SCCM 2012 Cumulative Update 3 – Upgrade Guide

SCCM 2012 Cumulative Update 3 – Upgrade Guide

by | Feb 27, 2016 | Features, Patch Releases, SCCM

An update version 3 has been released for Microsoft’s System Centre Configuration Manager 2012.

SCCM 2012 CU3

This update released by Microsoft fixes the following issues;

Administrator Console

  • The Administrator Console may take longer than expected to expand different nodes, such as the All Users or All Devices nodes. This occurs when the console is installed on a touch-screen enabled computer.
  • The Create Task Sequence Wizard generates an Unhandled exception when the Configuration Manager Console is installed on a computer that is running Windows 10 version 1511.
  • The Configuration Manager console exits unexpectedly when the Task Sequence Editor is used to change a Microsoft Recovery (Windows RE) partition. Additionally, you receive an exception that resembles the following:
    System.Collections.Generic.KeyNotFoundException: The given key was not present in the dictionary.
    The Configuration Manager console exits unexpectedly when you try to add a custom icon for an application that’s available in the Application Catalog. This only occurs if the FIPS local/group security policy, ‘System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing’, is enabled on the computer that is running the console.

Operating system deployment

  • A task sequence may continue for an application installation failure, even if the Continue on error option is not selected in the task sequence properties. This applies to task sequences installing applications that use a dynamic variable list.
  • A task sequence will try to reinstall applications already installed by using a dynamic variable list if one of the applications is configured to restart the computer. For example, if the third in a list of 3 applications requires a restart, the first and second applications in the list will try to install again after the restart.
    Use of the pre-provision BitLocker task sequence step during an operating system deployment results in the Trusted Platform Module (TPM) having a status of Ready for use, with reduced functionality.

Configuration Manager Client

  • Applications removed from a Mac client computer continue to appear in the Installed Software node of hardware inventory for that client.

Microsoft Intune and mobile device management

  • In a Configuration Manager environment in which the Microsoft Exchange Server connector is configured for use with Microsoft Exchange Server 2013, mobile devices aren’t listed as expected in the All Mobile Devices node of the administrator console. Additionally, errors that resemble the following are recorded in the EasDisc.log file on the Configuration Manager site server:
  • The certificate required to connect to the Intune service cannot be renewed if the Microsoft Intune connector is installed to a server other than the site server, and proxy authentication is required for Internet access.
  • Blocking Exchange ActiveSync access for an enrolled device fails. Errors that resemble the following are recorded in the EasDisc.log file on the site server after the blocking action fails:*** [42000][102][Microsoft][SQL Server Native Client 11.0][SQL Server]Incorrect syntax near ‘IsUIBlocked’.ERROR: UpdateDeviceAccessState: Execute() failed.

Site Systems

  • The client automatic upgrade policy is refreshed after every restart of the SMS Executive service, even when no properties have changes. Entries that resemble the following are recorded in the hman.log file on the site server.
    Handle auto-upgrade client configuration changes
    Update auto-upgrade client configurations
  • The State Systems component does not process messages that are generated by the Certificate Registration Point site system role if that server is configured to use a non-US date format. Errors that resemble the following are recorded in the statesys.log file on the site server:
    SQL MESSAGE: spProcessStateReport – Error: Message processing encountered a SQL error 241 at record 1 for TopicType 5001: “Conversion failed when converting date and/or time from character string.”, Line 0 in procedure “”
  • The SMS Executive service may exit unexpectedly when it processes a NOIDMIF file that contains a Unicode character invalid for the codepage of the site server.
  • The “Reassign Distribution Point” migration task may stop responding when it tries to reassign a distribution point from a Configuration Manager 2007 secondary site. This occurs if the database record for the 2007 distribution point is removed and replicated to the primary site before the new record is added.
  • The WMI Provider Host (WmiPrvSE.exe) hosting the Configuration Manager Provider (SMSProv) may exceed its memory quota on a site that processes lots of status messages from a custom application. This can result in a loss of connectivity through the Configuration Manager console until the server hosting the provider is restarted.
  • Queries, and query-based collections that use the Windows Update Agent Version as criteria return unexpected results for Windows 10-based computers. This is because the Windows Update Agent Version in hardware inventory data is reported incorrectly in the 6.x range, such as 6.0.10240.16397 instead of the 10.x range, such as 10.0.10240.16397

