Website analytics toolWebsite analytics tool

ConfigMgr and back again

Automating life, one Bit at a time.

Driver Import Issue

no comment

I’ve just run into an issue importing drivers for Windows 8.1 (on two Lenovo devices – Helix Gen2 and the ThinkPad Tablet 10) on SCCM 2012 R2 (recently upgraded from 2012 SP1 but this could be irrelevant).

The problem was that the primary site that I was trying to run the Import on was running Windows Server 2008 R2. When trying to import Windows 8.1 drivers, the following error would be displayed in the import wizard dialogue box and in the DriverCatalog.log:

The selected driver is not applicable to any supported platforms. Code 0×80070661

The problem appears to be due to driver signing and the method in which some of the newer drivers are signed. Windows Server 2008 R2 doesn’t recognise the signing method and rejects the drivers.

A KB article (KB3025419) was created to address this issue -

Which ultimately points to 2 other KB patches to install.

After installing these patches, and rebooting the server, all drivers now import successfully.

Create task sequence media larger than 32GB

no comment

I recently ran into a problem trying to create stand-alone media onto a USB key using ConfigMgr 2012 SP1. The task sequence contained driver packages, applications, operating system images and other content that totalled more than 32GB. Due to a combination of the ConfigMgr console Operating System, ConfigMgr itself, the USB disk formatting method/type and the USB stick size, doing this without prior tweaking is not possible. Windows 7/8,Server 2008/08R2/2012 isn’t able to cope with a partition greater than 32GB in conjunction with the ConfigMgr bootable media creation process.

This is what I needed to do to create a 64GB bootable USB stick.

  • Make sure the USB drive in question is removable media and not detected as a portable hard drive, or it won’t be seen by the console (USB stick, USB key required, not USB hard drive).
  • Use a Windows 7, 8, Server 2008/R2 or 2012 machine to format the USB stick with NTFS.
  • Find an old Windows XP machine (yes, they do still have a use) and install the ConfigMgr 2012 console on it.

Windows XP is able to work with drives >32GB, but if you try running the task sequence media wizard at this point, it will fail with the following error:

Query for Win32_Volumes failed. 80041010. Failed to determine whether or not <Drive> is the boot or system volume. Failed to create media (0×80041010).


This is because Windows XP does not have the Win32_Volume class that is used to query available drives.

We therefore need to add the class.

  •  Copy the following MOF text into a new file called config.mof and store it locally on the XP machine with the console installed (e.g. C:\config.mof)

#pragma namespace (“\\\\.\\root\\cimv2″)

Class Win32_Volume
String Name;
Boolean BootVolume;
Boolean SystemVolume;

Instance of Win32_Volume

  • Replace the red text above (E:) with the drive letter of your USB drive and save the mof file – note: keep the double backslashes.
  • It may also be necessary to replace the quotes around the text in red and the text on line 1, as wordpress converts them into incompatible speech-marks.
  • Open command prompt and run the following command:

mofcomp.exe <pathToMOF>\Config.mof

e.g.  mofcomp.exe C:\Config.mof

  • Now run the task sequence media wizard and select Stand-alone media.
  • Select USB flash drive and select your drive.

If the following warning comes up, just ignore it, the process will still work fine:

The USB flash drive is not formatted correctly. Format the USB flash drive from a Windows Vista or later operating system.


  •  Complete the wizard with your desired options.

The process will take a while to complete but you’ll have a nice USB stick >32GB at the end.
Be sure to monitor CreateTsMedia.log in the console install directory (e.g. .\Program Files\Configuration Manager Console\AdminUILog   or .\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\AdminUILog) for progress.


It may be necessary to make the USB drive bootable at the end of the process. To do this, just run the following command in an elevated command shell:

bootsect.exe /nt60 E:\ /force /mbr

  • Replace the red text above (E:) with the drive letter of your USB drive.

Note: If bootsect.exe cannot be found in it’s default location (%WinDir%\System32), you can locate it in the Windows 7/8 source media .\boot folder.


Extending Hardware Inventory to retrieve Autodesk license info (CM2012)

no comment

I had the need last week to extend Hardware Inventory to report on installed Autodesk products, their license type and serial number.

