUE.  Also below is a sample report for the WakeonLan returned results.  The results come back as an integer; so interpretation is needed at the report.  If you do want to turn on additional attibutes, in the attached is a text file.  If you follow the pattern of the WakeOnLan info, you'll see the other attributes' patterns, and be able to create your own Select Case... reports.

// Dell SMBIOS Settings
// These settings are available when the following optional application for
// managed Dell systems is installed.
// Dell Open Manage Client Instrumentation (OMCI)
// This edit was tested using v7.6 of Dell OMCI
// Note: the majority of options, changed from FALSE to TRUE, report an
// integer (0, 1, 2, 3, etc.)  Those integers would need to be correctly
// interpreted at the report level.

[ SMS_Report     (TRUE),
  SMS_Group_Name ("Dell SMBIOS Settings"),
  SMS_Class_ID   ("CUSTOM|Dell_SMBiosSettings|1.0"),
  SMS_Namespace (FALSE),
  Namespace      ("\\\\\\\\localhost\\\\root\\\\dellomci") ]

class Dell_SMBIOSSettings : SMS_Class_Template
{
  [SMS_Report (FALSE)    ]     sint32 AGPSlot;
  [SMS_Report (FALSE)    ]     sint32 AmbientLightSensor;
  [SMS_Report (FALSE)    ]     sint32 AFSMode;
  [SMS_Report (FALSE)    ]     sint32 AutoOn;
  [SMS_Report (FALSE)    ]     sint32 AutoOnHour;
  [SMS_Report (FALSE)    ]     sint32 AutoOnMinute;
  [SMS_Report (FALSE)    ]     sint32 BluetoothDevices;
  [SMS_Report (FALSE)    ]     sint32 BootSequence;
  [SMS_Report (FALSE)    ]     sint32 BuiltinFloppy;
  [SMS_Report (FALSE)    ]     sint32 BuiltinNIC;
  [SMS_Report (FALSE)    ]     sint32 BuiltinNIC2;
  [SMS_Report (FALSE)    ]     sint32 BuiltinPointingDevice;
  [SMS_Report (FALSE)    ]     string Caption;
  [SMS_Report (FALSE)    ]     sint32 CellularRadio;
  [SMS_Report (FALSE)    ]     sint32 Charger;
  [SMS_Report (FALSE)    ]     sint32 ChassisIntrusion;
  [SMS_Report (FALSE)    ]     sint32 ChassisIntrusionStatus;
  [SMS_Report (FALSE)    ]     sint32 ClearSystemEventLog;
  [SMS_Report (FALSE)    ]     sint32 CoolAndQuiet;
  [SMS_Report (FALSE)    ]     sint32 CPUVirtualization;
  [SMS_Report (FALSE), key]     sint32 DellInstanceID;
  [SMS_Report (FALSE)    ]     string Description;
  [SMS_Report (FALSE)    ]     sint32 ESataPorts;
  [SMS_Report (FALSE)    ]     sint32 ExpressCharge;
  [SMS_Report (FALSE)    ]     sint32 ExternalHotkey;
  [SMS_Report (FALSE)    ]     sint32 FastBoot;
  [SMS_Report (FALSE)    ]     sint32 HardDiskAcousticMode;
  [SMS_Report (FALSE)    ]     sint32 HardDiskFailover;
  [SMS_Report (FALSE)    ]     sint32 HotDocking;
  [SMS_Report (FALSE)    ]     sint32 Hyperthreading;
  [SMS_Report (FALSE)    ]     sint32 IDEController;
  [SMS_Report (FALSE)    ]     sint32 IntegratedAudio;
  [SMS_Report (FALSE)    ]     sint32 IntegratedRAIDController;
  [SMS_Report (FALSE)    ]     sint32 IntegratedSASController;
  [SMS_Report (FALSE)    ]     sint32 IntegratedSATAController;
  [SMS_Report (FALSE)    ]     sint32 IntegratedUSBHub;
  [SMS_Report (FALSE)    ]     sint32 InternalMiniPCI;
  [SMS_Report (FALSE)    ]     sint32 KeyboardIllumination;
  [SMS_Report (FALSE)    ]     sint32 Keypad;
  [SMS_Report (FALSE)    ]     sint32 LimitCPUIDValue;
  [SMS_Report (FALSE)    ]     sint32 LowPowerS5;
  [SMS_Report (FALSE)    ]     sint32 MediaCardAnd1394;
  [SMS_Report (FALSE)    ]     sint32 Microphone;
  [SMS_Report (FALSE)    ]     sint32 ModuleBayDevice;
  [SMS_Report (FALSE)    ]     sint32 MonitorToggling;
  [SMS_Report (FALSE)    ]     sint32 MultiCore;
  [SMS_Report (FALSE)    ]     sint32 NMIButton;
  [SMS_Report (FALSE)    ]     sint32 NodeInterleave;
  [SMS_Report (FALSE)    ]     sint32 NoExecute;
  [SMS_Report (FALSE)    ]     sint32 NumLock;
  [SMS_Report (FALSE)    ]     sint32 Onboard1394;
  [SMS_Report (FALSE)    ]     sint32 OnboardModem;
  [SMS_Report (FALSE)    ]     sint32 OSInstallMode;
  [SMS_Report (FALSE)    ]     sint32 ParallelPortConfiguration;
  [SMS_Report (FALSE)    ]     sint32 ParallelPortMode;
  [SMS_Report (FALSE)    ]     sint32 PasswordBypass;
  [SMS_Report (FALSE)    ]     sint32 PCCard;
  [SMS_Report (FALSE)    ]     sint32 PCCardAnd1394;
  [SMS_Report (FALSE)    ]     sint32 PCISlots;
  [SMS_Report (FALSE)    ]     sint32 PenMissingIndication;
  [SMS_Report (FALSE)    ]     sint32 PenResumeOn;
