Author Description

raphael Raphael Perez is a Enterprise Client Management MVP based in UK, he specialises in System Center Configuration Manager (including OS Deployment) and other System Center products (Operations Manager, Service Manager, etc.). He is a Community leader attending the physical and virtual meetings and engaging with the community across forums, twitter, LinkedIn and his blog. He is RFL Systems‘ owner, a System Center specialized consultancy and training services within the United Kingdom.

Author Posts

SCCM 2012 R2 and MDT 2013 – UDI (Locale)

Hi All, 1 of my clients is using SCCM 2012 R2 with MDT 2013 for the UDI (User driven installation). The UDI is really simple, ask name of the computer, OU/Domain, User primary user as well as language. As you can see here, UDI does not format the PC. Based on this, we created a new UDI XML file and changed the default unattended.xml to add the UDI variables to the new OS. We changed/added the following from en-us for the code it was <InputLocale>%KeyboardLocale%</InputLocale> <SystemLocale>%UserLocale%</SystemLocale> <UILanguage>%UILanguage%</UILanguage> <UserLocale>%UserLocale%</UserLocale> the problem is when we apply the XML file, it did not change the keyboard and locale to our test location (UK), instead, it kept en-us. searching, we found a blog post for MDT 2012 Update 01 from Cameron (you can find the post here) and applying the workaround fixed the issue. after that, i found that the MDT 2013 documentation (that…

Local Administrators Group and Compliance Settings

Hi All, how do you manage the local administrators group? Many companies use the Restricted Group in the Active Directory/GPO to do it, but unfortunately, this settings is not an “add” rule, it is a replace. What i mean by this is simple: Imagine the scenario where you have 3 groups that always need be member of the admin group (Group1, Group2 and Group3). It is simple, you create a group policy and add this group of users to the restricted group. Now, you have few servers that need to have a 4th group. For server1 and server2, you need to add the group4 and for server3 and server4, you need to add group5. You can think that it is easy, just create a restricted group for those 2 set of servers adding the group4 or group5… in this scenario, once the 2nd GPO is applied, it will replace the…

Robocopy and Task Sequence

Hi all, Sometimes we need copy files from the server to the client during OS deployment, but if you’re a large organization with many physical locations, copying files from a specific location may not be suitable as it may cause copying files from the WAN link. Due this, people of use DFS or use SCCM to do it creating CMD files to run as a program and execute this via TS. This is an interesting way to do, but i always try to avoid creating CMD files (I prefer use VBS to Powershell), and the reason is simple….it is another script that people need to know and need to maintain. In this world where people start early using computers, creating CMD file and maintain a CMD file may not be as simples as it was when I started..anyway… As i said, i like to avoid creating scripts and as I…

SCCM 2012 R2 and MDT 2013

Hi All, today i started testing the SCCM 2012 R2 and MDT 2013 integration and for my surprise, the Task Sequence i created (and modified) was failing with the following error: Set command line: “OSDApplyOS.exe” /image:PS100007,1 “/config:PS10000B,unattend.xml” /target:%OSDisk% The /target parameter specifies an invalid target location. Failed to run the action: Apply Operating System Image. The parameter is incorrect. (Error: 80070057; Source: Windows) at the 1st, i though that was something wrong with my image and just to be sure, did a DP update but it was not… looking at the internet I found Johan similar issue on MDT 2012 RC (http://www.deploymentresearch.com/Research/tabid/62/EntryId/53/Troubleshooting-tips-Refreshing-clients-with-SCCM-2012-and-MDT-2012-RC1.aspx) and because this, I went back to my TS and started validating the format steps… for my surprise, the MDT format step for UFDI (Format and Partition Disk (UEFI)) that i copied from the MDT TS itself had the OSDisk (Primary) a variable called OSDTemporaryDrive instead of OSDisk. i changed…

System Center 2012 R2 is out

Hi All, Today, 1 day before the official release, Microsoft released the System Center 2012 R2 RTM on MSDN. For me it means that i’ll be sleeping really late today and tomorrow and my weekend will be fun…lots of fun rebuilding my VM’s. thanks

Secondary Site or Remote Distribution Point?

Hi All, today my post is about design and infrastructure, more specific on when use or not use secondary site as today, people has a misconception. The reason of this misconception is simple, SCCM 2007 secondary site worked differently from the 2012 version. On a 2007 version, you would use secondary site where your network is slow and the number of clients where high (depending on the network speed it could be only 10 clients). Another reason would be if the network was unreliable. On 2012 version, Microsoft changed the way secondary site works a bit, the 1st change is that a secondary site has a database and this database is part of the overall SCCM infrastructure replication, however, secondary site does not hold everything as a primary site, but only information that is required for the machines connected to that secondary site. Another huge change is that MS added…

Unboxing Start Wars!?!?!?

Hi All, today is a happy day for my Star Wars ships collection, after almost 4 years i finally opened 1 box. I started this collection about 6 years ago and by the time my daughter started crawling, i had to take action to keep them “alive”…and the result was to put them in boxes.. I don’t know how exactly how many i have, but i can easily say 70+… Few images if you’re wondering what they look like

Good – Cheap – Fast

Hi All, it’s there, and you find it everywhere… On IT it is not different, you find companies looking for people that knows a lot of technologies, even those technologies do not mach. Examples of it are everywhere, companies asking experts in System Center * (ConfigMgr, OpsMgr, etc) and Exchange, or Windows and Linux, etc. and always expect you to be the best, work fast and be cheap… There are lots of examples, but recently, i was contacted by an agency and our chat was like the following: Agency: Hi Raphael, m name is XXXX from YYYY and we are recruiting for a role that you’ll love. it is really interesting and paying well. Me: Oh, well, I’m not looking for anything at the moment, but if it is really irresistible, why not? Agency: We’re looking for someone with really strong knowledge of SCCM and OS Deployment, do you know…

System Center 2012 R2 RTM?

Hi all, if you’re like me waiting for the System Center 2012 R2 RTM/GA release, you still need to wait few more days as the official announcement should be done with the release of Windows 8.1 and Windows Server 2012 R2 GA on the 18/10. it means 9 and 1/2 days to day (well..depending on where you’re now, these can be a bit more or less :)) Anyway, as far was i know, there are few System Center products already on RTM just waiting the 18 to be published. But what we’ll get from the R2 release? In terms of Configuration Manager, the main new “feature” will be support for Windows 8.1 and Windows Server 2012 R2…for me this is the most important one as i rebuild my lab using Windows server 2012 R2 and waiting the R2 be GA to continue with my personal project…it means, less hours of…

Error 401 while connecting to DP

Hi All, During a new build of a test machine using Windows 7 SP1 x64, we had a requirement to add the machine to a workgroup instead of domain. At 1st, it was really easy task, we duplicated the existing and working task sequence and changed the domain information to add to a workgroup instead of a domain and started testing. For our surprise, it failed. On IIS logs, I could see that client (on a WinPE) tried to download the wim file and fails (access denied). Once fail, it connects using the Network Access Account and download worked fine. it applied the wim file and download extra packages without any issue. machine was rebooted and installed the client, once done, another reboot and try to install an app and it failed. looking at the datatransfer log we saw access denied (error 401) CAutoImpersonate::ImpersonateUser Sending PROPFIND request using URL http://SERVERFQDN:80/SMS_DP_SMSPKG$/Content_b8f4d18c-2364-4226-8857-06c0047724eb.1…