Wednesday, April 30, 2014

Removing Orphaned Packages from SCCM Child Site

Packages that are deleted at a parent site can be orphaned at a child site if the child site unavailable or down at the time of deletion or the replication process is unsuccessful. You won’t be able to delete those packages from child site because they will be locked in the console as the packages originate from the Central Site. In this case, we will need to use the backdoor to fix the problem by modifying the package record from the child site database. Only when this is done, we will be allowed to delete the package from the child site SCCM console.

Procedure to Remove Orphan Packages

To remove orphan packages from the SQL Server database, please follow the below

** You will need to have SA rights for these actions

1. Open SQL Server Management Studio, and use the site database of the child site cs1(SMS_CHILD).

2. Type and run the following command in the query window:

select PkgId, Name, SourceSite from SMSPackages

3. Search for the PkgID file that you want to remove.

4. Type and run the following command in the query window:

Update SMSPackages Set SourceSite='<Child Site Code>' Where PkgID= '<Package ID>'

5. The package is now set to a local package and you can delete it from within the SCCM Administrator console.

Deletion should be performed from the SCCM console instead of via the database level to ensure that the deletion is clean.

Thursday, April 24, 2014

Mass Import IP for Exchange Receive Connector

There are times when you are required to add many IPs addresses to the receive connector on Exchange 2010. This IPs are required to enable the exchange server to relay emails for alerts etc.
The powershell script below is something that is found from the community that is extremely useful

Copy the below and save it as a ps1 file

<#
.DESCRIPTION
Simple Powershell script that can bulk import remote IP ranges from a text file in a determined Exchange Receive Connector.
The Import of the Remote IP ranges maintains the original values which are already present on the Selected Connector.
.PARAMETERS
None - execute directly from the Exchange Management Shell

.Compatibility

Exchange 2007
Exchange 2010
Exchange 2013
#>
function Select-FileDialog
{
param([string]$Title,[string]$Directory,[string]$Filter="Text Files (*.txt)|*.txt")
[System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") | Out-Null
$objForm = New-Object System.Windows.Forms.OpenFileDialog
$objForm.InitialDirectory = $Directory
$objForm.Filter = $Filter
$objForm.Title = $Title
$objForm.ShowHelp = $true
$Show = $objForm.ShowDialog()

if ($Show -eq "OK")
{
return $objForm.FileName
}
else
{
exit
}
}
function get_RecConnector{
$RecConns = Get-ReceiveConnector | Select -ExpandProperty Identity
$Count = 0;
Write-Host "Bulk Import of Remote IP Addresses for Exchange Receive Connectors" -ForegroundColor Green
Write-Host "Version 0.1" -ForegroundColor Green
Write-Host "www.telnetport25.com" -ForegroundColor Green
Write-Host ""
Write-Host "Detected Receive Connectors: " -ForegroundColor Cyan
Write-Host ""
foreach($Connector in $RecConns){

Write-Host $Count "." $Connector -ForegroundColor White
$Count ++
}

Write-Host ""
$Choice = Read-Host "Please select the Receive Connector that you wish to work with."
Write-Host ""
import_RemoteIPRanges $RecConns[$Choice]
}
function import_RemoteIPRanges{
param($ConnectorID)
$FileName = Select-FileDialog "Open IP Range Text File..."
$IPs = Get-Content $FileName

foreach($IP in $IPs){
Write-Host "Adding IP Address :" $IP " to "$ConnectorID -ForegroundColor Cyan
$Rcnn = Get-ReceiveConnector "$ConnectorID"
$Rcnn.RemoteIPRanges += $IP
Set-ReceiveConnector "$ConnectorID" -RemoteIPRanges $Rcnn.RemoteIPRanges
}
}

get_RecConnector
Write-Host ""
Write-Host "Script Completed." -ForegroundColor Yellow


How to use

Before you use the script you should ensure that you have all of the IP addresses that you wish to add to a particular Receive Connector stored within a text file.