  [SMS_Report (FALSE)    ]     sint32 PointingDevice;
  [SMS_Report (FALSE)    ]     sint32 POSTF12KeySetting;
  [SMS_Report (FALSE)    ]     sint32 POSTF2KeySetting;
  [SMS_Report (FALSE)    ]     sint32 POSTHelpDeskKeySetting;
  [SMS_Report (FALSE)    ]     sint32 POSTMEBxKeySetting;
  [SMS_Report (FALSE)    ]     sint32 PowerManagementSettings;
  [SMS_Report (FALSE)    ]     sint32 PrimaryParallelATAMaster;
  [SMS_Report (FALSE)    ]     sint32 PrimaryParallelATASlave;
  [SMS_Report (FALSE)    ]     sint32 PrimaryVideo;
  [SMS_Report (FALSE)    ]     sint32 RadioTransmission;
  [SMS_Report (FALSE)    ]     sint32 SafeUSB;
  [SMS_Report (FALSE)    ]     sint32 SATADIPM;
  [SMS_Report (FALSE)    ]     sint32 SecondaryParallelATAMaster;
  [SMS_Report (FALSE)    ]     sint32 SecondaryParallelATASlave;
  [SMS_Report (FALSE)    ]     sint32 SerialATAChannel1;
  [SMS_Report (FALSE)    ]     sint32 SerialATAChannel2;
  [SMS_Report (FALSE)    ]     sint32 SerialATAChannel3;
  [SMS_Report (FALSE)    ]     sint32 SerialATAChannel4;
  [SMS_Report (FALSE)    ]     sint32 SerialATAChannel5;
  [SMS_Report (FALSE)    ]     sint32 SerialATAChannel6;
  [SMS_Report (FALSE)    ]     sint32 SerialATAChannel7;
  [SMS_Report (FALSE)    ]     sint32 SerialATAChannel8;
  [SMS_Report (FALSE)    ]     sint32 SerialCommunication;
  [SMS_Report (FALSE)    ]     sint32 SerialPort1Configuration;
  [SMS_Report (FALSE)    ]     sint32 SerialPort2Configuration;
  [SMS_Report (FALSE)    ]     sint32 SERRDMIMessage;
  [SMS_Report (FALSE)    ]     sint32 SetCMOSToDefault;
  [SMS_Report (FALSE)    ]     string SettingID;
  [SMS_Report (FALSE)    ]     sint32 SingleByteECCLogging;
  [SMS_Report (FALSE)    ]     sint32 SingleCoreTurboMode;
  [SMS_Report (FALSE)    ]     sint32 SmartCardReader;
  [SMS_Report (FALSE)    ]     sint32 SMARTErrors;
  [SMS_Report (FALSE)    ]     sint32 SpeakerVolume;
  [SMS_Report (FALSE)    ]     sint32 SpeedStep;
  [SMS_Report (FALSE)    ]     sint32 TabletButtons;
  [SMS_Report (FALSE)    ]     sint32 TertiaryParallelATAMaster;
  [SMS_Report (FALSE)    ]     sint32 TertiaryParallelATASlave;
  [SMS_Report (FALSE)    ]     sint32 TrustedPlatformModule;
  [SMS_Report (FALSE)    ]     sint32 TrustedPlatformModuleActivation;
  [SMS_Report (FALSE)    ]     sint32 UARTPowerDown;
  [SMS_Report (FALSE)    ]     sint32 USBEmulation;
  [SMS_Report (FALSE)    ]     sint32 USBFlashDriveEmulation;
  [SMS_Report (FALSE)    ]     sint32 USBFrontPanelPorts;
  [SMS_Report (FALSE)    ]     sint32 USBPort00;
  [SMS_Report (FALSE)    ]     sint32 USBPort01;
  [SMS_Report (FALSE)    ]     sint32 USBPort02;
  [SMS_Report (FALSE)    ]     sint32 USBPort03;
  [SMS_Report (FALSE)    ]     sint32 USBPort04;
  [SMS_Report (FALSE)    ]     sint32 USBPort05;
  [SMS_Report (FALSE)    ]     sint32 USBPort06;
  [SMS_Report (FALSE)    ]     sint32 USBPort07;
  [SMS_Report (FALSE)    ]     sint32 USBPort08;
  [SMS_Report (FALSE)    ]     sint32 USBPort09;
  [SMS_Report (FALSE)    ]     sint32 USBPort10;
  [SMS_Report (FALSE)    ]     sint32 USBPort11;
  [SMS_Report (FALSE)    ]     sint32 USBPort12;
  [SMS_Report (FALSE)    ]     sint32 USBPort13;
  [SMS_Report (FALSE)    ]     sint32 USBPort14;
  [SMS_Report (FALSE)    ]     sint32 USBPort15;
  [SMS_Report (FALSE)    ]     sint32 USBPorts;
  [SMS_Report (FALSE)    ]     sint32 USBPortsExternal;
  [SMS_Report (FALSE)    ]     sint32 USBPortsUserAccessible;
  [SMS_Report (FALSE)    ]     sint32 USBRearDual;
  [SMS_Report (FALSE)    ]     sint32 USBRearQuad;
  [SMS_Report (FALSE)    ]     sint32 USBWake;
  [SMS_Report (FALSE)    ]     sint32 VideoExpansion;
  [SMS_Report (FALSE)    ]     sint32 VideoMemorySize;
  [SMS_Report (FALSE)    ]     sint32 VTforDirectIO;
  [SMS_Report (TRUE)     ]     sint32 WakeupOnLAN;
  [SMS_Report (TRUE)     ]     sint32 WakeupOnLANMethod;
  [SMS_Report (FALSE)    ]     sint32 WiFiCatcherChanges;
  [SMS_Report (FALSE)    ]     sint32 WiFiLocator;
  [SMS_Report (FALSE)    ]     sint32 WirelessDevice;
  [SMS_Report (FALSE)    ]     sint32 WirelessLAN;
  [SMS_Report (FALSE)    ]     sint32 WirelessSwitchBluetoothControl;
  [SMS_Report (FALSE)    ]     sint32 WirelessSwitchCellularControl;
  [SMS_Report (FALSE)    ]     sint32 WirelessSwitchChanges;
  [SMS_Report (FALSE)    ]     sint32 WirelessSwitchWirelessLANControl;
};

