So whats this thing about Broswer Choice to start with ? Well you can read more about it here.
So if you would like to block this behaviour like most enterprise organisations want to do. There is a way to block that this updates comes into play. You simply just need to add a registry value to your machines. If the registry key is present the users will not experience the Browser Choice experience on that machine.
Registry key: HKEY_LOCAL_MACHINESoftwareBrowserChoice
Value Name: Enabled
Value Type: DWORD
Possible Values: 1 Display browser choice update
0 Do not display browser choice update
There are different ways of adding it , choose the method that suites your environment best.If you just want to test it on your own machine simply run this command , and verify that the reg value is there.
reg add HKLMSoftwareBrowserChoice /v Enable /t REG_DWORD /d 0×00000000 /f
So what machines will this update be displayed on? It will be targeted to machines with the corresponding regional settings as European Union and is a Client OS so it wont be deployed to servers.
References:
http://support.microsoft.com/kb/976002
http://microsoftontheissues.com/cs/blogs/mscorp/archive/2009/07/31/windows-7-and-browser-choice-in-europe.aspx
Sometimes you want to exclude certain folders or drives from beeing scanned to have a clean Inventory, an example you may not want to scan a server with large volues for data like home directories or the IT department Install library. This causes both load on the server /client having the drive and it causes you to get this information into the database and you need to handle it in your reports.
Simply do like this
- Create a file named skpswi.dat
- Add the attribute hidden
- Put it in the folder/drive you would like to exclude from Software Inventory
More is to be found here: http://technet.microsoft.com/en-us/library/cc180976.aspx
Sometimes you need to reset the Windows update Agent to get it working like it should. If you haven’t updated to the SP2 version of WSUS i strongly recommend doing that on your Software Update Point as allot of fixes where released in that Service Pack. Below is a set of commands you can use to reset a Windows update Agent, the easiest way is to save the commands in a bat file and launch it on your XP clients in proffered way manually of with software distribution.
net stop bits
net stop wuauserv
Del "%ALLUSERSPROFILE%Application DataMicrosoftNetworkDownloaderqmgr*.dat"
Ren %systemroot%SoftwareDistributionDataStore *.bak
Ren %systemroot%SoftwareDistributionDownload *.bak
Ren %systemroot%system32catroot2 *.bak
sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
cd /d %windir%system32
regsvr32.exe atl.dll
regsvr32.exe urlmon.dll
regsvr32.exe mshtml.dll
regsvr32.exe shdocvw.dll
regsvr32.exe browseui.dll
regsvr32.exe jscript.dll
regsvr32.exe vbscript.dll
regsvr32.exe scrrun.dll
regsvr32.exe msxml.dll
regsvr32.exe msxml3.dll
regsvr32.exe msxml6.dll
regsvr32.exe actxprxy.dll
regsvr32.exe softpub.dll
regsvr32.exe wintrust.dll
regsvr32.exe dssenh.dll
regsvr32.exe rsaenh.dll
regsvr32.exe gpkcsp.dll
regsvr32.exe sccbase.dll
regsvr32.exe slbcsp.dll
regsvr32.exe cryptdlg.dll
regsvr32.exe oleaut32.dll
regsvr32.exe ole32.dll
regsvr32.exe shell32.dll
regsvr32.exe initpki.dll
regsvr32.exe wuapi.dll
regsvr32.exe wuaueng.dll
regsvr32.exe wuaueng1.dll
regsvr32.exe wucltui.dll
regsvr32.exe wups.dll
regsvr32.exe wups2.dll
regsvr32.exe wuweb.dll
regsvr32.exe qmgr.dll
regsvr32.exe qmgrprxy.dll
regsvr32.exe wucltux.dll
regsvr32.exe muweb.dll
regsvr32.exe wuwebv.dll
netsh reset winsock
proxycfg.exe -d
net start bits
net start wuauserv
Is it possible to just download the prerequsites on forehand if you dont have Internet access on the server where you intend to install Configuration Manager.
Yes you can , you need to use the command without the quotes “MEDIAPATH:SMSSETUPBINI386setup.exe /download drive:path”
Make sure the folder you download to is created before you execute the command otherwise it will not launch.
I just got the question on what rights the domain join account needs. So here it is.
First of all you need to create an account for it in this example I named min svc-sccm-domainjoin and then locate the OU where your computer accounts will reside in. And then right click on it and set the security rights.
First you need to set the following rights on the OU and with the setting Apply to: This object and all descendant objects.
- Create Computer Object
- Delete Computer Object
After that you need to add the following rights with the setting apply to: Descendant Computer objects.
- Read All Properties
- Write All Properties
- Read Permissions
- Modify Permissions
- Change Password
- Reset Password
- Validated write to DNS host name
- Validated write to service princ
With Service Pack 2 of Configuration Manager it is no longer required to provide a certificate to synchronize the Asset Intelligence Catalog with Microsoft, it is now builtin. Although when you install it it may cause some confusion.
So when you install the Asset Intelligence Sync Point role it still asks for a certificate, but its just to ignore that page and click next to install the role. Earlier it was required to have a certificate and with SP2 that has been removed.
So when you hit this page in the wizard just click next.
After you have installed the role you can look in these three log files AIUSMSI.log , AIUSSetup.log, aikbmgrlog and AIUpdateSvc.log to see that everything is working as intended. http://technet.microsoft.com/en-us/library/cc161940.aspx
If you missed the new blog that the product team has put up please have a look at it.
You will find the blog here – > http://blogs.technet.com/configmgrteam/
There are different ways of getting your .wim file for deployment in Configuration Manager.
1. Use the Build and Capture Task Sequense
2. Manuall install and use the Capture Media in Configuration Manager
3. Using imagex.exe to create the .wim file.
If you use the install.wim from the Vista media it will work to deploy but the installation will be under the D: drive so its not a preffered or good way of getting your .wim file for deployment.
A often asked question is can I use my .wim file from SMS 2003 OS Deployment, there are some concerns with this so the best way to use them is to apply the Image to a computer make your modifications to it and make a capture again.
And what about .wim files from WDS can I use them ? The answer is yes.
My preffered way of creating a .wim file is through the Build and Capture Task Sequense it gives me lots of flexibillity and I know the build is always done the same way and I dont miss steps that I might miss when building my reference machine manually.
If you want to create a wim file for Windows XP or Windows 2003 you need to create a Sysprep package for the Build and Capture process or by placing it in the C:sysprep folder for manual captures.
So do I need to sysprep the Machine before I do a Capture ? The answer is NO!, the capture process does this for you so you should NOT run Sysprep before you make a Capture.
Config Mgr, ConfigMgr 2007 | stesch | 
March 2, 2010 22:56 | 
Comments (0) 
Subscribe 