Thursday, December 18, 2014
SCCM 2012 Detection Methods
Be careful with the SCCM 2012 Detection Method. It uses a similar WMI query to below to determine whether the specified ProductCode GUID is present on a machine. If something somewhere does not match up it will play havoc with your deployments especially if this is incorrectly specified for prerequisite packages.
powershell command
Get-WmiObject -Namespace root\ccm\CIModels -Class CCM_MSIProduct | Sort-Object ProductName |Format-Table ProductName,ProductCode,ProductVersion
Spoofing Detection
It is possible to fool SCCM into thinking that an MSI in installed when it is not. Effectively, this spoofs the SCCM MSI detection.
To do this you need to identify the remixed product code GUID that is used in the registry. e.g.
This product code guid
{BD2F44B4-985B-4CCA-A4E7-A2B0AE45442B}
is remixed (rehashed?) to
4B44F2DBB589ACC44A7E2A0BEA5444B2
The coloring shows the related sections of the GUID and how they are remixed.
Install the MSI that SCCM is trying to detect on to a test machine.
Export the following registry keys to separate reg files.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\<remixed GUID>
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\<remixed GUID>
Importing the above keys to a target machine will fool SCCM into thinking the MSI is installed.
These keys (x64) control the display in Programs and Features but they are not needed for detection spoofing.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BD2F44B4-985B-4CCA-A4E7-A2B0AE45442B}
Slightly odd: If the spoofing keys are in place and you run a manual install from the same source specified in the spoof keys, then Windows Installer performs an UNINSTALL
The same install command run again then runs an INSTALL.
Tuesday, December 9, 2014
Microchip MPLAB X IDE v2.20 launch failure
Microchip MPLAB X IDE v2.20 would fail to launch on some machines/users. No dialogs or errors appear, just nothing happens. javaw.exe would start and then stop in the processes list. This issue was difficult to troubleshoot initially because some unknown aspect of the environment could prevent launch. There was no detectable consistancy between users and machines. Some users would work on some machines not others. Some machine installations would work for any logged on users, some would not.
Attempting a launch in a command window produced a message:
inside your NetBeans installation directory (C:\Program Files\Microchip\MPLABX\m
plab_ide).
The page above mentions using a --userdir launch parameter. This was found to resolve the issue.
"C:\Program Files (x86)\Microchip\MPLABX\mplab_ide\bin\mplab_ide.exe" --userdir %USERPROFILE%\.mplab-ide
Note the preceeding period (.) at the beginning of the folder name!
Tuesday, December 2, 2014
App-V 5 Connection Groups COM Mode
DeploymentConfigs for App-V 5 packages arranged in a connection group should have the COM Mode section edited
Default
<COM Mode="Isolated">
<IntegratedCOMAttributes OutOfProcessEnabled="true" InProcessEnabled="false" />
</COM>
Connection Group mods:
<COM Mode="Integrated">
<IntegratedCOMAttributes OutOfProcessEnabled="true" InProcessEnabled="true" />
</COM>
More on COM Mode
https://blogs.technet.microsoft.com/virtualshell/2016/05/06/app-v-5-com-mode-functionality/
https://blogs.technet.microsoft.com/gladiatormsft/2013/09/11/app-v-on-com-isolation-and-interaction/
Friday, November 28, 2014
Word / Office NoReReg
In some circumstances office applications may attempt to reregister and do self repairs sometimes or all the time at launch. To prevent re-registration behaviour set this key
[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Options]
"norereg"=dword:00000001
SCCM 2012 Client Tools
System Center 2012 R2 Configuration Manager Toolkithttp://www.microsoft.com/en-gb/download/details.aspx?id=36213
Client Center for ConfigurationManager
SCCM 2012 and its client logs.
Abbreviated List of SCCM 2012 Client log files - see technet link below for full list.
Technical Reference for Log Files in Configuration Managerhttp://technet.microsoft.com/en-us/library/hh427342.aspx#BKMK_ClientLogs
AppIntentEval.log
Records details about the current and intended state of applications, their applicability, whether requirements were met, deployment types, and dependencies.
AppDiscovery.log
Records details about the discovery or detection of applications on client computers.
AppEnforce.log
Records details about enforcement actions (install and uninstall) taken for applications on the client.
