SCCM (Anglais)

KB: Configuration Manager clients reinstall every five hours because of a recurring retry task and may cause an inadvertent client upgrade

The Official Configuration Manager Support Team Blog -

A Microsoft System Center 2012 or System Center 2012 R2 client installation (CCMSetup) initially fails and causes a client retry task to be registered in Windows Task Scheduler. After the client installation succeeds, the retry task is not deleted as expected. Therefore, the clients continue to reinstall every five hours.

In this situation, if you upgrade the System Center 2012 Configuration Manager infrastructure to System Center Configuration Manager Current Branch or Long-Term Servicing Branch, and if you do not upgrade the System Center 2012 Configuration Manager clients, the scheduled retry task continues to force a client reinstallation every five hours.

The next time that CCMSetup runs, the clients find an updated management point or distribution point, and they reinstall the client software. This upgrades the clients to System Center Configuration Manager.

These continual upgrades occur outside the normal upgrade process that is configured by the administrator. This includes the client piloting feature.

We have a new KB that describes this issue and gives options to resolve it and prevent an unwanted client upgrade For more information please see the following:

4018655Configuration Manager clients reinstall every five hours because of a recurring retry task and may cause an inadvertent client upgrade (https://support.microsoft.com/en-us/help/4018655)

Update 1704 for the Tech Preview Branch of System Center Configuration Manager released

The Official Configuration Manager Support Team Blog -

We are happy to let you know that update 1704 for the Technical Preview Branch of System Center Configuration Manager has been released. Technical Preview Branch releases give you an opportunity to try out new Configuration Manager features in a test environment before they are made generally available. For information on this month’s new preview features, please see the following:

Update 1704 for Configuration Manager Technical Preview Branch – Available Now!

Update for System Center Configuration Manager version 1702, first wave is now available

The Official Configuration Manager Support Team Blog -

Administrators who opted in to the first (early) wave deployment for System Center Configuration Manager current branch, version 1702, have an update available in the Updates and Servicing node of the Configuration Manager console. This update, made available on April 13, 2017, addresses important late-breaking issues that were discovered during the final release process for version 1702. This update does not apply to sites that update or install a copy of version 1702 that was downloaded after April 5, 2017.

For more information, including the issues fixed, please see the following:

4018732Update for System Center Configuration Manager version 1702, first wave (https://support.microsoft.com/kb/4018732)

Known Issue with the Windows ADK for Windows 10, version 1703

The Official Configuration Manager Support Team Blog -

Author: Aaron Czechowski, Senior Program Manager, System Center Configuration Manager (@AaronCzechowski)

*** This post serves as a notification of this issue while we continue to investigate root cause and determine the proper fix. We will update this post when we have more information. ***

We are investigating an issue with the recently released Windows Assessment and Deployment Kit (ADK) for Windows 10, version 1703. When installing this version of the Windows ADK on a system with SecureBoot enabled, the Windows Program Compatibility Assistant will display the following warning:

Several files included with the Deployment Tools feature of the Windows ADK, including wimount.sys, are digitally signed with an older certificate which is considered “unsigned” by newer operating systems, and thus blocked when SecureBoot is enabled. The wimount.sys driver is used by DISM for mount operations which is used on the Configuration Manager site server to create and service boot images, as well as perform offline servicing operations on OS Image and OS Upgrade Packages.

For customers using Configuration Manager current branch version 1702 and deploying Windows 10, version 1703, the following workarounds are currently available:

  1. Use the prior version of the Windows ADK, version 1607, for working with Windows 10, version 1703 boot and OS images. This forward compatibility is supported for basic imaging operations (capture/apply). This is our primary recommendation to unblock customers that need to deploy Windows 10, version 1703, via traditional OS deployment methods (imaging). (NOTE: Windows 10 in-place upgrade and Windows 10 servicing do not use any Windows ADK components, thus those scenarios are unaffected by this issue.)
  2. Disable SecureBoot. While technically an option, it is not recommended in production environments as this increases the potential risk to the server.

We will update this post as more information is available.

Finding site systems on unsupported OSes

The Official Configuration Manager Support Team Blog -

As previously announced, Windows Server 2008 and 2008 R2 are not supported operating systems for a site server or most site system roles in Configuration Manager current branch version 1702.  You will not be able to upgrade to this version of Configuration Manager if there are site system roles running on Windows Server 2008 in your hierarchy.

