Systems Center Configuration Manager (SCCM, formerly known as Systems Management Server) is Microsoft’s system software for managing large groups of not only Microsoft computers, but those running other operating systems, such as Linux, OS-X, and various mobile technologies.

Share tech news, updates, or what's on your mind.

Sign up to Post

Just trying to see what I might be missing here or where to look to find the issue.

I have a standalone SCCM 1702 serving about 350 clients. I've deployed apps and update many times over the past year plus. I'm trying to deploy O365 update 1706 8229.2139 to 4 PCs that are in Current Channel via GPO. I have a GPO for enabling manage O365 from SCCM in place. I downloaded the update, created a Software Update Group and deployed it to the collection these PC are in as required with a 3 day deadline. All of the PCs show up under Monitor Deployment in the Unknown tab (1 as Client check passed/Inactive because the PC is powered down, and 3 as Client check passed/Active).

I have initiated a Software Update Evaluation from the SCCM console as well as from the Configuration Manager Client on the PCs and it just doesn't seem to initiate the download or show up as an available update, and I have no idea what to look for in which logs as I've followed some of the posts for troubleshooting and see errors of some point in most logs. Where does one start to troubleshoot this issue?
On Demand Webinar: Networking for the Cloud Era
On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Hi there
I try in my lab to upgrade win 7 pro  to win 10 pro
But this error 0x80070002 and message id 11135 and 11141
Download failed couldn't resolve source for installation package

I make my search i try sharing permissions and iis but nothing

Any idea
 Thanks for your time
Hello -

I am trying to uninstall Symantec Endpoint Protection and replace with new AV within SCCM 2012. I have the install application for Symantec and new AV. The Symantec application should have a uninstall switch, however not sure how to double check that with .exe I have for Symantec. I have tried to run uninstall of Symantec with Uninstall.exe however no luck. I have also tried to run a batch file from my desktop with wmic product where "name like 'Symantec Endpoint Protection%'" call uninstall /nointeractive, however no luck.
We previously set up SCCM using a domain admin account SCCMAdm :
we have since removed it's domain admin privilege but with its domain
password dont expire.

is this a security concern (need assessment) & how we can mitigate?
while deploying application on to device collection its showing error as past due will be retried , how to resolve it without using PowerShell script solution , any other way or suggestion
Hello -

SCCM environment:
2012 R2 Configuration Manager SP1
Console version: 5.0.8239.1000
Site version: 5.00.8239.1000

Does my version look correct considering CU? I also would like to know if I can go directly from my version to SCCM 1706, if so, do you know where I can find step-by-step on the upgrade?


i am trying to capture and restore user state by sccm 2012 r2 .i am capture a user profile by the task sequence and this task is succeeded and when i make a restore in another computer i face this error  any help please

"failed to run the action restore user state.the drive can`t find the sector requested error 8007001b"
Hi all,
we are currently running windows 7 x64, 95% of user computers have HP Elitebook laptops (850 users across few different countries), have anyone done project plan for a windows 10 upgrade? what issues were faced and whats there to avoid or take into account?

will rollout window 10 and office 2016 as a package.
I am looking to Schedule the deployment of windows updates to a client using SCCM. So far this has been a manual process with the following:

  • Test machine Collection
  • IT Users Collection
  • Test Users Group
  • Day 1 Deplyment
  • Day 2 Deployment

I have created an Automated rule for the initial "Test Machine Collection" following PrajWaldesai but I would like to have the whole process automated something like:

  • Test machine Collection
- Patch Tuesday
  • IT Users Collection
- +24 Hours
  • Test Users Group
- +48 Hours
  • Day 1 Deplyment
- +4 Days
  • Day 2 Deployment
- +6 Days

I am sure that i am not the first looking to complete this and automate the global roll out of the updates and wondered if others could offer experience.