CAS.log
Content Access service. Maintains the local package cache on the client.
Ccm32BitLauncher.log
Records actions for starting applications on the client marked as "run as 32bit".
CcmEval.log
Records Configuration Manager client status evaluation activities and details for components that are required by the Configuration Manager client.
CcmEvalTask.log
Records the Configuration Manager client status evaluation activities that are initiated by the evaluation scheduled task.
CcmExec.log
Records activities of the client and the SMS Agent Host service. This log file also includes information about enabling and disabling wake-up proxy.
CcmMessaging.log
Records activities related to communications between the client and management points.
Ccmsdkprovider.log
Records the activities of the application management SDK.
CcmRestart.log
Records client service restart activity.
CIDownloader.log
Records details about configuration item definition downloads.
CITaskMgr.log
Records tasks that are initiated for each application and deployment type, such as content download or install or uninstall actions.
ClientAuth.log
Records the signing and authentication activity for the client.
ClientLocation.log
Records tasks that are related to client site assignment and management point assignment.
CMHttpsReadiness.log
Records the results of running the Configuration Manager HTTPS Readiness Assessment Tool. This tool checks whether computers have a PKI client authentication certificate that can be used for Configuration Manager.
ContentTransferManager.log
Schedules the Background Intelligent Transfer Service (BITS) or the Server Message Block (SMB) to download or to access packages.
DataTransferService.log
Records all BITS communication for policy or package access.
execmgr.log
Records details about packages and task sequences that run on the client. This log also shows domain\user which is logged on.
FileSystemFile.log
Records the activity of the Windows Management Instrumentation (WMI) provider for software inventory and file collection.
FSPStateMessage.log
Records the activity for state messages that are sent to the fallback status point by the client.
InventoryAgent.log
Records activities of hardware inventory, software inventory, and heartbeat discovery actions on the client.
LocationCache.log
Records the activity for location cache usage and maintenance for the client.
LocationServices.log
Records the client activity for locating management points, software update points, and distribution points.
MaintenanceCoordinator.log
Records the activity for general maintenance task activity for the client.
PolicyAgent.log
Records requests for policies made by using the Data Transfer service.
PolicyAgentProvider.log
Records policy changes.
PolicyEvaluator.log
Records details about the evaluation of policies on client computers, including policies from software updates.
PolicyPlatformClient.log
Records the process of remediation and compliance for all providers located in %Program Files%\Microsoft Policy Platform, except the file provider.
PolicySdk.log
Records activities for policy system SDK interfaces.
SCClient_<domain>@<username>_1.log
Records the activity in Software Center for the specified user on the client computer.
SCClient_<domain>@<username>_2.log
Records the historical activity in Software Center for the specified user on the client computer.
Scheduler.log
Records activities of scheduled tasks for all client operations.
SCNotify_<domain>@<username>_1.log
Records the activity for notifying users about software for the specified user.
SCNotify_<domain>@<username>_1-<date_time>.log
Records the historical information for notifying users about software for the specified user.
setuppolicyevaluator.log
Records configuration and inventory policy creation in WMI.
smscliui.log
Records usage of the Configuration Manager client in Control Panel.
Smsts.log
Records task sequence activities.
SrcUpdateMgr.log
Records activity for installed Windows Installer applications that are updated with current distribution point source locations.
StatusAgent.log
Records status messages that are created by the client components.
ScanAgent.log
Records details about scan requests for software updates, the WSUS location, and related actions.
SdmAgent.log
Records details about tracking of remediation and compliance. However, the software updates log file, Updateshandler.log, provides more informative details about installing the software updates required for compliance.
This log file is shared with compliance settings.
SoftwareCenterSystemTasks.log
Records the activities for Software Center prerequisite component validation.
UpdatesDeployment.log
Records details about deployments on the client, including software update activation, evaluation, and enforcement. Verbose logging shows additional information about the interaction with the client user interface.
UpdatesHandler.log
Records details about software update compliance scanning and about the download and installation of software updates on the client.
UpdatesStore.log Records details about compliance status for the software updates that were assessed during the compliance scan cycle.
Content Access service. Maintains the local package cache on the client.
Ccm32BitLauncher.log
Records actions for starting applications on the client marked as "run as 32bit".