This information is available in registry but is in a different place for each Autodesk product which makes retrieving it a bit difficult.

I used a list of all registry locations for each Autodesk product and then used the magic of excel to format it into MOF format.

The following steps will show how to extend ConfigMgr 2012 inventory to include Autodesk licensing information:

  • Click the following link to get a MOF-formatted link of all available registry-accessible Autodesk products (to 2014)
    Autodesk MOF
  • Advisable: Take a backup of current Configuration.mof in <ConfigMgr Installation Directory>\inboxes\clifiles.src\hinv
  • Copy and paste the products you want to include in Inventory into Configuration.mof at the bottom between ‘// Added extensions start’ and ‘// Added extensions end’
    Note – the file contains entries for both 32-bit and 64-bit products, be sure to take both. 64-bit starts at the middle of the file.
    Note – be sure to take the two class definitions at the top and middle of the document. (Anything removed should start with [DYNPROPS] and finish with };
  • Save Configuration.mof
  • Copy Configuration.mof to a test PC (e.g. %Temp%)
  • Run the following command in cmd.exe to check for syntax issues:
    mofcomp.exe -check “%Temp%\configuration.mof” (assuming file was copied to %temp%)
  • Ensure the resultant output contains “MOF file has been successfully parsed” (about 6 to 8 lines up) and “Syntax check complete
  • Run the following command to insert the configuration.mof changes into WMI:
    mofcomp.exe “%Temp%\configuration.mof” (assuming file was copied to %temp%)
  • On the ConfigMgr site server, open the console and go to Administration > Client Settings > Default Client Settings > Properties
  • Click the Hardware Inventory tab then click ‘Set Classes
  • Wait for the list to populate then click ‘Add
  • Click Connect then enter the Computer Name of the test PC that has just had the configuration loaded and any required credentials to connect to WMI.
  • Check the checkboxes next to Autodesk_Inventory and Autodesk_Inventory_64 and click OK
  • Ensure Autodesk_Inventory and Autodesk_Inventory_64 are checked in the Hardware Inventory Classes window then click OK twice more.

Dataldr.log should reflect the change being made, two new tables (AUTODESK_INVENTORY_DATA and AUTODESK_INVENTORY_64_DATA) and two new views (v_GS_AUTODESK_INVENTORY and v_GS_AUTODESK_INVENTORY_64) will be added to the database. After which, machines that run hardware inventory should start to report on any installed Autodesk products that they have installed.

The below query can be created which will show this information in a list (64-bit shown):


select SMS_R_System.Name, SMS_G_System_AUTODESK_INVENTORY_64.* from  SMS_R_System inner join SMS_G_System_AUTODESK_INVENTORY_64 on SMS_G_System_AUTODESK_INVENTORY_64.ResourceID = SMS_R_System.ResourceId where SMS_G_System_AUTODESK_INVENTORY_64.ProductName is not null



SYS.Name0, ADESK.InstanceKey, ADESK.KeyName00,
ADESK.ProductName00, ADESK.Release00, ADESK.MachineID,
ADESK.RevisionID, ADESK.SerialNumber00, ADESK.StandaloneNetworkType00,
ON ADESK.MachineID = SMS_R_System.ItemKey where ADESK.ProductName00 is not null


OSD Application Migration without displaying UDI Wizard

no comment

I’ve been using USMT via OSD to migrate user profiles and settings using a zero-touch approach with no user interaction at all. This was working fine but I thought it would be nice if as well as user data, it also migrated applications. The UDI wizard discovery and selection page is a nice feature but I wanted it to be zero-touch, so I decided I’d incorporate the same discovery and selection but without displaying the wizard. This way, I could still use the same rules and mappings and the UDI wizard designer UI to control the migration behaviour, but without displaying the wizard to the user.

The way this was accomplished was pretty easy, it just required 3 new task sequence steps in place of the UDI Wizard call and a custom vb script.


The first step calls the AppDiscovery executable just like the UDI wizard does, and passes it the required parameters.


Command Line:  AppDiscovery.exe /readcfg:”%scriptroot%\” /writecfg:”%temp%\” /log:”%temp%\AppDiscovery.log”
Where /readcfg points to the location of the Configuration XML from UDI, /writecfg points to the location to write the discovery XML and /log points to the location to create the log file.
Start In: %deployroot%\tools\osdresults

The second step runs the custom vbscript which reads the XML file generated by AppDiscovery.exe, finds the applications that were detected and selected, and then sets them to their respective task sequence variables.


