Installing 32-bit Java Runtime Environment(JRE) software as SYSTEM in Windows 7 x64 via SCCM/SMS.


I recently ran into an issue updating the Sun Java runtime (JRE) on our x64 machines where 32 version of JRE is installed.  We have lot of systems with JRE 32bit version installed on Windows 7 and XP 64-bit systems. When I advertised the JRE 32-bit executable on those systems the installation failed on the systems with 1619 exit code. 

1619 exit code translates to “This installation package could not be opened. Verify that the package exists and that you can access it, or contact the application vendor to verify that this is a valid Windows Installer package.

Well, In Windows 7, processes that run as local system have a special profile found in  c:\windows\system32\config\systemprofile.  Unfortunately, on 64-bit systems, there are two system32 folders; one for 64-bit processes, and another (whose name is syswow64) for 32-bit processes.  As a result, there are two separate system profiles; one for 32-bit, one for 64-bit.
The Sun Java installer unpacks into a subfolder of the LocalLow application data directory.  In this case, the folder in question is C:\windows\system32\config\systemprofile\LocalLow\Sun\Java\jre1.7.0_11\.  Because this is a 32-bit process, though, it is really writing to syswow64 instead of system32.
The Windows Installer, however, is a 64-bit process.  So when it is asked to open the MSI file, it’s looking in the wrong place; hence error code 1619.  The file can’t be opened because it can’t be found.

As a workaround you could targeted the 64-bit systems that needs 32-bit JRE by configuring the program to run under the user context. Well, your end users on the systems must have admin rights to install when the advert executes on their system.

You can also directly pick the extracted JRE MSI content from C:\windows\system32\config\systemprofile\LocalLow\Sun\Java\jre1.7.0_11\ from any system and use this content to create the package and deploy it. 

Determine Whether Client Computers Are Ready for Native Mode

To help you determine if Configuration Manager 2007 client computers have a valid certificate for successful native mode communication before you migrate the site into native mode, run a utility called the Configuration Manager Native Mode Readiness Tool... 

http://technet.microsoft.com/en-us/library/bb680839.aspx 

http://blogs.technet.com/b/wemd_ua_-_sms_writing_team/archive/2008/11/02/native-mode-certificate-selection-criteria-cannot-use-attributes-with-spaces.aspx

Error signing client message (0x80004005) in ClientAuth.log


Yesterday I come across a native mode client which was not communicating with MP. When I check the Clientauth.log I noticed the following error. 

ClientAuth.log:
Error signing client message (0x80004005).
ClientIDManagerStartup.log:
RegTask: Failed to get certificate. Error: 0x80004005


I found that there were two client authentication certificates which match the certificate selection criteria. I removed one certificate from the client and the client started working properly. You can alternatively configure the site or the client installation properties to select any certificate that matches the creteria to fix this issue. 


Get OS type(x32 or x64) information from SCCM report


select sys.netbios_name0,
case when PROCESSOR.addresswidth0 = 64 then '64bit OS'
when PROCESSOR.addresswidth0=32 then '32bit OS'
end as [Operating System Type],
case when PROCESSOR.addresswidth0=32 and PROCESSOR.DataWidth0=64 then '*'
end as [32-bit OS on x64 processor]
from v_r_system sys
join v_gs_processor PROCESSOR on sys.resourceid=PROCESSOR.resourceid


All credits to Sherry Kissinger's. Read the original article at - http://myitforum.com/cs2/blogs/skissinger/archive/2009/06/23/32bit-vs-64bit-report.aspx

SCCM Client does not show up in console

Today, I come across a client which was not showing in the SCCM console and when I looked at the ccmexec.log I noticed the following error logs. 

ccmexec.log: 


[CCMHTTP] HTTP ERROR: URL=http://sccmserver.abc.com/ccm_system/request, Port=443, Protocol=https, SSLOptions=1, Code=12029, Text=ERROR_WINHTTP_CANNOT_CONNECT
HandleRemoteSyncSend failed (0x80040231).
CForwarder_Sync::Send failed (0x80040231).
CForwarder_Base::Send failed (0x80040231).

Resolution
Make sure the required port are opened on the firewall. In my case it was 443 and port 80 once they are opened my ConfigMgr client shown up with in 15-20 minutes in the SCCM console. 

Adds support for Windows 8-based client computers in SCCM 2007 SP2


Microsoft has released a hotfix KB2750782 to add support for Windows 8-based client computers in System Center Configuration Manager 2007 SP2. Please refer to the following link for more information on this hotfix and how to apply it. 

http://blogs.technet.com/b/configmgrteam/archive/2012/10/31/update-on-windows-8-and-windows-server-2012-support-in-cm-and-ep.aspx
http://support.microsoft.com/kb/2750782
http://blogs.technet.com/b/configurationmgr/archive/2010/12/09/system-center-configuration-manager-2007-hotfix-installation-guidance.aspx 

How to install KB2750782 HOTfix to SCCM 2007 SP2 Central/Primary Site.

Download the hotfix from here and extract and run "SCCM2007-SP2-KB2750782-ENU.msi".


Follow the hotfix wizard to complete the installation. 





You get prompted if you want it to create an SCCM package to deploy 2750782 to the clients.  If you say Yes, then it saves you the time to create the package (and the SCCM program) yourself.  It also creates the file used to install the hotfix on the clients to a subfolder nested in the location where the SCCM client installation files are on the site server.  The location is
\\<siteserver>\sms_<sitecode>\client\i386\hotfix\KB2750782, and the file is
 sccm2007ac-sp2-kb2698619-x86-enu.msp.