CcmEval.log
Records Configuration Manager client status evaluation activities and details for components that are required by the Configuration Manager client.
CcmEvalTask.log
Records the Configuration Manager client status evaluation activities that are initiated by the evaluation scheduled task.
CcmExec.log
Records activities of the client and the SMS Agent Host service. This log file also includes information about enabling and disabling wake-up proxy.
CcmMessaging.log
Records activities related to communications between the client and management points.
Ccmsdkprovider.log
Records the activities of the application management SDK.
CcmRestart.log
Records client service restart activity.
CIDownloader.log
Records details about configuration item definition downloads.
CITaskMgr.log
Records tasks that are initiated for each application and deployment type, such as content download or install or uninstall actions.
ClientAuth.log
Records the signing and authentication activity for the client.
ClientLocation.log
Records tasks that are related to client site assignment and management point assignment.
CMHttpsReadiness.log
Records the results of running the Configuration Manager HTTPS Readiness Assessment Tool. This tool checks whether computers have a PKI client authentication certificate that can be used for Configuration Manager.
ContentTransferManager.log
Schedules the Background Intelligent Transfer Service (BITS) or the Server Message Block (SMB) to download or to access packages.
DataTransferService.log
Records all BITS communication for policy or package access.
execmgr.log
Records details about packages and task sequences that run on the client. This log also shows domain\user which is logged on.
FileSystemFile.log
Records the activity of the Windows Management Instrumentation (WMI) provider for software inventory and file collection.
FSPStateMessage.log
Records the activity for state messages that are sent to the fallback status point by the client.
InventoryAgent.log
Records activities of hardware inventory, software inventory, and heartbeat discovery actions on the client.
LocationCache.log
Records the activity for location cache usage and maintenance for the client.
LocationServices.log
Records the client activity for locating management points, software update points, and distribution points.
MaintenanceCoordinator.log
Records the activity for general maintenance task activity for the client.
PolicyAgent.log
Records requests for policies made by using the Data Transfer service.
PolicyAgentProvider.log
Records policy changes.
PolicyEvaluator.log
Records details about the evaluation of policies on client computers, including policies from software updates.
PolicyPlatformClient.log
Records the process of remediation and compliance for all providers located in %Program Files%\Microsoft Policy Platform, except the file provider.
PolicySdk.log
Records activities for policy system SDK interfaces.
SCClient_<domain>@<username>_1.log
Records the activity in Software Center for the specified user on the client computer.
SCClient_<domain>@<username>_2.log
Records the historical activity in Software Center for the specified user on the client computer.
Scheduler.log
Records activities of scheduled tasks for all client operations.
SCNotify_<domain>@<username>_1.log
Records the activity for notifying users about software for the specified user.
SCNotify_<domain>@<username>_1-<date_time>.log
Records the historical information for notifying users about software for the specified user.
setuppolicyevaluator.log
Records configuration and inventory policy creation in WMI.
smscliui.log
Records usage of the Configuration Manager client in Control Panel.
Smsts.log
Records task sequence activities.
SrcUpdateMgr.log
Records activity for installed Windows Installer applications that are updated with current distribution point source locations.
StatusAgent.log
Records status messages that are created by the client components.
ScanAgent.log
Records details about scan requests for software updates, the WSUS location, and related actions.
SdmAgent.log
Records details about tracking of remediation and compliance. However, the software updates log file, Updateshandler.log, provides more informative details about installing the software updates required for compliance.
This log file is shared with compliance settings.
SoftwareCenterSystemTasks.log
Records the activities for Software Center prerequisite component validation.
UpdatesDeployment.log
Records details about deployments on the client, including software update activation, evaluation, and enforcement. Verbose logging shows additional information about the interaction with the client user interface.
UpdatesHandler.log
Records details about software update compliance scanning and about the download and installation of software updates on the client.
UpdatesStore.log Records details about compliance status for the software updates that were assessed during the compliance scan cycle.
WUAHandler.log
Records details about the Windows Update Agent on the client when it searches for software updates.
Client
Wednesday, November 26, 2014
Web Links
SCCM
Technical Reference for Log Files in Configuration Managerhttp://technet.microsoft.com/en-us/library/hh427342.aspx#BKMK_ClientLogs
Subscribe to:
Posts (Atom)