 And.. the Sample Report:

select Case when DellSM.WakeupOnLan0 = 1 then 'Other'
when DellSM.WakeupOnLan0 = 2 then 'Unsupported'
when DellSM.WakeupOnLan0 = 3 then 'Magic Packet'
end as 'WakeupOnLan',
Case when DellSM.WakeupOnLANMethod0 = 1 then 'Other'
when DellSM.WakeupOnLANMethod0 = 2 then 'Unsupported'
when DellSM.WakeupOnLANMethod0 = 3 then 'Disabled'
when DellSM.WakeupOnLANMethod0 = 4 then 'Enabled for add-in NIC'
when DellSM.WakeupOnLANMethod0 = 5 then 'Enabled for on-board NIC'
when DellSM.WakeupOnLANMethod0 = 6 then 'Enabled for all NICs'
when DellSM.WakeupOnLANMethod0 = 7 then 'Enabled with boot to NIC'
when DellSM.WakeupOnLANMethod0 = 8 then 'LAN or WLAN'
when DellSM.WakeupOnLANMethod0 = 9 then 'WLAN only'
 END as 'WakeuponLAN Method'
from v_R_System as SYS
inner join v_gs_dell_smbios_settings0 as DellSM on
sys.resourceid=Dellsm.Resourceid
where SYS.Netbios_Name0 = @compname

With a CompName prompt SQL statement of

begin
 if (@__filterwildcard = '')
  SELECT DISTINCT SYS.Netbios_Name0 from v_R_System SYS ORDER By SYS.Netbios_Name0
 else
  SELECT DISTINCT SYS.Netbios_Name0 from v_R_System SYS
  WHERE SYS.Netbios_Name0 like @__filterwildcard
  ORDER By SYS.Netbios_Name0
end

Hardware Inventory Extensions Presentation

At the Minnesota System Center User Group last night, I presented on how to extend hardware inventory.  Attached is the Powerpoint slides from that presentation.

ConfigMgr Hardware Inventory Snippets Updated - v1.3

MOF snippets have been updated, available from http://www.sccmexpert.com/MOF/Scripts.aspx

What's new since 1.0?

9-10-2008 v1.3 - Added to 16-McAfeeEPO (thanks Rick!)
9-1-2008 v1.2 - Added to 19-PhysicalMemory (thanks Greg!)
8-26-2008 v1.1 - Added 37-HardDriveSerialNumber (...)

Desired Configuration Management - Clients fail to successfully download Configuration Items

I came across a mis-configuration issue with Management Points using a replica database.  My own fault of course, but took a long time for me to spot where I messed up.  So just in case someone else hits the same issue...

Issue:  Server 2008, x64.  Configuration Manager 07 Sp1.  Management Points behind an NLB.  Clients could not successfully download Configuration Items for a Configuration Baseline.  (The NLB aspect is not as relevant as the MPs using a replica database)

Symptoms: 

Symptom #1:  During enabling CLR Integration (via SQL 2005 Surface Area Configuration for Features, CLR Integration), the following error would occur:

"could not load file or assembly 'Microsoft.sqlserver.batchparser, version-9.0.242.0, culture-neutral, PublicKeyToken=89845dcd8080cc91' or one of its dependencies.  The system cannot find the file specified. (MIcrosoft.SqlServer.ConnectionInfo)"

Symptom #2: when interactively requesting a client “Evaluate” a Specific baseline listed on the Configuration Management applet, the DCMAgent.log would indicate:

“AddCIAssignmentFromWmiPolicy - Adding baseline with ID:ScopeId_<yourScopeID>/Baseline_<yourBaselineID> Version:<yourversion>.00 to scheduled job”

“State – Downloading”

Then… nothing for 6 hours.  After 6 hours a State – Failed would be recorded in DCMAgent.log

Resolution: On the Management Point Servers hosting the SQL Database Replicas for the NLB-defined Management Point, CLR Integration needs to be enabled (without errors).  On an SQL 2005 x64, "Microsoft SQL Server 2005 Management Objects Collection" from the SQL 2005 Feature Pack (http://www.microsoft.com/downloads/details.aspx?FamilyId=D09C1D60-A13C-4479-9B91-9E8B9D835CDC&displaylang=en), specifically the x64 version, aka SQLServer2005_XMO_x64.msi, needs to be installed.  Then run the Surface Area Configuration for Features, and enable CLR Integration.

Ron Crumbaker's Web Remote Console 3.21 - Installation instructions on Server 2008 with ConfigMgr 07

WIth Hector Cortez, we created a doc that hopefully assists you with getting Ron's Console installed & working on Server 2008 with ConfigMgr 07.

Hardware Inventory - EPO Plugins

Rick Jones shared this mof snippet, see attached picture for a sample of the results returned.

     //SMS_DEF.MOF
            /////////////////////////////////////
           //                                 //
          //  Mcafee ePO Plugins Enumeration //
         //                                 //
        /////////////////////////////////////
 // contributed by Rick Jones//
        #pragma namespace ("\\\\.\\root\\cimv2\\sms")
        #pragma deleteclass("Win32Reg_Mcafee_ePO_Plugins", NOFAIL)
       
        [ SMS_Report     (TRUE),
          SMS_Group_Name ("Mcafee ePO Plugins"),
          SMS_Class_ID   ("McAfee|ePO_Plugins|1.0") ]
       
        class Win32Reg_Mcafee_ePO_Plugins : SMS_Class_Template
        {
            [SMS_Report (TRUE), key ]   string     SoftwareID;
            [SMS_Report (TRUE)      ]   string     Version;
            [SMS_Report (TRUE)      ]   string  ProductName;
            [SMS_Report (FALSE)     ]   string     PluginPath;
            [SMS_Report (FALSE)     ]   string     UninstallCommand;
            [SMS_Report (FALSE)     ]   string     InstallPath;
            [SMS_Report (FALSE)     ]   string     InstalledPath;
            [SMS_Report (TRUE)      ]   string     HotFixVersions;
            [SMS_Report (TRUE)      ]   string     HotFixInstallDate;
            [SMS_Report (TRUE)      ]   string     DatInstallDate;
            [SMS_Report (TRUE)      ]   string     DatVersion;
        };
       
        //Configuration.MOF
            /////////////////////////////////////
           //                                 //
          //  Mcafee ePO Plugins Enumeration //
         //                                 //
        /////////////////////////////////////
 //contributed by Rick Jones //
        #pragma namespace ("\\\\.\\root\\cimv2")
        #pragma deleteclass("Win32Reg_Mcafee_ePO_Plugins", NOFAIL)
       
