Error while installing SCCM 2012 distribution point on Windows 2003 Servers in domain "Failed to update Package" or "Failed to create Virtual Directory"

Window 2003 Servers do not support the installation of SCCM 2012 distribution point out of the box. Once a Windows 2003 Server machine has been added as a Site Sytem and a DP is enabled, you may receive the errors "Failed to update Package" or "Failed to create Virtual Directory" on the Distibution point configuration status under monitoring in SCCM console. In the distmgr.log you may get the following error message:

ERROR ExecMethod(): Failed to execute AppCreate2. error = COM+ was unable to talk to the Microsoft Distributed Transaction Coordinator

ERROR CheckDPforDrizzle: Could not find the desired DP ["Display=\\FQDNSERVER\"]MSWNET:["SMS_SITE=CCR"]\\FQDNSERVER\ in the SCF

Error occurred. Performing error cleanup prior to returning.
And on Configuration Manager status message you may see

Failed to create virtual directory on the defined share or volume on distribution point "["Display=\\<FQDN>\"]MSWNET:["SMS_SITE=CCR"]\\<FQDN>\".

Possible cause: Distribution Manager requires that IIS base components be installed on the local Configuration Manager Site Server in order to create the virtual directory. Distribution Manager also requires that IIS Web Services be installed on the Distribution Point Server that needs to support Background Intelligent Transfer Service (BITS).
Solution: Verify that IIS base components are installed on the local Configuration Manager Site Server, and IIS Web Services are installed on the Distribution Point Server.

To resolve these errors, Please carry out the Distribution point instalaltion by following the below procedure step by step

1. Uninstall Distribution Point role from the Site system.(if already installed)


2. Reboot the site system

3. Enable Remote differential Compression by installing the msrdcoob_x86.exe from the following path  <Servername>\SMS_P01\Client\i386\msrdcoob_x86.exe

4. Upgrade BITS 2.0 to BITS 2.5 by installing the patch WindowsServer2003-KB923845-x86-ENU.exe

5.  Reboot the site system

6. Install SCCM Client Agent either by Client Push or Manual Installation Method

7. Install Internet Information Services 6.0 from Windows 2003 Server R2 with SP2 setup CD and do the next 3 configuration steps

8. Enable BITS extension in IIS 6.0 console

9. Enable WebDAV support in IIS 6.0 console

10. Enabled ISAPI extension in IIS 6.0 Console

11.Install WDS Services from Windows 2003 Server R2 with SP2 setup CD and do not configure WDS.

12.Install Distribution Point Role on the Site System

13. Wait till you receive installation successful message ( You will see IIS configuration hasn’t been enabled error as the OS on the server as it is pre Windows 2008, wait till the status changes to green)

14. Once you receive Distribution Point Setup Completed successfully Message, start distributing a sample package and monitor PkgXfermgr.log on the SCCM Server. If the Package transfers successfully,　 then Enable PXE support on the Distribution Point.

On the Windows 2003 DP site system you will receive errors in Event Viewer due to WDS’s port conflict with DHCP server. Resolve the conflict by changing the following registry key.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WDSServer\WDSPXE and Change the registry value of the Dword　UseDhcpPorts　from 1 to 0

 

.


 

SCCM 2012 Applications deployment failed to install with error code (0X643) - Fatal Error during installation

Behavior: 

 

When the .msi file was run manually by double clicking on a system where the deployment has failed, it gave the error below.

"The advertised application will not be installed because it might be unsafe. Contact your administrator to change the installation user interface option of the package to basic"

 

 

 

 

Solution:
I was able to install the .msi file manually by supplying the /qb switch on the test machine. Hence I created the program to include the /qb switch and redeployed the package to the failed machines.

 

To resolve this issue, use the installation switch /qb (b-basic) on the command line when creating the program.

 

Eg., msiexec /i "abc.msi" /qb /norestart

15 # SCCM 2012 Interview Questions/FAQs - Part 1 (Fundamentals)

SCCM 2012 Fundamentals – FAQS

1) In SCCM 2012, is it possible to enable remote control for only a few subset of computers in a ConfigMgr site?

 
Ans: Yes.

Explanation: In SCCM 2012, Client settings are no longer restricted to sites. You can configure custom client settings and assign them to collections. For example, you can configure a specific collection to have remote control enabled.