Command Line:  cscript.exe “%ScriptRoot%\Custom\SetAppVariables.vbs” “%temp%\” 64
Where ‘Custom’ is the name of a custom folder within the MDT Files Package ‘Scripts’ folder, is the same as the /writecfg switch in the ‘Run AppDiscovery’ step above, and 64 is the architecture of the Operating System being deployed.

The third step runs one of the built-in UDI scripts to serialize the XML file which sets the task sequence variable ‘ApplicationList’ from the XML file contents.


Command Line: cscript.exe “%deployroot%\tools\osdresults\OSD_SerializeXmlApp.vbs” > “%temp%\SerializeXmlApp.log”

A link to the vbscript can be found Here (in .txt format to allow upload - save or rename to .vbs)



SCCM 2012 Content Progress Report

no comment

In ConfigMgr 2012 there’s a handy little node on the ‘Monitoring’ panel called ‘Content Status’ under ‘Distribution Status’. This will return all content, whether that is Applications, Packages, OS Images, Drivers etc, and the current distribution status of them.

If you click one of them, you’ll get a nice pie chart showing a summary of Failed, In Progress and Successfully distributed/verified on your distribution points.

You can then click ‘View Status’ and it will give a breakdown of the individual distribution points for that package and a description of their individual status (i.e. awaiting content, failed to validate hash etc). Here’s an example of the ‘In Progress’ and ‘Failed’ nodes for a package recently distributed:



This is great, it shows which distribution points have failed distribution, those that are in progress, and those that have succeeded, but only for that package. What if you wanted to find all packages that were in a specific distribution state, or even those that have a specific status message (i.e. all those that had a content hash mismatch, or all those awaiting prestaged content).

I couldn’t find a built-in report to show me this, or at least not one that replicated the detail that I was seeing in the console, so I decided to write my own.

The SQL below will generate a report similar to that in the screenshot below. It shows the Package ID for the content, the name and type, the target distribution point with site code, the status (Success, In Progress or Failed, and also give the option of ALL), the actual Message as displayed in the console and the number of groups the distribution point is a member of. This can then be exported (e.g. to excel) for further data manipulation and sorting/filtering.


Main SQL Query:

dbo.v_Package.Manufacturer + ‘ ‘ + dbo.v_Package.Name + ‘ ‘ + dbo.v_Package.[Version] AS [Content Name],
REPLACE(dbo.RBAC_SecuredObjectTypes.ObjectTypeName, ‘SMS_’,) AS [Content Type],
REPLACE(SMS_DistributionDPStatus.Name, ‘\’, ”) AS [Distribution Point],
CASE SMS_DistributionDPStatus.MessageState
WHEN 1 THEN ‘Success’
WHEN 2 THEN ‘In Progress’
WHEN 4 THEN ‘Failed’
ELSE ‘Unknown’
END AS [Status],
CASE SMS_DistributionDPStatus.MessageID
WHEN 2303 THEN ‘Content was successfully refreshed’
WHEN 2324 THEN ‘Failed to access or create the content share’
WHEN 2330 THEN ‘Content was distributed to distribution point’
WHEN 2384 THEN ‘Content hash has been successfully verified’
WHEN 2323 THEN ‘Failed to initialize NAL’
WHEN 2354 THEN ‘Failed to validate content status file’
WHEN 2357 THEN ‘Content transfer manager was instructed to send content to the distribution point’
WHEN 2360 THEN ‘Status message 2360 unknown’
WHEN 2370 THEN ‘Failed to install distribution point’
WHEN 2371 THEN ‘Waiting for prestaged content’
WHEN 2372 THEN ‘Waiting for content’
WHEN 2380 THEN ‘Content evaluation has started’
WHEN 2381 THEN ‘An evaluation task is running. Content was added to the queue’
WHEN 2382 THEN ‘Content hash is invalid’
WHEN 2383 THEN ‘Failed to validate content hash’
WHEN 2391 THEN ‘Failed to connect to remote distribution point’
WHEN 2398 THEN ‘Content Status not found’
WHEN 8203 THEN ‘Failed to update package’
WHEN 8204 THEN ‘Content is being distributed to the distribution point’
WHEN 8211 THEN ‘Failed to update package’
ELSE ‘Status message ‘ + CAST(SMS_DistributionDPStatus.MessageID AS VARCHAR) + ‘ unknown’
END AS [Message],
SMS_DistributionDPStatus.GroupCount AS [Group Count]
dbo.vSMS_DistributionDPStatus AS SMS_DistributionDPStatus
INNER JOIN dbo.RBAC_SecuredObjectTypes
ON SMS_DistributionDPStatus.ObjectTypeID = dbo.RBAC_SecuredObjectTypes.ObjectTypeID
LEFT OUTER JOIN dbo.v_Package
ON SMS_DistributionDPStatus.PackageID = dbo.v_Package.PackageID
WHERE (SMS_DistributionDPStatus.MessageState = @MessageState) OR (@MessageState = 999)