Each host should appear on a separate line. You can also use the CDIR address notation for an entire subnet if you wish to allow all hosts in a range to relay (for example add a line for 172.31.253.0/24) .

1) Open the Exchange Management Shell, navigate to the directory where you have downloaded the script file and type:

<path>.\<FileName of th3 ps1 file you saved earlier>.ps1

2) You will then be presented with a list of all the detected receive connectors that the script has located. Choose the connector via its numerical identifier (the numbers on the left hand side).


3) You will then be prompted to locate your IP Range text file which you created earlier – browse to it and then click on the “Open” button.

4)The script will then process each host entry and add it to the selected Receive Connector.


5) After the script has completed – if you check the [ Network –> Receive Mail from remote servers that these IP addresses ] in the Exchange Management Console, you should see that your addresses have been added.

Tuesday, April 22, 2014

SCCM Actions via WMI


Using WMIC to trigger SCCM Client Actions from command line:

Request for policy:
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000021}" /NOINTERACTIVE

To Evaluate policy:
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000022}" /NOINTERACTIVE

Disable Software-Distribution:
WMIC /namespace:\\root\ccm\policy\machine\requestedconfig path ccm_SoftwareDistributionClientConfig CREATE ComponentName="Disable SWDist",Enabled="false",LockSettings="TRUE",PolicySource="local",PolicyVersion="1.0" ,SiteSettingsKey="1" /NOINTERACTIVE

Re-Activate Software-Distribution:
WMIC /namespace:\\root\ccm\policy\machine\requestedconfig path ccm_SoftwareDistributionClientConfig WHERE ComponentName="Disable SWDist" delete /NOINTERACTIVE

Trigger Hardware Inventory:
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000001}" /NOINTERACTIVE

Trigger Software Inventory:
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000002}" /NOINTERACTIVE

Trigger DataDiscoverRecord (DDR) update:
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000003}" /NOINTERACTIVE

Force a FULL HW Inventory on next HW-Inv Schedule:
WMIC /namespace:\\root\ccm\invagt path inventoryActionStatus where InventoryActionID="{00000000-0000-0000-0000-000000000001}" DELETE /NOINTERACTIVE

Repair SMS/SCCM Agent on a remote client:
WMIC /node:%MACHINE% /namespace:\\root\ccm path sms_client CALL RepairClient

Repair a list (all clients listed in clients.txt) of remote SCCM Agents:
WMIC /node:@clients.txt /namespace:\\root\ccm path sms_client CALL RepairClient

Wednesday, April 16, 2014

Removing Obsolete Product Connector in SCOM 2007 R2

We used to be using Jalasoft for monitoring network devices which is integrated with SCOM and this product creates a product connector to pipe the data to SCOM.
However as this is no longer needed, I had to remove this obsolete Connector from a SCOM R2 environment. 
This cannot be done via the regular SCOM R2 console and has to be execute via one of the 3 methods below 

As Kevin Holman describes
This is not the official method but it works and gives you pretty much more control on what is being executed.

The official supported method, KB2626670
Basically a PS script which goes through the steps as per what is described by Kevin Holman :)

A community based tool
Un-official tool form the community

As you can see there are multiple options available to get to the end game
When you want to play is safe use KB2626670 since that’s the officially supported way.

Outlook: Unable to perform a Check Name or connect to an Exchange mailbox

Microsoft has released a quick publish article for Outlook Connectivity issues to Exchange.
Version of Outlook affected is 2007 and above.

