Systems Center Configuration Manager (SCCM, formerly known as Systems Management Server) is Microsoft’s system software for managing large groups of not only Microsoft computers, but those running other operating systems, such as Linux, OS-X, and various mobile technologies.

Share tech news, updates, or what's on your mind.

Sign up to Post

i am currently in the process of configuring a new sccm current branch install into our domain.

We already have a sccm 2007 server existing. - this is aimed at our Windows 7 clients. no information or packages are required to be carried across to the new sccm installation so we have decided to build a new sccm environment alongside our 2007 sccm.

I am aware of overlapping boundaries, we have various vlans and that i can have overlapping content boundaries for content only.

I will not overlap any boundaries for site code advertisement.

i plan to use the new sccm to build our windows 10 image and deploy this gradually using a usb boot stick, as part of the image will contain the sccm agent. once all machines are re-imaged to windows 10, i will publish the site code in the boundaries and decommission the old sccm server.

I am new to SCCM , i would appreciate any feedback or advise.


Free Tool: Path Explorer
LVL 12
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

How to pull report of MS office using SCCM 2012
Hello ,,

Any one knows how configure Coretech Application E-Mail Approval Tool correctly???

After configure the tool the, Im getting the request email . also when click the option in email it re-directs to the CTAA website and open the web portal and shows the application requests. However the “APPROVE” or “DENY” tabs not functions . Any one faced the same issue??,Im using CM version 1710
I am having difficulties with SCCM 1606. The option to upgrade clients is grayed out.  I did some research and found that you needed to log in with the original account that stood up with SCCM.  That is the account that is the full administrator with the "All" access.  The user is no longer here and his account has been deleted.
I have tried opening the console using PSexec with the system account but the console will not open due to permissions and access.  I tried using the service account to open the console but it does not have access.
Anyone have any ideas about how I can add "All" permissions to another full administrator in SCCM?

How to write a script and deploy packages from SCCM Server and pushed it down to client machines.


may I humbly ask you whether there is a way to install MS Azure Inf. Prot. client just for the user account? I mean not for the all users who will log in to the computer aferwards?
In our company, we use SCCM 2012 for appl. deployments. Usually, we install the various applications/packages for a System and target the deployment on specified devices collection.
However, in the AIP case, we need/would like to target to specified users (due to the licence limitation). For this we use the MSI file based SCCM application targeted on spec. users collection, with the Deployment set to install for User and Only when user is logged on. Thus we expected the AIP tool/addin to be installed/available in the Office programs just for the user(s) account specified in the given user collection.
However - it seems that, given the initial user has admin rights, the system will handle the installation to be available for all other user(s) that log-in to the computer afterwards (which is what we do not want/need to be so).
What is the official Microsoft stance? Does the MS Azure Inf. Protection application (either the MSI or .EXE based) support the deployment/installation for User or just for the System (all users)?
Thanks a lot for your response and advice.
Best regards
We are looking for a comprehensive, flexible, User migration tool to use both with SCCM and as a tool on the fly.

Over the spring we conducted a user migration program “survey”. Both for implementation in our SCCM environment but also as to ascertain what possibilities we have to do migrations on the fly.
Often we need to migrate users to another PC without reinstalling the PC and we do have scripts that makes us capable of running USMT on the fly - run from, and storing to, a USB disk.

After a preliminary search on Google, we decided mainly to focus on:
USMT (as it is part of SCCM)
Forensit TransWiz and
Laplink PCmover Express, endorsed by Microsoft.

There are many other user migration solution providers, some part of deployment solution packages, some not. We checked a bunch, but Forensit and Laplink carry some weight and you can find many recommendations in forums etc. especially for Forensit. Both are commercial products
None of the two integrates in SCCM but Transwiz can theoretically be used with SCCM, as it can be run by a command line. We mainly decided to test them for “on the fly” purposes though.

Settings for most research applications we use, like Jitter, Endnote and Reference manager migrates perfectly with our own xml files.
But USMT has some real world technical issues both as to migration capabilities as well as the maintenance that has degraded alarmingly over the last years with Windows 10:
Main issues
We see BIG …

How can I list the applications in a specific SCCM folder (Powershell)?