Or is it as simple as an automatic deployment rule for each collection.
I am trying to load SCCM on a Windows 2016 and getting the following errror on the server in question:

Download Update: A recoverable error has occurred.  A retry attempt will be made

I have re-imaged this server multiple times and get stuck at this point. The c:\windows\ccmsetup folder only gets half of the files it should and that's when it gets stuck. I am open to any ideas on what to check.

I have loaded SCCM before on many servers (including Windows 2016); but on this one I am STUCK !

If I let the load continue, this last time keeps happening every 5 minutes for HOURS !

MANY THANKS in advance for ALL the help !
On Demand Webinar: Networking for the Cloud Era
On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Hello all,

I've been using SCCM OSD to image machines for about 2 years.  Suddenly last month, it stopped working.  I assumed that we had a corrupted driver or boot wim.  I re-created both the x64 and x86 boot wims, downloaded the newest WinPE 10 drivers, etc.

and am still having the issue.

When doing PXE boot, I"m getting the failure at preparing network connections.  When loading PE from a usb, it loads but then says "There are no task sequences available for this computer."  If I do an F8 , ipconfig shows an IP and diskpart shows the drives, which I assume means that I have the correct drivers.  Fwiw- I've tried just about every driver combination that I can think of, to no avail.

The packet captures seem to be failing at an IPsec port 500 error, but I can't see what would be causing that. -it might be a red herring.

To make matters worse, our MS premier support contract ended the day before it broke and we're waiting for our legal dept. to sign the new enterprise agreement, so I have no MS support.

I'm including the smsts.log from one of the machines and wireshark packet traces from a mirrored port for both PXE and USB PE boots.  Any assistance is greatly appreciated, as I need to start pushing Win10 out by the end of the month.
Hi is there anyone that can assist me remote deploying the Intel AMT firmware  fix to all my laptop fleet. This is to address the recent vulnerability. I would prefer using SCCM 2012 r2 to accomplish this task, but I'm open to other suggestions as well.
Hi All,
We have SCCM 2012, Current Branch.
Been installed (by a consultant) about 6 weeks ago. We have ran into an issue with clients updating and not sure if they have ever updated since it's been installed
I think (I will double check) most of our clients are showing the following errors from the windowupdate.log

2017/08/03 22:09:18.4202729 312   3520  ProtocolTalker  SyncServerUpdatesInternal failed 0x8024401c
2017/08/03 22:09:18.4246690 312   3520  Agent           Failed to synchronize, error = 0x8024401C

I have attached logs from 3 Windows 10 machines. These include WU log and WUAHandler.log
Also attached are 2 SCCM Log files

What I have tried.
1. Can telnet onto port 8530 from any client machine
2. Checked event logs
3. Rebooted SCCM Server
4. Made the changes as per this article - all through I don't think it was relevant -
5. Ran through this article -
But still haven't been able to crack the issue.

1. Can you still use WU to check for updates that will just go to your SCCM Server and expect to find and install updates? Or do updates get installed differently using ADR's?
I was expecting to click "Check for Updates" and find available updates.

2. Under update history, would I still see updates …
Hi Team,

I want to create a package & deploy through sccm that contains a batch script that will stop service, delete file and start service.
Below are the commands that I am including in script which I want to create as package & deploy on all machines using sccm.

Net stop HAgent /y
Cmd /c Del "C:\programFiles\WDM\"
Net start Hagent /y

Will this work through sccm?
are there any common reasons why devices in a domain may not be showing in system centre, or any pointers on where to start on how to resolve? I am not a SCCM admin myself, but wondered how the device initially gets added to the SCCM database? Is it a manual process when you procure and build new devices to add them into the system.
Can't use SCCM, but have to install lot of patches on a windows server. What is the fast way to search, download and install those patches?
HI Team,

can someone help me with SCCM WQL query to get installed software information for a collection of machines. I don't have access to run sql queries, so i required wql query to run and get required data. I already ran wql query based on product name & version but it is getting me lot of software info. so how to find out only important installed software info like in Add Remove programs but not the query based on specific software.

