Deploy all Windows Updates during the SCCM 2012 Task Sequence

Issue
I noticed that when I put Windows Updates in the SCCM 2012 Task Sequence (“Deploy” and the “Build and Capture”) some Software Updates weren’t installed. Even after updating the Operating System Images Offline the issue still remained.

Reason and solution
After some investigation the answer was relatively simple; The Configuration Manager Client caches the results of a Software Update evaluation scan.
I Noticed that this cache has a rather long TTL, longer than the Task Sequence lasted.
This post is on how to update the deployment completely by flushing the Windows Update cache.

1. Force all updates to run in the task sequence
– 
In the Configuration Manager console, navigate to Administration, choose Software library, Operating Systems, Task Sequences, and edit the Task Sequence which you want to modify.
– After the complete installation choose Add, New Group and change the name to Windows Updates
Add another subgroup called Install Software Updates I
– Add, General, Install Software Updates
and name it Install Software Updates I
Install Updates SCCM 2012 - 1

– Add another subgroup called Install Software Updates II
– Add, General, Run Command Line 
and name it Scan for  Updates II
– In the command line type: WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule “{00000000-0000-0000-0000-000000000113}” /NOINTERACTIVE
Install Updates SCCM 2012 - 2

– Add, General, Run Command Line and name it Wait for Scan to Finish II
– In the Command line type: Powershell.exe -command start-sleep 30 Install Updates SCCM 2012 - 3
– Add, General, Install Software Updates and name it Install Software Updates II
Install Updates SCCM 2012 - 4
– Copy the Install Updates II folder 3 times and change the description. After this the sequence will run and install all updates.

 

Step-by-step configuring the Native Exchange 2007 MP for Operations Manager

Just an old one but still good for a blog; Exchange 2007 monitoring.

-To Enable agent proxy on managed Exchange 2007 servers NOTE :Ok, as you now first roll out the OpsMgr agent to all Exchange servers and make sure they work properly before following the next steps.

  1. Click the Administration button in the Operations console, and then in the navigation pane, click Agent Managed.
  2. In the Agent Managed pane, right-click an Exchange server, click Properties, click the Security tab, and ensure that the Allow this agent to act as a proxy and discover managed objects on other computers check box is selected.
  3. Repeat the process for every managed Exchange 2007 server in the list.

  

-Create a New Management Pack for Customizations The overrides and customizations for management packs like Exchange 2007 are usually saved in the default management pack. Best practice is to create a new separate management pack for Exchange overrides.

  1. Click the Administration button in the Operations console, right-click Management Packs and then click Create Management Pack. The Create a Management Pack wizard displays.
  2. Type a name for the management pack in Name, the correct version number in Version, and a short description in Description. Click Next and then Create.
  3. Click next and create

 

– Import the Exchange 2007 management packs Next step is import the Exchange 2007 management packs

  1. In the Operations Console, click the Administration button.
  2. Right-click the Management Packs node and then click Import Management Pack(s)
  3. Click add and choose from catalog
  4. Search for Exchange and expand Microsoft Corporation, Exchange Server, Exchange Server 2007
  5. Import all Exchange 2007 Management packs
  6. After the import process is complete, and the dialog box displays an icon next to each Management Pack indicating success or failure of the importation, click the Close button.

-Enable Exchange 2007 Server Role Discovery After importing the Exchange 2007 MP, it will not start discovering Exchange machines immediately. This behavior is by design so that you can first test the management pack on a limited set of servers. To verify that Discovery Helper has discovered your Exchange 2007 servers:

  1. Ensure that you have not scoped your views.
  2. Go to the Discovered Inventory view in the Monitoring section of the Operations console.
  3. Right-click and choose Select Target Type.
  4. In the Look for field, type Exchange 2007 Discovery Helper, select it, and then click OK. A list of Exchange 2007 servers appears with a status of “Not Monitored.”

To enable Exchange 2007 Server Role Discovery

  1. Go to the Object Discoveries node located under Authoring in the Operations console.
  2. In the Look for field, type Exchange 2007 Server Role and click Enter. A list of Exchange 2007 server role discoveries appears. You need to enable the following server role discoveries to monitor the respective server role: ! Notice the Enabled by default column, most of the role discoveries are disabled Exchange 2007 CCR Clustered Mailbox Server Role Discovery  -Discovers CCR and SCC clustered Mailbox serversExchange 2007 CCR Node Role Discovery  -Discovers CCR node servers in a CCR cluster (the physical nodes)Exchange 2007 Standalone CCR Node Discovery  -Discovers stand-alone CCR node roles (nodes that are participating in log shipping but are not part of an active Mailbox server) and stand-alone mailbox rolesExchange 2007 CAS Role Discovery  -Discovers Client Access server rolesExchange 2007 Hub Transport Role Discovery  -Discovers Hub Transport server rolesExchange 2007 Edge Role Discovery  -Discovers Edge Transport server rolesExchange 2007 UM Role Discovery  -Discovers Unified Messaging (UM) roles
  3. ! Note: – To discover standalone Exchange Mailbox servers you have to enable Exchange 2007 Standalone CCR Node Discovery. – To discover active/pasive cluster Mailbox servers  you have to enable Exchange 2007 CCR Clustered Mailbox Server Role DiscoveryThe process for enabling every role is identical, for example, to enable discovery of all Hub Transport servers, right-click the Exchange 2007 Hub Transport Role Discovery and select Overrides\Enable the Object Discovery\for all objects of type Exchange 2007 Discovery Helper.
  4. In the Override Properties dialog box, set the Enabled parameter to True, choose a destination management pack and click OK