Error Deleting Distributed Application in SCOM (Failed to verify View with ID)


I encountered the below trying to delete a distributed application and gotten the error similar to the below

Application: System Center Operations Manager 2007 R2
Application Version: 6.1.7221.0
Severity: Error
Message:

: Verification failed with [1] errors:
——————————————————-
Error 1:
: Failed to verify View with ID: View_1f3465325fe94ccb9876d7154bfa30c
Target property :ManagementPackElement=Service_ceecc43c88ee428197f7eafbf91236e2 in ManagementPack:[Name=my.managementpack, KeyToken=, Version=1.0.0.0] for this View is incorrect.Cannot find ManagementPackElement [Type=ManagementPackClass, ID=Service_ceecc43c88ee428197f7eafbf91236e2] in ManagementPack [ManagementPack:[Name=my.managmentpack, KeyToken=, Version=1.0.0.0]]
——————————————————-
This is due to a view that was created in the Monitoring Console to display the distributed application. The view have to be deleted first before the distributed application can be deleted

Tuesday, April 15, 2014

Outlook 2010 Crashes opening meetings


Here's a scenario we recently had reported: Machine running Outlook 2010 installs KB 2553248, and now Outlook crashes when they try to open meetings that were created using Exchange Web Services (EWS).
Here's the few other scenarios where Outlook crashes:

1) Create a Meeting request using EWS and send it to yourself. When you receive it in Outlook 2010 as a No Response Required meeting request, just selecting the meeting request crashes Outlook.
2) Opening the meeting in the Organizer's Calendar crashes Outlook.
3) If the attendee sends an acceptance, selecting the acceptance in the Explorer crashes Outlook.
4) Dismissing reminders crashes Outlook.

The issue is happening because there was a change made in Outlook which caused it to crash when it encounters a Time Zone property on a meeting which does not have a name. If we use MFCMAPI to dump out the properties of a Meeting we can see the problem is with PidLidAppointmentTimeZoneDefinitionStartDisplay.
 Notice that szKeyName is null.

<property tag = "0x80380102" type = "PT_BINARY"> <NamedPropGUID>{00062002-0000-0000-C000-000000000046} = PSETID_Appointment</NamedPropGUID> <NamedPropName>id: 0x825E=33374 = PidLidAppointmentTimeZoneDefinitionStartDisplay, dispidApptTZDefStartDisplay</NamedPropName> <Value>cb: 76 lpb: 000000000000000000000000000000000000000000000000000000000000000000000000000000</Value> <AltValue><![CDATA[............>...A...............ð...........................................]]> </AltValue> <SmartView><![CDATA[Time Zone Definition: bMajorVersion = 0x02 (2) bMinorVersion = 0x01 (1) cbHeader = 0x0006 (6) wReserved = 0x0002 (2) cchKeyName = 0x0000 (0) szKeyName = (null) cRules = 0x0001 (1) TZRule[0x0].bMajorVersion = 0x02 (2) TZRule[0x0].bMinorVersion = 0x01 (1) TZRule[0x0].wReserved = 0x003E (62) TZRule[0x0].wTZRuleFlags = 0x0002 = TZRULE_FLAG_EFFECTIVE_TZREG <Value>04:00:00.000 PM 5/5/2012</Value> <AltValue>Low: 0x1FE4C000 High: 0x01CD2AD8</AltValue> </property>

Fortunately, the fix is now available and included in the June 2012 CU for Office 2010.

If you're running into this issue you have a couple options:
1) Uninstall KB 2553248 (obviously).
2) Fix the Exchange Web Services code so that new meetings that are created do not crash Outlook.

What do I need to do to fix the existing code? The change is simple:

For Exchange Web Services Proxy code, remember to specify the Time Zone Name along with the Base Offset:


DateTime startTime = new DateTime(2012, 05, 05, 8, 00, 00, DateTimeKind.Unspecified); appointment.Start = startTime; appointment.End = startTime.AddHours(4); appointment.StartSpecified = appointment.EndSpecified = true; TimeZoneType tzUSMST = new TimeZoneType(); tzUSMST.TimeZoneName = "Atlantic Standard Time"; tzUSMST.BaseOffset = "PT4H"; appointment.MeetingTimeZone = tzUSMST;
For Exchange Web Services Managed API provide the TimeZone like below:


appointment.StartTimeZone = TimeZoneInfo.FindSystemTimeZoneById("Atlantic Standard Time");

Thursday, April 10, 2014

The Infra Guys Android App

The beta version of The Infra Guys Android application is now ready for download.

