[ENGLISH] – Configuration Manager Client Messaging SDK available on NuGet.org


News from Yvette Smile

The Configuration Manager team is pleased to announce that the Configuration Manager Client Messaging SDK version 5.1706.1034.1000 is now available as a package on NuGet.org. Previously the Client Messaging libraries were released with the System Center 2012 R2 Configuration Manager SDK.

NuGet is a package management Visual Studio extension that enables you to browse and add libraries and their configuration to your development projects easily from the Solution Explorer in Visual Studio or a command-line interface.

Releasing ConfigMgr SDK libraries on NuGet.org as packages will allow us to provide more frequent updates.

Notable Changes in this version:
  • Improvements to the certificate hashing algorithm detection and usage.
  • Fix to the hash algorithm not being properly defined when sending client registration requests.
  • Updated the default ClientVersion value to match Configuration Manager current branch 1511 (5.0.8325.0000).
  • Changed the support status of ConfigMgrBgbMessageRequest, ConfigMgrBgbMessageReply, and HeartbeatDiscoveryDataRecordFile from “PartiallySupported” to “Supported”.
  • Other fixes and improvements.

We have also published updated documentation for the Client Messaging SDK online.

We invite you to try out our new Client Messaging SDK package hereand leave us some feedback on our User Voice site.

Additional Resources:

Configuration Manager Client Messaging SDK Documentation

Configuration Manager SDK Documentation

NuGet Package Consumption Overview

Afficher l’article…

Publié dans Deployment, ENGLISH, SDK, System Center, vNext | Tagué , , , , | Laisser un commentaire

SCCM TP 1704…


News from Yvette Smile

Hello everyone! We are happy to let you know that update 1704 for the Technical Preview Branch of System Center Configuration Manager has been released. Technical Preview Branch releases give you an opportunity to try out new Configuration Manager features in a test environment before they are made generally available. This months new preview features include:

  • Secure Boot inventory data Hardware inventory can now determine whether the device has Secure Boot enabled (enabled by default).
  • Run Task Sequence step This is a new step in the task sequence to run another task sequence, which creates a parent-child relationship between two task sequences.
  • Reload boot images with latest Windows PE version During the “Update Distribution Points” wizard on a boot image, you can now reload the version of Windows PE in the selected boot image.

This release also includes the following improvements for customers using System Center Configuration Manager connected with Microsoft Intune to manage mobile devices:

  • Androidapp configuration support Administrators can create an app configuration policy for Android applications deployed with Google Play.

Update 1704 for Technical Preview Branch is available in the Configuration Manager console. For new installations please use the 1703 baseline version of Configuration Manager Technical Preview Branch available on TechNet Evaluation Center.

We would love to hear your thoughts about the latest Technical Preview! To provide feedback or report any issues with the functionality included in this Technical Preview, please use Connect. If theres a new feature or enhancement you want us to consider for future updates, please use the Configuration Manager UserVoice site.

Thanks,

The System Center Configuration Manager team

Configuration Manager Resources:

Documentation for System Center Configuration Manager Technical Previews

Try the System Center Configuration Manager Technical Preview Branch

Documentation for System Center Configuration Manager

System Center Configuration Manager Forums

System Center Configuration Manager Support

Download the Configuration Manager Support Center

Afficher l’article…

Publié dans System Center, vNext | Tagué , , | Laisser un commentaire

SCCM 1702 Hotfix 4018732 disponible!


image

Un petit hotfix ce matin? …voila, monsieur est servi Smile

Ce correctif ne vous concerne que si vous avez fait parti de la première vague de déploiement (installation de la 1702 avant le 5 avril 2017) et par conséquent n’apparaitra dans la console que si c’est le cas. Il ne corrige que des problématiques liées à la “First Wave” (première vague) de déploiement de la 1702…

Voila les correctifs inclus en fonction de votre date d’installation de la 1702…et si vous avez des secondaires, il vous faudra les mettre à jour, voir dernier paragraphe!

Issues that are fixed
Installations downloaded between March 22 and March 24, 2017

The following issues are resolved for installations or downloads of version 1702 performed between March 22 and March 24, 2017.