  

-Disk monitoring Because the Windows (the Server Operating System MP) is imported the disk usage is also monitort in the MP, causing duplication of disk space alerts.

To disable disk monitoring for Exchange servers from the Windows Server Operating System Management Pack

  1. In the Authoring section of the Operations console, go to the Monitors node.
  2. Click Change Scope. The Scope Management Pack Objects by target(s) dialog box appears.
  3. In the Monitors pane, in the Look for field, type Logical Disk, and then click Find Now. Select logical disk classes from all operating system versions where you are running Exchange 2007 servers (for example, Windows Server 2003 Logical Disk and Windows Server 2008 Logical Disk). Click OK.
  4. Expand Windows Server 2003 Logical Disk, expand Entity Health, and then expand Availability to see the Logical Disk Availability and Logical Disk Free Space monitors.
  5. Right-click the Logical Disk Free Space monitor, click Overrides, click Override the Monitor, and then click For a group.
  6. Select the Exchange 2007 Computer Group, and click OK.
  7. In the Override Properties dialog box, set the Enabled parameter to False, and then choose a destination management pack. ! Note Save the changes in de newly created Exchange management pack.
  8. Perform the same procedure for the enabled monitors under Performance (Average Disk Seconds Per Read, Average Disk Seconds Per Transfer, Average Disk Seconds Per Write).
  9. Repeat the same procedure for the Logical Disk Availability Monitor as well as logical disk monitors belonging to other operating system versions.

-Configuring Exchange 2007 Disk Monitoring

  1. In the Operations console, click Authoring and then click Monitors.
  2. Click the Scope button, and ensure that View all targets is selected. In the Look for field, type Disk. Select Exchange 2007 Mailbox Database Disk, Exchange 2007 Mailbox Log Disk, and Exchange 2007 Queue Disk, and then click OK.
  3. For Exchange 2007 Mailbox Database Disk, expand Availability, right-click the Exchange 2007 MDB Disk Free Space Monitor, click Overrides, click Override the Monitor, and then click For all objects of type: Exchange 2007 Mailbox Database Disk.
  4. Examine the monitor parameters. This monitor works in the same way as Windows Server operating system disk monitoring, except that it handles only Exchange 2007 disks. Note that you can set a megabyte warning or error threshold, as well as a percentage free space threshold. By applying overrides to this monitor, you can do it once for all Exchange 2007 disks with mailbox databases on them. Important This monitor raises an alert only if both the megabyte and percentage thresholds are exceeded.NOTE: Safe the changes in the newly created Exchange management pack
  5. Perform the same steps for the disk monitors for the Exchange 2007 Mailbox Log Disk and Exchange 2007 Queue Disk classes.

-Configuring IIS Monitoring The Exchange Server 2007 Management Pack contains service monitors for the WWW and IIS Admin Services on Client Access servers. If you are already monitoring IIS with the IIS Management Pack, you can disable these monitors in the Exchange Server 2007 Management Pack. To disable WWW and IIS Admin Service monitors

  1. Go to the monitors node in the Authoring section of the Operations console.
  2. Set your scope to Exchange 2007 Client Access Role.
  3. Expand Entity Health\Availability for the Exchange 2007 Client Access Role.
  4. Disable the Exchange 2007 IIS Admin Service Monitor on the Client Access server and the Exchange 2007 WWW Publishing Service Monitor for all instances of objects of type Exchange 2007 Client Access Role.

-Configure Synthetic Transactions The Exchange Server 2007 Management Pack supports local mail flow synthetic transactions on Mailbox servers, in which the server sends mail to itself.  By default, this occurs every 15 minutes; you can override the interval.