We are having issues when trying to capture an image using the System Center Image Capture Wizard. After building the image and running the wizard, the process fails with error code 0x00004005. The setuperr.log file is attached. Thank you.
Hi Team,

Could you please help me with the below queries -

 - I had a situation to reinstall a software on 100 computers. For that I created a device collection with all these computers and set task to uninstall the software. Then I created another collection and set a task to install the software. I forgot about the collection created for the uninstall task and left it like that. After a month I found that this particular software is getting uninstalled from the machines and may be installing back.  Could you please confirm, if we leave the unistallation collection/task in SCCM, will it periodically check the collection members and uninstall the software again if it is present.

- My another query is on SUP. I recently build a new dp in a remote location. I want the clients in the remote location to get the windows updates from this dp. How the windows updates are distribute to the remote dp and then to the clients. Or do we need a secondary site in the remote location to achieve this.

I did a search on this and found the comment "SUPs don't follow boundary rules, but DPs do. That said, the client connects to the SUP to determine what updates are needed on the client, but then connects to the DP in its content boundary where the downloaded updates reside, so the traffic going across your WAN is fairly small, and you may even have some newly installed clients at the home office connecting to the SUP at the remote site." - But I want  to confirm how the downloaded …
Cloud Class® Course: SQL Server Core 2016
LVL 12
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

We've AD user object 7000 but SCCM only display 4283 objects.

How to reconnect the 2000 nodes of the agent (configuration manager) to be detected by SCCM?
In SCCM, our Endpoint Definition deployment runs and a large number of the systems show up in the error tab.

Status:  Failed to install update(s)
Error Code: 0x00000000
Error Description: Success

Makes no sense.  I have read that this has something to do with the client needing to check in.

Version is 2016 and the clients are all Windows 10.
Im having trouble using MDT and Sysprep.  Im trying to capture a custom Win10 Pro image that I stripped out all the non business apps such as Candy Crush, using Get-Appxpackage | Remove-AppxPackage

I keep receiving the following errors in the log:

2018-06-07 12:52:47, Info                  SYSPRP ===          Beginning of a new sysprep run          ===
2018-06-07 12:52:47, Info                  SYSPRP ========================================================
2018-06-07 12:52:47, Info       [0x0f004d] SYSPRP The time is now 2018-06-07 12:52:47
2018-06-07 12:52:47, Info       [0x0f004e] SYSPRP Initialized SysPrep log at C:\WINDOWS\system32\sysprep\Panther
2018-06-07 12:52:47, Info       [0x0f0054] SYSPRP ValidatePrivileges:User has required privileges to sysprep machine
2018-06-07 12:52:47, Info       [0x0f007e] SYSPRP FCreateTagFile:Tag file C:\WINDOWS\system32\sysprep\Sysprep_succeeded.tag does not already exist, no need to delete anything
2018-06-07 12:52:47, Info       [0x0f005f] SYSPRP ParseCommands:Found supported command line option 'QUIET'
2018-06-07 12:52:47, Info       [0x0f005f] SYSPRP ParseCommands:Found supported command line option 'GENERALIZE'
2018-06-07 12:52:47, Info       [0x0f005f] SYSPRP ParseCommands:Found supported command line option 'OOBE'
2018-06-07 12:52:47, Info       [0x0f005f] SYSPRP ParseCommands:Found supported command line option 'QUIT'
2018-06-07 12:52:47, Info       [0x0f005f] SYSPRP ParseCommands:Found supported command line …
SCCM 1803  TS to upgrade Windows 7 Ent to Win 10 Ent returning error 0xC1900204 - 0x4000A.  
I am using Windows 10 1709 as the wim.  Should I use the original version 15xx for this?

I confirmed that both WIM are enterprise.  The Windows 7 machines were imaged and captured with SCCM and the W7 ISO and W10 ISO  were downloaded directly from MSVL.  
I am very confused why  this is not working.
Team, I need to delete a single unapproved .exe file from all workstations,
What would be the easiest/most efficient way to do this, we utilize SCCM 2012 for application/OS deployment, can you provide a sample script of sorts that I can wrap as a package and push to workstations that will achieve this, or is there a way we can do this via compliance manager?
I've been trying to add UltraVNC to the imaging process so I can see the process during installation.
I'm using SCCM 2012 CB 1710 and I am having a hard getting this to work. I followed instructions provided by SCCM team, but so far it doesn't work. I wan to throw all that out the window ans start fresh with some possible suggestions so I can get this going. So this is what I need: A functional task that can image a device with Windows 7/10 and while doing it, it displays the target machine in UltraVNC viewer. Can anyone help? Thanks, JR
osd task sequence not installing applications or adding machines to to the domain. software packages install completely fine though. I have attached the smts logs below .  Ive looked the logs a bit. there is a point to where it says

