Problems accessing file shares from Server 2008 R2 using the SMB protocol

My current ConfigMgr infrastructure includes distribution points scattered around North America and Caribbean. We are forced to use a simple file share as these devices don’t support IIS so packages are replicated using the SMB protocol. These remote devices were first used for our SMS environment where my primary site server was running Windows Server 2003 and I had very few problems. Since I have moved to ConfigMgr, where my primary site server is running Windows Server 2008 R2, I have had nothing but grief. Most of the time my site will fail to establish a connection to my remote devices until I reboot the server. The reboot is a temporary fix as the connection problem will resurface shortly. I’m able to connect to the share from other machines and my connection account is a local admin on the distribution points. I can ping the remote device from the site server but when I browse to the share I get the following error:

Error code: 0x80070035
The network path was not found.

After a little digging I came across Microsoft article KB2194664 referencing these exact symptoms. Essentially the Mrxsmb10.sys driver specifies a logon ID the first time that a connection is established to a remote share using the SMB protocol. The logon ID and the name of the server are saved in a server entry of the SMB Redirector. However, the Mrxsmb10.sys driver does not update the logon ID after the initial logon. Any attempt thereafter to use the name from the first connection will fail regardless of the user name. The hotfix referenced on the KB article will resolve this issue and has helped immensely in my environment.

MP needs to reload the hardware inventory class mapping table warnings

Recently during a ConfigMgr upgrade my SMS_MP_CONTROL_MANAGER was littered with the following warnings:

MP needs to reload the hardware inventory class mapping table when processing Hardware inventory. The MP hardware inventory manager cannot find a WMI class definition in the mapping table when processing a report. This should only happen if new definitions beyond those known to the SMS are added to the collected classes.


Possible cause: Inconsistent way the new definitions have been introduced.


Solution: Check that the mapping tables contain the information consistent with the hardware definition tables and that the definitions have been propagated properly.


Possible cause: Corruption of the data base.
Solution: Check the consistency of the data base.

After a little research I found that this is usually caused by clients that have a version of SMS.Def.mof that is out of sync from the version found on the site server. These messages should only happen once per client as they pull down and update the version of their SMS.Def.mof file. In my case I was upgrading from SMS 2003 to ConfigMgr and as more and more clients updated their SMS_Def.mof file these messages started to reside. If you continue to get these messages it would be a good idea to engage Microsoft CSS.

Clearing padlocks on SMS or ConfigMgr objects

During an in place migration from SMS 2003 to ConfigMgr a best practice is to build a new SMS site and attach it as a child so that you can replicate all of your objects, break the parent – child relationship and then upgrade to ConfigMgr. At that point you can decide if everything upgraded successfully, the new site is healthy, all objects have been replicated and then you can migrate your clients to the new ConfigMgr site. For more details on this migration strategy check out Kim Oppalfens’ blog post on how to transition from SMS 2003 to ConfigMgr 2007.


When you have a parent – child relationship any collection that is being replicated from the parent site will be locked and can be identified by the little gold padlock icon under the collection node. Now once that relationship is broken the objects that were being replicated will remain and the padlock should then disappear allowing you change that object’s properties. Once in while some of the padlocks will remain after the relationship is broken leaving the object locked and you unable to do anything with that object.

Sometimes the only way to unlock these objects is run a couple of commands in against your SQL database as outlined in Ed Aldrich's article on myITforum.com.

• Stop the SMS_Executive service
• Stop the SMS_Site_Component_Manager service
• Stop the Windows Management Instrumentation service
• Open Microsoft SQL Server Management Studio and connect to your site database
• Identify the collection ID that still has the padlock icon
• Right-click the database and select New Query
• Type select * from collections and click Execute (Red exclamation point on the SQL Editor toolbar)
• Type update collections set flags='18' where siteID='your collection ID' (Note all collection flags should be either 17 or 18)
• Restart your WMI, SMS_Executive and SMS_Site_Component services
• Open your SMS or ConfigMgr console and the padlock icon should be gone from the collection in question

Server 2008 R2 and wmiprvse.exe crashes

Recently I was checking the health of a couple of my primary site servers and as I was going through some of the logs I noticed in the application event log there where event 1000 application errors that kept reoccurring. It seemed that every couple of days wmiprvse.exe would crash and then restart but with little noticeable effect. After some digging I came across a blog entry describing a problem with SCVMM and WMI. It referenced a wmi hotfix (KB981314) that Microsoft released that deals specifically with event 1000 wmiprvse.exe errors. I decided to install the hotfix on the two site servers experiencing the problem as they are in a staging environment. Since installing the hotfix on both servers the number of wmiprvse.exe crashes has dropped significantly. It’s only been about three weeks but things are looking good…

