Monday 18 November 2013

Creating a Catalog from a custom x86 WIM file



If you create a custom WIM file with software pre-installed, Windows updates applied or any other modification you want to roll out to make your life easier you will find that the WIM file does not come with a .clg file. This is not normally a problem however if you are using MDT to deploy this image you may need to edit the unattended.xml file, this is done from the OS Info tab within the task sequence editor which will launch the Windows SIM tool, this will allow you to make your changes and save the file.

If you have no .clg file WSIM will attempt to create one for you, brilliant you think, until you get a nice red error line telling you that you cannot create an x86 catalog file on an x64 system. All server operating systems are now coming in x64 now so how do you get around it?

Well the answer is simple if annoying. You install an x86 operating system, install the relevant parts of the ADK and generate your catalog, then you place this file in the Deploymentshare folder with the WIM you are working with and away you go.

Pre-requisites

1. x86 Installation of Windows
2. Windows ADK
3. Custom WIM file


Launch the adksetup.exe file

Install to the default location, click Next

Decline joining the CEIP, click Next

Accept the license agreement

You will only need to select the Deployment tools and .Net Framework 4.0, click Install

When complete click close, we do not need to view the getting started guide.

Open the WSIM from Start > All Programs > Windows Kits > Windows ADK > Windows System Image Manager

Right click on the ‘Select a Windows image or catalog file’ text and choose, ‘Select Windows Image’

Browse to the location of your WIM file and click Open

As there is no .clg file available you will get the following message, click Yes to begin generating a catalog file.

The WSIM will mount the WIM file

And then examine it to generate the catalog

When finished you will have Components and Packages in the Windows Image box within WSIM. This means we are done.

Browse to the location of your WIM file and you should find a .clg file alongside your WIM If you have this file then you can close WSIM


If you loaded the WIM file directly from your Deployment share then you can return to the MDT workbench and change to the OS Info tab within your task sequence and you will find that WSIM will load and allow you to make your changes exactly the same as you could with an x64 WIM, if you created the .clg file from a copy of the WIM file then you will need to copy the .clg into the deployment share into the same folder that the WIM file is in.

Tuesday 12 November 2013

Data Protection Manager - Unable to configure protection SQL Server 2012

So you use Data Protection Manager 2012 within System Center Configuration Manager 2012 and you try and setup the backup of Microsoft SQL Server 2012.

Well all the dates match, surely it will work?

Error:  Unable to Configure Protection.


When you Google or Bing this error you find that the most common answer (on Microsofts own website and on various forums) is: "You must explicitly add the system account NTAuthority\System to the Sysadmin group on SQL Server."

The reason this is such a common answer is because it does actually work to be fair, however simply saying this is not help.  It's too vague and sometimes you just want a step by step, do this and it'll work fix. 

I love how sometimes you are expected to know, oh yeh, everything. 

This is how you actually do this.

1. Login to your SQL Server and go to SQL Server Management Studio.
2. Connect to your server and instance.



3. In the folder structure (Image Above)) Choose Security -> Logins and expand logins.
4. In the massive list of users, find the NT Authority\System User.  Right click and choose properties.
5. On the left hand side under the "select a page" header, choose Server Roles. (Image Below)





6. Click on the Sysadmin tick box and press ok. (Image Above)
7. Do a consistency check on the DPM Server and as if by magic, you get green ticks all across DPM. (Image Below)




I hope this helps.  It seems to be quite a popular thread on many forums out there but no step by step no nonsense guide. If I find more of these "Just do that" situations with no actual help, i'll try and get more step by step guides done.

Thanks for reading,

ITMagician

Friday 8 November 2013

Yellow Triangle - No Internet Connectivity but there is..

In the bottom right hand corner of your Windows Desktop i.e. the notification area is a great way to determine many problems to issues people come to you with.

"I haven't got mapped drives"
"The network printers say offline"

Silly things that all essentially can be addressed by seeing a red X on the wireless or network adapter.

Now when someone comes in and says "my internet isn't working" and you see the "no connectivity" indicator, you know deep down it means nothing because you can't trust it, especially if you are in an environment that uses a proxy.

So why does it say "no internet connectivity" even though you have it.