Failed to send request to /SMS_MP/.sms_aut?SITESIGNCERT at host RFHC-SCCM.LOCAL, error 0x2ee7      LocationServices      5/29/2018 4:46:21 PM      2284 (0x08EC)
socket 'connect' failed; 8007274d      InstallSoftware      5/29/2018 4:39:07 PM      3048 (0x0BE8)
Failed to connect to MP :80      InstallSoftware      5/29/2018 4:39:07 PM      3048 (0x0BE8)

im sure that this has something to do with the issue

the dp and mp are both running on http
SCCM Power Policy turning on USB Selective Suspend despite being disabled by GPO

SCCM team started using Power Policies on select collections of devices.
We have had a GPO in place that has worked fine for over a year that disables selective suspend.
When SCCM applies its power policy to devices in the collection, it somehow re-enables selective suspend, even though it is not even an option to configure in SCCM settings.
My understanding is the SCCM policies are written to the local policy and the GPO should take precedence.   The odd thing is, if we go into the registry, selective suspend is set to disable, but in the gui for power options, it is enabled.

How can I completely disable selective suspend even if using sccm power policies

We deploy free software in SCCM 2016 via App-V package as AVAILALBE to users, f.e. Firefox 56.
If there is a new version of this software, f.e. 57, we want to upgrade these versions mandatory.

What would be the best approach here? Create collections with pc's which have Firefox and deploy the upgrade 57 enforced?

Please advise.
Free Tool: Site Down Detector
LVL 12
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Hi there,

I'm trying to deploy Fuji Xerox (ApeosPort-V C7780) drivers via SCCM but haven't been successful yet.

Running the exe that comes with the downloaded driver package doesn't work as it prompts to specify the printer IP address etc.

I've tried using Pnputil command "pnputil /add-driver device.inf /install" but that seems to only add the driver package to the FileRepository and not install the driver.

Also used the Printing Admin scripts "cscript "C:\Windows\System32\Printing_Admin_Scripts\en-US\prndrvr.vbs" -a -m "ApeosPort-V C7780)" -i "C:\device.inf" but got the error "Unable to add printer driver ApeosPort-V C7780 win32 error code 87"

I'm wondering if anyone has successfully mass installed Fuji Xerox MFD drivers before..?

Hello SCCM guru's!

We have over 10,000's workstations across the region. Most of which are connected to SCCm 2012 R2, but some are not.

For those that are not, they do not have Internet Access. So, we would like to package up an SCCM package with the latest Windows updates and copy them manually and run them manually on those workstations that do not have SCCM clients.

How can we accomplish this with SCCM 2012 R2 with the latest build?

Thank you for your assistance!

I am trying to create a WebServer Certificate using these instructions:

but when I request the certificate it sticks on 'Enrollment pending' and if I also try to auto enrol it, it still says 'enrolment pending'

Any Ideas?

We are in the phase of implement of Windows 10 1709 in our company. Since April 2018 we cause the problem that computer with Windows 10 ask for BitLocker recovery key. We investigated root cause, and it looks that recovery key asks computer after installing Windows 10 cumulative update (April). I removed temporarily this update from SCCM, everything works fine. Yesterday Microsoft released may cumulative update for Win10 and the problem continue. After install may cumulative update, BitLocker always asks for recovery key. Do you have any idea? BitLocker is implemented on all computers in the company.
We are trying to install the Backup Exec 2015 Agent through SCCM and keep running into install problems. I am attaching the log file I was given after our last SCCM failure. Also, I am going to put in the command and what we are pushing to the servers below:

The command we are using is: setup.exe /RAWSX64: /S:

We are ending up pushing the entrie agents folder to each server because when you run the silent command on the server, we were getting a VCRedist file was missing.

Any help that can be provided here would be helpful.

Thank you,
System Center Configuration Manager 2016

Client Windows Update Window 8.1  stucking at 0% in the Softwarecenter  Maybe anyone has a reason why..  At some clients it works fine and some stucking at 0%.  
I have checked the ccmcache, I removed the client from the update collection and put it in again. I reinstalled the client.. i have no idea where i should still searching..
Maybe anyone can help me..

br. ahmed






Systems Center Configuration Manager (SCCM, formerly known as Systems Management Server) is Microsoft’s system software for managing large groups of not only Microsoft computers, but those running other operating systems, such as Linux, OS-X, and various mobile technologies.

Top Experts In