Software distribution and content management

  • 3120338 Content can’t be downloaded from Cloud-Based Distribution Points System Center 2012 Configuration Manager Service Pack 2 when BranchCache is enabled
  • Applications deployed to a device that uses the Primary Device global condition will fail if the primary user has an apostrophe in their name.
  • Distribution Points configured for HTTPS communications will be reset to use HTTP communications after other site properties are changed. For example, installing a new Software Update Point can trigger the Distribution Point to revert to HTTP communications. Other Distribution Point settings may also change.
  • 3123884 Application installation fails from the Company Portal in System Center 2012 Configuration Manager

Settings management

  • 3118485 “Setting Discovery Error” is returned for SQL Server 2014 Configuration Items in System Center Configuration Manager
  • A Configuration Item (CI) that uses a Setting Type of SQL query will only evaluate against the first instance of a SQL Server even if the “All Instances” option is checked in the CI properties.
    Additional changes that are included in this update

Endpoint Protection

  • 3041687 Revised February 2015 anti-malware platform update for Endpoint Protection clients

Supported operating systems

  • Mac OS X 10.11 can be targeted as a client platform for the following features:
    Application Management
    Settings Management

Software updates management / operating system deployment

  • A new optional task sequence variable, SMSTSWaitForSecondReboot, is available to better control client behavior when a software update installation requires two restarts. This is in addition to changes released with System Center 2012 Configuration Manager SP2 to improve handling of unexpected restarts, as documented in Install Software Updates. This variable should be set before the “Install Software Updates” step to prevent a task sequence from failing because of a “double reboot” of a software update.SMSTSWaitForSecondReboot is a value in seconds that specifies how long the task sequence execution process should pause after the computer restarts to allow for sufficient time for a second restart to occur. For example, setting SMSTSWaitForSecondReboot to 600 results in a pause of 10 minutes after a restart before additional task sequence steps execute. This can be useful when hundreds of updates are being applied in a single “Install Software Updates” task sequence step. The value can be raised or lowered , depending on the volume of updates in your environment. If later task sequence steps trigger a computer restart, a second SMSTSWaitForSecondReboot variable can be set to reduce the wait down back to 0. This makes sure there are no additional delays after software updates are applied.

To download this Hotfix, visit the Microsoft site here

SCCM Log files for Software Updates

SCCM Log files for Software Updates

by | Feb 27, 2016 | How To, SCCM

SCCM Log files for Software Updates

System Center Configuration Manager (SCCM) is a powerful tool used by administrators for managing large-scale deployments. SCCM software updates provide a simple way to keep client systems up to date with the latest security and feature updates. SCCM log files contain valuable information about the software updates deployment process and can help administrators troubleshoot issues. In this article, we will discuss the important SCCM log files for software updates and how to analyze them to troubleshoot issues.

SCCM Log files overview

What are SCCM Log files?

SCCM log files are text files that contain information about the various processes and actions taken by SCCM. These log files are created by SCCM components during their operation and provide valuable insights into the workings of SCCM.

Why are SCCM Log files important?

SCCM log files are crucial for troubleshooting issues that may arise during software updates deployment. They contain detailed information about the actions taken by SCCM components and can help administrators identify the root cause of an issue.