Thanks in advance.
Failed to create SQL server certificate Error on SCCM installation
Getting below error when click Next on Select Certificate Enrollment Policy -- [Active Directory Enrollment Policy]:
Certificate enrollment for Local system failed to load policy from policy servers with ID   (An attempt was made to logon, but the network logon service was not started. 0x80070700 (WIN32: 1792 ERROR_NETLOGON_NOT_STARTED))

Also getting below in event viewer
License Activation (slui.exe) failed with the following error code:

Certificate enrollment for Local system failed because no valid policy can be obtained from policy servers with ID
For non-DMZ Distribution Points, there is no problem on enrolling certificates.

Please advise and thanks in advance..
Free Tool: Site Down Detector
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

I currently have an SCCM CB environment installed, and discovered systems in AD via system discovery. I do not have auto client install enabled because I would like to use group policy to push to systems that login actively on the network. I see how to configure the policy to install clients, but how do I use it to upgrade the client rather than install? Is it automatic? There needs to be a site re-assignment and upgrade so the new system center does not needlessly redeploy software. The upgrade allows for each system to maintain installation history (as far as I know). Thanks!
Does anyone remember the "Computer Details" report you can get in SCCM 2007? You can find the report by clicking on the link next to a computer listed in one of the many canned reports.  I can't find a report ID for it b/c the url is different.


I can't find an equivalent in our new SCCM "Current Branch" setup (which is relying on SQL Server reporting services on a separate SQL server). Our old SCCM server just runs reporting locally. So I'm dealing with an apples to oranges comparison.

When I search for help on this, I only find links back to SCCM 2007 specific articles.  I found this report helpful on occasion and I'm hoping it's just hiding in plain view where I haven't thought to look yet.

I was wondering if you  could help me with this issue.  I am working on security in SCCM 1610 to give certain users access to report information for  their specific department needs.    
I have created a test user, created Security Scope, made a copy of the Report Viewer Only role and added user to this security role.  I am happy with most of the access they are limited to.  
The only reports that I cannot restrict their access to are the MBAM reports.  The user is able to see all the collection ID's listed rather then just the collection ID for their department.   Is this because the MBAM reports are not native SCCM reports but added when installing MBAM on SCCM so the security policies don't applied to these reports?
Can you tell me how I can restrict these reports to only show information for the collection/collection id's they need to see?  
Thank you.

I need help. deploy language pack via sccm.  dual language pack in sccm tasksqence.   I don't want to use mdt sccm only.
Hi Guys,

We are currently in the testing phase on the SCCM implementation.
 the laptops we use across site are Dell XPS 13 which come without an Ethernet port. instead we use the USB-C connection.

the USB-C connection requires a USB-Ethernet adapter so we can run the SCCM image. this works fine on the following adapter: Dell DBJBCBC064.

but it does not work when we are using the following adapter: DA200 dell

the annoying thing is - all users already have a DA200 Dell adapter as this is used to connect to the docking station. I would love to be able to continue using them or a very similar product.

so here is my question:

1 - Why does 1 work and not the other? from what I have read online it is something to do with PXE-Boot?
2 - is there an alternative to the DA200 which works in the same manor with same connections which allows SCCM to work (if PXE is at fault or something?)

We have recently installed SCCM R2 Current branch and I am still trying to get to grips with it.
We use Surface Pro 4’s and HP EliteBook’s and I am trying to deploy to a few test devices for now.
But I am having the following issues:

1.      Surface – Failed to run task sequence – There are no task sequences for this computer (see attached screenshot PIC01)
2.      HP Laptops – Runs the task sequence but picks up the Surface TS (as per the screenshot PIC02) and not the HP TS that I have created.

I may be wrong but it something to do with device collections that I have not done?

Any help would be much appreciated.







Systems Center Configuration Manager (SCCM, formerly known as Systems Management Server) is Microsoft’s system software for managing large groups of not only Microsoft computers, but those running other operating systems, such as Linux, OS-X, and various mobile technologies.