This application will enable you to follow us on Facebook and get notifications whenever a new post is available.
You will be able to download the apk from the link below
The Infra Guys Apk

Do install and feel free to provide me with your honest feedback.

Powershell not responsive on tab



Powershell is everywhere now. Exchange, SCOM etc.. you name it.

Since I use the tab expansion function frequently, I noticed immediately that for some odd reason the Command Shell would paused for ~30 seconds every time I used the tab completion function. I had to remind myself never to use it or I’d be staring at the screen for a while. Sometimes it’s quicker to just close Command Shell and launch it again, but usually there is history saved which I don’t want to lose.

So I wait…and wait. :(
Lincoln Atkinson created a workaround for this, which I stumbled across on the Technet forum. This was such a wonderful find, I feel like I should spread the news. Run the following script, or add it to your $profile, and tab away!


$tabExpand = (get-item function:\tabexpansion).Definition
if($tabExpand -match 'try {Resolve-Path.{49}(?=;)')
{
$tabExpand = $tabExpand.Replace($matches[0], "if((get-location).Provider.Name -ne 'OperationsManagerMonitoring'){ $($matches[0]) }" )
invoke-expression "function TabExpansion{$tabExpand}"
}

Wednesday, April 9, 2014

SCCM 2007 Log Files


Client Log Files

* CAS – Content Access Service. Maintains the local package cache.
* Ccmexec.log – Records activities of the client and the SMS Agent Host service.
* CertificateMaintenance.log – Maintains certificates for Active Directory directory service and management points.
* ClientIDManagerStartup.log – Creates and maintains the client GUID.
* ClientLocation.log – Site assignment tasks.
* ContentTransferManager.log – Schedules the Background Intelligent Transfer Service (BITS) or the Server Message Block (SMB) to download or to access SMS packages.
* DataTransferService.log – Records all BITS communication for policy or package access.
* Execmgr.log – Records advertisements that run.
* FileBITS.log – Records all SMB package access tasks.
* Fsinvprovider.log (renamed to FileSystemFile.log in all SMS 2003 Service Packs) – Windows Management Instrumentation (WMI) provider for software inventory and file collection.
* InventoryAgent.log – Creates discovery data records (DDRs) and hardware and software inventory records.
* LocationServices.log – Finds management points and distribution points.
* Mifprovider.log – The WMI provider for .MIF files.
* Mtrmgr.log – Monitors all software metering processes.
* PolicyAgent.log – Requests policies by using the Data Transfer service.
* PolicyAgentProvider.log – Records policy changes.
* PolicyEvaluator.log – Records new policy settings.
* Remctrl.log – Logs when the remote control component (WUSER32) starts.
* Scheduler.log – Records schedule tasks for all client operations.
* Smscliui.log – Records usage of the Systems Management tool in Control Panel.
* StatusAgent.log – Logs status messages that are created by the client components.
* SWMTRReportGen.log – Generates a usage data report that is collected by the metering agent. (This data is logged in Mtrmgr.log.)

