Internet Explorer 9 doesn't show the Site Zone assignment in the Status Bar

IE 9  doesn't show the web site's Zone Assignment in the bottom right corner of IE.  This was really useful in IE 8 and below as you could quickly know how the site was being handled.

It turns out that there's a pretty easy way to get the information anyway in IE 9.

Just right click on a blank portion of the web site and click on Properties.  This will bring up a Window that will show you what Zone the site is in as well as whether or not you are in Protected Mode.

Disconnected Mandatory Advertisements

So I ended up needing to verify exactly how SCCM Advertisements are handled when disconnected.

When you have an Advertisement that is set as a Mandatory Advertisement and your computer has downloaded the policy. And then you disconnect from the network, as in wireless or just at home or over software VPN. Thus disconnected from the corporate network but still on and running. When that time comes, for the Mandatory Advertisement to run, it will do the install, regardless if it has a network connection or not. 

In the end it acted the way I expected it to, but I need to verify this and can now conclusively say that this is how it works.

SCCM Advertisement Status Reporting

One of the issues I have with SCCM Reporting on Advertisements is that they are always categorized based on current status.  Thus you have the Success and the Waiting and the Failed all in different reports.

I decided to set out to fix this.  The main reason is, now I can send my new report to end users and they can just look up their computer and see the status of the installation and I don't have to walk them through looking at all of the different status reports.

So here's the report I put together.
********************************



select distinct
v_R_System.Netbios_Name0 AS [Computer Name], 
v_GS_xxx_CustomInfo0.Div_Code0 AS [Div],
v_GS_xxx_CustomInfo0.Support_Area0 AS [Area], 
[Top or Last User] = CASE
  WHEN Coalesce(v_R_User.Name0, v_GS_SYSTEM_CONSOLE_USAGE_MAXGROUP.TopConsoleUser0, v_R_User.Name0, v_GS_COMPUTER_SYSTEM.UserName0, userhist.Name0, hist.OldTCU) is not null THEN Coalesce(userconsole.Name0, v_GS_SYSTEM_CONSOLE_USAGE_MAXGROUP.TopConsoleUser0, usercs.Name0, v_GS_COMPUTER_SYSTEM.UserName0, userhist.Name0, hist.OldTCU)
  WHEN v_R_System.user_name0 is not null THEN v_R_System.user_domain0 + '\' + v_R_System.user_name0
  ELSE 'Unknown'
 END,
v_GS_OPERATING_SYSTEM.Caption0 AS [Operating System], 
v_GS_OPERATING_SYSTEM.CSDVersion0 AS [Service Pack Level], 
v_GS_OPERATING_SYSTEM.Description0 AS [Computer Description],
LastStatusMessageIDName AS [Last known Advertisement Status],
DATEADD(ss,@__timezoneoffset,LastStatusTime) as LastStatusTime, 
AdvertisementID
  


from v_ClientAdvertisementStatus
join v_R_System on v_ClientAdvertisementStatus.ResourceID=v_R_System.ResourceID
left join v_RA_System_SMSInstalledSites site on v_ClientAdvertisementStatus.ResourceID=site.ResourceID
left join v_GS_xxx_CustomInfo0 on (v_R_System.ResourceID = v_GS_xxx_CustomInfo0.ResourceID)
left join v_GS_COMPUTER_SYSTEM on (v_R_System.ResourceID = v_GS_COMPUTER_SYSTEM.ResourceID) 
left join v_GS_OPERATING_SYSTEM on (v_R_System.ResourceID = v_GS_OPERATING_SYSTEM.ResourceID)
left join v_GS_SYSTEM_CONSOLE_USAGE_MAXGROUP on (v_R_System.ResourceID = v_GS_SYSTEM_CONSOLE_USAGE_MAXGROUP.ResourceID)
left join v_R_User on (v_R_User.Unique_User_Name0 = v_GS_SYSTEM_CONSOLE_USAGE_MAXGROUP.TopConsoleUser0)
LEFT JOIN (SELECT ResourceID, Max(TimeStamp) as [Old], Max(TopConsoleUser0) as [OldTCU] FROM v_HS_SYSTEM_CONSOLE_USAGE GROUP BY ResourceID) hist on v_R_System.ResourceID = hist.ResourceID
LEFT JOIN v_R_User userconsole on v_GS_SYSTEM_CONSOLE_USAGE_MAXGROUP.TopConsoleUser0 = userconsole.Unique_User_Name0
LEFT JOIN v_R_User usercs on v_GS_COMPUTER_SYSTEM.UserName0 = usercs.Unique_User_Name0 
LEFT JOIN v_R_User userhist on hist.OldTCU = userhist.Unique_User_Name0
LEFT JOIN v_R_User usersys on v_R_System.User_Name0 = usersys.Unique_User_Name0