Prompt SQL Query:

CASE SMS_DistributionDPStatus.MessageState
WHEN 1 THEN ‘Success’
WHEN 2 THEN ‘In Progress’
WHEN 4 THEN ‘Failed’
ELSE ‘Unknown’
END AS [Status],
SMS_DistributionDPStatus.MessageState AS [State Value]
vSMS_DistributionDPStatus AS SMS_DistributionDPStatus
‘ALL’ AS [Status],
999 AS [State Value]
SMS_DistributionDPStatus.MessageState DESC


Note: due to the way WordPress converts apostrophes and quotation marks, it’s probable that a direct copy and paste of the SQL will not run properly, please be sure to replace apostrophes with SQL-accepted quotes.

There are some unknown message IDs that I have missed off, I will add them in as and when I come across them. Please feel free to comment with any new ones and I will amend the post accordingly.
Or if there is a table in the ConfigMgr database that contains them all, please let me know.

Management Point DB Connection Issues

no comment

We ran into an issue a couple of months back where one of our secondary sites lost connectivity with it’s primary. The following was observed in the mpcontrol.log on the secondary:

Call to HttpSendRequestSync failed for port 80 with status code 500, text: Internal Server Error
Successfully performed Management Point availability check against local computer.
Initialization still in progress.

When running the Management Point Troubleshooting tool for the site, the above was confirmed when the MPLIST HTTP or HTTPS request functionality test failed as below.

Test Name:
Test MPLIST HTTP or HTTPS request functionality.
Test Result:
Detail result information:
Exception Message:Fail to retrieve the content in [HTTP://SECSCCM01:80/SMS_MP/.SMS_AUT?MPLIST].
Exception Message:The remote server returned an error: (500) Internal Server Error.

When scanning the mpcontrol.log further, the following SQL errors were also present:

*** *** Unknown SQL Error!
*** Failed to connect to the SQL Server.
Failed to get connection to the configured SQL database.
Failed to connect to the configured SQL database.
Reverting back from using the SQL connection account; user name is now ‘SYSTEM’.
Failed to get the current CLR Enabled configuration setting for the configured SQL Server hosting the database.

A similar SQL related error was also observed in the mp_getauth.log on the secondary:

SQL Server Name     : PRISCCM01\CCM
SQL Database Name   : SMS_PRI
Integrated Auth     : True

MPDB Method         : Init()
MPDB Method HRESULT : 0×80004005
Error Description   : null
OLEDB IID           : null
ProgID              : null

CMPDBConnection::Init(): IDBInitialize::Initialize() failed with 0×80004005

This prompted me to test whether this was a problem with ConfigMgr connecting to the primary site database, or a general server issue connecting with the database. To test this, I created a test.udl file on the desktop of the secondary, opened it and inserted the connection information for the database:

 Data Link Properties Connection

Data Link Properties Provider

 When attempting to pull down the drop-down menu to ‘select the database on the server’, the following error would appear:

[DBNETLIB][ConnectionOpen (Connect()).]Specified SQL server not found.

Followed by:

Login failed. Catalog information cannot be retrieved.