To assist you with lifecycle and upgrade planning we have provided a sample SQL script that will help identify the site systems associated with the current site that are running on an unsupported operating system.  We suggest running the script for the following scenarios:

  • Prior to starting the upgrade to Configuration Manager current branch version 1702 to identify machines which may potentially block setup. The script should be run individually on the CAS and all the primary site servers.
  • During the upgrade process after running the pre-req checker if you have received the unsupported OS warning or failure. You can run the script on the SQL Server of the site that received the warning or failure to help identify specific machines that are causing the pre-req check notifications.

e2e: Configuring a simple HTTP Reporting Services Point in Configuration Manager

The Official Configuration Manager Support Team Blog -

Previously I posted a blog for configuring reporting service point for “HTTPS” in ConfigMgr, but I have seen sometime people getting confused due to Certificates and URLs configuration when they are trying to configure it for HTTP (Simple) Reporting Service Point. The goal of this blog is to provide a step-by-step guide for configuring a Reporting Services Point in System Center Configuration Manager (on HTTP).

A brief introduction

Reporting in System Center 2012 Configuration Manager provides a set of tools and resources that help you use the advanced reporting capabilities of SQL Server Reporting Services (SSRS) and the rich authoring experience that Reporting Services Report Builder provides. Reporting helps you gather, organize, and present information about users, hardware and software inventory, software updates, applications, site status, and other Configuration Manager operations in your organization. Reporting provides you with a number of predefined reports that you can use without changes, or that you can modify to meet your requirements, and you can create custom reports.

SQL Server Reporting Services

SQL Server Reporting Services provides a full range of ready-to-use tools and services to help you create, deploy, and manage reports for your organization and programming features that enable you to extend and customize your reporting functionality. Reporting Services is a server-based reporting platform that provides comprehensive reporting functionality for a variety of data sources. Configuration Manager uses SQL Server Reporting Services as its reporting solution. Integration with Reporting Services provides the following advantages:

  • Uses an industry standard reporting system to query the Configuration Manager database.
  • Displays reports by using the Configuration Manager Report Viewer or by using Report Manager, which is a web-based connection to the report.
  • Provides high performance, availability, and scalability.
  • Provides subscriptions to reports that users can subscribe to; for example, a manager could subscribe to automatically receive an emailed report each day that details the status of a software update rollout.
  • Exports reports that users can select in a variety of popular formats.

In this example, we will use a scenario where my Report Server, SSRS (SQL Server Reporting Services) is locally hosted and the ConfigMgr Site Database is also located locally. However, you can have your Report Server at a Remote Site Server as well.

Verify and make sure that Report Server version and SCCM Database version is same, just to make sure that we don’t have any SQL compatibility issues.

Open Reporting Services Configuration Manager Console and check the version of SQL Report Server

Configuration of Report Server Database

Go to “Database” tab on ‘Reporting Services Configuration Manager Console’ NOTE If the Database is already created and configured at the time of SQL Reporting Service feature installation then skip this part (Database Configuration), else proceed accordingly for configuring the Report Server Database.

In my case the Database named “ReportServer_new” is already created and configured but I am proceeding with configuration of a New Database just so that you can see how this is done.

Click on ‘Change Database’

Select “Create a new report server database” and click ‘Next’

Provide the server name where the SCCM Database instance is hosted and click on ‘Next’

Provide the name of Report Server Database you want to create. Here I have provided the name “ReportServer.”

Provide the credentials as per your environment configuration. I suggest “Local System” as a good one to use.

Click ‘Next’ to complete the configuration.

Click ‘Finish’ to complete

Once the Report Database is created you can verify the same by opening the SQL Management Console on the Site Database Server:

Configuration of URLs

Go to “Web Service URL”. You will find that the URL is already created on Port:80 but is not active. To make it active click on “Apply”.

Once you click on ‘Apply’, it will be Active and will appear like below:

Go to “Report Manager URL” and do the same.

Both URLs are Active now. Browse the ‘Web Service URL’ to make sure it is working.

Installation of the Reporting Services Point role

Go ahead and add the ‘Reporting Service Point’ Role on the Server hosting SQL Reporting Services. In my case it’s the Primary Site Server.