        [ dynamic,
          provider("RegProv"),
          ClassContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Network Associates\\ePolicy Orchestrator\\Application Plugins")
        ]
        class Win32Reg_Mcafee_ePO_Plugins
        {
            [PropertyContext("Software ID"), key]      string  SoftwareID;
             [PropertyContext("Version")]               string  Version;
             [PropertyContext("Product Name")]          string  ProductName;
             [PropertyContext("Plugin Path")]           string     PluginPath;
             [PropertyContext("Uninstall Command")]          string  UninstallCommand;
             [PropertyContext("Install Path")]          string  InstallPath;
             [PropertyContext("Installed Path")]        string  InstalledPath;
             [PropertyContext("HotFixVersions")]        string  HotFixVersions;
             [PropertyContext("HotFixInstallDate")]         string  HotFixInstallDate;
             [PropertyContext("DatInstallDate")]        string  DatInstallDate;
             [PropertyContext("DatVersion")  ]          string  DatVersion;  
        };

Desired Configuration Management - Trigger Evaluation Remotely

Either I haven't seen it posted elsewhere, or can't find it in the SDK, but I had a need to trigger DCM evaluations on clients.  Here's the code I ended up with.  It could I'm sure be cleaner, or there's already a documented way to do this, but it's working for me so I thought I'd share it.  It could be easily made into a right-click extension, or added as a button to Ron's Console.  Let me know if anyone needs this as a button on Ron's Web Console 3.21; I could throw it together.

 On Error Resume Next
CompName = Wscript.Arguments(0)
If compname = "" Then
  CompName = InputBox("Input a Computer name or IP", "Computer Name",CompName)
End If
err.clear
set DCMInvoke = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
 CompName & "\root\ccm\dcm:SMS_DesiredConfiguration")
 if err.number <> 0 then
 msgbox "unable to access " & CompName & vbcr &_
   "Error: " & err.description,,"SMS DCM Trigger Evaluation"
 else
  Set objSWbemServices = GetObject("winmgmts:\\" & CompName & "\root\ccm\dcm")
  Set colSWbemObjectSet = objSWbemServices.ExecQuery("SELECT * FROM SMS_DesiredConfiguration")
  For Each objSWbemObject In colSWbemObjectSet
   DCMInvoke.TriggerEvaluation objSWbemObject.Name,objSWbemObject.Version
  Next
 end if

Physical Memory and Memory Slots Hardware Inventory extension

Building on Jeff Gilbert's Physical Memory mof edit, Greg Heuing has an additional edit to be able to pull in the # of memory slots on the motherboard.  If you happen to need to know if there are any free memory slots available, this could be a resource.

The edits are below, which you would add to sms_def.mof for both ConfigMgr & SMS2003.  If you are using sms2003, remember to add the Pragma namespace line:
#pragma namespace ("\\\\.\\root\\CIMv2\\sms")
which you do not need in ConfigMgr

[SMS_Report (TRUE),
SMS_Group_Name ("Physical Memory"),
SMS_Class_ID   ("Microsoft|Physical_Memory|1.0")]
 
class Win32_PhysicalMemory : SMS_Class_Template
{   
                [SMS_Report (TRUE)] string BankLabel;   
                [SMS_Report (TRUE), SMS_Units("Megabytes")]  uint64 Capacity;   
                [SMS_Report (TRUE)] string Caption;   
                [SMS_Report (TRUE)] string DeviceLocator[];   
                [SMS_Report (TRUE)] uint16 FormFactor;   
                [SMS_Report (TRUE)] string Manufacturer;   
                [SMS_Report (TRUE)] uint16 MemoryType;   
                [SMS_Report (TRUE)] uint32 PositionInRow;   
                [SMS_Report (TRUE)] uint32 Speed;   
                [SMS_Report (TRUE),Key] string    Tag;   
                [SMS_Report (TRUE),Key] string    CreationClassName;
};
 

// MemoryDevices give you the # of slots

[SMS_Report (TRUE),
SMS_Group_Name ("Physical Memory Array"),
SMS_Class_ID   ("Microsoft|Physical_Memory_Array|1.0")]
 
class Win32_PhysicalMemoryArray : SMS_Class_Template
{   
                [SMS_Report (FALSE)] string Caption;
                [SMS_Report (FALSE)] string CreationClassName;
                [SMS_Report (FALSE)] string Description;
                [SMS_Report (FALSE)] uint16 Location;
                [SMS_Report (FALSE)] string Manufacturer;
                [SMS_Report (TRUE), SMS_Units("Megabytes")] uint32 MaxCapacity;
                [SMS_Report (TRUE)] uint16 MemoryDevices;
                [SMS_Report (FALSE)] uint16 MemoryErrorCorrection;
                [SMS_Report (FALSE)] string Model;
                [SMS_Report (FALSE)] string Name;
                [SMS_Report (FALSE)] string OtherIdentifyingInfo;
                [SMS_Report (FALSE)] string PartNumber;
                [SMS_Report (FALSE)] boolean PoweredOn;
                [SMS_Report (FALSE)] boolean Removable;
                [SMS_Report (FALSE)] boolean Replaceable;
                [SMS_Report (FALSE)] string SerialNumber;
                [SMS_Report (FALSE)] string SKU;
                [SMS_Report (FALSE)] string Status;
                [SMS_Report (TRUE), Key] string Tag;
                [SMS_Report (FALSE)] uint16 Use;
                [SMS_Report (FALSE)] string Version;
};

The edits above would get you a report sample like...

select MEMA.MemoryDevices0 [Total Number of Memory Slots] from v_gs_physical_memory_array as MEMA
inner join v_r_system as SYS on SYS.resourceid=MEMA.resourceid
 where
sys.netbios_name0 = @compname

select mema.memoryDevices0 - Count(mem.tag0) [Number of Free Slots available] from v_gs_physical_memory as MEM
inner join v_r_system as SYS on SYS.resourceid=MEM.resourceid
inner join v_gs_physical_memory_array as MEMA on sys.resourceid=mema.resourceid
 where
sys.netbios_name0 = @compname
group by mema.memorydevices0

With a prompt for compname, provide and sql statement of:
begin
 if (@__filterwildcard = '')
  SELECT DISTINCT SYS.Netbios_Name0 from v_R_System SYS ORDER By SYS.Netbios_Name0
 else
  SELECT DISTINCT SYS.Netbios_Name0 from v_R_System SYS
  WHERE SYS.Netbios_Name0 like @__filterwildcard
  ORDER By SYS.Netbios_Name0
end

Bernard White's SMS Server Tools for SMS2003

I stumbled across this posting.  Sounds very interesting, I've repeated some of the contents of that post here:

PACKAGE CONTENTS:

This release includes 7 command-line tools:

1. Management Point Ping Tool (MPPing.exe)
This tool provides basic diagnostics of Management Point status. Targets Management Points are tested by initiating a MPLIST and MPCERT. Although this can be done manually, this MPPing makes it very easy.

