December 28 2011

Custom message prior to installing software

In the past when using SMS or SCCM and I’ve needed to notify the user that a software installation is going to take place, I would write a VBScript utilizing wshShell.Popup and WScript.Sleep. Today I came across a good piece of free software that provides a bit of a nicer interface to display these messages.

Check out ‘Coretech Auto Install Warning’:

 
 

December 27 2011

DameWare remote control in WinPE

I’ve previously blogged about using TightVNC in WinPE. This time I have successfully intergrated DameWare Remote Control 7.5 into WinPE 3.1.

In my case I was using an x86 version of Windows PE 3.1. I am using UNATTEND.XML to install the DameWare process. We cannot use tsconfig.ini because it is called too late in the process and I want the DaweWare executable to run immediately upon network connectivity. WinPEShl.ini cannot be used as SCCM overwrites this file everytime you update the boot image / DP. Startnet.cmd cannot be used as this is not called if WinPEShl.ini exists.

Mount your BOOT.WIM file using something like DISM.exe, in this example I am mounting it to c:MOUNT.

Download DameWare from the website and install to your workstation. Navigate to “%programfiles%DameWare DevelopmentDameWare Mini Remote Control 7.5” and copy *.exe and *.dll to c:mountwindowssystem32, except for DWRCC.exe & DWRCSMSI.exe (if you don’t copy all of these files, later on you will get a prompt to update /repair client).

Create a batch file called DAMEWARE.BAT and copy it to c:mountwindowssystem32. Add the following commands to the DAMEWARE.BAT and then save:

“%SYSTEMROOT%System32DWRCS.exe” -install
net user administrator password

The above commands install the DameWare process and then creates a WinPE administrator account with the password that you have specificed.

Create a file called UNATTEND.XML and copy it to c:mount. Add the following content to the file and then save:

Now unmount your WIM file, making sure you commit. Add it to SCCM or WDS or whatever you are using for deployment services. Once you boot from this you will now be able to connect to the machine via DameWare! Use the password you have specified in the batch file above. I recommend using this in conjunction something like BGInfo so that the IP address is shown on the background.

Related links:

 
 

December 10 2011

Running program in SYSTEM context

This is an old trick, one that I have been using for many years, but I’ve never documented it. Often when working with SCCM, you will need to test how something will operate when running in the SYSTEM context (as opposed USER context) – scripts, exes, msis, lots of things. I’ve used the trick with PSEXEC, where you just run ‘psexec.exe -i -s cmd.exe’ and you are presented with a command prompt running in the SYSTEM context – from here you can run your test commands. There is a good writeup about it over here – http://verbalprocessor.com/2007/12/05/running-a-cmd-prompt-as-local-system/ if you need any further information.
 
 

December 9 2011

Microsoft Certificate Expiration Alerting tool

I came across this very useful free tool for alerting when a certificate that has been issued by an internal Microsoft Certificate Authority is going to expire (SCOM can do this too but this is a good alernative). In the words of the developer:

The Certificate Expiration Alerter helps IT departments monitor the expiration status of all their certificates which are issued from an internal Windows Server Certificate Authority (CA). When a certificate is about to expire, the Certificate Expiration Alerter sends a notification email with information about the certificate. This allows IT administrator to be proactive and take action by renewing the certificates before they expire and prevent possible service downtimes.

For more info, see these 2 websites – http://blogs.technet.com/b/nexthop/archive/2011/11/18/certificate-expiration-alerting.aspx and http://sourceforge.net/projects/certexpalerter.
 
 

December 8 2011

Error creating SCCM TS media

When trying to create SCCM task sequence media, I was getting the following error message:

Error creating media. Error message is : A required privilege is not held by the client.. Please refer to CreateTsMedia.log to get details.

I needed to ensure that I had the ‘Manage auditing and security log’ right under ‘Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesUser Rights Assignment’ for the computer security policy…

 
 

December 7 2011

Set custom SCCM task sequence variable to client DHCP server

I had a requirement to be able set a custom SCCM Task Sequence variable to the value (IP address) of the DHCP server that had issued the IP address to the client . This meant that later in the Task Sequence I could re-use this value for other things, in this case it was to map a network drive, eg \%DHCP_Server%temp. I used a VB script to set this:

' Purpose: Set SCCM task sequence variable 'DHCP_Server' to the value of the DHCP server IP address
' Date: 06/12/2011
' Version: 1.0

strComputer = "."

' Create Task Sequence environment object
dim osd: set env = CreateObject("Microsoft.SMS.TSEnvironment")

Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\" & strComputer & "rootcimv2")

' Find active network adapter
Set colAdapters = objWMIService.ExecQuery _
("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True")
n = 1

For Each objAdapter in colAdapters

' Set variable in the Operating System Deployment environment
env("DHCP_Server") = objAdapter.DHCPServer

n = n + 1
Next

When you dump out the Task Sequence variables, you can then see it at the top of the list:

DHCP_Server=10.0.0.1
SMSTSDisableWow64Redirection=false
P0000012=file:VOL001:sources
WorkingDirectory=s:
_SMSMediaGuid=2BB82B7E-0BE0-48D7-9AC2-3DE93F726D71
_SMSTSAdvertID=P00200F6
_SMSTSBootImageID=P000005F
_SMSTSBootMediaPackageID=P0000012
_SMSTSBootMediaSourceVersion=2
…….
…….
…….
…….