Testing the same settings on any other secondary site returned the full list of databases so I knew that the issue was specific to this system.
The next step was to try and diagnose what would be causing the connection issue. My first thought was authentication but after performing several tests, including connection attempts using my domain credentials that work from other sites, authentication was ruled out.
I then decided to try running a netstat -a to view open connections and port usage. The problem soon became evident at this point. The below is the result of the netstat:

SECSCCM01  TCP       PRISCCM01:microsoft-ds                  ESTABLISHED

The connection between the secondary site and the primary site database was being attempted on the microsoft directory services port (port 445) and not on the current dynamic TCP port (49395) as below:

SQL Server Config Manager TCPIP

SECSCCM02  TCP       PRISCCM01:49395                 ESTABLISHED

This protocol/port issue took me to the internet where I found a registry key that control specific SQL Server client settings for that server. I navigated to the following key on the secondary site and observed the screenshot below:

Registry MSSQL Server Client

For some reason, connection-specific settings had been set within this key by a program or application, that was causing connections to the primary site to fail. Comparing this key on a handful of other sites it was evident that some of the subkeys were unique to this secondary site. I exported the ‘Client’ key as a backup, so that I could revert my changes and then deleted the ‘ConnectTo’, ‘DB-Lib’ and ‘SNI10.0′ subkeys.

Within about 5 minutes, on the next connection retry interval, the logs started showing connection success, HTTP Status 200, the udl file connected successfully, netstat showed the correct port, Management Point Troubleshooting tool completed successfully and ConfigMgr reported back that everything was working again with no errors.

I have no idea what caused that key to get written but since removing, the server has not experienced any more problems.



USMT Capture User State Failure

no comment

On two occasions when trying to upgrade or rebuild systems using USMT 4, the task sequence has failed during the user state capture phase with the following error showing up in the advertisement status messages for the OSD advertisement on the site in question:

The task sequence execution engine failed executing the action (Capture User State) in the group (State Capture) with the error code 2147944212


The task sequence execution engine failed execution of a task sequence. The operating system reported error 2147944212: The specified image file did not contain a resource section.

The actual text given above isn’t very helpful and doesn’t relate to the actual problem that we encountered.

The problem was that a couple of our client systems, had not been updated to SP2+ of the ConfigMgr 2007 client. The installed version was 4.0.6221.1000 (SP1). USMT 4.0 indirectly requires at least SP2 of the ConfigMgr client. After upgrading the client, the capture process completed successfully.


Package References in Task Sequences

no comment

MDT Location-based Deployments for Software Installation based on Gateway address is a fantastic way to perform region-specific installs. However, if you need to specify more criteria (for example; architecture for x86/x64 specific applications or machine type such as applications that should only be installed on laptops or desktops) then this is where MDT falls down and you have to build application installs into the OSD task sequences themselves.

This is fine, it’s very easy to add application installs into the task sequence and there’s very powerful logical conditions that can be built to perform all necessary filtering required. The problem is that all packages referenced anywhere in the task sequence need to be available on all Distribution Points for any location that wishes to use OSD.

Even if you have a WMI filter such as: SELECT ClientSiteName FROM Win32_NTDomain WHERE Description = ‘DOMAIN’ AND ClientSiteName LIKE ‘%AD_SITE_NAME%’, as this query is not performed until runtime when directly accessed from the running system, the package is still required on the DP before even being allowed to launch the TS.

It is therefore a necessity to ensure all referenced packages are available on all DPs, and this can be a challenge to keep up to date with, especially if there are frequent updates to packages, or modifications to the task sequence, or new sites being added. The easiest way I’ve found to keep on top of package references on all DPs is to use a query (which could be made into a report) which will show the number of distribution points that contain all referenced packages for a specified task sequence. This is shown below.