2. Site Information Tool (SiteInfo.exe)
Displays site information for a specified site; including site boundaries, site addresses, inbox item counts, type 2 site control serial numbers, client push installation accounts.

3. Package Information Tool (PkgInfo.exe)
Displays package information for a specified package; including package size, distribution point status, programs including dependencies and advertisements linked to each package program.

4. Distribution Point Mod Tool (DPMod.exe)
DPMod allows addition and removal of packages to distribution points. Also allows you to mirror a distribution point from an existing distribution point (useful for new distribution points).

5. Site Control File Check Tool (SCFCheck.exe)
Displays Site Control File serials for each site in the hierarchy. This tool can be used to quickly identify type 2 flagged Site Control Files for all sites in the hierarchy.

6. Site Services Tool (SiteSvc.exe)
Controls SMS services and threads remotely using the command-line. Allowing you to stop, start and restart threads that are inaccessible through the Services MMC.

7. Collection Membership Tool (CMember.exe)
Add direct membership to a collection for system, user and group resources. Names of resources can be specified, imported from a list or a regular expression.

Mof extension to get Physical Hard Drive Serial Number

In either ConfigMgr or SMS, add this mof snippet to sms_def.mof in inboxes\clifiles.src\hinv on your primary sites.  Note for the SMS2003 admins: no mofcomp'ing required on your clients; this is a server-side only edit.

[ SMS_Report     (TRUE),
  SMS_Group_Name ("Physical Media"),
  SMS_Class_ID   ("CUSTOM|PHYSICAL_MEDIA|1.0") ]

class Win32_PhysicalMedia : SMS_Class_Template
{
    [SMS_Report (TRUE)     ]        string     SerialNumber;
    [SMS_Report (TRUE), key]        string     Tag;
};

Sample Report; remember to add the prompt for ComputerName

select distinct sys.netbios_name0, dsk.Model0,
Phys.Tag0, Phys.SerialNumber0 from v_gs_physical_media0 as Phys
inner join v_r_system as sys on sys.resourceid=phys.resourceid
inner join v_gs_disk as dsk on Phys.resourceid=dsk.resourceid
where
sys.netbios_name0 = @ComputerName
and dsk.deviceid0=Phys.tag0
order by Phys.tag0 

ResourceExplorerSample, ReportSample

Hardware Inventory Action missing on ConfigMgr Client

Other than the obvious (you didn't enable Hardware Inventory in the console, Client Agents), if on your client the Hardware Inventory action is missing, the issue may be a misconfigured hardware inventory MOF file, configuration.mof, on your primary site.

I've had this happen twice in the lab, the first time I didn't write down what I did to fix it, but this second time--which took me just as long or longer to find the problem--I'm writing it down!

Although it's possible I haven't found other mis-configurations that would result in HW Inv policy causing the client to simply disable the policy completely, in this case the problem was in my additional MOF snippet, in configuration.mof, I was looking for specific regkeys.  When you do that, there is the top section which sets up what the values are going to be, and the bottom section tells the client where to go get those values in HKLM.

For example (Note; grabbed this sample from the ConfigMgr MOF snippets at sccmexpert.com, just using them as an example--and I've deliberately messed it up to illustrate the example):

[DYNPROPS]
Class Norton_Symantec
{
  [key] string  Component;
        string  NavPath;
        string  NavParent;
        string  NavPatternName;
        string  LicenseNumber;
        uint32  ParentPattern;
        uint32  PatternFileRevision;
        uint32  PatternFileSequence;
        uint32  ProductVersion;
        string  ScanEngineVendor;
        uint32  ScanEngineVersion;
        uint32  UsingPattern;
        string  VirusEngine;
        string  Nav7SAV8Defs;
        string  DefWatch10;
};

//`'`*._.*`'`*-
//  Instance of Extended_Norton_Symantec_Anti-Virus
//`'`*._.*`'`*-

[DYNPROPS]
instance of Norton_Symantec

{
  Component = "Norton/Symantec AntiVirus Definition File Data";
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Symantec\\InstalledApps|NAVNT"),Dynamic,Provider("RegPropProv")] NavPath;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Intel\\LANDesk\\VirusProtect6\\CurrentVersion|Parent"),Dynamic,Provider("RegPropProv")] NavParent;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Intel\\LANDesk\\VirusProtect6\\CurrentVersion|CurrentPatternName"),Dynamic,Provider("RegPropProv")] NavPatternName;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Intel\\LANDesk\\VirusProtect6\\CurrentVersion|LicenseNumber"),Dynamic,Provider("RegPropProv")] LicenseNumber;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Intel\\LANDesk\\VirusProtect6\\CurrentVersion|ParentPattern"),Dynamic,Provider("RegPropProv")] ParentPattern;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Intel\\LANDesk\\VirusProtect6\\CurrentVersion|PatternFileRevision"),Dynamic,Provider("RegPropProv")] PatternFileRevision;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Intel\\LANDesk\\VirusProtect6\\CurrentVersion|PatternFileSequence"),Dynamic,Provider("RegPropProv")] PatternFileSequence;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Intel\\LANDesk\\VirusProtect6\\CurrentVersion|ProductVersion"),Dynamic,Provider("RegPropProv")] ProductVersion;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Intel\\LANDesk\\VirusProtect6\\CurrentVersion|ScanEngineVendor"),Dynamic,Provider("RegPropProv")] ScanEngineVendor;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Intel\\LANDesk\\VirusProtect6\\CurrentVersion|ScanEngineVersion"),Dynamic,Provider("RegPropProv")] ScanEngineVersion;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Intel\\LANDesk\\VirusProtect6\\CurrentVersion|UsingPattern"),Dynamic,Provider("RegPropProv")] UsingPattern;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Intel\\LANDesk\\VirusProtect6\\CurrentVersion|VirusEngine"),Dynamic,Provider("RegPropProv")] VirusEngine;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Symantec\\SharedDefs|NAVNT_50_AP1"),Dynamic,Provider("RegPropProv")] Nav5Defs;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Symantec\\SharedDefs|NAVCORP_70"),Dynamic,Provider("RegPropProv")] Nav7SAV8Defs;
  [PropertyContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Symantec\\SharedDefs|DEFWATCH_10"),Dynamic,Provider("RegPropProv")] DefWatch10;
};

Looks fine, right?  What could be wrong with that?! After way too much time looking and looking at the lab sample, I finally spotted it.  The bottom, the Instance section, is looking for Nav5Defs.  But in the top section, I neglected to put in a string Nav5Defs.  Fixed that, drop the configuration.mof into the inboxes\clifiles.src\hinv, watch dataldr.log to be sure it's not rejected, a couple of policy refreshes on the client; and about 5 minutes later the Hardware Inventory action came back.