 

eference: http://technet.microsoft.com/en-us/library/gg699359.aspx#WhatsNew_Sites_and_Hierarchies

2) Does SCCM 2012 still have mixed mode and native mode?

Ans: No.

Explanation: The SCCM 2007 concept of mixed mode and native mode sites to define how clients communicate to site systems in the site has been replaced by site system roles that can independently support HTTP or HTTPS client communications.

Reference: http://technet.microsoft.com/en-us/library/gg699359.aspx#WhatsNew_Sites_and_Hierarchies

3) In SCCM 2012, Does client status (used to be client status reporting) now support automatic remediation?

Ans: Yes.

Explanation: Typical client problems that are detected are automatically remediated in SCCM 2012.

 

Reference: http://technet.microsoft.com/en-us/library/gg699359.aspx#WhatsNew_Client_Deployment

4) In SCCM 2012, Can users now exclude their computers from power management settings that you configure?

Ans: Yes.

Explanation: You can now enable a client setting option that allows users to exclude their own computers from power management.

Reference: http://technet.microsoft.com/en-us/library/gg699359.aspx#WhatsNew_Client_Deployment

 

5) Can SCCM 2012 automatically upgrade a SCCM 2007 Client?

Ans: Yes

Explanation: SCCM 2012 can automatically upgrade SCCM 2007 and SCCM 2012 Clients to the latest version of SCCM 2012 client when they are below a version that you specify.

 

 Reference: http://technet.microsoft.com/en-us/library/gg699359.aspx#WhatsNew_Client_Deployment

6) Does SCCM 2012 still have a central site?

Ans: No

Explanation: The Top-level SCCM 2007 site in a multi-primary site hierarchy was known as a central site. In System Center 2012 ConfigMgr the central site is replaced by Central Administration site. The Central Administration site is not a primary site at the top of the hierarchy, but rather a site that is used for reporting and to facilitate communication between Primary sites in hierarchy.

Reference: http://technet.microsoft.com/en-us/library/gg699359.aspx#BKMK_SiteInstallAndConsole

7) Can you create a collection without specifying a limiting collection?

Ans: No.

Explanation: In SCCM 2012, a collection is always a subset of its limiting collection. When you create a collection, you must specify a limiting collection.

Reference: http://technet.microsoft.com/en-us/library/gg699359.aspx#WhatsNew_Client_Deployment

8) SCCM 2012 uses SQL 2008 Reporting services reports builder 2.0 as the exclusive authoring and editing tool for reports, must you first install report builder 2.0 before you can create or modify a report?

Ans: No.

Explanation: Report Builder 2.0 is automatically installed when you create or modify a report for the first time.

 

Reference: http://technet.microsoft.com/en-us/library/gg699359.aspx#WhatsNew_Monitoring_and_Reporting

9) Can you sue the Exchange Server Connector to find which mobile devices are connecting to your Exchange Online Services?

Ans: Yes.

Explanation: In SCCM 2012, the Exchange Server Connector allows you to find and manage devices that connect to Exchange Server (On-premise or hosted) by using Exchange ActiveSync protocol.

Reference: http://technet.microsoft.com/en-us/library/gg699359.aspx#WhatsNew_Client_Deployment

14 # Comparison between LTI, ZTI, and UDI Deployments strategies:

Comparison between LTI, ZTI, and UDI Deployments strategies:

 

This post is for you to get to know the different types of OS deployment strategies, their requirements and will help you understand which strategy suits the best with the resources available with you.

 

SCCM 2007/2012 supports the following types Operating System deployment strategies,

1. LTI – Light Touch Installation
2. ZTI – Zero Touch Installation
3. UDI – User Driven Installation

There is one more type called HTI – High Touch Installation which is carried out by using Retail Media (Installation DVD) and/or Standard Image. The way we used to install Operating System earlier, carrying CD/DVDs around.