Config Mgr Client Health Monitoring

One of the most important things in any ConfigMgr environment is the health of your clients. If your machines aren’t reporting in properly you’re dead in the water until you get the issue resolved. Since the ConfigMgr client is such a heavy hitter on WMI problems are not uncommon. For those who can’t afford a solution such as 1E’s WakeUp (which has client health monitoring built in) using a start-up or shutdown script is an inexpensive way of monitoring ConfigMgr client health. There are many scripts published out there but one of the best that I have come across is Chris Stauffer’s SCCM SP2 Health Check Startup Script found at myITForum.com. This script also works nicely during a SMS 2003 to ConfigMgr migration to ensure that all of your machines get upgraded properly. It's easy to configure and with the help of Active Directory can be deployed within minutes.

SharePoint Install for ConfigMgr Dashboard

When I was setting up my Config Mgr dashboard I ran into a few gotchas. First, we don’t use the default port for SQL and our DBA team keeps a close eye database name length and relevance. No problem right? With most application installs you can specify your SQL connection settings and database name. Well this is almost true when installing Windows SharePoint Services. During the initial SharePoint install you are prompted for the SQL server and database name which is fine except if you need to specify a non-standard port. The SharePoint installer prerequisite check allows you to specify non-standard port in the following format:
servername, port

However once you get past this step the installer will fail with an error about an invalid loopback address and then it references your server name and the port. A quick way around this is to create an ODBC data source for your SQL server on the SharePoint server:

• Open the Data Sources (ODBC) Administrator console (Administrative Tools)
• Create a new SQL System DSN
• Specify a name, description and your SQL server (Do not specify a port)
• In Client Configuration uncheck Dynamically determine port
• Enter your SQL port in the space provided
• Test your connection (Note you need to be logged in with an account the has the appropriate permission on the SQL server)

Note: If you are running a 64-bit operating system such as Server 2008 R2 then you will also need to launch the 32-bit version of odbcad32.exe (Found at C:\Windows\SysWOW64) and create your DSN there as well. The 64-bit install for the ConfigMgr dashboard will look at the ODBC connections listed at HKLM\Software\Wow6432Node\ODBC\ODBC.INI during the install and will fail if your connection settings aren't listed.

Now when you run the SharePoint installer you don’t have to specify the port for SQL which will allow setup to complete successfully. The next problem that I ran into is once SharePoint is installed it creates an additional database called SharePoint_AdminContent_GUID. With this naming convention it made it difficult for our DBA team to manage and support it. Think about if you have multiple SharePoint farms that you have to manage the databases for and they all have databases called SharePoint_AdminContent_GUID it could get confusing pretty quick. We decided to change the name of this database to something a little more descriptive. Due to the fact that this is the database Central Administration web application there are few extra steps that you must complete.

• Have a DBA backup the database and restore it with a more appropriate name
• From your SharePoint server open the SharePoint Central Administration console and navigate to Application Management \ Content Databases and find the one you are looking for. In this case it’s the Central Administration web app.
• Select the database and then check “Remove content database” (Located at the bottom of the page once you have opened up the content database)
• Since this is the content database for the Central Administration site you can no longer use the GUI to manage the settings
• Open up a command prompt, change the directory to C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\BIN and then run the following command

stsadm -o addcontentdb -url http://servername:port number -databasename database name -databaseserver database server name

At this point you should be able to go back into the GUI and manage your SharePoint farm.

ConfigMgr OSD App Tree

There are many ways of deploying applications during a task sequence but I wanted to give my deployment guys the ability to assign applications on the fly and from within the task sequence. This is especially handy for bare metal deployments. Thanks to Jason Sandys and his OSD App Tree utility this can be done very easily. The OSD App Tree is a small utility that provides user interaction during the task sequence by referencing an XML file to assign applications. You have the ability to set up application groups, organize them in a tree view, make them optional or mandatory, use conditions, etc. Check it out here…

http://myitforum.com/cs2/blogs/jsandys/pages/osdapptree.aspx

Setting Broadcom NICs to 100/FULL during an OSD Task Sequence

In our environment we require all our workstation NICs to be set to 100/FULL. Currently this is a manual step at the time of deployment and from time to time it can be missed. As I was migrating all of our images to Config Manager my goal was to automate as much as possible - such as NIC speed and duplex. Hard coding a NIC for a Windows PE boot image is pretty straight forward – extract the driver, open up the INF file, locate the section were the default speed is listed, set it to whatever value you require and then inject the driver into your boot image. However if you use the same approach when installing drivers during an OS deployment task sequence and you are using a Broadcom NIC your NIC driver will fail to load correctly causing the task sequence to error out. Once you edit the INF file you break WHQL driver signing therefore Windows XP will not install the driver. A quick way around this is to leave the INF file untouched and set it 100/FULL by calling the following script during your task sequence.