IMPORTANT While adding the role make sure that you specify the following:

  • “SCCM Site Database Server Name” at ‘Site Database Server Name’ (Example: PRI1.contoso.local)
  • “SCCM Site Database Name” at ‘Database Name’ (Example: CM_PRI)
  • “Reporting Service Instance Name” at ‘Reporting Services Server Instance’ (Example: MSSQLSERVER)
  • Set the “User Name” (Example: Contoso\Administrator)

Below is the screen shot for the same:

Once the role is added you can verify the initiation of role installation and start of the Bootstrap Service in Sitecomp.log

Sitecomp.log

Starting bootstrap operations… SMS_SITE_COMPONENT_MANAGER 27-03-2017 17:27:33 38092 (0x94CC)         Installed service SMS_SERVER_BOOTSTRAP_PRI1. SMS_SITE_COMPONENT_MANAGER 27-03-2017 17:27:33 38092 (0x94CC)         Starting service SMS_SERVER_BOOTSTRAP_PRI1 with command-line arguments “PRI C:\Program Files\Microsoft Configuration Manager /install C:\Program Files\Microsoft Configuration Manager\bin\x64\rolesetup.exe SMSSRSRP “… SMS_SITE_COMPONENT_MANAGER 27-03-2017 17:27:33 38092 (0x94CC)           “C:\Program Files\Microsoft Configuration Manager\bin\x64\rolesetup.exe /install /siteserver:PRI1.CONTOSO.LOCAL” executed successfully on server PRI1.CONTOSO.LOCAL. SMS_SITE_COMPONENT_MANAGER 27-03-2017 17:28:09 38092 (0x94CC)         Bootstrap operation successful. SMS_SITE_COMPONENT_MANAGER 27-03-2017 17:28:09 38092 (0x94CC)         Deinstalled service SMS_SERVER_BOOTSTRAP_PRI1. SMS_SITE_COMPONENT_MANAGER 27-03-2017 17:28:09 38092 (0x94CC)       Bootstrap operations completed. SMS_SITE_COMPONENT_MANAGER 27-03-2017 17:28:09 38092 (0x94CC)

Verify that the role was added successfully by looking in SRSRPsetup.log

SRSRPSetup.log

<03/27/17 17:27:55> No versions of SMSSRSRP are installed.  Installing new SMSSRSRP. <03/27/17 17:27:55> Enabling MSI logging.  srsrp.msi will log to C:\Program Files\Microsoft Configuration Manager\logs\srsrpMSI.log <03/27/17 17:27:55> Installing C:\Program Files\Microsoft Configuration Manager\bin\x64\srsrp.msi SRSRPINSTALLDIR=”C:\Program Files\SMS_SRSRP” SRSRPLANGPACKFLAGS=0 <03/27/17 17:28:08> srsrp.msi exited with return code: 0 <03/27/17 17:28:08> Installation was successful. <03/27/17 17:28:08> Installation was successful.

Once the role installation is successful, look in the SRSRP.log and verify the HTTP URL you created. Also verify the SSRS Instance Version as well as the creation of the Source Folder and Data Source:

Once all of the above things are verified and configured, it will start creating respective Folders of those reports and deploying Reports:

Once all the reports are deployed it will check the SRS Web Service health and keep checking at regular intervals:

Now you can go ahead and Run the Reports from ConfigMgr Console as well as from the URL directly.

Additional Information

Introduction to reporting in System Center Configuration Manager

How to: Start Reporting Services Configuration Manager

Configuring Reporting in Configuration Manager

 

 

Rafid Ali, Support Engineer

Microsoft Enterprise Cloud Group

Reminder: Latest Improvements to the Simplified Servicing for Windows 7 and Windows 8.1

The Official Configuration Manager Support Team Blog -

Applies to: System Center Configuration Manager (all supported versions)

As previously announced, the Windows team has made some modifications to the servicing model for Windows 7 SP1, Windows 8.1, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2 to further simplify update deployment. Beginning with March 2017, the Security Only Quality Update will no longer include updates for Internet Explorer. The cumulative Internet Explorer update will again be available as a separate update.

With this separation, the Security Only Quality Update package size will be significantly reduced, but you will need to deploy and install the Cumulative Security Update for Internet Explorer to remain secure for the latest supported version of the browser if you elect not to deploy the Security Monthly Quality Rollup for Windows. The Monthly Rollup will continue to include updates for Internet Explorer, as a single additive update that provides all security and reliability fixes since the beginning of the new servicing model in October 2016.