Essentially, the network adapter calls to Microsoft to find a file on the internet, if it finds it, it confirms internet connectivity.  Nice and easy.  If the file is blocked, it can't determine internet is working, even though it might be.

However via a proxy its a pain in the derriere, as for some reason it struggles to find this file.  When it struggles to find this file it struggles to activate windows via a KMS connection, the Windows 8 store fails to load and most of the Windows 8 apps fail to work correctly.


In Group Policy you can actually tell your clients what machine to look at to determine whether or not it has internet connection, when it pings the server it accepts that it has an internet connection and KMS and the Windows 8 store and apps start to behave.


The Group Policy is found here:

Computer Configuration -> Network -> Network Connectivity Status indicator -> Specific Corporate DNS Proble Host Address.

Enable this policy and specify the IP address of your router (or server of your choice), essentially if it can see the router you can safely assume, providing your network is working, the computer has internet connection.

It makes that lovely marker over your network adapter vanish and everything starts to work in the way you would expect.

Wednesday 21 August 2013

GPO Software Deployment with DFS Shares Failing [Solved]

Applies to: Microsoft Server 2008R2, 2012

Problem

Deploying out software using group policy fails on client because it doesn't have the correct permissions to the DFS Share Source.


Fixes you've probably tried

You've given full everybody permissions to all shares in relation to where you store your MSIs.

You've played with the controls in DFS and both on the root files on your data drive.

You've tested the install when logged in and it works, yet the it still doesn't deploy out via GPO automatically

You've googled endlessly and everyone has different solutions to the problem and yet none apply to you.

You've considered throwing yourself off a bridge knowing that the only fix you can find is to specify the actual server path, making DFS pointless.


The Actual Fix

The cause is normally a combination of Windows Firewall and indeed the permissions on the DFS Share.

Windows firewall in its on state will not recognise your namespace as a safe destination and prevent your computer access to it, quick fix is to turn it off and give it a try. 

Never do both fixes without testing one before applying the other, don't want to over fix it.

If it still doesn't work.

Open up DFS Management

  1. Click on the Namespace and expand it.
  2. Click on the folder you use for your MSIs.
  3. On the LEFT hand pane still, right click and choose properties.  Do not choose properties from the central pane in the DFS manager.
  4. Click on the Advanced Tab
  5. Click Set Explicit view permissions on the DFS Share
  6. Click on configure view permissions
  7. Set Read Permissions to Authenticated Users and SYSTEM.
  8. Press Ok and give it another go.
Hopefully this works for you happily, if it does please say thank you.

After endless googling this resolution has never been published in this way before, need to bump this topic upwards to save the headaches of all technicians that have had this problem.

Thanks for reading,





Thursday 11 July 2013

C:\windows\Panther\unattend.xml [SOLVED] MDT 2012 Deployment, Windows 7

Problem Explanation

You've created a new image, captured it and attempted deployment and received the error: 

"Windows could not parse or process unattend answer file [C:\windows\Panther\unattend.xml] for pass [specialize]. A component or setting specified in the answer file does not exist."

Alternatively, you've just made a new MDT Task Sequence and slipstreamed updates into it and received the same error.

Symptoms

  • Infinitely looping on first boot
  • Windows has encountered a problem, press ok to restart.
  • C:\Windows\Panther\Unattend.xml Error (described above)
Reasons

The cause of this is simple, it's internet explorer 10.0 which you have installed either within the image or slipstreamed into the image.

Fix [SOLVED]

Actually simple, but only if you know where to look and since you've probably scrolled down and ignored everything I said above, I'll get to the point, follow these instructions:

  1. In your MDT Deployment Workbench, go to your list of task sequences.
  2. Right click the task sequence you are using to deploy out your new image with IE 10.
  3. Go to the properties of this task sequence.
  4. Choose the OSInfo tab and click "Edit Unattend.xml"
  5. Wait about a year for it to load up the catalogue.... (depending on your machine speed, this can take quite a while, this opens the Windows System Image Manager (WSIM)
  6. Go to Unattend -> Components -> Specialize
  7. Choose the Microsoft-Windows-IE-InternetExplorer-Neutral from the list
  8. Find IE-WelcomeMessage
  9. The Status should say false, if it doesn't make sure it does.
  10. Right click this value and in the context menu (the right click menu) UNTICK "write image value" (See Image for a visual aid)

11. Save the Unattend.xml and to be on the safe side update your deployment share (though I don't believe this is needed but it makes you feel better inside)
Reinstall your image onto your client and it should work fine for you now :D

EDIT [17-11-2013 - MDT 2013] 

Having spoken with some of my colleagues I have ascertained that by using MDT 2013 they have not encountered this issue, however if you need to maintain support to deploy Windows XP images then you will not be able to upgrade.