How to gather Monitor Information like Serial Number

I see this question arise often enough in the forum. I thought I'd blog what I think I know so I can just point people here instead of retyping!

Before we get to serial number, if the information you are looking for are the Monitor's Manufacturer, or the pixels set (1024x768) that is an existing class in sms_def.mof.  Out of the box, those details are on by default.

If for asset tracking reasons you are asked to find monitors by serial number (although sometimes a college student with a clipboard for minimum wage might work just as well!) there are 4 methods I know of.  If there are others, I apologize.

In no particular order:

• http://www.enhansoft.com, Monitor Information Reporting (MIR)
• http://www.toptechnologies.com/prod_edid.aspx?displaylang=en, EDID
• http://entechtaiwan.net/util/moninfo.shtm, Monitor Asset Manager
• http://www.myitforum.com/forums/m.asp?m=183273, a script

The top 3 are for-pay; just contact each vendor for a demo.  The last one is a script -- recently written -- that may do a better job than the previously available monsernum.vbs script.  (monsernum.vbs was questionable in my environment)  If you decide to go forward with the free one, remember you get what you pay for.  It hasn't been thoroughly tested, where the top 3 have been around for years.

Script to set ConfigMgr Client's 'Install required updates on a schedule'

This came out of the SDK:

on error resume next
'From ConfigMgr07 SDK
'Parameters:
'First parameter is the day
'0=none, 1=Sunday, 2=Monday, 3=Tuesday, 4=Wednesday
'5=Thursday, 6=Friday, 7=Saturday, 8=Daily
'2nd Paramter is the time, 0 through 23
newRecurrence = wscript.arguments(0)
newHour = wscript.arguments(1)
set updatesDeployment = CreateObject ("UDA.CCMUpdatesDeployment")
updatesDeployment.SetUserDefinedSchedule newRecurrence, newHour
wscript.quit

As examples, NameOfTheScript.vbs 8 03 would be Daily, 3 am.  NameOfTheScript.vbs 7 23 would be Saturdays, 11 p.m.  If you need to disable the schedule, it's NameOftheScript.vbs 0

If you look at a client, their local Configuration Management applet, on the Updates tab an individual could set a schedule.  This script allows you to set that schedule via a vbscript advertisement.  I'm hoping (still haven't sent this to production yet, so YMMV) that by implementing this script I can appease the conflicting requirements of allowing for long periods before Software Updates are required, yet set installation times for different computers based on roles and get to 97% hotfix deployment quickly.

User AD Info - Ron Crumbaker Web Console 3.21

After seeing Hector's post, that reminded me I had added a similar button to Ron's console.  Either one will work.  If you notice that results returned from the original query take several seconds, you might want to try this one.  I noticed in my environment it was because the script needs to query every domain controller in order to determine last logged in time or last failed login time.  I added a prompt asking if they need that information returned.  Only if the tech wants that information will every DC be queried otherwise that section is skipped.

1. Copy machrest.asp elsewhere for paranoia
2. Edit MachRest.asp, near other button definitions (near the top) (but I suggest under the User Lookup button) add
   <input style="WIDTH: 180px" type="button" value="AD Info" name="Btnl735">
3. Add the contents of the attached .txt near the bottom; just after all of the other Sub / End Sub routines.

ConfigMgr 2007 Mof Snippets for extending Hardware Inventory

On www.sccmexpert.com, they have recently posted an update to the Individual MOF collection which was originally for SMS2003.  They've been updated to be ConfigMgr - friendly.  Go there, click on "The Mof", Mof Tools, then "Get the Scripts" (note; you may have to sign up on their web site--but it's quick & free).  Then grab "ConfigMgr MOF Snippets".

With SMS 2003 (and earlier), extending hardware inventory has been essentially the same; you add specifically crafted text to sms_def.mof on the server, and if data objects were needed, you "mofcomp'd" those data object text files on your clients.  With ConfigMgr 2007, it is just different enough to possibly be a little confusing.  I'll try to clear up any confusion.

In ConfigMgr 07, on the server in inboxes\clifiles.src\hinv, there are two mof files:  sms_def.mof and configuration.mof

You can of course leave them alone, but if you've 'extended hardware inventory' with SMS2003, or you've heard of doing this and want to do so, in a nutshell, in sms_def.mof if you were to add specifically crafted text to the bottom-- specifically the bits that make up the "Report" section, (the section with TRUE or FALSE in them), that would update the Hardware Inventory policy which your MPs offer to clients.  Once the clients pick up that from the MP, their next Hardware Inventory they'll try to report.

In configuration.mof at the bottom, you would add the bits that make up the "data" section.  I like to think of it as "telling the client how to report on what the policy is asking for".  For example, the Hardware Inventory policy may ask for McAfee AntiVirus information, because you just added that snippet to the bottom of sms_def.mof.  But a client won't know "how" to report on that custom data without instructions.  Configuration.mof is where you tell the client to pull that information from 'these specific registry keys'.

If you're just starting out with ConfigMgr, you can ignore these next 2 pieces of information... If you're a SMS2003 admin, just a couple things to help clear things up.  #1) Mofcomp.  Forget about it.  You know what I'm talking about!  Configuration.mof does all the work for you.  #2) In the snippets, you may notice a decided lack of a line you were used to seeing in the mof snippets for SMS2003, the #pragma namespace lines.  Since sms_def.mof is now only for cimv2/sms namespace, and configuration.mof is only for the cimv2 namespace, those lines to tell the mof "The next section is for this namespace" are just redundant and not needed.

