IT Consultant Everyday Notes

Just some problems/solutions storage

SCCM 2012: SUP does not synchronize updates

I noted my ADR did not created a Software Group for Patch Tuesday. I checked Software Updates and found fresh updates were not sync’ed on schedule. Manual sync did not help either.

Resolution: remove Classifications from SUP properties, wait while it will be sync’ed to WSUS. Add classification again and restart Update Synchronization.

In my case fresh updates were synchronized successfully after that.

Windows 10: Change One Drive location

I have W10 on couple of my machines and left default One Drive location one one of them. As a result it quickly filled the drive. Tried to find a way to change OneDrive cash location drive but without success until find the following article:http://answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_files/cannot-change-or-move-default-folder-for-onedrive/f769a16c-26b1-41cc-89d3-a0737a01837a

 

Hare is the way:

  • First, go to Add or Remove Programs in the control panel and find Microsoft OneDrive
  • Right click and uninstall 
  • Reboot (This might not be necessary, I did it for luck) – UPDATE:  Yes, it’s necessary. Hat tip to oblio9. 
  • Go to C:\Windows\SysWOW64 and run OneDriveSetup.exe – Here’s the full path if you just want to cut and paste into in Win-R: C:\Windows\SysWOW64\OneDriveSetup.exe

SCCM 2012: Application Catalog WebService Point failed with “Parameter set cannot be resolved using the specified named parameters.”

 

I tried to install the abovementioned role using Powershell. I followed Microsoft example letter by letter but it still failed with a nasty PowerShell error “Parameter set cannot be resolved using the specified named parameters.”

SNAGHTML53b83032

Finally I found a spreadsheet on http://www.google.ca/url?sa=t&rct=j&q=&esrc=s&source=web&cd=5&cad=rja&uact=8&ved=0CDYQFjAE&url=http%3A%2F%2Fcm12sdk.net%2F%3Fwpdmact%3Dprocess%26did%3DMTQuaG90bGluaw%3D%3D&ei=ZVvBVMLiMIacyAT174JY&usg=AFQjCNG9mVW1L-nWqtbI813UbYzrFKCXlQ&bvm=bv.83829542,d.aWw

 

and put parameters EXACTLY in the order mentioned there. (I know, it is crazy). Surprisingly, the cmdlet works now .

SNAGHTML53bae000

Azure Automation: Send Email from Azure Automation Script via GMAIL

I am working with Azure Automation scripts. One of them stops all my Lab VMs after working hours to save some money. Script is based on one from Automation Gallery, but I wanted to add a notification feature.

There are several posts about using O365 for this, but I do not think it is a good idea since 0365 is not free.

I tried Outlook.com (AKA Hotmail) first, trying to stick with Microsoft platform, but did not get any success (authentication kept failed for me). So, the second choice was Gmail.com. From some posts I understood Azure does not have root certificates from GMAIL CA and SSL connection does not work. To workaround the issue I downloaded Google root certificate and created a Certificate Asset in Automation console

SNAGHTML9554a11d 

Interesting enough I do not need to use it in my script apparently simply existence of it is enough….

Here is the script to check if all machines are in stop(Deallocated) state and send email otherwise. The script uses a PS Credential Asset: ‘Azure Credentials’ and my MSDN Platform subscription.

I created a test account at Gmail: azure.automation.service@gmail.com and add an Automation Asset (PS Credentials) including Gmail user name and password – “Gmailcreds” that allows do not put user name/password in the script.

workflow test-mail
{  
   $Cred = Get-AutomationPSCredential -Name ‘Azure Credentials’
   $Gmailcreds = Get-AutomationPSCredential -Name ‘Gmailcerds’
   Add-AzureAccount -Credential $Cred
   Select-AzureSubscription -SubscriptionName “MSDN Platforms”   
   $vms = Get-AzureVM
   $ss=””
   ForEach ($vm in $vms ) {
      if ($vm.Status -ne “StoppedDeallocated”) {$ss=$ss+$vm.name+” – “+$vm.Status + “`r`n”}
   }
   if ($ss -ne “”) {
      $mail_body= ‘Attention! One or more VMs are in a state other than “Stopped (Deallocated)”‘ `
      +”`r`n”+$ss
      Send-MailMessage -SmtpServer smtp.gmail.com -Port 587 -Credential $Gmailcreds `
         -UseSsl -From ‘azure.automation.service@gmail.com’ -To ‘alex.ignatenko@onx.com’ `
         -Subject ‘Alarm: Azure Automation – Running VM!’ -body $mail_body
   }
}

This script can be added to schedule to run every night.

Server 2003: Migration to Azure

In my test Lab I migrated Server 2003 VM to the Cloud. The matter in fact it is not enough just copy VHD to Azure using

Add-AzureVhd [-Destination] <Uri> [-LocalFilePath] <FileInfo> [[-NumberOfUploaderThreads] <Int32> ] [[-BaseImageUriToPatch] <Uri> ] [[-OverWrite]] [ <CommonParameters>]

command in Azure PowerShell

It as also necessary to add the copied disk to inventory using:

Add-AzureDisk [-DiskName] <String> [-MediaLocation] <String> [-Label <String> ] [-OS <String> ] [ <CommonParameters>]

In my case the script looks like

SNAGHTML8b4564ad

 

The information was found in Sandrino’s blog here: http://fabriccontroller.net/blog/posts/migrating-your-windows-server-2003-workloads-to-microsoft-azure/

Lync: Script: Get-CsConnections.ps1 – See User Connections, Client Versions, Load Balancing in Lync Server

An old script, but never saw it before for some reasons – it allows to see Client versions and user distribution per Front-end Server. I use it during FE updates, to be sure there is no user connected to an updated FE.

original is here

 

SNAGHTML44045511

Windows 8.1: Disable first logon animation

Raphael Perez published a reg key to disable the animation. It can be distributed as an SCCM package during OSD:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
“EnableFirstLogonAnimation”=dword:00000000

The command line that Raphael used was a follows …

regedit.exe /S Disable_First_Run_Animation.reg

Full article

Windows 10: Upgrade Windows 7 SP1 to Windows 10 Preview

 

Aaron Czechowski published a useful post about the subj:

http://blogs.technet.com/b/configmgrteam/archive/2014/10/29/how-to-upgrade-to-win-10-using-the-task-sequence-in-sc-2012-r2-configmgr.aspx

Step-by-Step process is described here

PKI: Private Key Export failed during CA migration

I am currently lead a project for PKI migration from 2003 Servers to 2012 R2.

ISSUE: During migration one of CAs I observed an error when I tried to restore a Private Key saved on an old CA to the new CA.

 

The error said: Import private key: Active directory certificate services setup failed with the following error: Cannot find object or property. 0x80092004 (-2146885628 crypt_e_not_found)

RESOLUTION: I checked the machine local storage and found the old CA certificate there (without Private Key). The certificate was installed by GPO.  I deleted the certificate and retry Private Key import from CA installation wizard (where it failed). This time the cert was imported successfully.

SCCM 2012R2: Manage CentOS 7.0 Clients

Follow

Get every new post delivered to your Inbox.