If you’re currently deploying the Security Only Quality Updates with Configuration Manager, please make the necessary deployment process changes to also deploy the Cumulative Security Update for Internet Explorer to remain secure.

Please see the Reducing the package size of the Security Only update section for full details.

Anti-malware Platform Support

The Official Configuration Manager Support Team Blog -

Applies to: System Center Endpoint Protection (All Versions), Forefront Endpoint Protection 2010

Microsoft plans to release anti-malware platform updates once or twice per year through Microsoft Update (MU) to down-level operating systems (e.g. Windows 8.1 and below) running SCEP or FEP. Customers must stay current with the latest anti-malware platform update to be fully supported. Our support structure is now dynamic, evolving into two phases depending on the availability of the latest platform version.

  • Security and Critical Updates servicing phase – When running the latest anti-malware version, you will be eligible to receive both Security and Critical updates to the anti-malware platform.
  • Technical Support (Only) phase – After a new platform version is released, support for older versions (N-2) will reduce to technical support only. Platform versions older than N-2 will no longer be supported.*

*Technical support will continue to be provided for upgrades from the baseline version to the latest platform version.

NOTE: The platform updates for SCEP and FEP are published as follows: Category: Critical Updates, Product: Forefront Endpoint Protection 2010. Version 4.7 is the current baseline version for SCEP and FEP. Special MU detection logic and applicability rules are used to upgrade the baseline version directly to the latest platform version.

During the technical support (only) phase, commercially reasonable support incidents will be provided through Microsoft Customer Service & Support and Microsoft’s managed support offerings (such as Premier Support). If a support incident requires escalation to development for further guidance, requires a non-security update, or requires a security update, customers will be asked to upgrade to the latest platform version.

The version history table below will be updated as new platform updates are released.

(Platform versions older than N-2 are no longer supported.)

Version Availability Date Support Phase 4.7 (baseline) February, 2015 Technical Support (Only) for upgrades to the latest platform version 4.8 May, 2015 Technical Support (Only) 4.9 April, 2016 Technical Support (Only) 4.10 October, 2016 Security and Critical Updates

Configuration Manager 2007 and Windows Enforcement of SHA1 Certs

The Official Configuration Manager Support Team Blog -

Effective February 14, 2017, Windows no longer trusts certain certificates signed with SHA-1.  System Center Configuration Manager 2007 supports SHA-1 but does not support SHA-2 certificates. If you use SHA-2 certificates with Configuration Manager 2007, Configuration Manager continues to operate as expected using SHA-1 fallback.   

For more information, see Windows Enforcement of SHA1 certificates.

For later versions of Configuration Manager see,

ConfigMgr (current branch): Support Removal Reminder

The Official Configuration Manager Support Team Blog -

Applies to: System Center Configuration Manager (current branch)

We announced back on July 10th, 2015 that support for Windows Server 2008 R2 as a site server or most site system roles as well as SQL Server 2008 R2 for the site server database role would be removed in the first update version for ConfigMgr (current branch) released in 2017. Please see Deprecated operating systems and Deprecated support for SQL Server versions as a site database for more information.

As we approach the release of this update version, we wanted to publish this reminder. Please plan accordingly, as updating to future update versions may be blocked.

Additional Resources:

Device fails to join domain during a ConfigMgr OSD Task Sequence due to DC time synchronization issues

The Official Configuration Manager Support Team Blog -

We have all dealt with mysterious task sequence failures while imaging. Owing to the number and types of issues we run into, I decided to put together a series of posts that discuss the unexpected and undocumented task sequence failures that are triggered by environmental issues and configurations. This is Post 1 of the series, and it concerns an interesting issue I worked recently. This will help in troubleshooting domain join scenarios during operating system deployment.

The core issue is that a task sequence fails to join the machine to the domain during the Windows imaging process via Configuration Manager.

Assessment:

===========

We looked at the task sequence, made sure that the user name and password were typed correctly, and then we looked at the log files:

netsetup.log (c:\windows\debug)

12/20/2016 17:51:07:055 NetpValidateName: name ‘Polyone.com’ is valid for type 3

12/20/2016 17:51:07:086 NetUseAdd to \\machine1.contoso.com\IPC$ returned 2457

12/20/2016 17:51:07:086 NetpJoinDomain: status of connecting to dc ‘\\ DC1.contoso.com: 0x999

12/20/2016 17:51:07:086 NetpJoinDomainOnDs: Function exits with status of: 0x999

 

Seuperr.log

This server’s clock is not synchronized with the primary domain controller’s clock.