 

Table here is sourced from: http://systemscenter.ru/mdt2012.en/choosingltiztiorudideployments.htm

 

LTI deployment	ZTI deployment	UDI deployment
Allows selection of the level of automation	Supports only fully automated deployments	Allows selection of the level of automation
Has minimal infrastructure requirements	Requires Configuration Manager　2012 or Configuration Manager　2007　R3	Requires Configuration Manager　2012 or Configuration Manager　2007　R3
Supports deployments over a network using a shared folder or locally using removable storage such as a CD, DVD, or UFD	Supports deployments only from Configuration Manager　2012 or Configuration Manager　2007　R3 distribution points	Supports deployments only from Configuration Manager　2012 or Configuration Manager　2007　R3 distribution points
The deployment process can be initiated manually or automatically using Windows Deployment Services	The installation process can be initiated by Configuration Manager　2012, Configuration Manager　2007　R3, or Windows Deployment Services	The installation process can be initiated by Configuration Manager　2012, Configuration Manager　2007　R3, or Windows Deployment Services
The deployment process is configured using the Deployment Workbench	The deployment process is configured using the Configuration Manager console in Configuration Manager　2012 or Configuration Manager　2007　R3	The deployment process is configured using the Configuration Manager console in Configuration Manager　2012 or Configuration Manager　2007　R3 and the UDI Wizard Designer.
Can require less initial IT administration configuration time	Requires more initial IT administration configuration time	Requires more initial IT administration configuration time
Can require interaction by the user or deployment technician	Requires no interaction by the user or deployment technician	Can require interaction by the user or deployment technician
Increases the risk of introducing configuration errors	Reduces the risk of introducing configuration errors	Increases the risk of introducing configuration errors
Requires users or deployment technicians to have credentials with elevated permissions	Users and deployment technicians are not required to have credentials with elevated permissions	Requires users or deployment technicians to have credentials with elevated permissions
Requires that users or deployment technicians know some configuration settings prior to initiating the MDT deployment process	Users and deployment technicians do not need to know configuration settings prior to initiating the MDT deployment process	Requires that users or deployment technicians know some configuration settings prior to initiating the MDT deployment process
Can be used with slow connections or in instances where no network connectivity exists	Requires a high-speed, persistent connection	Requires a high-speed, persistent connection
Requires little or no infrastructure to support deployment	Requires an infrastructure sufficient to deploy operating system images	Requires an infrastructure sufficient to deploy operating system images
Supports deployment over the network or local to the computer from media	Supports only network deployments	Supports only network deployments
Does not require management of target computers using Configuration Manager　2012 or Configuration Manager　2007　R3	Requires that target computers be managed using Configuration Manager　2012 or Configuration Manager　2007　R3	Requires that target computers be managed using Configuration Manager　2012 or Configuration Manager　2007　R3
Supports security policies in which automatic software installation is prohibited	Supports only security in which automatic software installation is allowed.	Supports only security in which automatic software installation is allowed.
Supports deployment to target computers isolated by firewalls	Requires remote procedure call (RPC) communication with target computers	Requires RPC communication with target computers

 

 

 

At some point in the process of Operating System Deployment, you must provide all the information necessary to install Windows and the applications on target computers. The question is, when do you provide this information? The more information you provide in advance, the less interaction is required during deployment.

13 # SCCM 2012 Schema Extension - Classes and Attributes

What are the Attributes and Classes that gets added by the Configuration Manager Schema Extensions?

 

Ans: When you extend the Active Directory schema for ConfigMgr 2012, the following attributes and classes are added to Active Directory Domain Services:

 

Attributes:

1. cn=mS-SMS-Assignment-Site-Code


cn=mS-SMS-Capabilities



cn=MS-SMS-Default-MP



cn=mS-SMS-Device-Management-Point



cn=mS-SMS-Health-State



cn=MS-SMS-MP-Address



cn=MS-SMS-MP-Name



cn=MS-SMS-Ranged-IP-High



cn=MS-SMS-Ranged-IP-Low



cn=MS-SMS-Roaming-Boundaries



cn=MS-SMS-Site-Boundaries



cn=MS-SMS-Site-Code



cn=mS-SMS-Source-Forest



cn=mS-SMS-Version

　

Classes:

1. cn=MS-SMS-Management-Point


cn=MS-SMS-Roaming-Boundary-Range



cn=MS-SMS-Server-Locator-Point



cn=MS-SMS-Site

　

Also, the Active Directory schema extensions might include attributes and classes that are carried forward from previous versions of the product but not used by ConfigMgr 2012.