  • When you try to create a Microsoft Intune subscription, you receive an exception in the Configuration Manager console. The Details portion of the exception resembles the following:

    System.InvalidCastException
    Unable to cast COM object of type ‘System.__ComObject’ to interface type ‘CERTENROLLLib.CX509PrivateKey’. This operation failed because the QueryInterface call on the COM component for the interface with IID ‘{728AB362-217D-11DA-B2A4-000E7BBB2B09}’ failed due to the following error: No such interface supported (Exception from HRESULT: 0x80004002 (E_NOINTERFACE)).

  • The automatic client upgrade process for clients may fail. Errors resembling the following are recorded in the ccmsetup.log on the target clients:

    Failed to delete the ccmsetup service (0x80070430)

  • Errors that resemble the following are recorded in the UpdateDeployment.log on computers that have the Management Point role installed:

    Job error (0x8007007f) received for assignment ({guid}) action
    Updates will not be made available          UpdatesDeploymentAgent
    Job error (0x8007007f) received for assignment ({guid}) action
    Updates will not be made available

    These errors occur during the Software Updates Evaluation Cycle.

  • Upgrade Readiness (formerly Upgrade Analytics) data is unavailable for clients that are missing hardware inventory data.
  • The required software updates dialog box in Software Center incorrectly states “Required software changes have been made on this computer” before changes are applied.
  • Internet-facing clients are unable to check compliance with device compliance policies, even when an Internet-facing Management Point or Cloud Management Gateway is available. Errors resembling the following are recorded in the ComplRelayAgent.log file:

    Failed to retrieve AAD token. Error Details: An ADAL exception occurred while acquiring a token
    Error: Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: Federated service at https://{url} returned error: See inner exception for detail. —> System.Net.WebException: The remote server returned an error: (401) Unauthorized. —> System.ComponentModel.Win32Exception: The system cannot contact a domain controller to service the authentication request. Please try again later.

Installations downloaded between March 25 and April 4, 2017

The following issues are resolved for installations or downloads of version 1702 performed between March 25 and April 4, 2017.

  • Administrators cannot edit the Task Sequence application property Allow this application to be installed from the Install Application Task Sequence action without being deployed when the deployment type may require user interaction.
  • Task sequences with the option to Download all content locally before starting task sequence enabled may not run on non-English operating systems.
  • The User Notifications tab of a Task Sequence property may not appear if third-party administrator console extensions are installed.
  • Editing a compliance rule for a Mobile Device Configuration Policy results in modifications to additional policy elements. For example, adjusting the “Number of passwords remembered” setting also results in an unintentional change to the “Number of complex character sets required in password” setting.
  • The SMS Agent Host service (ccmexec) may stop on computers following in-place upgrade of the operating system. This issue can occur if the folder %windir%\system32\tasks\Microsoft is missing after the upgrade.
  • Enrolled Android devices, other than Samsung Knox devices, are not displayed in the Administrator Console.
  • Password Compliance rules added to support Android for Work are available on other platforms but only exposed when Android for Work is selected in the rule properties.
  • The SMS Executive service (smsexec.exe) consumes excessive memory when it downloads Upgrade Readiness data.
  • Upgrade Readiness data may not be processed on the site server. Errors resembling the following are recorded in the hman.log file on the site server.

    *** exec dbo.spOMSUpgradeAnalytics…
    *** [42000][9420][Microsoft][SQL Server Native Client 11.0][SQL Server]XML parsing: line 3180, character 10, illegal xml character : spOMSUpgradeAnalytics
    Failed to execute [C:\Program Files\Microsoft Configuration Manager\inboxes\hman.box\CFD\ConfigMgr.OMSUpgradeAnalytics_{datecode}.OMS]

  • Bulk enrollment of devices to Microsoft Intune fails.
  • After you upgrade to version 1702, application installation may fail on clients. Errors that resemble the following are recorded in the AppEnforce.log file. This indicates that the client is looking for the installation executable file in the wrong location. This occurs for applications that were created before the upgrade to version 1702.

    App enforcement environment: Content: MachineCommand line: “Install TestApp.exe”…
    Prepared working directory: C:\windows\system32
    Invalid executable file “Install TestApp.exe”

  • Configuration Manager clients may try repeatedly to download data for deleted policies.