Seupact.log

2017-01-06 10:18:51, Error                        [DJOIN.EXE] Unattended Join: NetJoinDomain failed error code is [2457]

2017-01-06 10:18:51, Error                        [DJOIN.EXE] Unattended Join: Unable to join; gdwError = 0x999

 

Error 2457 translated to:-

NERR_TimeDiffAtDC /* This server’s clock is not synchronized with the primary domain controller’s clock. */

Error 0x999 also translated to:-

NERR_TimeDiffAtDC /* This server’s clock is not synchronized with the primary domain controller’s clock. */

We tried a manual domain join with the logged-on user, and it was successfully joined to the domain. That tells us that the issue is specific to the domain join process during OS deployment only.

We checked on the domain controllers and found that the domain time was in sync. For that matter, if we joined the machine using the same service account that was used in the task sequence, we noticed the same error:

We tried another account and it went just as expected, so now it was clear that the issue was with the service account being used in the task sequence. We then took an ldifde dump of working users (successful domain joined accounts) and non-working users (failing accounts):

Non-Working user

ldifde -f test.ldf -d “CN=svc_SCCM,OU=Service,OU=Restricted Accounts,DC=Contoso,DC=com” -p subtree -s “DC1.Contoso.com”

Working user

ldifde -f test2.ldf -d “CN=Admin, ,OU=Users,DC=Contoso,DC=com” -p subtree -s “DC1.Contoso.com”

Upon comparison of these dumps, we determined that the UserAccountControl value for the bad account was 4260352, and for the good account it was set to 66048. We changed the UserAccountControl value of the failing account to 66048 and could now join the machine successfully through the task sequence.

Hope this helps! Do keep working and sharing! More on task sequence failures coming soon!

Anil Sood

Technical Advisor | Microsoft System Center Configuration Manager 

Disclaimer: This posting is provided “AS IS” with no warranties and confers no rights.

 

Update Rollup for System Center Configuration Manager current branch, version 1610, is now available

The Official Configuration Manager Support Team Blog -

An update rollup for System Center Configuration Manager current branch, version 1610, is now available. This update is available for installation in the Updates and Servicing node of the Configuration Manager console. Please note that if the Service Connection Point is in offline mode, you must re-import the update so that it is listed in the Configuration Manager console. Refer to Install Updates for System Center Configuration Manager for details.

For complete details regarding the update rollup for ConfigMgr current branch v1610, including the list of issues that are fixed, please see the following:

4010155Update rollup for System Center Configuration Manager current branch, version 1610 (https://support.microsoft.com/help/4010155)

ConfigMgr 2012 SP1/R2 RTM: Support for Hybrid Mobile Device Management Ending Soon

The Official Configuration Manager Support Team Blog -

Applies to: Microsoft Intune, System Center 2012 Configuration Manager SP1, System Center 2012 R2 Configuration Manager

Support for System Center 2012 Configuration Manager SP1 and System Center 2012 R2 Configuration Manager RTM ended on July 12th, 2016. Subsequently, support for these releases connecting to the Microsoft Intune service via hybrid MDM (e.g. managing mobile devices with Configuration Manager and Microsoft Intune) will end on April 10th, 2017. After this date, hybrid MDM will stop functioning with these releases. Managed devices will essentially become unmanaged as the Intune Connector will no longer connect to the Intune service. No ConfigMgr data (policies, applications, etc.) will flow up to Intune and no managed device data will flow down to ConfigMgr until an upgrade takes place.

To avoid an interruption in service, customers currently using hybrid MDM with ConfigMgr 2012 SP1 or R2 RTM should upgrade to the Current Branch of ConfigMgr (recommended) or the latest supported service pack (R2 SP1 or 2012 SP2) for ConfigMgr 2012 prior to April 10th, 2017.