For example:

1. Attribute:　cn=MS-SMS-Site-Boundaries


Class:　cn=MS-SMS-Server-Locator-Point

SCCM Interview Questions/FAQs - Part 9 (Software Updates)

Part # 9 – Software Updates

1)  Is it true that when you add a software update to an update list, the updates are automatically approved for deployment?

Ans: No.

Explanation: An update list simply contains a set of software updates. Adding software updates to an update list does not approve them for deployment, but initiating a deployment using the update list is part of the recommended software updates workflow.

Reference: http://technet.microsoft.com/en-us/library/bb693591.aspx and http://technet.microsoft.com/en-us/library/bb632667.aspx

2) One of the settings stored in a deployment template is the collection. When creating the deployment template, are you required to specify the collection setting?

Ans: No.

The collection settings in a deployment template is optional. Depending on you deployment strategy. You will likely want to leave the collection setting blank in the deployment template and specify the collection when creating the deployment. This allows you to use the deployment template for deployments that will target different collections.

Reference: http://technet.microsoft.com/en-us/library/bb632940.aspx & http://technet.microsoft.com/en-us/library/bb633176.aspx

3) Can you hide individual software update deployments from end users?

Ans: No

Explanation: The ability to hide deployments is a site-wide setting configured on the Update Installation tab in the Software Updates Client Agent properties. The hide all deployments from end users setting applies to all deployments at the site, and therefore, you cannot hide individual deployments. When the Hide all deployments setting is enabled, display notifications, notifications area icons, installation progress, and the Available Software updates dialog box will not display on Client computers.  Additionally the software updates in optional deployments are never displayed and cannot be installed when this setting is enabled.

Reference: http://technet.microsoft.com/en-us/library/bb632393.aspx & http://technet.microsoft.com/en-us/library/bb693706.aspx

4) Consider a Hypothetical Scenario: A SCCM Administrator does the following:

(I) Runs the Download Updates Wizard to download Update1 and Update 2 to deployment package A.

(II) Runs the Download Updates Wizard to download Update1, Update2 and Update 3 to deployment package B.

(III) creates a deployment for Update1 and Update2 by using deployment package A. The deadline in the deployment is configured for the current date and time.

(IV) Before client computers receive the assignment policy, Package A is mistakenly deleted.

Now when the client computers receive the assignment policy, will they be able to download both Update1 and Update2 from a distribution point so that the software update installations can be initiated?

Ans: Yes.

Explanation: In SCCM 2007, there is no hard link between a deployment and deployment package. Clients install software updates in a deployment by using any distribution point that has the software updates available, regardless of the deployment package. Even if the deployment package is deleted from an active deployment, clients can still install the software updates in the deployment as long as each update has been downloaded to at least one other deployment package (Package B in our scenario) and is available on the distribution point accessible from the client.

Reference: http://technet.microsoft.com/en-us/library/bb680906.aspx and http://technet.microsoft.com/en-us/library/bb693754.aspx

5.  Can you create a software update deployment using the following scenario?
(I) Create an update list with a set of software updates.
(II) Drag the update list onto an existing deployment template.

Ans: Yes.

Explanation: Using an update list to create software update deployments is part of the recommended deployment process. In SCCM, you can drag an update list onto an existing deployment template to create a new deployment or drag an update list onto an existing software update deployment to add the updates to the deployment.

Reference: http://technet.microsoft.com/en-us/library/bb693779.aspx & http://technet.microsoft.com/en-us/library/bb693591.aspx

6) Can you create a custom update for an in-house application, publish it to WSUS, and use the software updates feature in SCCM 2007 to report on the compliance of the custom update and deploy it to client computers?

Ans: Yes.

Explanation: You can use System Center Updates Publisher to author custom updates and publish them to WSUS. The Software update point in Configuration Manager can be configured to synchronize locally published updates. After the custom update has been synchronized, client computers will scan for software updates compliance and the custom update can be deployed.

Reference: http://technet.microsoft.com/en-us/library/bb632895.aspx and http://technet.microsoft.com/en-us/library/bb632485.aspx

How to rollback or remove a patch causing unexpected issues on thousands of ConfigMgr Client computers?