Dim WSHShell, RegLocate, RegLocate1
Set WSHShell = WScript.CreateObject("WScript.Shell")
On Error Resume Next

'Locate registry setting for media type
RegLocate = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0001\RequestedMediaType"

'Change media type to 100/Full Duplex
WSHShell.RegWrite RegLocate,"6","REG_SZ"

'Exit
WScript.Quit 

1. Create a package in Config Mgr containing your script - no program necessary
2. In your task sequence add a command line step after your driver installs
3. Name this step something like "Set Broadcom NIC to 100/FULL" (helps for future reference) 
4. Add the following command line - cscript.exe script name.vbs
5. Enable the package check box and browse for the package containing your script

Add a condition to this step and enter the following WMI query to ensure that your script only runs on Broadcom based NICs.

SELECT * FROM Win32_NetworkAdapter WHERE Manufacturer LIKE 'Broadcom%'

Configuration Manager PXE Cache Behaviour

If you’ve spent any time dealing with Config Mgr OS deployments using PXE you’ve probably had machines fail to connect to PXE service point with errors such as “TFTP download failed” or “unable to connect to PXE server “. Believe it or not this is by design – especially if you are using unknown computer support. This is most likely due to a previous task sequence being advertised to that machine. By default Config Mgr will cache the PXE advertisement for 60 minutes (Default setting) and then it will expire. Most of the time you can right click the collection the collection that the machine sits in and select “Clear last PXE advertisement” but sometimes you have to go as far as restarting the WDS services. Microsoft published a hotfix under KB969113 for Config Mgr SP1 that will reduce the interval from 60 minutes to 2 minutes and in SP2 the cache expiry can be set in the registry.


On an x86 machine the located under:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\PXE

On an x64 machine the registry key is under:

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\SMS\PXE

Create a new DWORD value CacheExpire and set the desired value in seconds. Be careful if you have R2 installed and unknown computer support enabled because if you set the cache expire value too low and you are using a mandatory task sequence your machine will continuously start the same task sequence every time it reboots. There is a good post on the System Center Configuration Team blog that details PXE cache expire behaviour - http://blogs.technet.com/b/configmgrteam/archive/2010/05/27/pxe-cache-expire-behavior-in-configuration-manager-2007-sp1-and-sp2.aspx

Configuration Manager v.Next Beta 1 Released

On Monday Microsoft released the beta of the next iteration of Configuration Manager… v.Next. With Config Mgr v.Next there is shift towards user centric client management. It will be like going from Windows XP to Windows 7 as this release is going to have the longest development cycle since SMS 2.0. Since moving to v.Next is such a big step the only migration plan available is a side by side upgrade. Config Mgr v.Next will be fully 64-bit and include a completely new application delivery engine, a new UI (good-bye MMC console) based on the SCOM code base, SQL Reporting Services will replace SMS / SCCM reporting, and much more importance will be placed on the DCM engine. I was able to test drive v.Next at MMS and I was really impressed with what I saw. The v.Next beta is public so download it from Microsoft’s Connect site and get it into a lab.

Configuration Manager Dashboard

A great new addition to SCCM is the Config Mgr dashboard. The dashboard addition integrates with your SharePoint infrastructure so installation and configuration can be done in minutes. This highly flexible tool will allow you to customize near real-time information and display it in an interactive format. Access is all role based so it allows administrators to really tailor the information to their audience. There is a huge difference in the information required by a senior manager compared to someone on the Service Desk. Out of the box the dashboard is ready to display the top five day-to-day metrics:

• Software deployment metrics
• OS deployment metrics
• Software Update Management
• Asset Inventory Information
• Client & Server activity Information

You can download the dashboard add-on from http://go.microsoft.com/fwlink/?LinkId=187322. Pre-requisites are a Configuration Manager 2007 site, SQL Server 2005 or above, Windows SharePoint Services 3.0 SP2, .NET 3.5 and Internet Explorer 7.0. For more information check out http://technet.microsoft.com/en-us/library/ff369719.aspx

MMS 2010 - Viva Las Vegas

This post is long overdue – I’ve been back from MMS for a couple of weeks and feel that I’m still playing catch up at work. My first MMS was a great experience and I can’t for next year’s event. (Mandalay Bay March 21 – 25 2011) I attended every session that I could possibly fit into my schedule and brought back some fantastic information. Another bonus was a chance to meet other IT professionals that are either facing the same challenges that I am or have already worked through them.