Outlook 2003 - Locally saved .oft Organizational Forms Library forms cannot be opened

One way to replace the hardware for a Secondary Site

If you've got the political climate I do, where the corporate policy is to work on production server replacements during off hours, and that conflicts with your personal policy of "get to bed sometime before 1 am would be great", I've used this method for several Secondary Site hardware lease returns; my personal best time was 2.5 hours, but it usually takes me ~4 hrs (presuming all the 'prior to shipping hardware' tasks could be done ahead of time.  I've used this method extensively w/SMS2003, haven't had a chance to test it yet w/ConfigMgr.

Tools needed:

1. Preinst.exe from SMS 2003 Toolkit 2 http://www.microsoft.com/smserver/downloads/2003/tools/toolkit.mspx
2. PreLoadPkgonSite also from SMS 2003 Toolkit 2
3. CloneDP, installed (pre-req of .Net 2) http://sourceforge.net/projects/smsclonedp/
4. Script or method to enumerate .pkg files in X:\smspkg
5. MPTroubleshooter also from SMS2003 Toolkit 2

Resources needed locally on the new server:

1. SMS 2003 Setup files
2. If secondary is to be a proxy MP, setup files for the Operating System
3. Restored or copied from old server, X:\smspkg
4. Restored or copied from old server, X:\smspkgx$ **  (Any steps marked with a ** are optional, see footnote)

Resources needed remotely:

Rights and ability to remote into any primary sites above the secondary site to be replaced.

Timeline - There are 4 time frames

1. Tasks that can done before the new hardware is shipped to the destination; but could also be done once hardware arrives at new location.
2. Tasks done after the new hardware has arrived.
3. Work done after SMS 2003 reinstalled
4. Follow up the next day.

Prior to shipping hardware

1. From a local Distribution Point, copy \\otherserver\x$\smspkg to x:\smspkg

2. From a local Distribution Point, copy \\otherserver\x$\smspkgx$ to x:\smspkgx$ **

3. Copy SMS 2003 setup files to x:\SMSTools\setup

4. Copy PreloadPkgonSite.exe to x:\SMSTools

5. Copy PreloadBuild.vbs to x:\SMSTools

The above steps could also be done once the hardware arrives at the destination, or restored from backup--if you backup your secondary (which we don't normally)

Hardware arrived

1. Optional: if you copied smspkg & smspkgx$ over from ServerOld to ServerNew a significant time ago, you may want to do a Delta copy just before starting.  Otherwise, if you preloadpkgonsite of an old version of a pkg file, those packages will need to be re-replicated from the parent. 

2. On Current Server, Disable the SMS Services so they do not launch automatically following a reboot.

3. Rename current Server to ServerName_OLD, change IP address from static to dhcp. Reboot.

4. On new hardware, rename to ServerName, change IP from dhcp to static. Reboot.

5. Install IIS with BITS. If IIS had been installed under the old name, uninstall IIS, then reinstall IIS. This is to ensure the iis usernames are defined correctly.

6. Follow the EdNet instructions for removing the Secondary Site from the Primary Site(s) databases, and deleting any jobs. These instructions use the preinst.exe toolkit tool at the Primary Site, and Query Analyzer. (http://www.myitforum.com/articles/1/view.asp?id=5355)

7. Remove the SMS entries for the server in Active Directory for the server itself, and for the MP record. (in the OU System\System Management, SMS-Site-xxx, and SMS-MP-xxx-ServerName)
   

8. At the Primary Site(s), remove the Standard Sender Address for the secondary site.  Wait a minute or so.

9. At the Primary Sites(s), create a new Standard Sender Address for the secondary site.
   

10. At the secondary site, unshare smspkge$ & rename to smspkge_old (you’ll move files later)**

11. At the secondary site, install SMS from smstools\...\setup.exe, Advanced Security, Remote Tools enabled.

12. Monitor sms\logs\*.log files for errors

13. Monitor Active Directory Users and Computers, the OU System/System Management, for SMS-Site-Rxx to appear.

14. At the direct Primary site, refresh Site hierarchy occasionally. When you see the site reappear, configure boundaries, Addresses, client Agents, Discovery Methods. Configure Site Systems to be a Management Point, and Distribution Point with BITS.

15. At the secondary site, monitor sms\logs\mpsetup.log for success/failure.
    If failed, stop and troubleshoot. Multiple problems can occur with this step. Too many to detail here.
    If success, run the MP troubleshooter to verify.

SMS Reinstalled

1. Push down 1 (smallish) package. Monitor the Secondary Site recreating smspkge$ share, and putting the new package in there.

2. Highlight all the folders in smspkge_old, and verify the ntfs permissions match what they should be in the new smspkge$. Reset as necessary. Once satisfied permissions are correct, Move all the folders (except the new one you just had rebuilt) to the new smspkge$. You can delete smspkge_old when done (there should only be 1 folder left). **

3. At the secondary, go to a command prompt. CD to x:\smspkg Pick 1 package. Type in x:\smstools\preloadpkgonsite PackageID (without the .pkg extension, i.e., x:\smstools\preloadpkgonsite TST00012)

4. A success message looks like this:
   Forward package status for pkg C0100012 to site C01
   ****** Successfully set the Compressed Package Path on this site ******
   ****** Successfully forwarded the information up the hierarchy ******
   
   If you got a different message (a failure message), try a different package. If all Packages fail, you may need to check that *.pkg are all Read-only.

5. Following the success message, monitor distmgr.log on the Secondary to confirm that package's info has been sent.

6. At the Central Site, add the (new) Secondary site distribution point to that 1 package.

7. Monitor Sender.log at the server(s). Monitor Package Status at the Primary Site server(s).

8. Once you are satisfied the process works, use this script to create a batch file in e:\smspkg to run preloadpkgonsite against all the .pkg files.