How will you rollback a specific software update/patch that is found to be causing unexpected issues on thousands of SCCM Clients in your network?

Ans: By using, the following command in a task sequence: “C:\Windows\System32\wusa.exe /uninstall /kb:XXXXXX /quiet /norestart" (Applicable for clients that are Windows 7 or higher, where XXXXXX denotes the KB article /identification number, WSUA.exe is Windows updates Standalone Installer executable). Refer the URL below in reference for the Step by Step procedure for Mass rollback of software patches those are causing issues.

Reference: http://weikingteh.wordpress.com/2013/05/13/how-to-rollback-remove-a-patch-using-sccm-configmgr/

SCCM Interview Questions/FAQs - Part 8 (Software Distribution)

Part # 8 Software Distribution

1) Does a Configuration Manager Branch distribution point require a secondary site in which to operate?

Ans: No.

Explanation: A Branch distribution point is intended to allow smaller or distributed offices to host a SCCM 2007 distribution point on an existing client computer without requiring the installation of a secondary site.

Reference: http://technet.microsoft.com/en-us/library/bb632688.aspx & http://technet.microsoft.com/en-us/library/bb680853.aspx

2)  Can you prevent certain clients from accessing a particular distribution point?
Ans: Yes.
Explanation: You can protect a Configuration Manager Distribution point to prevent clients outside of its protected boundaries from accessing content stored on it.

Reference: http://technet.microsoft.com/en-us/library/bb892788.aspx

3) Can you copy multiple packages to a distribution point simultaneously?

Ans: Yes.

Explanation: In Systems Management Server (SMS) 2003, you had to copy packages one at a time to a distribution point. In SCCM 2007, you can use the Copy Packages Wizard to copy multiple packages to a distribution point simultaneously.

Reference: http://technet.microsoft.com/en-us/library/bb693746.aspx

4) If an advertised program with a maximum allowed run time of Unknown is still running at the end of a maintenance window, will the advertisement fail?

Ans: No.

Explanation: When SCCM attempts to determine whether there is enough time to run a program in a maintenance window, it looks at the maximum allowed run time option. If this option is set to Unknown, it is evaluated as a program run time of Zero (0) minutes. In this case, the advertisement will succeed even if it falls outside of a defined maintenance window

Reference: http://technet.microsoft.com/en-us/library/bb694197.aspx.


5) Can you install a Branch Distribution Point on to a computer that is not a Configuration Manger Client?

Ans: No.

Explanation: To install a branch distribution point, the target computer must be a Configuration Manager 2007 client running Windows XP or later.

Reference: http://technet.microsoft.com/en-us/library/bb680335.aspx

6) Do maintenance windows always control whether or not an advertised program will run on a client computer?

Ans: No.

Explanation:  Although maintenance windows are designed to allow administrators to control when client computers will download or run advertised programs, they are not intended to be universally restrictive. When creating a mandatory advertisement for a package, an administrator can elect to have that assignment ignore maintenance windows set on the target collection.

Reference: http://technet.microsoft.com/en-us/library/bb694295.aspx

7) Can you use Configuration Manger 2007 software distribution to uninstall a software package?

Ans: Yes.

Explanation: You can advertise any package or command to client computers using software distribution. If the software package has an uninstall command line, advertise this to the clients from which you want to remove the software package. If the software package does not have an uninstall routine, you might be able to build a script to accomplish this.

Reference: http://technet.microsoft.com/en-us/library/bb680422.aspx

8) Can you re-run an advertisement that has previously run successfully on client computers?

Ans: Yes.

Explanation: You can re-run an advertisement that has previously completed successfully, but only if the original advertisement had a mandatory scheduled assignment that has not yet expired.

Reference: http://technet.microsoft.com/en-us/library/bb681010.aspx


9) To install a branch distribution point, must Internet Information Services (IIS) be installed on the branch distribution point computers?

Ans: No.

Explanation: A computer hosting a Branch Distribution point does not need to have IIS installed.

Reference: http://technet.microsoft.com/en-us/library/bb680335.aspx

SCCM Interview Questions/FAQs - Part 7(SCCM 2007 Server Installation/Setup FAQs)

Part#7 – SCCM Installation Quiz

1)  Is it required to extend the Active Directory Schema for Configuration Manager?

Ans: No.