    Clearing the proxy as no proxy address has been set
    ERROR: TaskManager: Task [CreateDeployment for service {guid}] has failed. Exception Microsoft.ConfigurationManager.AzureManagement.FailedToCommunicateToServiceException, Failed to contact Azure service.

  • A defined proxy server is not used as expected when you try to install a Cloud Distribution Point. Errors that resemble the following are recorded in the CloudMgr.log file:
  • The upgrade to Configuration Manager current branch, version 1702, may fail with errors resembling the following in the ConfigMgrSetup.log file:

    INFO: Inserting default ConfigurationItem(GLOBAL/Windows_Update_Settings)
    *** declare @rc int, @errxml xml, @errmsg nvarchar(max); EXEC @rc=sp_SetupCI 16889846, default, @errxml output, @errmsg output; select @rc, @errxml, @errmsg
    *** [42000][50000][Microsoft][SQL Server Native Client 11.0][SQL Server]ERROR 547, Level 16, State 0, Procedure sp_SetupSettingsAndRules, Line 177, Message:
    The MERGE statement conflicted with the REFERENCE constraint « CI_CurrentRuleDetail_SettingID_FK ». The conflict occurred in database « CM_V01 », table « dbo.CI_CurrentRuleDetail », column ‘SettingID’. : spRethrowError
    ERROR: Failed to execute SQL Server command; CCISource::InsertObject returned -1

Update information for System Center Configuration Manager, version 1702

This update is available in the Updates and Servicing node of the Configuration Manager console for environments that were installed by using first wave (Fast Ring) builds of version 1702 downloaded between March 22 and April 4, 2017.

To verify which first wave build is in use, look for a Package GUID by adding the Package GUID column to the details pane of the Updates and Servicing node in the console. The update applies to first wave installations of version 1702 from packages that have the following GUIDs:

  • 0FB0A697-662D-45C2-A96C-8C95E5944DF7
  • 2DC025B9-AF2F-4F22-A477-33F19C16C14C

This update does not apply to first wave installations of version 1702 from packages that have the following GUID as they are already up to date:

  • 82258EB9-88F1-427A-8B42-5A5C7FD185FF
Restart information

You do not have to restart the computer after you apply this update.

Update replacement information

This update does not replace any previously released update.

Additional installation information

After you install this update on a primary site, pre-existing secondary sites must be manually updated. To update a secondary site in the Configuration Manager console, click Administration, click Site Configuration, click Sites, click Recover Secondary Site, and then select the secondary site. The primary site then reinstalls that secondary site by using the updated files. Configurations and settings for the secondary site are not affected by this reinstallation. The new, upgraded, and reinstalled secondary sites under that primary site automatically receive this update.

Run the following SQL Server command on the site database to check whether the update version of a secondary site matches that of its parent primary site:

select dbo.fnGetSecondarySiteCMUpdateStatus ('SiteCode_of_secondary_site')

If the value 1 is returned, the site is up to date, with all the hotfixes applied on its parent primary site.

If the value 0 is returned, the site has not installed all the fixes that are applied to the primary site, and you should use the Recover Secondary Site option to update the secondary site.

Bonne installation!

PierrE.

Publié dans Deployment, System Center | Tagué , , , | Laisser un commentaire

Patch Tuesday + Security Avril 2017


********************************************************************

Title: Microsoft Security Bulletin Releases

Issued: April 11, 2017

********************************************************************

Summary

=======

The following bulletins have undergone a major revision increment.

* MS16-037 – Critical

* MS17-013 – Critical

* MS17-014 – Important

* MS17-021 – Important

* MS16-APR

* MS17-MAR

Bulletin Information:

=====================

MS16-037

– Title: Cumulative Security Update for Internet Explorer (3148531)

https://technet.microsoft.com/library/security/ms16-037.aspx

– Reason for Revision: Bulletin revised to announce the release

of a new Internet Explorer cumulative update (4014661) for

CVE-2016-0162. The update adds to the original release to

comprehensively address CVE-2016-0162. Microsoft recommends that

customers running the affected software install the security

update to be fully protected from the vulnerability described

in this bulletin. See Microsoft Knowledge Base Article 4014661

for more information.