Server Log Files

* Ccm.log – Client Configuration Manager tasks.
* Cidm.log – Records changes to the client settings by the Client Install Data Manager (CIDM).
* Colleval.log – Logs when collections are created, changed, and deleted by the Collection Evaluator.
* Compsumm.log – Records Component Status Summarizer tasks.
* Cscnfsvc.log – Records Courier Sender confirmation service tasks.
* Dataldr.log – Processes Management Information Format (MIF) files and hardware inventory in the Configuration Manager 2007 database.
* Ddm.log – Saves DDR information to the Configuration Manager 2007 database by the Discovery Data Manager.
* Despool.log – Records incoming site-to-site communication transfers.
* Distmgr.log – Records package creation, compression, delta replication, and information updates.
* Hman.log – Records site configuration changes, and publishes site information in Active Directory Domain Services.
* Inboxast.log – Records files that are moved from the management point to the corresponding SMS\INBOXES folder.
* Inboxmgr.log – Records file maintenance.
* Invproc.log – Records the processing of delta MIF files for the Dataloader component from client inventory files.
* Mpcontrol.log – Records the registration of the management point with WINS. Records the availability of the management point every 10 minutes.
* Mpfdm.log – Management point component that moves client files to the corresponding SMS\INBOXES folder.
* MPMSI.log – Management point .msi installation log.
* MPSetup.log – Records the management point installation wrapper process.
* Ntsvrdis.log – Configuration Manager 2007 server discovery.
* Offermgr.log – Records advertisement updates.
* Offersum.log – Records summarization of advertisement status messages.
* Policypv.log – Records updates to the client policies to reflect changes to client settings or advertisements.
* Replmgr.log – Records the replication of files between the site server components and the Scheduler component.
* Rsetup.log – Reporting point setup log.
* Sched.log – Records site-to-site job and package replication.
* Sender.log – Records files that are sent to other child and parent sites.
* Sinvproc.log – Records client software inventory data processing to the site database in Microsoft SQL Server.
* Sitecomp.log – Records maintenance of the installed site components.
* Sitectrl.log – Records site setting changes to the Sitectrl.ct0 file.
* Sitestat.log – Records the monitoring process of all site systems.
* Smsdbmon.log – Records database changes.
* Smsexec.log – Records processing of all site server component threads.
* Smsprov.log – Records WMI provider access to the site database.
* SMSReportingInstall.log – Records the Reporting Point installation. This component starts the installation tasks and processes configuration changes.
* SMSSHVSetup.log – Records the success or failure (with failure reason) of installing the System Health Validator point.
* Srvacct.log – Records the maintenance of accounts when the site uses standard security.
* Statmgr.log – Writes all status messages to the database.
* Swmproc.log – Processes metering files and maintains settings.

Admin Console Log Files

* RepairWizard.log – Records errors, warnings, and information about the process of running the Repair Wizard.
* ResourceExplorer.log – Records errors, warnings, and information about running the Resource Explorer.
* SMSAdminUI.log – Records the local Configuration Manager 2007 console tasks when you connect to Configuration Manager 2007 sites.

Management Point Log Files

* MP_Ddr.log – Records the conversion of XML.ddr records from clients, and copies them to the site server.
* MP_GetAuth.log – Records the status of the site management points.
* MP_GetPolicy.log – Records policy information.
* MP_Hinv.log – Converts XML hardware inventory records from clients and copies the files to the site server.
* MP_Location.log – Records location manager tasks.
* MP_Policy.log – Records policy communication.
* MP_Relay.log – Copies files that are collected from the client.
* MP_Retry.log – Records the hardware inventory retry processes.
* MP_Sinv.log – Converts XML hardware inventory records from clients and copies them to the site server.
* MP_Status.log – Converts XML.svf status message files from clients and copies them to the site server.

Mobile Device Management Log Files

* DmClientHealth.log – Records the GUIDs of all the mobile device clients that are communicating with the Device Management Point.
* DmClientRegistration.log – Records registration requests from and responses to the mobile device client in Native mode.
* DmpDatastore.log – Records all the site database connections and queries made by the Device Management Point.
* DmpDiscovery.log – Records all the discovery data from the mobile device clients on the Device Management Point.
* DmpFileCollection.log – Records mobile device file collection data from mobile device clients on the Device Management Point.
* DmpHardware.log – Records hardware inventory data from mobile device clients on the Device Management Point.
* DmpIsapi.log – Records mobile device communication data from device clients on the Device Management Point.
* dmpMSI.log – Records the MSI data for Device Management Point setup.
* DMPSetup.log – Records the mobile device management setup process.
* DmpSoftware.log – Records mobile device software distribution data from mobile device clients on the Device Management Point.
* DmpStatus.log – Records mobile device status messages data from mobile device clients on the Device Management Point.
* FspIsapi.log – Records Fallback Status Point communication data from mobile device clients and client computers on the Fallback Status Point.