Thursday 4 April 2013

Migrating Wireless settings between Windows 7/8 Machines

 

I have recently been given a new laptop from work, as part of the setup process I needed to copy over the large number of wireless networks that I connect to as part of my job.Windows provides an export using the netsh command

netsh wlan export profile folder=. key=clear

The code above will export all networks as individual xml files into the current working directory which is great, however the netsh command does not to my knowledge allow the import of all definition files in a directory in one go, so how to solve this problem? Our old friend PowerShell, after all we are batching a command and PowerShell is pretty good at not giving a damn about file names or how many items are in a folder.

 

So this post is going to be all about a PowerShell script which allows you to export your wireless settings and import them again elsewhere. The script itself is split into several functions and a few loops and is pretty simple and can probably be made much more elegant, however it does work Smile

 

Code:

We start by declaring or resetting our variables, always a good idea if we are running the code in the PowerShell ISE or PowerGui (My preference) in case any values remain from a previous run through

1 $path="D:\Wireless"
2 $menuanswer=$null
3 $pathready=$null

$path is the path we want to use to store the wireless xml files in, this can be edited to any folder we like (useful if you don’t have a d: drive like I do)


Now we need a few functions, the first will export our wireless connections to xml files


Export Profiles


1 function export_wifi_profiles{
2 #check for folder path
3 $pathready = Test-Path $path
4 if ($pathready -eq $false){
5 mkdir $path
6 }
7 cd $path
8 netsh wlan export profile folder=. key=clear
9 }

Line 3 is used to check whether the path we have specified earlier as available, if the path does not exist then the folder specified will be created before moving on, if it exists then the netsh command will be run which will dump all wireless networks as individual files into the path.


 


Import WIFI Profiles



1 function import_wifi_profiles{
2 #check default path, if not found prompt for location
3 do {
4 $pathready = Test-Path $path
5 if ($pathready -eq $false){
6 $path=Read-Host "Default import path not found, please enter the path your profiles are stored in"
7 }
8 } until ($pathready -eq $true)
9
10 $path | Get-ChildItem | ForEach-Object{
11 $filepath=$_.FullName
12 netsh wlan add profile filename=$filepath user=all
13 }
14 }


As with the export this function checks for the existence of the folder stated in the $path variable, if it does not exist then the user is prompted to enter the path to their network profiles, once a valid file path is provided the script collects all of the items found within (Get-ChildItem), it then copies the full file path and name into the $filepath variable, this is then used in the netsh command to do the actual import of the wireless profile.


The beauty of the Get-ChildItem | ForEach-Object code is that it doesn’t care whether you have 1 or 100 wireless profiles in the folder, it will work its way through each of them until it is done.


 


Create a Menu


1 function menu{
2 cls
3 Write-Host "1 Export Wireless Profiles"
4 Write-Host
5 Write-Host "2 Import Wireless Profiles"
6 Write-Host
7 Write-Host "0 Exit"
8 Write-Host
9 $menuanswer=Read-Host "Please make Your selection"
10 if ($menuanswer -eq 1){export_wifi_profiles}
11 if ($menuanswer -eq 2){import_wifi_profiles}
12 if ($menuanswer -eq 0){exit}
13 }

The code above create a simple menu with options 1,2 and 0 to exit, the users entry is saved into the $menuanswer variable and evaluated against the options in lines 10,11, and 12, if the entry matches any of the options then that function is called, the {exit} command will terminate the script and completely exit PowerShell.


 


Call the Menu until exit command used (0 Key)


1 do {menu} until ($menuanswer -eq 0)

This code will simply repeat the Menu function until the user enters 0, this allows the user to export and re-import the wireless profiles for testing purposes if that is required. It is the only real line of code which is run when you launch the script, the functions are called as needed.