9. Create a preloadbuild.vbs file with the below in e:\smstools. Then start, run wscript e:\smstools\preloadbuild.vbs
   The script (correct the variables for your environment/server; the E: drive may not be correct for you):
   
   set fso = wscript.CreateObject("Scripting.FileSystemObject")
   set fo = fso.getFolder("e:\smspkg")
   set fc = fo.Files
   set TheFile = fso.createtextfile("e:\smspkg\preload.bat",True)
   For each file in fc
    TheArray = Split(file,"\", -1, 1)
    StrNameToLoad = Left(TheArray(2),8)
    theFile.writeline "e:\smstools\preloadpkgonsite " & strNameToLoad & " >> e:\smstools\preload1.txt"
   next
   TheFile.Close

10. Now that you have a e:\smspkg\preload.bat, go to a cmd prompt, and switch to e:\smspkg. Type in preload.bat, and wait.

11. When it is done, open up e:\smstools\preload1.txt and verify the majority of the entries are “successfully forwarded”. It’s OK if there are a few errors, but if all are errors, there may be a problem.

12. Watch distmgr.log on the secondary; wait for it to complete sending up packages (how long depends upon how many packages you have, this can take quite a while for me).

13. After waiting, add the new DP to a package at the Central Site, and confirm via watching sender.log that the entire package is indeed NOT being replicated downward.

14. Once you’ve confirmed that, run CloneDP, and pick a similar Secondary Site to Clone to the new one. It may take quite a while for CloneDP to go through the entire list of packages to Clone. This is normal; just wait.

 CloneDP usage

1. Launch
2. SMS Primary Site Server = your Primary Site Server that has the packages, OK
3. Select an existing Distribution Point, pick a Site Code, a DP, drag & drop the server name to the Packages Source List
4. Select Destination of the new site
5. Click “Assign Packages to DP”.
6. This is the point where "waiting" begins; or the "go to bed and check on it in the morning" step!

 Follow up the Next day

1. The following day, check Package Status. For any packages that appear not to have worked, you may need to update all Distribution Points for that 1 package.

 ** Why are these optional?  In our environment, if for some reason there is an "emergency" software installation which may need to occur before a Secondary can be fully rebuilt, the local technicians can browse to the smspkgx$ share, the folder, and manually install software.  For that reason, we copy over the smspkgx$ folders, etc.  As SMS unpacks the .pkg files into smspkgx$, the folders are replaced.

MVP - 2008

I got an email (anxiously awaited for) that I've been awarded MVP status for another year.  I'm honored to be among such excellent company.  If you look at the list, most of them have written books, tools, or devote a good chunk of their lives to running a web site.

Security Certificates, Trusted Publishers, and ClickOnce Apps

Report on Local Administrators Group membership - updated

Ward Lange's original mof edit works great for 2000 and xp; but for Windows 2003 servers and Vista, the "BUILTIN" needed to be replaced with the local computer's name.  Unfortunately, I have yet to hear of a way to use a dynamic variable in the MOF.

Mike Seely posted a script on the forum. With his permission I've used it to show a different method to gather the contents of the local Administrators group.

• Edit inboxes\clifiles.src\hinv\sms_def.mof.  At the very bottom, add these lines.  These are identical to Ward Lange's mof edit, so if you've already implemented that one, no need to change anything.
  [ SMS_Report (TRUE),SMS_Group_Name ("LocalAdmins"),SMS_Class_ID ("MICROSOFT|LocalAdmins|1.0")]
  class Win32_LocalAdmins : SMS_Class_Template
  {
  [SMS_Report(TRUE), key] string AccountName;
  [SMS_Report(TRUE), key] string GroupName;
  };
• Do not add anything to Configuration.mof.  If you've previously implemented Ward Lange's, remove the section from configuration.mof.  If you are on SMS2003 (not configMgr) and have already implemended Ward Lange's edit, you will want to remove the data section, leaving just the reporting section (the section above).
• Attached is a .txt file; rename it to .vbs.  Place it in a Source folder, and create a package/program for it, to run whether or not user logged in. 
• The Collection Query I suggest using for the advertisement is this, I'd set it to be recurring every few days so if a machine loses the WMI information somehow, it gets it back.
  
  select SMS_R_SYSTEM.ResourceID
  from SMS_R_System
  where
  SMS_R_System.ResourceId not in
   (select SMS_R_System.ResourceId
    from  SMS_R_System
    inner join SMS_G_System_LOCALADMINS on SMS_G_System_LOCALADMINS.ResourceID = SMS_R_System.ResourceId
    where SMS_G_System_LOCALADMINS.AccountName is not null)

So, what does this combination do?  The sms_def.mof edit will set your hardware inventory policy to report on local administrators group membership.  The vbscript advertisement will create the WMI data entry using the computer name.  It doesn't really matter if configuration.mof built it or something else built it--once it's there, Hardware Inventory policy will be able to use it.

A sample report to use once you have this data:

select distinct Name0 as 'Computer Name', substring(AccountName0,charindex('Domain=',Accountname0)+8,(charindex('Name=',Accountname0)-charindex('Domain=',Accountname0)-10)) as 'Domain Name', substring(AccountName0,len(AccountName0)-charindex('"',reverse(AccountName0),2)+2,charindex('"',reverse(AccountName0),2)-2) as 'User Name'
from v_GS_SYSTEM INNER JOIN v_GS_LocalAdmins ON v_GS_SYSTEM.ResourceID = v_GS_LocalAdmins.ResourceID where (AccountName0 not like '%Administrator%' AND AccountName0 not like '%Domain Admins%')

Note 1: The vbscript specifically looks for members of the 'Administrators' group.  If you have alternate groups you need to look for, like Administrateurs, or Administraten, modify the script.

Note 2: The vbscript is currently specifically for x86; it will need adjusting to work on x64 OS'

Original article (includes screenshots of what the sample report looks like): http://www.myitforum.com/articles/8/view.asp?id=9735

MDT 2008 Tattoo mof edit

By request, and untested, the tattoo placed in the registry for the HKLM\software\deployment 4\Deployment Method string regkey. 

//`'`*._.*`'`*-
//  Reporting Class - for ConfigMgr, put this section in sms_def.mof
//`'`*._.*`'`*-
 
 [SMS_Report(TRUE), SMS_Group_Name("MDT2008 Tattoo"),SMS_Class_ID("Microsoft|MDT2008_Tattoo|1.0")]
 class MDT2008_Tattoo : SMS_Class_Template
{
 [SMS_Report(TRUE),key] string KeyName;
 [SMS_Report(TRUE)]     string DeploymentMethod;
};

//`'`*._.*`'`*-
//  Data Class - for ConfigMgr, put this section in configuration.mof
//`'`*._.*`'`*-