SELECT derPackageTbl.ReferencePackageID AS [Package ID], derPackageTbl.Name, COUNT(dbo.PkgStatus.ID) AS [DP Count]
  (SELECT DISTINCT TOP (100) PERCENT tsr.ReferencePackageID,
‘[‘ + tsr.[ReferenceName] + ‘] ‘ + tsr.[ReferenceProgramName] +  ‘ [‘ + tsr.[ReferenceVersion] + ‘]’ AS [Name]
FROM dbo.v_TaskSequenceReferencesInfo AS tsr INNER JOIN
dbo.v_TaskSequencePackage AS tsp ON tsr.PackageID = tsp.PackageID
   WHERE (tsp.Name = ‘Task_Sequence_Name’)
   ORDER BY tsr.ReferencePackageID) AS derPackageTbl LEFT OUTER JOIN
dbo.PkgStatus ON derPackageTbl.ReferencePackageID = dbo.PkgStatus.ID
WHERE (dbo.PkgStatus.PkgServer NOT LIKE %display=%)
GROUP BY derPackageTbl.ReferencePackageID, derPackageTbl.Name

This generates output such as the following:

Package Reference Output

It is thereby evident that two packages are missing off one and two distribution points respectively. We would then go into that package and add the missing DPs.

Problems Configuring SQL Reporting Services

1 comment

Configuring SQL Reporting Services for ConfigMgr is pretty simple, when it works. We ran into a problem the other week however, where SRS would not configure or allow the importing of reports on a couple of our reporting servers. There are lots of websites that contain similiar issues and the resolutions that I ended up implementing, but I was unable to find them all in one place and they weren’t specific to ConfigMgr so I’m posting here with some screenshots to collate all the information that I found.

Using Reporting Services Configuration Manager I was able to configure the Report Server to my desired configuration. I was able to add the ConfigMgr Reporting Services point role to my site system and the wizard completed successfully. However, in the log files I observed the following:


SMSSRSRP Setup Started….
Parameters: D:\MICROS~1\bin\i386\ROLESE~1.EXE /install /siteserver:CENSCCM01 SMSSRSRP
Installing Pre Reqs for SMSSRSRP
         ======== Installing Pre Reqs for Role SMSSRSRP ========
Found 0 Pre Reqs for Role SMSSRSRP
         ======== Completed Installion of Pre Reqs for Role SMSSRSRP ========
Installing the SMSSRSRP
Chart control detected. Invoking process “D:\Microsoft Configuration Manager\bin\i386\DUNSETUP.EXE”
Chart control setup D:\Microsoft Configuration Manager\bin\i386\DUNSETUP.EXE failed with return code 0×00000001. Installation cannot continue.


Timed Out…
Microsoft.ConfigurationManagement.Srs.SrsServer. error = Unspecified error
Failures reported during periodic health check by the SRS Server CENSCCM01. Will retry check in 57 minutes�
Waiting for changes for 57 minutes�
Shutting Down… 

Site Status > [Site] > Component Status > SMS_SRS_REPORTING_POINT:

SMS SRS Reporting Point failed to monitor SRS Server on “CENSCCM01″.

When attempting to ‘Copy Reports to Reporting Services’ however, the boxes would be greyed out and it would briefly read “Retrieving report object from the server … ” followed shortly by “Error connecting to report server ‘CENSCCM01′”.

Copy Reports Wizard Image

After searching online for reasons for all of these behaviours I read several posts and articles that made reference to the requirement of a default SQL instance. Upon comparing those reporting servers that were working with those that were not working, it became evident that this was the issue.

The reporting servers that were working had a default instance (MSSQLSERVER) installed, whereas those that weren’t, had a named instance (CCM) instead. This was reflected in the instance selection menu in the Reporting Services Configuration Connection box when launching Reporting Services Configuration Manager.

SRS Config Selection Image

SRS Config Selection Image

 For those servers that just had a named instance installed (CCM) and didn’t have the option of the default instance, I had to install it.

On the servers in question, I went to Programs and Features, selected the SQL Server installation (in my case ‘Microsoft SQL Server 2008 (64-bit)’) and selected Uninstall/Change.

I selected ‘Add’ and then when prompted, selected my install files from the software repository on our network. I then followed the wizard, selecting the below values on each page.