Applying hotfixes to Configuration Manager 2007 Clients


1. In the Configuration Manager console, create a new package. The "Package Properties" dialog box appears. In the Name box on the General tab of the Package Properties dialog box, provide a name that  describes it as a hotfix for the ConfigMgr client and identifies the ID number of the
associated Knowledge Base article.

2. In the "Package Properties" dialog box, on the "Data Source" tab, in the "Source directory" box, specify the folder where the hotfix was installed by the hotfix installer. The default location is:

\\<siteserver>\sms_<sitecode>\client\<platform>\hotfix\<updateid>

Where: 
<siteserver> is the name of the ConfigMgr site server
<sitecode> is the site code of the site
<platform> is the processor type, e.g. I386
<updateid> is the ID number of the associated Knowledge Base article
==========================================
Example:

\\Server1\SCCM_123\client\I386\hotfix\KB2750782

Additionally, to ensure accurate status is reported back for the application of
the client hotfix, the MIF file name(SMSAdvancedClient.sccm2007ac-sp2-kb2698619-x86-enu.mif) must be specified in the "MIF file name" field of the Reporting tab.  

Alternatively, you could use the following product code in the "Name" field. 

{6D2F87F7-4B2D-491E-8781-FF359FD95243}.

Because the application of this hotfix on a client computer stops and restarts
the SMS Agent Host service, it cannot monitor for an exit code from the update and must rely on finding a matching status MIF after the service is restarted. If a matching MIF is not found, the status will be reported to ConfigMgr as a failure (1603) even though the update may have completed successfully.


3. Click "OK" to accept the other default  package settings.

4. Under the new package, create a new  program. The "Program Properties" dialog box appears. On the "General" tab, in the "Name" box, enter a name that describes it as a hotfix for the Configuration Manager client.

5. In the "Program Properties" dialog box, on the "General" tab, in the "Command line" box, specify the following:

Msiexec /p <filename> /L*v <logfile> /q REINSTALL=ALL REINSTALLMODE=mous

Where: <filename> is the file name of the .msp file provided with the hotfix  package. Typically, the file name is in the form:

SCCM2007AC-<articleID>-<platform>.msp  <logfile> is the path where the results should be logged.

Example:
msiexec.exe /p sccm2007ac-sp2-kb2698619-x86-enu.msp /L*v %TEMP%\sccm2007ac-sp2-kb2698619-x86-enu.msp.LOG /q REINSTALL=ALL REINSTALLMODE=mous

Specify for the program to run minimized and set the "After running" option to Program restarts computer.

6. In the "Program Properties" dialog box,  on the "Requirements" tab, set the "Maximum allowed run time" to 20 minutes. This will prevent the installation from blocking other software distributions if a problem occurs.

7. In the "Program Properties" dialog box,  on the "Requirements" tab, choose the operating system version on which you want to install the client hotfix.

8. In the "Program Properties" dialog box,  on the "Environment" tab, select program can run "Whether or not a user is logged on."

9. Click "OK" to accept the other default  program settings.

10. Under the new package, select  distribution points for the new package.

11. In the Configuration Manager console, create a new query to identify systems that need the .msp. This is a sample query that you can adapt to your environment:

select *  from  SMS_R_System inner join SMS_G_System_SMS_ADVANCED_CLIENT_STATE on SMS_G_System_SMS_ADVANCED_CLIENT_STATE.ResourceID = SMS_R_System.ResourceId where SMS_R_System.ClientType = 1 and SMS_G_System_SMS_ADVANCED_CLIENT_STATE.Name = "CcmFramework" and (SMS_G_System_SMS_ADVANCED_CLIENT_STATE.Version < "4.0.6487.2196")

When you apply the hotfix the component version of some components changes, you can create a dynamic collection based on this data using the above query. 


12. Create a collection based on the query  that you created in step 11. Limit this query to a pilot group of systems.

13. In the Configuration Manager console, create a new advertisement. The
"Advertisement Properties" dialog box appears. On the "General" tab, in the
"Name" box, enter a name that describes it as a hotfix for the Configuration Manager client.

14. In the "Advertisement Properties" dialog box, on the "General" tab,
select the package that you created in step 1, the program that you created in
step 4, and the pilot collection that you created in step 12.

15. In the "Advertisement Properties" dialog box, on the "Schedule" tab, create a new mandatory assignment. Assign it to run more frequently than your hardware inventory collection schedule. For example, if your hardware inventory is collected once per week, use a schedule more frequent  than once per week. This will ensure that the hardware inventory that includes the ConfigMgr client version information is up to date.

16. Click "OK" to accept the other default advertisement settings.

17. Test the hotfix deployment to the pilot group.

18. When the pilot deployment is successful, expand the target to deploy
to all the clients that require the hotfix.

To deploy the ConfigMgr client .msp by using a method other than ConfigMgr software
distribution:

Use the following command line:

Msiexec /p <filename> /L*v <logfile> /q REINSTALL=ALL REINSTALLMODE=mous

Where: <filename>  is the file name of the .msp file that is provided with the  hotfix package. Typically, the file name is in the form:

SCCM2007AC-<articleID>-<platform>.msp

<logfile> is the path where the results hould be logged

Example:

msiexec.exe /P sccm2007ac-sp2-kb2698619-x86-enu.msp /L*v %temp%\sccm2007ac-sp2-kb2698619-x86-enu.log /q REINSTALL=ALL REINSTALLMODE=mous 

SCCM Client version number changes after you install the hotfix on the SCCM client. 


Download makecoll.exe to create static collections

The makecoll.exe which was included with SMS 2.0 is no longer available with SMS 2003/SCCM 2007 and 2012.
I created a similar collection creator tool which can be downloaded from
http://smstools.codeplex.com/