where v_ClientAdvertisementStatus.AdvertisementID=@AdvertID

********************************

A couple of notes:

• You can link to the Software Distribution - Advertisement Status - Advertisement status messages for a particular client and advertisement report by referencing AdvertID as Column 10 (or whatever it ends up being for you) and Name as Column 1.
• v_GS_xxx_CustomInfo0 is a custom table we have that contains info we pull from the registry, you probably don't have this table so you'll need to edit accordingly.
• There is a prompt for the Advertisement ID - This was pulled from any of the other built-in reports for advertisement status.
• Thanks to by buddy NP for putting together the cool lookup of the Top/Last User Name info.

In the end you have a report that will give you all of the computers that Advertisement was sent to with all of the Last Known Status's listed in one big list.

Building a Software Package installation for Adobe Reader 10.1.1

The key component here was to install Adobe Reader and not have it check for updates automatically.

Applied to Distribute Adobe Reader from www.adobe.com

Downloaded Adobe Reader from:

http://get.adobe.com/reader/enterprise/

Downloaded Adobe Customization Wizard from: http://www.adobe.com/products/acrobat/deployment.html

Run the Customization Wizard and open the extracted acroread.msi.

• Installation Options:
  • Make Reader the default PDF viewer
  • Installation = Silently (no interface)
  • Reboot = Suppress Reboot
• Shortcuts
  • Remove Desktop Shortcut
• EULA
  • Suppress display of EULA
• Online and Acrobat.com Features
  • Disable Help -> Purchase Adobe Acrobat
  • Disable Help -> Digital Editions
  • Disable Product Improvement Program
  • Disable all Acrobat.com Access
• Registry
  • HKLM\SOFTWARE\Adobe\Adobe ARM\1.0\ARM
    • iCheckReader=dword:00000000
  • This was to set the update mode:
    • 0 = Manual: Do not download or install updates automatically
    • 1: Not used
    • 2 = Semi Automatic: Automatically download updates, but let me choose when to install
    • 3 = Automatic: Automatically install updates.
  • Information taken from page 15 and 16 of the following:  http://kb2.adobe.com/cps/837/cpsid_83709/attachments/Acrobat_Reader_Updater.pdf

Generate Transform to create mst file (don’t “Save Package”, as this would modify the msi)

Close – When prompted to Save changes to AcroRead, select NO.

The SCCM Program (command line) is then just:

msiexec.exe /i AcroRead.msi TRANSFORMS="My_AcroRdr_10.mst" /qn

Sweet Batch File Tricks

If you are creating batch (.bat or .cmd) files you will run into an issue where you want to be able to determine the relative location of that script and then affect those other files.

A batch file uses %0 as the parameter for the batch file name.  Using %~ we can expand parameters.  Thus, when we combine a few parameters together we can create a way to read the current directory that the script is stored in.

%~dp0

d=drive letter
p=path

Thus, if the file c:\folder1\folder2\script.cmd exists and has the following contents:
echo %~dp0

We will get the following output:
c:\folder1\folder2\

Pay attention to the fact that the output contains the trailing backslash "\".  This is important because if you are going to reference another file in that directory you'll need to not use an additional "\".