Mail flow synthetic transactions on Mailbox servers. It is possible to configure the following: -Local mail flow (a server sends mail to itself) -Intra-site mail flow (a server sends mail within a site) -Inter-site mail flow (a server sends mail between sites) -Inter-organization mail flow (a server sends mail to another organization/mailbox, which could also be used to send mail via the Internet as long as the recipient is able to generate a delivery receipt)

Client Access Server Synthetic Transactions tt is possible to configure the following: -Applies The Microsoft Exchange Server 2007 Management Pack supports a number of synthetic transactions that run on Client Access servers and perform transactions against the Client Access server itself and also the back-end Mailbox servers within the same site as the Client Access server. Examples of these transactions are to check Exchange ActiveSync, Outlook Web Access, and Web Services connectivity. The transactions are implemented using Windows PowerShell cmdlets built into the Exchange 2007 product. Documentation for the Client Access server synthetic transactions supported by the management pack can be found here: -Test-OwaConnectivity (http://go.microsoft.com/fwlink/?LinkId=137732) -Test-ActiveSyncConnectivity (http://go.microsoft.com/fwlink/?LinkId=137733) -Test-WebServicesConnectivity (http://go.microsoft.com/fwlink/?LinkId=137734) -Test-PopConnectivity (http://go.microsoft.com/fwlink/?LinkId=137735) -Test-ImapConnectivity (http://go.microsoft.com/fwlink/?LinkId=137736)

-Configure Client Access Server monitoring Configure client access monitoring

  1. click the Authoring button in the Operations Console, right click Add monitoring Wizard, Exchange 2007 Client Access Server Monitoring
  2. Give the rule a name like “Client Access Server Monitoring for source server “webmail01” and choose the custom ExchangeMP
  3. Select the source server
  4. Select the tests; we’ve checked the all
  5. Select the target servers; we’ve checked the all
  6. Do this for every CAS Server

-Exchange 2007 Intra-Organisation Mail Flow Monitoring Configure mail flow synthetic transactions

  1. click the Authoring button in the Operations Console, right click Add monitoring Wizard, Exchange 2007 Intra-Organisation Mail Flow Monitoring Give the rule a name like “Exchange 2007 Intra-Organisation Mail Flow Monitoring “ExchMB01″ and choose the custom ExchangeMP
  2. Select the source server
  3. Select the frequency
  4. Select the target servers; we’ve checked the all
  5. Do this for every Mailbox Server

 

-Configuring Exchange Servers to Support Client Access Synthetic Transactions To use the Client Access server synthetic transaction, you must first configure each agent-managed Mailbox server that you want to use as a target server for the Client Access server synthetic transactions. The Test-OwaConnectivity cmdlet requires a test mailbox.

To create the test mailbox, log on to each agent-managed Exchange Server 2007 Mailbox server with a user account that is both an Exchange administrator and an Active Directory administrator with permissions to create users.

  1. Open the Exchange Management Shell, locate the Scripts directory under the installation path for Exchange Server 2007 (usually \Program Files\Microsoft\Exchange Server\Scripts), and execute the script New-TestCasConnectivityUser.ps1.
  2. Repeat this process on each agent-managed Exchange Server 2007 Mailbox server that is to be tested. Note that if you have several organizational units named “Users” in your directory, you will need to specify the organizational unit in which to store the user.

-Possible issues Time The management pack needs time to discover and find the Exchange organization. If you are not sure configure the MP and let it rest for a while.

Exchange 2007 Test Active Sync Connectivity Alert Check from the source servers if items like Active Sync are reachable; browse to the virtual directory: https://webmail001.site.nl/Microsoft-Server-ActiveSync it can be an access issue.

 

Setting SMSCacheSize in SCCM 2012 task sequence does not work

Issue:
There are a lot of threads discussing the SMSCACHESIZE and how to configure this. The issue is that configuring the SMSCACHESIZE in the task sequence doesn’t work. The issue we had is that no matter what size is configured using the parameter in the task sequence it always set the client’s cache size to the default, which is 5120 MB.
SMSCacheSize

Reason:
After checking the product documentation about the SMSCACHESIZE property we found:
“This setting is ignored when you upgrade an existing client and when the client downloads software updates.”
Because we included the SCCM 2012 client in the image (build & capture), Microsoft calls this an upgrade of the client.

Solution:
Change the task sequence by adding a VBS script to change the SMSCacheSize after the installation as described below:
– Save the script below in a .VBS file and place it on a reachable location (for instances on shared folder on the distribution points)

Dim ClientResource
Set objShell = WScript.CreateObject ("WScript.shell")
Set ClientResource = CreateObject("UIResource.UIResourceMgr")
Set CacheInfo = ClientResource.GetCacheInfo
CacheInfo.TotalSize = 7680 ' Your new cache size in MB.

– Go to Software Library, Packages and choose Create Package
Give the package a name like Set SCCM Cache Size, choose a source folder like \\SCCM-NLD-DP\sources$\Software\Packages\SCCM_2012\SCCMCacheSize
Choose Next and choose the option Do not create a program, Next and finish
– Open the Task sequence, After the SCCM setup add a Run Command Line
Task Sequence SMSCacheSize
– Add the following line to the Command Line: cscript.exe //nologo \\SCCM-NLD-DP\sources$\Software\Packages\SCCM_2012\SCCMCacheSize\setcache.vbs

Problem fixed !