Hi Team,

I got the requirement to setup PXE distribution point for our lab where we use to image the bare metal machines. We got the vlan setup and got the IP range of the Vlan from our network team. But the issue is we already have a separate boundary created in sccm where my Vlan IP address range also a part of it. Example already set boundary IP range: 10.0.0.1 - 10.255.255.254. MY new Vlan IP range: 10.51.102.76 - 10.51.102.250 which is also falling under same range.

So my question is if I create separate boundary for my IP range and add it to boundary group and substantially adding that group to my PXE distribution point and then deploying my task sequence to All unknown computers. Then only my ip range machine's will get the deployment or all machines part of already created boundary range(10.0.0.1 - 10.255.255.254)will receive IP's?

Thanks ,
Sunil

We've just configured OSD on a new SCCM Current Branch 1706 server, following the steps laid out here -

https://www.windows-noob.com/forums/topic/14057-how-can-i-deploy-windows-10-with-mdt-2013-update-2-integrated-with-system-center-configuration-manager-current-branch/

We're using the Windows 10 LTSB N ISO.
We installed Windows ADK 1703, which is the correct release for SCCM 1706 and Windows 10 deployments.
We created the Windows 10 1703 boot image as described in the windows-noob article.

We testing a deployment of Windows 10 to a VM. The VM does PXE boot, and I confirmed it has an IP address.

I'm prompted to enter the PXE password, and then the TS times out trying to retrieve the "policy". Eventually I get the following error:

An error occurred while retrieving policy for this computer (0x80004005).

When I check the smsts.log file, the first error (red herring or not b/c there are other entries in the log file that seem to succeed) is:

ShellExecute ('raserver.exe') failed. 0x80070002.

I also see the following error later in the smsts.log file:

Error. Received 0x80072ee7 from WinHttpSendRequest

What I've confirmed so far:

- Network access account is setup and has permissions to all images and packages.
- Time on VM is synch'd when compared to SCCM server
- Anonymous Authentication is enabled in IIS on the SCCM server

The VM is using the E1000 network adapter. I was under the impression a Windows 10 ISO would include this rather …

I have sccm 2012 on win server 2012 R2 and have a single site with database installed on same server.

I am getting the following error in site status .please find the attached snspshot

i tried uninstalling client from the site server but no luck

i am not able to push the client on discovered computers.
sccm-error.png

Hi Buddies

how do I use a custom answer file when deploying a image with sccm 2012r2?

Any ideas please let me Know
Thank in advance

I need to join a number of servers to my domain and install software on them. But I don't want SCCM 2012 to install Endpoint Protection on them and block my attempts to install said software. How do I determine which policy or policies are deploying endpoint protection? How do I determine which OUs each policy is being deployed to? Is it possible to disable a policy?

Hi Team,

I am looking for a SCCM query to get the user's Full Name or First & Last Name also Email ID's for a specific collection. Can someone help me with this. Also I need to get the longest logon user instead of last login user to know who is the actual user.

I am trying with below query but it throwing some error. Please help.

Select
SMS_R_User.FullUserName, SMS_R_System.Name
FROM
SMS_R_System inner join SMS_G_System_SYSTEM_CONSOLE_USAGE
on
SMS_G_System_SYSTEM_CONSOLE_USAGE.ResourceId = SMS_R_System.ResourceId
INNER JOIN
SMS_R_User ON SMS_G_System_SYSTEM_CONSOLE_USAGE.TopConsoleUser = SMS_R_User.UniqueUserName  
INNER JOIN
SMS_FullCollectionMembership on SMS_FullCollectionMembership.ResourceID = SMS_R_System.ResourceID
WHERE SMS_FullCollectionMembership.CollectionID = 'xxxxx'

Sorry if this a easy question for everyone.

After are upgrade to SCCM 1703, we have been running into issue with are TS not report back errors correct to the deployment status with in SCCM. No matter if it fails or successes it reports successful. Below is what we are doing for error reporting and it all worked before.

All the parts / steps leading up to reporting the error code back works. Logs do get copy to are log share, if an error get triggered in the TS.

Just trying to figure out if i am doing this whole error handling and logging thing wrong.


Thank you for support of this.

I heard NTP server sync using a protocol to its NTP clients / endpoints so
no credentials (or authenticators) is involved.

What about MS SCCM & MS Dsktop Central?  Do they contain authenticators
of the endpoints they manage?  Can point me to some authoritative/MS
links that state this?  

If they contain them, when the authenticators are being sent to the endpoints,
are they encrypted?

It's a query raised by our Audit.  By authenticators, I assume it refers to
login id & password?

We have defined a VPN boundary group for our remote employees in single site, single server SCCM current branch (1706) setup. Our company's setup is very simple - one server is the site server, DP, and MP. We're all in one building. However we need to define the "VPN" boundary group to be a "slow" link for those that connect remotely.

I cannot find a way to do this in SCCM 1706. Does anyone know how to do this?

KH

hello dears,

I'm planning to deploy sccm 2016 and need to have a high available design architecture. below is overview of my environment and the required site system roles.

Environment.

single domain
clients: 20000
OS : w7sp1 and W10
Mobile device OS: ios, android, and windows phone


Required site system roles:

Software update management
OS deployment
App deployment
Inventory management
Mobile device management
Report generation
End point protection
Compliance and setting management.


The solution should be High available in both client perspective and server side.
How can i have a design to achieve these requirements. Any suggestion appreciated!

Thank you

Hello,
I hope you have good day. i've server (WIN 2012 datacenter R2)installed on it wsus role and also SCCM 2012 (with external SQL DB) i just need to configure the autmatic update that sccm will take it from wsus and deploy it on the PCs in my network, how can i make that?
Thanks

Hello,

Running SCCM Current branch version 1606.  Deployed a new child primary without any issues, and can distribute content to that primary without any issues.

I have also been able to without issues deploy the client from the child primary to clients.

Now I need to deploy packages and applications using the child primary.  Multiple errors:

> When I deploy one application to multiple clients the first error I see is that on the software catalogue on the clients it just says waiting to download and stays at 0%
> On some clients the application is downloaded/installed successfully but when I try to deploy software updates it fails to receive them

All other clients on other sites are fine, so it is something specific with this child primary.  I've checked/tried the following to resolve it:

>  Changed the distribution settings for the application to "Automatically download content when packages are assigned to distribution points" - This stopped the clients from trying to download the application completely and it just says "past due".  When I then try to manually click install it brings up an error message stating that Software Center can not be loaded (attached)
>  Checked the BITS and .net are installed correctly on the Primary
>  Restarted the clients and the primary
>  Checked the boundary setup is correct and that there is not a duplicate.  It is and I don't think i would be able to deploy the client if this was incorrect
>  Reinstalled the SCCM …

We have SCCM current branch 1706, with a SQL 2012 server on the back end running SSRS. I would like to allow our Service Desk access to create their own reports in one specific folder only - protecting all the other folders containing the standard SCCM reports.

Is there a way to define a security scope that's SSRS folder aware? I don't think I can do this from the SSRS side. I believe SCCM sets all permissions via policy on those SSRS folders every 15 minutes.