Mobile Device Client Log Files

* DmCertEnroll.log – Records certificate enrollment data on mobile device clients.
* DMCertResp.htm (in \temp) – Records HTML response from the certificate server when the mobile device Enroller program requests a client authentication certificate on mobile device clients.
* DmClientSetup.log – Records client setup data on mobile device clients.
* DmClientXfer.log – Records client transfer data for Windows Mobile Device Center and ActiveSync deployments.
* DmCommonInstaller.log – Records client transfer file installation for setting up mobile device client transfer files on client computers.
* DmInstaller.log – Records whether DMInstaller correctly calls DmClientSetup and whether DmClientSetup exits with success or failure on mobile device clients.
* DmInvExtension.log – Records Inventory Extension file installation for setting up Inventory Extension files on client computers.
* DmSvc.log – Records mobile device management service data on mobile device clients.

Operating System Deployment Log Files

* CCMSetup.log – Provides information about client-based operating system actions.
* CreateTSMedia.log – Provides information about task sequence media when it is created. This log is generated on the computer running the Configuration Manager 2007 administrator console.
* DriverCatalog.log – Provides information about device drivers that have been imported into the driver catalog.
* MP_ClientIDManager.log – Provides information about the Configuration Manager 2007 management point when it responds to Configuration Manager 2007 client ID requests from boot media or PXE. This log is generated on the Configuration Manager 2007 management point.
* MP_DriverManager.log – Provides information about the Configuration Manager 2007 management point when it responds to a request from the Auto Apply Driver task sequence action. This log is generated on the Configuration Manager 2007 management point.
* MP_Location.log – Provides information about the Configuration Manager 2007 management point when it responds to request state store or release state store requests from the state migration point. This log is generated on the Configuration Manager 2007 management point.
* Pxecontrol.log – Provides information about the PXE Control Manager.
* PXEMsi.log – Provides information about the PXE service point and is generated when the PXE service point site server has been created.
* PXESetup.log – Provides information about the PXE service point and is generated when the PXE service point site server has been created.
* Setupact.log Setupapi.log Setuperr.log Provide information about Windows Sysprep and setup logs.
* SmpIsapi.log – Provides information about the state migration point Configuration Manager 2007 client request responses.
* Smpmgr.log – Provides information about the results of state migration point health checks and configuration changes.
* SmpMSI.log – Provides information about the state migration point and is generated when the state migration point site server has been created.
* Smsprov.log – Provides information about the SMS provider.
* Smspxe.log – Provides information about the Configuration Manager 2007 PXE service point.
* SMSSMPSetup.log – Provides information about the state migration point and is generated when the state migration point site server has been created.
* Smsts.log – General location for all operating system deployment and task sequence log events.
* TaskSequenceProvider.log – Provides information about task sequences when they are imported, exported, or edited.
* USMT Log loadstate.log – Provides information about the User State Migration Tool (USMT) regarding the restore of user state data.
* USMT Log scanstate.log – Provides information about the USMT regarding the capture of user state data.

Network Access Protection Log Files

* Ccmcca.log – Logs the processing of compliance evaluation based on Configuration Manager NAP policy processing and contains the processing of remediation for each software update required for compliance.
* CIAgent.log – Tracks the process of remediation and compliance. However, the software updates log file, *Updateshandler.log – provides more informative details on installing the software updates required for compliance.
* locationservices.log – Used by other Configuration Manager features (for example, information about the client’s assigned site) but also contains information specific to Network Access Protection when the client is in remediation. It records the names of the required remediation servers (management point, software update point, and distribution points that host content required for compliance), which are also sent in the client statement of health.
* SDMAgent.log – Shared with the Configuration Manager feature desired configuration management and contains the tracking process of remediation and compliance. However, the software updates log file, Updateshandler.log, provides more informative details about installing the software updates required for compliance.
* SMSSha.log – The main log file for the Configuration Manager Network Access Protection client and contains a merged statement of health information from the two Configuration Manager components: location services (LS) and the configuration compliance agent (CCA). This log file also contains information about the interactions between the Configuration Manager System Health Agent and the operating system NAP agent, and also between the Configuration Manager System Health Agent and both the configuration compliance agent and the location services. It provides information about whether the NAP agent successfully initialized, the statement of health data, and the statement of health response.