– Originally posted: April 12, 2016

– Updated: April 11, 2017

– Bulletin Severity Rating: Critical

– Version: 2.0

MS17-013

– Title: Security Update for Microsoft Graphics Component (4013075)

https://technet.microsoft.com/library/security/ms17-013.aspx

– Reason for Revision: Bulletin revised to announce the release of

update 4017018 for Windows Vista and Windows Server 2008. The

update replaces update 4012583 for CVE-2017-0038 only, to

comprehensively address the vulnerability. Microsoft recommends

that customers running the affected software install the security

update to be fully protected from the vulnerability described in

this bulletin. See Microsoft Knowledge Base Article 4017018 for

more information.

– Originally posted: March 14, 2017

– Updated: April 11, 2017

– Bulletin Severity Rating: Critical

– Version: 2.0

MS17-014

– Title: Security Update for Microsoft Office (4013241)

https://technet.microsoft.com/library/security/ms17-014.aspx

– Reason for Revision: To comprehensively address CVE-2017-0027 for

Office for Mac 2011 only, Microsoft is releasing security update

3212218. Microsoft recommends that customers running Office for

Mac 2011 install update 3212218 to be fully protected from this

vulnerability. See Microsoft Knowledge Base Article 3212218 for

more information.

– Originally posted: March 14, 2017

– Updated: April 11, 2017

– Bulletin Severity Rating: Important

– Version: 2.0

MS17-021

– Title: Security Update for Windows DirectShow (4010318)

https://technet.microsoft.com/library/security/ms17-021.aspx

– Reason for Revision: Bulletin revised to announce that the security

updates that apply to CVE-2017-0042 for Windows Server 2012 are now

available. Customers running Windows Server 2012 should install

update 4015548 (Security Only) or 4015551 (Monthly Rollup) to be

fully protected from this vulnerability. Customers running other

versions of Microsoft Windows do not need to take any further

action.

– Originally posted: March 14, 2017

– Updated: April 11, 2017

– Bulletin Severity Rating: Important

– Version: 2.0

MS16-APR

– Title: Microsoft Security Bulletin Summary for April 2016

https://technet.microsoft.com/library/security/ms16-apr.aspx

– Reason for Revision: V3.0 (April 11, 2016): For MS16-037,

Bulletin Summary revised to announce the release of a new

Internet Explorer cumulative update (4014661) for CVE-2016-0162.

The update adds to the original release to comprehensively address

CVE-2016-0162. Microsoft recommends that customers running the

affected software install the security update to be fully protected

from the vulnerability described in this bulletin. See Microsoft

Knowledge Base Article 4014661 for more information.

– Originally posted: April 12, 2016

– Updated: April 11, 2016

– Bulletin Severity Rating: Not applicable

– Version: 3.0

MS17-MAR

– Title: Microsoft Security Bulletin Summary for March 2017

https://technet.microsoft.com/library/security/ms17-mar.aspx

– Reason for Revision: V2.0 (April 11, 2016): For MS17-013,

Bulletin Summary revised to announce the release of update 4017018

for Windows Vista and Windows Server 2008. The update replaces

update 4012583 for CVE-2017-0038 only, to comprehensively address

the vulnerability. Microsoft recommends that customers running the

affected software install the security update to be fully protected

from the vulnerability described in this bulletin. See Microsoft

Knowledge Base Article 4017018 for more information.

For MS17-014, to comprehensively address CVE-2017-0027 for Office for

Mac 2011 only, Microsoft is releasing security update 3212218.

Microsoft recommends that customers running Office for Mac 2011

install update 3212218 to be fully protected from this vulnerability.

See Microsoft Knowledge Base Article 3212218 for more information.

For MS17-021, security updates that apply to CVE-2017-0042 for

Windows Server 2012 are now available. Customers running Windows Server

2012

should install update 4015548 (Security Only) or 4015551 (Monthly

Rollup)

to be fully protected from this vulnerability. Customers running other

versions of Microsoft Windows do not need to take any further action.