Additional resources:

ConfigMgr 2012 R2

Microsoft System Center Configuration Manager now supports macOS Sierra (version 10.12)

The Official Configuration Manager Support Team Blog -

We are proud to announce that the current branch of Microsoft System Center Configuration Manager (version 1610) now supports macOS Sierra (version 10.12) with version 5.0.8466.1 or later of the Configuration Manager Mac client. You can download the latest Mac client for Configuration Manager here. For details on how to upgrade the Configuration Manager Mac client, see How to upgrade clients on Mac computers in System Center Configuration Manager. Please be aware that the version of the Mac client displayed in the Mac preference pane might be different than the version collected by hardware inventory and displayed in the Configuration Manager admin console.

In addition to the Mac client update, we have an update to System Center Endpoint Protection (SCEP) for Mac that includes support for macOS Sierra as well. It is available on the Volume Licensing Service Center (VLSC) at https://www.microsoft.com/Licensing/servicecenter.

J.C. Hornbeck, Solution Asset PM
Microsoft Enterprise Cloud Group

Support Tip: Running TestDBUpgrade does not complete and logs “Failed to create process of SetupWpf.exe” error

The Official Configuration Manager Support Team Blog -

~ Rafid Ali

Hello Everyone, Rafid Ali here with another Configuration Manager support tip for you. I recently came across a scenario where a TestDbUpgrade was failing due to a custom database table which was created after adding custom hardware inventory classes in Configuration Manager 2012 R2 Service Pack 1. It was failing to execute Upgrade/TestDBupgrade to newer version 1606, and if you happen to run across this problem then hopefully this post will help.

Below are the error messages that were seen in ConfigMgrSetup.log when running the TestDBUpgrade:

12-08-2016 13:57:48.541    Configuration Manager Setup    4308 (0x10d4)    sql object tel_sum_scansourcewufb is not found. It will be created.
ERROR: SQL Server error: [42S22][207][Microsoft][SQL Server Native Client 11.0][SQL Server]Invalid column name ‘UseWUServer00’. : TEL_SUM_ScanSourceWufB   Configuration Manager Setup
Failed to execute sql command — Name         : TEL_SUM_ScanSourceWufB ~– Version      : 5.0.8412.1313 ~– Definition   : SqlObjs  ~– Scope        : CAS_OR_PRIMARY  ~– Object       : P  ~– Dependencies : <Detect>  ~– Description : SUM telemetry : Information of client Scan sources to know the usage of Windows Update for Business ~ ~ ~CREATE PROCEDURE TEL_SUM_ScanSourceWufB @Input NVARCHAR(MAX) = NULL  ~AS  ~BEGIN  ~ ~SET NOCOUNT ON ~If exists (Select ID from sysobjects where Name=‘WINDOWSUPDATE_DATA’ ) ~SELECT Count(InstanceKey) as MachineCounts ~      ,AUOptions00 ~      ,InstanceKey00 ~      ,NoAutoUpdate00 ~      ,UseWUServer00 ~  FROM WINDOWSUPDATE_DATA with (NOLOCK) ~  GROUP BY UseWUServer00 ,InstanceKey00, AUOptions00, NoAutoUpdate00 ~End             Configuration Manager Setup
ERROR: Failed to execute SQL Server script: Create SQL object tel_sum_scansourcewufb Configuration Manager Setup
Failed to create process of SetupWpf.exe. return value 1                   1/1/1601 12:00:00 AM           1992642571 (0x76C5500B)

There were similar errors for other columns as well for the same table.

Reason for the failure

ConfigMgr 1606 contains the table ‘WindowsUpdate_DATA’ in its database by default, as the Inventory Class ‘Windows Update’ is included as a default inventory class from version 1606 onwards. However, in ConfigMgr 2012 this was not a default inventory class. Because of this, many ConfigMgr 2012 users manually added this class from WMI (Win32Reg_SMSWindowsUpdate or Win32Reg_WindowsUpdate as per the requirement) to get the required data through Hardware Inventory. When this Hardware Inventory Class was added, it created the same table (WindowsUpdate_DATA) with the same columns names, such as ‘AUOptions00’, ‘InstanceKey00’, ‘NoAutoUpdate00’, ‘UseWUServer00’, etc.