System Health Validator Point Log Files

* Ccmperf.log -Contains information about the initialization of the System Health Validator point performance counters.
* SmsSHV.log – The main log file for the System Health Validator point; logs the basic operations of the System Health Validator service, such as the initialization progress.
* SmsSHVADCacheClient.log – Contains information about retrieving Configuration Manager health state references from Active Directory Domain Services.
* SmsSHVCacheStore.log – Contains information about the cache store used to hold the Configuration Manager NAP health state references retrieved from Active Directory Domain Services, such as reading from the store and purging entries from the local cache store file. The cache store is not configurable.
* SmsSHVRegistrySettings.log – Records any dynamic changes to the System Health Validator component configuration while the service is running.
* SmsSHVQuarValidator.log – Records client statement of health information and processing operations. To obtain full information, change the registry key LogLevel from 1 to 0 in the following location:HKLM\SOFTWARE\Microsoft\SMSSHV\Logging\@GLOBAL

Desired Configuration Management (DCM) Log Files

* ciagent.log – Provides information about downloading, storing, and accessing assigned configuration baselines.
* dcmagent.log – Provides high-level information about the evaluation of assigned configuration baselines and desired configuration management processes.
* discovery.log – Provides detailed information about the Service Modeling Language (SML) processes.
* sdmagent.log – Provides information about downloading, storing, and accessing configuration item content.
* sdmdiscagent.log – Provides high-level information about the evaluation process for the objects and settings configured in the referenced configuration items.

Wake On LAN Log Files

* Wolmgr.log – Contains information about wake-up procedures such as when to wake up advertisements or deployments that are configured for Wake On LAN.
* WolCmgr.log – Contains information about which clients need to be sent wake-up packets, the number of wake-up packets sent, and the number of wake-up packets retried.

Software Updates Site Server Log Files

* ciamgr.log – Provides information about the addition, deletion, and modification of software update configuration items.
* distmgr.log – Provides information about the replication of software update deployment packages.
* objreplmgr.log – Provides information about the replication of software updates notification files from a parent to child sites.
* PatchDownloader.log – Provides information about the process for downloading software updates from the update source specified in the software updates metadata to the download destination on the site server.
* replmgr.log – Provides information about the process for replicating files between sites.
* smsdbmon.log – Provides information about when software update configuration items are inserted, updated, or deleted from the site server database and creates notification files for software updates components.
* SUPSetup – Provides information about the software update point installation. When the software update point installation completes, Installation was successful is written to this log file.
* WCM.log – Provides information about the software update point configuration and connecting to the Windows Server Update Services (WSUS) server for subscribed update categories, classifications, and languages.
* WSUSCtrl.log – Provides information about the configuration, database connectivity, and health of the WSUS server for the site.
* wsyncmgr.log -Provides information about the software updates synchronization process.

WSUS Server Log Files

* Change.log – Provides information about the WSUS server database information that has changed.
* SoftwareDistribution.log – Provides information about the software updates that are synchronized from the configured update source to the WSUS server database.