  • Setup Install Files > Install
  • Setup Support Rules > Next
  • Installation Type > Perform a new installation of SQL Server 2008 > Next
  • Product Key > Enter the Product Key [Product Key] > Next
  • License Terms > I accept the license terms > Next
  • Feature Selection > Database Engine Services; Reporting Services > Next

Feature Selection Image

  • Instance Configuration > Default Instance > Next

Instance Configuration Image

  • Disk Space Requirements > Next
  • Server Configuration > Use the same account for all SQL Server services, account name: NT AUTHORITY\SYSTEM > OK > Next

Server Configuration Image

  • Database Engine Configuration > Windows Authentication Mode > Add… > [User Accounts for Admin] > OK > Next

Database Engine Configuration Image

  • Reporting Services Configuration > Install the native mode default configuration > Next
  • Error and Usage Reporting > Next
  • Installation Rules > Next
  • Ready to Install > Install

After installing the default instance and configuring it in Reporting Services Configuration Manager, I was then able to import all reports. For those servers that I’d already attempted to configure on the CCM instance, I had to go in and change the Web Service URL TCP port to something different on the CCM instance in order to set this up on the default instance.

Also, as I was running SCCM 2007 R3, I had to apply hotfix KB2449910 [Link] in order to create new reports using SRS. Before applying the hotfix, the management console would crash with the error: System.Collections.Generic.KeyNotFoundException: The given key was not present in the dictionary.

  My Reporting Services Configuration is as follows:

  • Service Account: Use Built-in account > Local System
  • Web Service URL:
    • Virtual Directory: ReportServer
    • IP Address: All Assigned (Recommended)
    • TCP Port: 80
    • SSL Certificate: (Not Selected)
    • SSL Port: Blank
  • Database:
    • SQL Server Name: CENSCCM01
    • Database Name: ReportServer
    • Report Server Mode: Native
    • Credential: ServiceAccount
    • Login: LocalSystem
    • Password: ***********
  • Report Manager URL: Reports
  • E-Mail Settings:
    • Sender Address: <Administrative E-Mail>
    • Current SMTP Delivery Method: Use SMTP Server
    • SMTP Server: <SMTP Server>
  • Execution Account:
    • Specify an Execution account [Ticked]
    • Account: <Service Account>
    • Password: *******
  • Encryption Keys: N/A
  • Scale-Out Deployment:
    • Server: CENSCCM01
    • Instance: MSSQLSERVER

Software Updates Stuck Downloading

no comment

After the most recent (February) security updates released by Microsoft, we noticed an issue with one of the downloaded updates (namely: Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2482017) – although this isn’t really relevant). At the same time, we also noticed the same issue with an update dating back to October 2010. This update was one for .Net Framework 4.0 and I presume we only started noticing this now as .Net 4 is becoming more of a necessity on machines, and therefore the install base is higher than it was back in October.

Certain clients would attempt to download the update but would get stuck installing it. The installer would get to 66% and then just sit there. The timer would increment indefinitely and no further messages would be logged in any of the log files. No error messages seemed to be logged anywhere on the system. The Software Updates window looked like the below.

Software Updates Window Image

I checked that the updates were available on all Distribution Points and that the DP in question had all the IIS BITS exceptions set to allow transfer and everything looked fine. I then checked the built-in Compliance report 9 (Report ID 171) - ‘Computers in a specific compliance state for an update’, selected the Security Update for Internet Explorer 7 article, and checked for machines in the ‘Update is installed‘ state.

This brought back a bunch of machines from Hong-Kong and not much else, there were a few machines from other regions/offices but 95% was from Hong-Kong. This confused me slightly as there was nothing infrastructure-wise that would affect only machines in HK. The problem soon became evident however when looking in the ConfigMgr console.

I expanded Update Lists and selected the most recent update list which contained the IE7 update in question. I went into the Properties for the update and went to the Content Information Tab. Scrolling the window showed the below.

IE Update - Chinese

IE Update  - English

The English language version of the update had not been downloaded, whereas the Chinese language version had. Therefore those machines in Hong-Kong with the Chinese version installed, received and installed the update fine, whereas machines in the rest of the world that use the English version had not. Retrospectively checking the other machines in the report that were not in Hong-Kong revealed that the update had been installed manually.

I checked the same tab for the .Net Framework 4 update and noticed that although there are not multiple languages, one component of the update had not been downloaded.

.Net Framework 4 Update

I went to the Software Updates node, redownloaded both updates into their original update list, updated the existing update package and then redistributed to the DPs. As soon as the update reached the DPs, those Software Updates that were stuck at 66% completed their download immediately, began installing, then reported back as completed.

Updates Complete Image

Translate this page


Recent Posts


August 2017
« Jan