– Originally posted: March 14, 2017

– Updated: April 11, 2016

– Bulletin Severity Rating: Not applicable

– Version: 2.0

 

 

********************************************************************

Microsoft Security Update Summary for April 2017

Issued: April 11, 2017

********************************************************************

This summary lists security updates released for April 2017.

Complete information for the April 2017 security update release can Be found at <https://portal.msrc.microsoft.com/en-us/security-guidance>.

Critical Security Updates

============================

Critical Adobe Flash Player

Critical Internet Explorer 10

Critical Internet Explorer 11

Critical Internet Explorer 9

Critical Microsoft Edge

Critical Microsoft .NET Framework 2.0 Service Pack 2

Critical Microsoft .NET Framework 3.5

Critical Microsoft .NET Framework 3.5.1

Critical Microsoft .NET Framework 4.5.2

Critical Microsoft .NET Framework 4.6

Critical Microsoft .NET Framework 4.6.1

Critical Microsoft .NET Framework 4.6.2

Critical Microsoft .NET Framework 4.6/4.6.1

Critical Microsoft .NET Framework 4.7

Critical Microsoft Office 2007 Service Pack 3

Critical Microsoft Office 2010 Service Pack 2 (32-bit editions)

Critical Microsoft Office 2010 Service Pack 2 (64-bit editions)

Critical Microsoft Office 2013 RT Service Pack 1

Critical Microsoft Office 2013 Service Pack 1 (32-bit editions)

Critical Microsoft Office 2013 Service Pack 1 (64-bit editions)

Critical Microsoft Office 2016 (32-bit edition)

Critical Microsoft Office 2016 (64-bit edition)

Critical Microsoft Outlook 2007 Service Pack 3

Critical Microsoft Outlook 2010 Service Pack 2 (32-bit editions)

Critical Microsoft Outlook 2010 Service Pack 2 (64-bit editions)

Critical Microsoft Outlook 2013 Service Pack 1 (32-bit editions)

Critical Microsoft Outlook 2013 Service Pack 1 (64-bit editions)

Critical Microsoft Outlook 2016 (32-bit edition)

Critical Microsoft Outlook 2016 (64-bit edition)

Critical Microsoft Outlook for Mac 2011

Critical Windows 10 for 32-bit Systems

Critical Windows 10 for x64-based Systems

Critical Windows 10 Version 1511 for 32-bit Systems

Critical Windows 10 Version 1511 for x64-based Systems

Critical Windows 10 Version 1607 for 32-bit Systems

Critical Windows 10 Version 1607 for x64-based Systems

Critical Windows 10 Version 1703 for 32-bit Systems

Critical Windows 10 Version 1703 for x64-based Systems

Critical Windows 7 for 32-bit Systems Service Pack 1

Critical Windows 7 for x64-based Systems Service Pack 1

Critical Windows 8.1 for 32-bit systems

Critical Windows 8.1 for x64-based systems

Critical Windows RT 8.1

Critical Windows Server 2008 for 32-bit Systems Service Pack 2

Critical Windows Server 2008 for 32-bit Systems Service Pack 2

(Server Core installation)

Critical Windows Server 2008 for Itanium-Based Systems Service

Pack 2

Critical Windows Server 2008 for x64-based Systems Service

Pack 2

Critical Windows Server 2008 for x64-based Systems Service

Pack 2 (Server Core installation)

Critical Windows Server 2008 R2 for Itanium-Based Systems

Service Pack 1

Critical Windows Server 2008 R2 for x64-based Systems Service

Pack 1

Critical Windows Server 2008 R2 for x64-based Systems Service

Pack 1 (Server Core installation)

Critical Windows Server 2012

Critical Windows Server 2012 (Server Core installation)

Critical Windows Server 2012 R2

Critical Windows Server 2012 R2 (Server Core installation)

Critical Windows Server 2016

Critical Windows Server 2016 (Server Core installation)

Critical Windows Vista Service Pack 2

Critical Windows Vista x64 Edition Service Pack 2

Important Security Updates

============================

Important Microsoft Excel 2007 Service Pack 3

Important Microsoft Excel 2010 Service Pack 2 (32-bit editions)

Important Microsoft Excel 2010 Service Pack 2 (64-bit editions)