SCCM Log files for Software Updates

The following are the important SCCM log files for software updates:

Log Name Description Server Side or Client Side
CcmExec.log
 Records actions taken by the SCCM client on the local machine, such as software deployments, inventory scans, and software update installations. Client Side
UpdatesDeployment.log
 Records details of the deployment process for software updates, including whether they were successfully installed or failed. Client Side
WUAHandler.log
 Records the communication between the SCCM client and Windows Update Agent (WUA), which is responsible for checking for and installing updates. Client Side
PatchDownloader.log
 Records the download process for software updates, including the location from which updates were downloaded and whether they were successfully downloaded. Client Side
SiteComponentManager.log
 Records the status of SCCM components and their installation or uninstallation. This log is useful for troubleshooting SCCM server component issues. Server Side
SMS_AZUREAD_CONNECTOR.log
 Records actions taken by the SCCM Azure Active Directory (AAD) Connector, which is responsible for syncing user and device data between SCCM and AAD. This log is useful for troubleshooting AAD sync issues. Server Side
CAS.log
 Records actions taken by the SCCM Central Administration Site (CAS), which is responsible for managing multiple primary sites. This log is useful for troubleshooting issues that affect multiple primary sites. Server Side
MP_Location.log
 Records actions taken by the SCCM Management Point (MP), which is responsible for managing client communications and data. This log is useful for troubleshooting MP issues. Server Side
Wsyncmgr.log
 Records the synchronization process for software updates between the SCCM server and the WSUS server. This log is useful for troubleshooting update synchronization issues. Server Side
DataTransferService.log
 Records the transfer of data between the SCCM server and client machines, including software updates and packages. This log is useful for troubleshooting issues related to data transfer. Client Side
UpdatesHandler.log
 Records actions taken by the SCCM software update handler, which is responsible for coordinating the download and installation of software updates on the client machine. This log is useful for troubleshooting update installation issues. Client Side
UpdatesStore.log
 Records the location and status of software updates stored on the client machine. This log is useful for troubleshooting issues related to software update storage. Client Side
UpdatesAssignments.log
 Records details of software update assignments, including which updates are assigned to which client machines. This log is useful for troubleshooting update assignment issues. Server Side
ContentTransferManager.log
 Records the transfer of content between the SCCM server and client machines, including software updates and packages. This log is useful for troubleshooting issues related to content transfer. Client Side
RebootCoordinator.log
 Records actions taken by the SCCM reboot coordinator, which is responsible for coordinating system reboots after software update installations. This log is useful for troubleshooting reboot-related issues. Client Side
Supersedence.log
 Records details of software update supersedence, including which updates supersede which other updates. This log is useful for troubleshooting update supersedence issues. Server Side
PolicyEvaluator.log
 Records actions taken by the SCCM policy evaluator, which is responsible for enforcing client policies and settings. This log is useful for troubleshooting policy-related issues. Client Side

Analyzing SCCM Log files

Analyzing SCCM log files is crucial for troubleshooting issues related to software updates deployment. Here are the steps for analyzing SCCM log files:

  1. Identify the relevant log file(s) for the issue at hand.
  2. Open the log file using a text editor such as Notepad++.
  3. Search for the relevant error or warning messages in the log file.
  4. Analyze the messages to identify the root cause of the issue.
  5. Take the necessary actions to resolve the issue based on the root cause identified.

Common SCCM Update issues and their resolutions

Here are some common issues related to software updates deployment in SCCM and their resolutions:

  1. Software updates are not showing up in the SCCM console: Check the synchronization status of the software update point and ensure that the latest software updates are synchronized.
  2. Software updates are failing to install on client systems: Check the relevant log files to identify the root cause of the issue and take the necessary actions to resolve it.
  3. Software updates are getting stuck in the downloading phase: Check the ContentTransferManager.log and PatchDownloader.log files to identify the root cause of the issue and take the necessary actions to resolve it.

SCCM Logs FAQs

What is SCCM software updates deployment?

SCCM software updates deployment is a process of deploying the latest software updates to client systems in a managed environment.

What are SCCM log files?

SCCM log files are text files that contain information about the various processes and actions taken by SCCM components.

Why are SCCM log files important?

SCCM log files are important for troubleshooting issues related to software updates deployment in SCCM.

How do I analyze SCCM log files?

To analyze SCCM log files, you need to identify the relevant log file(s), open them using a text editor, search for the relevant error or warning messages, and analyze the messages to identify the root cause of the issue.

What are some best practices for analyzing SCCM log files?

Some best practices for analyzing SCCM log files include using a log file viewer, taking regular backups of the log files, and understanding the structure and messages contained in the log files.

How can I automate a Snapshot prior to deploying patches to my virtual servers?