Explanation: It is not compulsory to extend AD Schema. But, extending schema would allow clients to retrieve many types of information related to SCCM from trusted sources. It’s just a best practice.

Reference: http://technet.microsoft.com/en-us/library/bb694066.aspx

2)  When upgrading Systems Management Server (SMS) 2003 AD Schema extensions for SCCM using ConfigMgr_ad_schema.ldf LDIF file, are additional steps required?

Ans: Yes.

Explanation: If the AD schema was previously extended for SMS 2003 sites, you must modify the ConfigMgr_ad_schema.ldf file shipped with the SCCM installation source files to allow SCCM Management point object attributes to be added to AD schema successfully.

Reference: http://technet.microsoft.com/en-us/library/bb632388.aspx

3) Is it possible to install a native mode SCCM site using the simple setting option of the SCCM setup?

Ans: No

Explanation: The simple setup installation option installs a SCCM 2007 primary site in mixed mode and configures a single computer to host all the necessary site server roles.

Reference: http://technet.microsoft.com/en-us/library/bb632792.aspx

4) Is site to site communication secured using public key infrastructure (PKI) certificates for sites configured to operate in native mode?

Ans: No.

Explanation: Native mode helps secure client to server communications only. To help protect server to server and site to site communication, consider implementing Internet Protocol Security (IPSec) or secure key exchange (applicable only site to site communications)

Reference: http://technet.microsoft.com/en-us/library/bb680658.aspx, http://technet.microsoft.com/en-us/library/bb633269.aspx and http://technet.microsoft.com/en-us/library/bb632851.aspx


5) Can the Configuration manager SMS provider be installed on a computer other than the site server or the site database server?

Ans: Yes.

Explanation: The SMS Provider can be installed on the site database server, site server or another server class third computer during SCCM 2007 setup.

Reference: http://technet.microsoft.com/en-us/library/bb680613.aspx

6) Is the SMS provider only to allow Configuration Manager Console connectivity to site database information?

Ans: No.

Explanation: The SMS Provider is used by Configuration Manager Console, Resource Explorer, tools and custom scripts used by SCCM 2007 administrations to access site information stored in the site database.

Reference: http://technet.microsoft.com/en-us/library/bb680613.aspx

7) Is the SMS Provider capable of translating data from one language to another in multilingual SCCM 2007 site hierarchies?

Ans: No.

Explanation: In multilingual SCCM 2007 site hierarchies, the site database is capable of storing information in different languages received from child sites. When site data is requested, the SMS provider determines the installed operating system language of the requesting computer and formats the data returned from the site database in a matching language format.

Reference: http://technet.microsoft.com/en-us/library/bb680613.aspx

8) Is Microsoft SQL Server 2005 database mirroring supported for the SCCM site database?

Ans: No.

Explanation: SQL Server 2005 database mirroring is not supported for the Configuration Manager Site database.  When installing SCCM 2007, the SQL Server site database can be installed on either the default instance or a named instance of SQL Server 2005. The instance used to host the site database can also be configured as a SQL Server failover cluster instance.

Reference: http://technet.microsoft.com/en-us/library/bb680717.aspx and http://technet.microsoft.com/en-us/library/bb693612.aspx

9) Is the SQL Server named pipes communication protocol required for Configuration Manager Site database installations?

Ans: No.

Explanation: The TCP/IP Protocol is required for SQL Server network communications to allow Kerberos authentication. The named pipes protocol is not required for SCCM 2007 site database operations and should be used only to troubleshoot any Kerberos authentication issues encountered when using TCP/IP protocol communications.

Reference: http://technet.microsoft.com/en-us/library/bb735877.aspx

10) Do SCCM 2007 Management Point computers configured in network load balancing (NLB) clusters in mixed-mode sites require registering a Service Principal Name (SPN) in Active Directory Domain Services?

Ans: Yes.

Explanation: To allow mixed-mode client approval processes, management point site systems configured as part of NLB clusters, in SCCM 2007 sites that are configured to operate in mixed mode, require registration of a Service Principal Name (SPN) in Active Directory Domain Services for the user name that is configured to run the CCM Windows Auth Server Framework Pool IIS application pool.

Reference: http://technet.microsoft.com/en-us/library/bb735879.aspx