Software Updates Client Computer Log Files

* CAS.log – Provides information about the process of downloading software updates to the local cache and cache management.
* CIAgent.log – Provides information about processing configuration items, including software updates.
* LocationServices.log – Provides information about the location of the WSUS server when a scan is initiated on the client.
* PatchDownloader.log – Provides information about the process for downloading software updates from the update source to the download destination on the site server. This log is only on the client computer configured as the synchronization host for the Inventory Tool for Microsoft Updates.
* PolicyAgent.log – Provides information about the process for downloading, compiling, and deleting policies on client computers.
* PolicyEvaluator – Provides information about the process for evaluating policies on client computers, including policies from software updates.
* RebootCoordinator.log – Provides information about the process for coordinating system restarts on client computers after software update installations.
* ScanAgent.log – Provides information about the scan requests for software updates, what tool is requested for the scan, the WSUS location, and so on.
* ScanWrapper – Provides information about the prerequisite checks and the scan process initialization for the Inventory Tool for Microsoft Updates on Systems Management Server (SMS) 2003 clients.
* SdmAgent.log – Provides information about the process for verifying and decompressing packages that contain configuration item information for software updates.
* ServiceWindowManager.log – Provides information about the process for evaluating configured maintenance windows.
* smscliUI.log – Provides information about the Configuration Manager Control Panel user interactions, such as initiating a Software Updates Scan Cycle from the Configuration Manager Properties dialog box, opening the Program Download Monitor, and so on.
* SmsWusHandler – Provides information about the scan process for the Inventory Tool for Microsoft Updates on SMS 2003 client computers.
* StateMessage.log – Provides information about when software updates state messages are created and sent to the management point.
* UpdatesDeployment.log – Provides information about the deployment on the client, including software update activation, evaluation, and enforcement. Verbose logging shows additional information about the interaction with the client user interface.
* UpdatesHandler.log – Provides information about software update compliance scanning and about the download and installation of software updates on the client.
* UpdatesStore.log – Provides information about the compliance status for the software updates that were assessed during the compliance scan cycle.
* WUAHandler.log – Provides information about when the Windows Update Agent on the client searches for software updates.
* WUSSyncXML.log – Provides information about the Inventory Tool for the Microsoft Updates synchronization process. This log is only on the client computer configured as the synchronization host for the Inventory Tool for Microsoft Updates.

Windows Update Agent Log File

* WindowsUpdate.log – Provides information about when the Windows Update Agent connects to the WSUS server and retrieves the software updates for compliance assessment and whether there are updates to the agent components.

Monday, April 7, 2014

Removing corrupt ActiveSync device from Exchange 2010 using MFCMapi


There may be times that you can get a corrupt ActiveSync device in a Exchange 2010 mailbox.

You can see the device in OWA under options/ Phone / Mobile phones.
When you try to do anything with the device (Details or Wipe) you will get an error message.
The corrupted device cannot be seen if you run the cmdlet ActiveSyncDevices (Get-ActiveSyncDevice -mailbox mailbox_id) in Powershell.

Background
When a user sets up a ActiveSync relationship the information is stored in two places (AFAIK);
Hidden folders in the user mailbox

AD as child items to the user account




Resolution
This solution deletes the corrupted ActiveSync device that is visible from OWA so a new partnership can be established (or just to remove an orphan device from the list):

1) Download MFCMapi (Downloadable from http://mfcmapi.codeplex.com/)
2) Create a MAPI Profile to the users mailbox on a server/workstation with Outlook
Full mailbox access permissions to the problematic mailbox is required)
3) Start MFCMapi
4) Menu Session > Logon [choose the correct Outlook Profile]
5) Double click the "Mailbox - User name"
6) Expand the "Root Container"
7) Expand the "ExchangeSyncData"
8) Locate the corrupt device (a folder under ExchangeSyncData) and right click > Delete Folder
9) Close MFCMapi

Thursday, April 3, 2014

SilverSeek Tool (Great Tool!)


Great tool that I came across surfing through some community stuff. This is a fantastic tool for anyone who does patching or remediation for security audits. This tool allows you to search the files, build versions and MS Products and links you to the all the KB articles associated with it.

http://silverseekkb.cloudapp.net/

A sample of the screenshot of the output is as below when I am running against my own machine


Test it out and see if you like it
:)