Use SnaPatch to automate the whole update process to your virtual machines.

Where are the SCCM Log files located?

The SCCM (System Center Configuration Manager) log files are located in different directories on the SCCM server and client computers. On the SCCM server, the log files are typically located in the “Logs” folder within the SCCM installation directory. The default installation directory is “C:Program FilesMicrosoft Configuration ManagerLogs”.

On the client computers, the log files are located in the “CCMLogs” folder within the Windows directory. The default path is “C:WindowsCCMLogs”. The log files are named according to the component or feature they relate to. For example, the “ClientLocation.log” file logs information about the client’s location, while the “SoftwareCenter.log” file logs information about the Software Center feature.

SCCM Logs – Conclusion

SCCM log files are crucial for troubleshooting issues related to software updates deployment. In this article, we discussed the important SCCM log files for software updates and how to analyze them to troubleshoot issues. We also discussed some common issues related to software updates deployment in SCCM and their resolutions. By following the best practices for SCCM log file analysis, administrators can ensure a smooth and successful software updates deployment process.

SCCM Version 1511 – New Features

by | Feb 16, 2016 | SCCM

SCCM – version 1511 New Features

The latest version of Microsoft’s System Centre Configuration Manager has been released. (SCCM 1511). While we all expected this to be called SCCM 2016, it is in fact now called SCCM 1511. The new versioning is due to the fact that SCCM update cycle will be frequent. Every new version will be named as SCCM YYMM (Year and Month). Version 1511 was released on the 15th of November, hence 1511.

 The new features as part of this release are as follows;

 Windows 10

  • Windows 10 servicing
  • Sideloading apps in Windows 10
  • Compliance settings for Windows 10

Infrastructure

  • Preferred management points
  • Single Primary site supports up to 150k clients and 700k client in a hierarchy
  • Support for Microsoft Azure virtual machines
  • Diagnostics and Usage Data
  • Service a server cluster
  • Support for SQL Server AlwaysOn for highly available databases
  • Integration with Windows Update for Business

Console

  • Natively manage Office 365 desktop client update
  • Deploy Windows Business Store applications
  • Support for multiple Automatic Deployment Rules
  • Client deployment status in console monitoring
  • Schedule and run the WSUS clean up task from the Configuration Manager console
  • Updates and servicing
  • Client piloting to preproduction
  • Software Center

Operating System Deployment

  • Windows 10 in-place upgrade task sequence
  • Windows PE Peer Cache

Mobile Device Management

  • Mobile device management (MDM) feature parity between Intune stand-alone and Configuration Manager
  • Mobile Application Management
  • Data protection for mobile devices
  • On-premises mobile device management (MDM)
  • App deployment to Windows 10 devices with on-premises MDM
  • Certificate provisioning is supported for Windows 10 devices that you manage using on-premises mobile device management.
  • Improved workflow for creating mobile device configuration items
  • Bulk enrollment of Windows 10 devices with on-premises MDM
  • Wipe and retire for on-premises mobile device management

A perfect addon for SCCM patching deployment to your virtual machines, is our product known as SnaPatch. Click here to see how SnaPatch can help you reduce the risk of patch deployment.