Important Microsoft Excel Web App 2010 Service Pack 2

Important Excel Services

Important Microsoft Office Compatibility Pack Service Pack 2

Important Microsoft Office Web Apps 2010 Service Pack 2

Important Microsoft Office Web Apps Server 2013 Service Pack 1

Important Office Online Server

Important Microsoft OneNote 2007 Service Pack 3

Important Microsoft OneNote 2010 Service Pack 2 (32-bit editions)

Important Microsoft OneNote 2010 Service Pack 2 (64-bit editions)

Important Microsoft Silverlight 5 Developer Runtime when installed

on Microsoft Windows (32-bit)

Important Microsoft Silverlight 5 Developer Runtime when installed

on Microsoft Windows (x64-based)

Important Microsoft Silverlight 5 when installed on Microsoft

Windows (32-bit)

Important Microsoft Silverlight 5 when installed on Microsoft

Windows (x64-based)

Important Mono Framework Version 4.8.1.0

Important Mono Framework Version 5.0.0.48

Publié dans Uncategorized | Laisser un commentaire

[ENGLISH] – SCCM 1702 Express Files for WSUS… beware of disk space…


Ok, as i’ve been rolling out CM1702 this weekend, i had to get a shot at the new express files setup for Windows 10. Hopefully, i’ll keep on investigating during the creator update rollout to get more figures out of my lab…

for now, i’d say it still uses the same mechanism as WSUS was using, as i talked about it back then…with Johan.

for example, tonight’s updates were downloaded WITH express files support and are shown below, as you can see in the Update Package repository, you have both the complete upate’s CAB file, it’s about 11Megs…

image

and at its side, under it s own folder, the express file manifest within the CAB, and the PSF File containing the binaries…adding up to 77 Megs…

image

thats a BIG jump in storage size… 7 times bigger, as i expected from my previous WSUS experiences…no surprise here, and again Data Dedup on the VHDX storage for those VMs allow us to keep the impact under control…no sweat!

The fact is if you don’t run dedup, please note that you might need to increase your storage needs for updates up to a 7 factor in order to run Express Files.

I still want to measure the actual file transfer between SCCM and the client in both cases, using Express files and Without express files in order to make sure it’s worth the trouble, but once again, my experience tells me it is…we just need to beware of the storage factor.

Best regards, to be continued…

PierrE.

Publié dans Deployment, ENGLISH, Security, System Center, Windows10, WSUS | Tagué , , , , | Laisser un commentaire

Creative Update sur MSDN…


image

OK, c’est une de ces journées ou la bande passante va prendre un coup…

Disponibles depuis ce matin, Windows 10 1703 (AKA Créative Update) et Visual Studio 2017 (15.1)…à vos téléchargements, et c’est également le moment de vérifier vos settings WSUS et votre espace disque disponible sur SCCM/WSUS/MDT afin de préparer vos nouveaux Builds…

Sur WSUS et MSDN elle est dispo des aujourd’hui ce qui nous laisse  quelques jours pour tester/valider avant l’arrivée coté Grand public de cette nouvelle mouture de Windows1 qui est planifiée à partir du 11 avril…

Publié dans System Center, Windows10, WSUS | Tagué , , | Laisser un commentaire

Lenovo X1 Carbon, NVME perfs…. le TOP!


Depuis le passage sur Lenovo X1, je bénéficie d’un disque nVME de 1To, SAMSUNG, dont les perfs sont juste époustouflantes…

Les perfs d’un SSD sont toujours agréables, mais là on atteint des sommets Smile

Les Vms sont un régal, avec ces IOPS, une VM W10 démarre en 4 secondes…que du bonheur.

J’ai donc voulu mesurer un peu et mettre un chiffre en face de mes impressions après quelques mois d’utilisation, et voila: avec plus de 130K IOPS en écriture et 160K en lecture, je comprends mieux l’amélioration (mon 840PRO antérieur était environ à la moitié, et déjà je trouvais ça plutôt bienSmile )

image

Reste à trouver un serveur sur lequel monter ces petits bijoux pour actualiser mon rig Azure Stack!!!

bon Weekend!

Pierre.

Publié dans Uncategorized | Laisser un commentaire