 


Putting it all together


 


Copy and paste the contents of the next box and edit the $path variable at line 2 to suit your own needs, as I have said this is a basic script and can be made much more elegant but for my needs it was suitable, good luck.



1 #declare variables
2 $path="D:\Wireless"
3 $menuanswer=$null
4 $pathready=$null
5
6 #Declare functions
7 function export_wifi_profiles{
8 #check for folder path
9 $pathready = Test-Path $path
10 if ($pathready -eq $false){
11 mkdir $path
12 }
13 cd $path
14 netsh wlan export profile folder=. key=clear
15 }
16
17 function import_wifi_profiles{
18 #check default path, if not found prompt for location
19 do {
20 $pathready = Test-Path $path
21 if ($pathready -eq $false){
22 $path=Read-Host "Default import path not found, please enter the path your profiles are stored in"
23 }
24 } until ($pathready -eq $true)
25 $path | Get-ChildItem | ForEach-Object{
26 $filepath=$_.FullName
27 netsh wlan add profile filename=$filepath user=all
28 }
29 }
30
31 function menu{
32 cls
33 Write-Host "1 Export Wireless Profiles"
34 Write-Host
35 Write-Host "2 Import Wireless Profiles"
36 Write-Host
37 Write-Host "0 Exit"
38 Write-Host
39 $menuanswer=Read-Host "Please make Your selection"
40 if ($menuanswer -eq 1){export_wifi_profiles}
41 if ($menuanswer -eq 2){import_wifi_profiles}
42 if ($menuanswer -eq 0){exit}
43 }
44 #End Functions
45
46 #Begin main Program Block
47 do {menu} until ($menuanswer -eq 0)
48 #End main program block

Monday 25 February 2013

MDT Naming Trick - Show Machine's Existing Name

MDT Pre-Populate Name Trick

You ever had it when a machine needs to be rebuilt because it's either crashed completely or is suffering issues that you know, deep down in your technical heart, a rebuild will sort it all out.

So what do you do?

You press that magical network boot key, PXE boot that machine and start the MDT process.  Fantastic, you the go through the wizards to eventually get to the "Computer Name" stage where it then prepopulates the name with a MiniNT name and you go.. hmm.. bugger what the name of the machine again?

You look for a sticker, which has obviously fallen off or worn away, you think i'll need to reboot to get to the login screen to find the name there.. which isn't an option if the machine is totally broke.

Wouldn't it be nice to have the machine put in its actual, existing name in place of that MiniNT name, still editable if required, but there for a reference at least.  Well you can, using some minor trickery and awesomeness.

Thanks to Michael Klinteberg from Technet forums, a simple script copied into the Scripts folder in your deploymentshare and two lines added to your customsettings.ini file will give you the desired effect.

Copy the below script into notepad and save it as "UserExit.vbs"





Function UserExit(sType, sWhen, sDetail, bSkip)
 oLogging.CreateEntry "entered UserExit ", LogTypeInfo
 UserExit = Success
End Function

Function GetOfflineComputername()
On Error Goto 0

 If oEnvironment.Item("OSVERSION")="WinPE" Then
  Dim CompName : CompName = ""
  Dim ret, sOldSystem : sOldSystem = ""
  For Each drv In Array("C", "D", "E", "F")
   If ofso.FileExists(drv & ":\windows\system32\config\system") Then
    sOldSystem = drv & ":\windows\system32\config\system"
    Exit For
   End If
  Next
  oLogging.CreateEntry "Mounting Offline registry " & sOldSystem, LogTypeInfo
  ret = oShell.Run ("reg load HKLM\z " & sOldSystem, 0, True)
  If ret = 0 Then
   CompName = oShell.RegRead("HKLM\z\ControlSet001\Services\Tcpip\Parameters\Hostname")
   If CompName <> "" Then
    oLogging.CreateEntry "Found old computername '" & CompName & "'", LogTypeInfo
   Else
    oLogging.CreateEntry "Old computername name could not be found", LogTypeWarning
   End If
  Else
   oLogging.CreateEntry "Could not mount offline registry " & sOldSystem, LogTypeWarning
  End If
  oShell.Run "REG UNLOAD HKLM\Z", 0, True  
 Else
  CompName = oShell.ExpandEnvironmentStrings("%Computername%")
 End If

 GetOfflineComputername = CStr(CompName)
  
End Function