Microsoft’s January 2016 Patch Releases

by | Jan 13, 2016 | Features, Patch Management, Patch Releases, SCCM

Microsoft’s January 2016 Patch Releases

The following nine Patch Tuesday updates / patches have been released by Microsoft for the January 2016 Update deployment.
Are you ready to start deploying and remove the patching risk using SnaPatch Patch Management Software?
MS16-001 – Critical
Cumulative Security Update for Internet Explorer (3124903)
This security update resolves vulnerabilities in Internet Explorer. The more severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS16-002- Critical
Cumulative Security Update for Microsoft Edge (3124904)
This security update resolves vulnerabilities in Microsoft Edge. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS16-003 – Critical
Cumulative Security Update for JScript and VBScript to Address Remote Code Execution (3125540)
This security update resolves a vulnerability in the VBScript scripting engine in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a specially crafted website. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS16-004 – Critical
Security Update for Microsoft Office to Address Remote Code Execution (3124585)
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS16-005 – Critical
Security Update for Windows Kernel-Mode Drivers to Address Remote Code Execution (3124584)
This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if a user visits a malicious website.
MS16-006 – Critical
Security Update for Silverlight to Address Remote Code Execution (3126036)
This security update resolves a vulnerability in Microsoft Silverlight. The vulnerability could allow remote code execution if a user visits a compromised website that contains a specially crafted Silverlight application. An attacker would have no way to force users to visit a compromised website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email or instant message that takes users to the attacker’s website.
MS16-007 – Important
Security Update for Microsoft Windows to Address Remote Code Execution (3124901)
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker is able to log on to a target system and run a specially crafted application.
MS16-008 – Important
Security Update for Windows Kernel to Address Elevation of Privilege (3124605)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.
MS16-010 – Important
Security Update in Microsoft Exchange Server to Address Spoofing (3124557)
This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow spoofing if Outlook Web Access (OWA) fails to properly handle web requests, and sanitize user input and email content.
Patch Management Pain?

Patch Management Pain?

by | Dec 14, 2015 | How To, Patch Management, Patch Releases, SCCM

The Ultimate Patch Management Strategy to Alleviate Your Pain

Are you tired of experiencing patch management pain every time you need to update and patch your servers? If yes, then you are not alone. Many administrators have found themselves in a daunting task of keeping their servers and workstations up to date. Fortunately, creating a great patch management strategy is not as complicated as you might think. In this article, we will show you how to implement an effective patch management strategy that will remove the pain from your process.

Infrastructure is Key

The first step towards having an effective patch management strategy is having the correct infrastructure in place. Fortunately, there are several fantastic tools that have been developed by Microsoft, such as Microsoft System Centre Configuration Manager (SCCM), Windows Update Services (WSUS), and Windows Update for Business (WUB). These tools can be used to keep your servers and workstations up to date, and they all report on patching compliance. Additionally, you can set them to deploy updates as you define, which makes the process more manageable

The Ideal World

In an ideal world, where you have Development/Test, UAT, and Production environments that mimic one another, you can successfully deploy security updates to the lower environments. This allows you to perform successful UAT to ensure that no new issues are introduced by any of the patches. Should a patch cause an issue, you can stop deployment to your Production servers, delaying deployment until a fix has been released that will address the issue or not deploying the patch at all.

The Real World

Unfortunately, not everyone has the luxury of lower environments that match the Production environment. The ability to successfully UAT patches prior to deployment to Production systems isn’t available to most administrators, making the patch deployment process fraught with risk. Administrators would have to manually confirm all backups were successful prior and perform and confirm a successful snapshot of their virtual servers for added confidence. Only then could they deploy the updates to their client servers, typically outside of business hours. If there was an issue that arose from a patch, many late-night hours would be spent either trying to uninstall the patch (if that worked) or restoring from tape backup. Either way, it was many hours and weekends late at night keeping everything up to date.

How We Can Help

We understand the pain that comes with patch management, and we have a solution to help you. SnaPatch Patch Management Software interfaces with Microsoft’s SCCM and VMWare’s vCentre and Microsoft’s System Centre Virtual Machine Manager, also known as SCVMM. This software automates the patch deployment process and allows administrators to have their weekends back. With the SnaPatch console, you can choose the servers you want to patch, what patches you want to deploy, what servers you require to be snapshotted, and what time you would like this all scheduled (a maintenance window will be set for this deployment). SnaPatch will automate all this and alert you with progress emails. Should a server’s snapshot not be successful, you will be alerted by email, and that server will be excluded from patch deployment. Should an issue arise with one of the deployed patches, you can either uninstall the patch, revert to the snapshot created by SnaPatch, or restore from backup tape.

SnaPatch – Your Solution

SnaPatch is the best patch management add-on for Microsoft’s SCCM that will help you alleviate the patching risk. With our software, you can simplify your patch management process and enjoy your weekends without the hassle of patching. Like our motto says, “Let’s make Administration EASY!” Contact us today to learn more about how SnaPatch can help you.