Probably one of the most popular topics was Config Mgr v.Next. This is the next version of Config Mgr that is tentatively going to drop in 2011. Watch for a complete change in software distribution as we know it. It will be a user centric shift for Config Mgr.

One of my favourite types of session were the Birds-of-a-Feather sessions. These small loosely organized sessions that are really more about being interactive than anything. I was able to end are really good session with Dell IT and their use of SCUP and a Q&A session with Microsoft’s Config Mgr development team.

Overall I was able bring back some incredible knowledge from MMS and I will be posting more details here in the upcoming days. Also, kudos to the Microsoft event staff as they did a fantastic job.

SCCM 2007 Site Server Installation: Failed to install component SMS_MP_CONTROL_MANAGER on server…

Recently I set out to rebuild our SCCM 2007 lab environment as the entire lab infrastructure had just been replaced and Server 2008 R2 was now available. After our server team handed off the new site server I installed all of the required components without issue. However during my SCCM installation phase the MP Control Manager came with a status unknown warning but the SCCM installation log didn’t lead me to believe that anything went wrong. After the installation I opened the SCCM console to check the status of all my site components and not surprisingly my SMS_MP_CONTROL_MANAGER status was full of errors.

SMS Site Component Manager failed to install component SMS_MP_CONTROL_MANAGER on server “server name”

The WebDAV server extension is either not installed or not configured properly.

Solution: Make sure WebDAV is installed and enabled. Make sure there is an authoring rule that allow "All users" read access to "All content". Make sure the WebDAV settings "Allow anonymous property queries" and "Allow property queries with infinite depth" are set to "true" and "Allow Custom Properties" is set to false.

This error seemed odd as WebDAV was installed without any problems and both the authoring rules and configuration settings had been doubled checked.
• WebDAV enabled – check
• Authoring rule configured the required way error message solution suggested – check
• WebDAV settings configured the required way error message solution suggested – check
• Double checked with the following TechNet article http://technet.microsoft.com/en-us/library/cc431377.aspx - check
• IIS logs clean – check
• Server rebooted - check

I decided to reinstall WebDAV just in case something had gone sideways during the original install. After removing WebDAV, rebooting the server (required), reinstalling WebDAV and reconfiguring it SMS_MP_CONTROL_MANAGER reinstalled before I could even get the SCCM console open again.

SMS Site Component Manager successfully installed this component on this site system.

I couldn’t find a solid reason for why the component installation failed originally but sometimes the solution to your problem is not necessarily the most complex.

Windows Server 2008 R2 – Disable Enhanced Security Configuration

If you’ve ever tried to use Internet Explorer with Enhanced Security Configuration enabled you know what a pain it is. You spend more time clicking on security pop-ups than you do browsing the internet. In a production environment it’s not a big deal because I spend zero time browsing the internet from the console of a server – besides it’s a security best practice not too. However this week I spent some time in our lab trying to figure out a couple of things and needed internet access from my server. In Windows 2003 you simply went into Add / Remove programs and removed Internet Explorer Enhanced Configuration as a component. This is no longer the case in Server 2008 R2. To disable IE ESC on a Windows 2008 R2 machine follow these steps:
• Launch Server Manager
• On the main page click on Configure IE ESC (Bottom right-hand corner)
• Turn this functionality off for the required user group

SMS Software Distribution Error - Hash does not match expected

Recently I was trying to push out an application to our remote distribution points for an upcoming upgrade and I thought everything had replicated properly. Distribution manager came back clean saying that the package was copied successfully to all sites. However when I went to deploy the application to our pilot users at these sites a number of them failed with the following error:


Program failed (download failed – content mismatch).

All of the failed workstations were located in one of three remote sites. I came across an article (http://www.myitforum.com/articles/8/view.asp?id=8739) outlining this problem and the symptoms of a hash mismatch. Sure enough when I checked my CAS.log file on the problem workstations they were full of the following hash mismatch errors:

Hash does not match expected 2951DEF9FD9AE6331DDF547AA70454EA75D395D1, actual 8838D728ED3E90D462D4CE3189841BCEBE8C369C

To resolve this issue I removed the problem package from all three of the distribution points, confirmed the removal, and then copied the application back to the distribution points. I was then able to re-run the advertisement on the problem workstations and they upgraded as expected.