If script.cmd is used to call script2.cmd in the same directory and also call script3.cmd in a subdirectory it would look something like this.
Example:

set scriptlocation=%~dp0
call %scriptlocation%script2.cmd
call %scriptlocation%folder3\script3.cmd


For an in-depth explanation:
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/percent.mspx?mfr=true

Boot Images in SCCM 2007

The question comes up all the time.  What boot image do I need to use to boot properly for OSD in SCCM 2007.  Here's the definitive answer.

http://sccmftw.wordpress....x86-or-x64-boot-image/ 

• An x86 Boot Image can deploy the following: 
• 32bit image 
• 64bit image 
• 32bit Install Package 
• Can't deploy 64bit Install Package 

• An x64 Boot Image can deploy the following: 
• 64bit Image 
• 64bit Install Package 
• Can't deploy anything 32bit based

Forefront Endpoint Protection Rollup 1 and Auto Updating Definitions

So, I followed the instructions for deploying FEP 2010 Update Rollup 1.  Which leads into using the Software UpdateAutomation.exe (here) to run a scheduled task to update the Distribution Points and deploy the updated definition files.  The walk through is great, except for a couple of items.

1.  (Disclaimer) I didn't have this problem, but I found a few confused people while researching problem #2.

     The issue is with step 1 and 4 (below).  You do not need to copy SoftwareUpdateAutomation.exe to %ProgramFiles%\...  You need to copy the executable to the install location of the SCCM application on your site server.

Thus the following would be more appropriate:

\AdminUI\Bin\SoftwareUpdateAutomation.exe

2.  I did have this problem.

     Do not copy and paste the arguments from Step 5 (below) as the quotes used on the site are not recognized as quotes when you run the command.  Just replace the quotes with your own and the command should execute just fine.  It is also referenced on a few other blogs that it helps to put single quotes around the number of the article ID.  I personally didn't see an instance where I needed the single quotes, but I did add them, because it appears to work just fine with the extra single quotes.

I hope this helps somebody.

http://technet.microsoft.com/en-us/library/hh297450.aspx

To configure the definition update automation tool

1. On your Configuration Manager site server, in the location to which you copied the fepsuasetup.cab file, open the file and copy SoftwareUpdateAutomation.exe to one of the following locations:
   • %ProgramFiles% \Microsoft Configuration Manager\AdminUI\bin, if the computer is a 32-bit operating system.
     
   • %ProgramFiles(x86)% \Microsoft Configuration Manager\AdminUI\bin, if the computer is a 64-bit operating system.
   Important:
   You must run the SoftwareUpdateAutomation.exe tool in one of the above folders.
   
   
2. Start Task Scheduler, and in the Actions pane, click Create Task.
3. In the Create Task dialog box, give the task a name, and then, under Security Options, make sure that the user account specified has the appropriate Configuration Manager permissions to update the definition package and definition assignment specified in the command line.
4. On the Actions tab, click New, and in the New Action dialog box, specify one of the following command lines to run:
   • For a 32-bit operating system: %ProgramFiles%\Microsoft Configuration Manager\AdminUI\bin\SoftwareUpdateAutomation.exe
     
   • For a 64-bit operating system: %ProgramFiles(x86)%\Microsoft Configuration Manager\AdminUI\bin\SoftwareUpdateAutomation.exe
     
5. In the Add arguments text box, enter the following arguments and then click OK:

   
   

   /AssignmentName AssignmentName /PackageName PackageName /RefreshDP /UpdateFilter “articleid=2461484 AND IsSuperseded=0 AND IsEnabled=1 AND IsExpired=0”
   

   
   
   Where AssignmentName is the name of the software deployment for the definitions which you recorded earlier, and PackageName is the name of the software package that contains the definitions which you recorded earlier. Parameters are not case sensitive.
6. On the Triggers tab, click New.
7. In the New Trigger dialog box, under Settings, select Daily.
8. Under Advanced settings, select the check box for Repeat task every, in the list click 1 hour, and then next to for a duration of, click Indefinitely.
9. In the New Trigger dialog box, click OK, and then in the Create Task dialog box, click OK.