Starting with version 1606, Upgrade Task automatically creates all the required objects which are not there by default in the older versions. We can see this by examining the ConfigMgrSetup.log file:

sql object tel_sum_products is not found. It will be created.
Saved hash for SQLText for SQL object tel_sum_products (SHA256:1C87D231C46ECCC0D559F1AA5B83A1A54FA4C445072285D17CBB84B4DA3BCE29)
INFO: SQL Server script: Create object tel_sum_products
sql object tel_sum_scansourcewufb is not found. It will be created.
*** [42S22][207][Microsoft][SQL Server Native Client 11.0][SQL Server]Invalid column name ‘UseWUServer00‘. : TEL_SUM_ScanSourceWufB
*** [42S22][207][Microsoft][SQL Server Native Client 11.0][SQL Server]Invalid column name ‘InstanceKey00. : TEL_SUM_ScanSourceWufB
*** [42S22][207][Microsoft][SQL Server Native Client 11.0][SQL Server]Invalid column name ‘AUOptions00‘. : TEL_SUM_ScanSourceWufB
*** [42S22][207][Microsoft][SQL Server Native Client 11.0][SQL Server]Invalid column name ‘NoAutoUpdate00‘. : TEL_SUM_ScanSourceWufB
Failed to execute sql command — Name         : TEL_SUM_ScanSourceWufB ~– Version      : 5.0.8412.1313 ~– Definition   : SqlObjs  ~– Scope        : CAS_OR_PRIMARY  ~– Object       : P  ~– Dependencies : <Detect>  ~– Description : SUM telemetry : Information of client Scan sources to know the usage of Windows Update for Business ~ ~ ~CREATE PROCEDURE TEL_SUM_ScanSourceWufB @Input NVARCHAR(MAX) = NULL  ~AS  ~BEGIN  ~ ~SET NOCOUNT ON ~If exists (Select ID from sysobjects where Name=’WINDOWSUPDATE_DATA’ ) ~SELECT Count(InstanceKey) as MachineCounts ~      ,AUOptions00 ~      ,InstanceKey00 ~      ,NoAutoUpdate00 ~      ,UseWUServer00 ~  FROM WINDOWSUPDATE_DATA with (NOLOCK) ~  GROUP BY UseWUServer00 ,InstanceKey00, AUOptions00, NoAutoUpdate00 ~End  ~~

In this case, Upgrade Task was able to create all of the above objects, like Stored Procedures ‘tel_sum_products’ and its corresponding tables and columns, however when it tried to create and execute object ‘tel_sum_scansourcewufb’, it failed because the same column names (‘AUOptions00’, ‘InstanceKey00’, ‘NoAutoUpdate00’, ‘UseWUServer00’, etc) already existed in the same table (WindowsUpdate_DATA).

You can verify this in your ConfigMgr 2012 R2 SP1 database as shown below.

If this table already exists in the ConfigMgr 2012 database, then it’s been created by custom hardware inventory classes as it’s not a part of the default database for ConfigMgr 2012 R2.

Resolution

In the ConfigMgr 2012 R2 SP1 console, go to Administration:

Next, go to Client Settings:

Select the Client Setting that you are using for Hardware Inventory. In my case it was ‘Default Client Settings’:

Click on ‘Set Classes’:

Select the Custom Inventory Class causing issues and delete it, as shown below.

After a short period of time, you will notice that the table corresponding to that class is deleted in the database. Once the table is deleted, make a healthy backup of Configuration Manager and proceed with the TestDBupgrade. At this point it should complete successfully. Once TestDBUpgrade is successful, you can then proceed with Configuration Manager site upgrade.

NOTE This issue is fixed in Configuration Manager version 1610 and up. Any future baseline builds after 1610 will not encounter this problem.

Rafid Ali, Support Engineer
Microsoft Enterprise Cloud Group

Troubleshooting Configuration Manager and WSUS software update synchronization issues

The Official Configuration Manager Support Team Blog -

If you’re having synchronization problems with either WSUS or System Center Configuration Manager, here’s a friendly reminder that we have a great troubleshooter that will walk you through diagnosing and fixing some of the more common issues that may be encountered when sync fails. If you ever have these kinds of issues, there’s a good chance that this guide will show you how to fix them, and even if you don’t find the resolution to you exact problem, it offers some great resources and tips that will help get you pointed in the right direction. You can find this troubleshooter here.

J.C. Hornbeck, Solution Asset PM
Microsoft Enterprise Cloud Group

Microsoft ConfigMgr 2012 R2 ConfigMgr current branch Windows Server software update point software update synchronization Microsoft update windows update

S'abonner à Philippe BARTH agrégateur - SCCM (Anglais)