Techno Button Master

I got this,

Simple answer:

just run (as admin) on the client machine and boom, it works! CCMCertFix.exe

http://support.microsoft.com/?kbid=977203

I was getting a nice 4005 error while trying to Build/Capture of Vista Sp2, the error was occuring just before windows installtion had started (after applying drivers)

It seems there was an incompatibility on one of the divers as I use mainly XP Drivers, To workaround this I created a new driver category for Vista to use (instead of all the drivers avaliable)

I got it working by

1. Create a “Vista_Network” driver catergory and added the basic Network/required drivers
   
2. Edit The Build-Capture tasksequence
3. Goto the “Apply Driver” task
4. Select “Limit Drivers To “Vista_Network” Category”
5. 

   As you can see

   Save

It will now work and you dont need to disable drivers etc.

Good Luck

I was getting erros deploying to a x64 boot pxe, it would never work..

until *actually* copied the x64 boot image to the DP

duh!

check client access rights in

Client Agents –> Computer Client Agent –> Network Access Account

I always like a little cmd alternative to fifty mouse button clicks (yea I know) and when I was having issues with one client with SCCM & OSD I had to use this, Basically once client was not installing a netork card driver, it would if I did it manually from inside WINPE ( press f8, type MMC and then add/remove computer management) there seem to be 2xdriver in the c:\drivers and although I dont yet know where this duplication is, I have to get this computer out today. So I found DEVCON

What is it? Basically what you do in device manager with a mouse this will do from CMD with some heavy options.

1. Get DevCon HERE
2. Extract to c:\devcon
3. in CMD goto c:\devcon\i386\ and execute devcon
4. In my case the command was devcon inf hardwareID
5. devcon update %path_to_inf%\b44win.inf PCI\VEN_14E4

you get the idea,

the Hardware ID the really an interesting thing, if you ever need it then you can do devcon find * | more and you will get a nice list of all your hardware..

UPDATE –

Actually that failed aswel, supid computers are stupid.

In the end I basically did the follwoing

1. mounted the WIM image
2. edited the sysprep.inf to include
   • DriverSigningPolicy=Ingore
   • UpdateInstalledDrivers=Yes
3. unmounted and commited the changes
4. edited the sysprep in the sccm DP (just incase)
5. updated the DP and WIM DP
6. retried
7. Done

SCCM can be a pain in the ass.

Good luck!

I have been testing redeploying xp via sccm r2 (beta) and I want to get it working with a single image, multiple HAL and from a vmware image,

I had mega problems with pxe booting and denying and failing, the logs are saying either the netbios or the guid are not matching.. i found a useful post

http://myitforum.com/cs2/blogs/cstauffer/archive/2009/05/11/configmgr-osd-mdt-clear-pxe-cache.aspx

basically, restart the “Windows Deployment Service” on the SCCM machine, this will flush the log and allow the machine to boot..

thanks

Etrust has expanded to a heavy resource hog. Even tweaked to exclude certain files/folders/processes it seems to lag the entire computer down..

Just check the services, count them 5 !

Crazy

Now I know I could most likely trim them down, but I don’t see the point now. CA Etrust is using way over 100mb of ram, that’s not acceptable in any situation and I can feel the computer being pulled into the pits of hell by Etrust, Its time to declaw and uninstall CA Etrust

What are my options?

For now there is only one. ForeFront (read up, Its actually good)

This is going to be a new install and deployment of Forefront to the entire domain, I am testing the rollout now and its actually working pretty well.

As I try to use Systems Centre Configuration Manager (SCCM) for application deployment (among other things) these are the special steps I took

1. Install & Configure Forefront Server (New Physical)
   This is easy, Just follow the prompts and guides from MS
2. WSUS Server
   You need to follow this guide WSUS FCS Updates
3. Follow this guide to deploy FCS Client with SCCM Deploy FCS with SCCM
   The only difference with my installation is that I did not use a TASK Sequence to remove the previous Antivirus. I don’t like the idea of having a system unprotected for any amount of reboots.
4. I created a New Program for the FCS Client that had to run another software package (etrust uninstaller)
5. Etrust remover.bat was basically just a msiexec that called for it to be removed.  here is the BAT if you dare to use it :

net stop ITMRTSVC
net stop InoRT
net stop InoTask
net stop InoRPC
REM ITM
MsiExec.exe /X{847501DF-07C0-4691-B04A-893929F108AE} /qn
REM AV
MsiExec.exe /X{85F88F9C-6EB2-426B-88AB-28DA4A3526B9} /qn
exit

This seems to be effective in removing the old and installing the new.

Microsoft forefront has so many good points its hard to imagine how anyone will compete, the reporting is great! It also scans for security problems (service packs or weak passwords etc) I only hope it will handle viruses better or at least as well as CA, Not that viruses happen very often anyway, due to my heavily fortified virus proof(ish) boundary.

How does FCS seem to me? 43MB service, nice.

EDIT

Here are all the required MSIEXEC commands to remove etrust

MsiExec.exe /qn /X{847501DF-07C0-4691-B04A-893929F108AE}
MsiExec.exe /qn /X{85F88F9C-6EB2-426B-88AB-28DA4A3526B9}

This was the final part of the CA Story, Seems to have only left some empty folders..