Category: SCCM

SCCM 2012 Application Catalog Website: “Make sure WCF is activated” and .NET Unhandled Exceptions

In my brand new environment I am happily installing the marvelous SCCM features when from nowhere I have difficulty adding the application catalog website role to my single server standalone primary site. What in the world. I see two repeating errors:

Site Component Manager failed to install component

The WCF is not activated

Solution: Make sure the WCF is activated.

Screen Shot 2012-11-02 at 10.02.10 AM

Screen Shot 2012-11-02 at 10.05.33 AM

I start looking around and realize that I’ve forgotten to include the WCF service as a part of the .NET framework installation.

Screen Shot 2012-11-02 at 10.03.22 AM

I install the feature and both subfeatures, then open the CM service manager and restart the SMS_SITE_COMPONENT_MANAGER service so that the installation will immediately restart, or I could have waited 60 minutes and viola!

Screen Shot 2012-11-02 at 10.58.46 AM

Success!

image

Or so I thought….after it was successfully installed I was getting unhandled exception .NET errors when attempting to browse to the CMApplicationCatalog website.

Could not load type ‘System.ServiceModel.Activation.HttpModule’ from assembly ‘System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089’.

Screen Shot 2012-11-02 at 11.21.37 AM

DOH! I forgot to register the .NET Framework 4.0 components like a big fool. Props to Russ Rimmerman for posting up.

I ran this command: %windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe –i –enable, which didn’t work for me, it just kept spitting out the help message, which one other person complained of in the above Russ Rimmerman post, even when drilling into the directory with the command prompt. After fiddling around with that for a while I started getting this error: aspnet_regiis.exe is not a valid Win32 application.

Screen Shot 2012-11-02 at 12.53.11 PM

So I performed a repair of the .NET framework 4.0 from the Programs and Applications in control panel, then performed the following command line, which worked:

Screen Shot 2012-11-02 at 12.59.14 PM

Screen Shot 2012-11-02 at 12.59.28 PM

Annnnnd it worked! Except, then I was getting an authentication problem where no matter what credentials I used I couldn’t log in. Peachy.

Screen Shot 2012-11-02 at 1.07.29 PM

So then  I found this article:

http://blogs.technet.com/b/michaelgriswold/archive/2012/06/08/application-catalog-not-working-for-everyone.aspx

Where they suggested to once again, remove the roles from the server, perform aspnet_regiis.exe /iru, then reinstall the roles.

and FINALLY 8 years later we have a working Application Catalog. And now I need a nap.

Screen Shot 2012-11-02 at 3.38.29 PM

Moral of the story:

  1. Ensure that .NET WCF is installed as a prereq
  2. Ensure that .NET 4.0 is registered with IIS (You can do this by installing .NET 4.0 before the IIS roles, or via the command line afterwards)
  3. Ensure that your installation of .NET 4.0 is good.

Prevent Old Computers from Being Discovered in AD by SCCM 2012

What’s that you say? You hate it that system discovery in SCCM brings in ancient systems that don’t exist, nobody cared to clean up and still resolve in DNS?

Have we got a deal for you! One of my favorite new options in the system discovery for SCCM 2012 allows you to choose to discover only computers that have logged onto the domain in the past X days, also only discover computers that have updated their computer account password in the past X days. This feature is so totally awesome, because it will keep your database clear of non-important non-client installed records that somehow still have DNS records. This will be particularly valuable for those organizations which don’t clean out DNS and AD for their servers as a part of a proper decommission process. It’s Friday, it’s a good day. Carry on tech world!

Screen Shot 2012-11-02 at 9.37.43 AM

0x800700A1 when running command line task in SCCM 2012 OSD

Today in my SCCM 2012 lab I was troubleshooting a task sequence error in regards to source being unavailable. It is a very simple task sequence deploying Windows 7, the only custom step I placed in it was a vbscript I wrote to programatically determine or prompt for the computer name. The error was immediately presenting as soon as my “Run Command Line” task came up. Upon hitting F8 and running CMtrace (thank you Microsoft for putting that in the boot images natively!) I navigated to the SMSTS log found at X:\Windows\TEMP\SMSTS\smsts.log (while in the PE)

task sequence failed to resolve the source for SMS PKGID= 0x800700a1

Here’s what I looked at:

  1. Made sure that I had configured the network access account for the site
  2. Made sure my package had been distributed to the distribution point
  3. Made sure I could access it from the distribution point with the NAA account..wait a second, where is it anyway in 2012?

Here is where some reading may be required. Here is an article that regards the differences between the content library in 2012 and how packages were distributed in 2007. http://blogs.technet.com/b/hhoy/archive/2012/05/31/an-adventure-in-the-sccmcontentlib-single-instance-store.aspx

In the end, I had to ensure all packages referenced by the task sequence were in fact being copied to shares on the distribution point.  For this specific example I chose a specific share, but you shouldn’t have to do that.

Once I made that change, the task sequence deployment option could be set to “Access content directly from a distribution point when needed by the running task sequence”.  I needed to this because when running a task that needs to access package content before the local disk is partitioned there is nowhere to download the data to, so it must be run directly from the distribution point.

SCCM PXE Boot Media Certificate Expiration

Recently I came upon a default self-signed PXE certificate expiration on a ConfigMgr PXE service point site system. The warning message is:

Warning: The certificate associated with this media will expire in hour(s) and minute(s). A valid certificate is required for the duration of a boot media based deployment. Do you wish to continue?

To re-up the self signed certificate is quite simple, but a few extra things need to be done as well once the certificate has a new expiration date. First we navigate in the console to the server which clients are PXE booting from under site systems and look at the properties of the ConfigMgr PXE service point role.

Click on the database tab then set the expiration date out. Now we have to go to the Boot Images node in the SCCM console and update the distribution points (follow the wizard) for each of the boot images that contain the expiring certificate. Then restart the WDS service on the server and you’re all set.

Change a Computer’s OU during an OSD Task Sequence

I came across a situation when testing pushing re-images out with SCCM where I needed to ensure that the old computer object had been moved to the new OU that I specified. This is because even though I specified what OU I wanted the computer to be moved to during the “Apply Network Settings” task, the computer object wasn’t moved because the object already existed. I downloaded and modified Jakob’s vb script MoveOU.vbs which accepts the target OU as an argument.

The caveat with this script is that that since it needs to be run with an AD account that has rights to move the computer object, it cannot be run while the PC is in the PE, so it has to be run after the computer has been sysprepped and has booted from the OS that was dropped to the disk. Not a big deal, since we want the script to be successful even on new images where there isn’t an existing computer record. Here is an example command line usage:

MoveOU.vbs “OU=Marketing Department,OU=Workstations,DC=CONTOSO,DC=COM”