On another note if you haven’t visited myITforum.com lately they have recently upgraded their server hardware and the performance increase is quite noticeable. Good job guys – I would be lost without your site.

Windows Live Messenger fails to sign-in from a Windows 7 machine

As I have been rolling out Windows 7 test machines in my organization I have noticed that once in a while Windows Live Messenger would refuse to sign-in. If you were to use the same account on a Windows XP machine or another Windows 7 machine it would sign-in without issue. The majority of our applications have been packaged and pushed via SMS so the install is consistent on all workstations. There seemed to be no rhyme or reason why Messenger would refuse to sign-in from some Windows 7 workstations. After much searching we found a blog post (http://dreamlayers.blogspot.com/2009/12/windows-7-cant-always-automatically.html) about an issue with Windows 7 and root certificates. It seems that some Windows 7 machines fail to update their root certificate automatically which in turn can cause Windows Messenger to fail when you try and sign-in. To resolve this issue download and install the latest root certificate update from Microsoft. (http://download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/rootsupd.exe) After the update Messenger shouldn’t have any issues signing in.

Troubleshooting ITMU for SMS 2003

Recently my primary SMS server stopped downloading the wsusscn2.cab file from Microsoft’s update site. Without the updated cab file your client machines won’t be scanned for the latest vulnerabilities. I was fairly certain it had to do with a recent firewall upgrade project - with the upgrade our security team also disabled anonymous access on our proxy servers. The PatchDownloader.log file confirmed this:

Download http://go.microsoft.com/fwlink/?LinkID=74689 to C:\WINDOWS\TEMP\wsusscn2.cab returns 403
HttpSendRequest failed HTTP_STATUS_FORBIDDEN or HTTP_STATUS_DENIED


Microsoft has published a knowledgebase article on this issue (http://support.microsoft.com/kb/922365) and how to give the Patchdownloader utility user credentials. To assign credentials open a cmd prompt and browse to SMS\Bin\I386\000004xx\ then run patchdownloader.exe with the following syntax:

Patchdownloader /s:ServerName[:Port] /u:Domain\Username

You will then be prompted for the password of the account that you are trying to assign to the Patchdownloader utility. Now re-run you Sync Tool advertisement on your site server and monitor your patchdownloader.log file with a utility like Trace32 to confirm that everything is working properly.

Windows 7 SP1

Rumours are starting to surface about Microsoft dropping Service Pack 1 for Windows 7 in Q4 2010. Microsoft won’t confirm these reports but they do have a pretty well established product lifecycle for Windows. It took them just 14 months to release Service Pack 1 for Vista so a Q4 2010 Windows 7 Service Pack 1 release seems to be a probable timeframe. Granted Windows 7 has had strong adoption rate numbers but many corporations out there will wait until SP1 is released to start their migration activities. So SP1 may be less about major fixes or performance boosts and more about selling the corporate customer on Windows 7.

Removing Multiple Drivers From SCCM 2007

This past week I needed to remove multiple drivers from SCCM and replace them with updated versions. The only way to do this via the console is one by one. This probably isn’t a big deal if you only have a couple of different platforms however once you start getting into double digits it gets time consuming. You can disable multiple drivers at once but not delete – hopefully this was just a miss by Microsoft and will be resolved in upcoming versions of SCCM. Luckily I found a post by Rod Trent (http://myitforum.com/cs2/blogs/rtrent/archive/2008/11/12/script-to-delete-drivers.aspx) in which he has provided a script that will delete all disabled drivers. This is very handy if you want to delete some drivers but not all. (Most likely scenario for SCCM administrators) Anyway I ended up running this script from my primary site server and within minutes all of my disabled drivers had been removed.

' Connect to the SMS namespace

siteNamespace = GetSiteNamespace()

SET objWMIService = GetObject( "winmgmts:{impersonationLevel=impersonate}!"_
&siteNamespace)

SET drivers = objWMIService.ExecQuery("SELECT * From SMS_Driver")

numDriversDeleted = 0

' Process the results

FOR EACH driver in drivers

IF driver.IsEnabled = 0 THEN
driver.Delete_
numDriversDeleted = numDriversDeleted +1
END IF

NEXT

WScript.Echo "Successfully deleted "&numDriversDeleted&" drivers."
'
' Utility function to search for the site namespace
'
FUNCTION GetSiteNamespace()
' Find SMS Provider
SET objSMSNamespace = GetObject("winmgmts:{impersonationLevel="&_
"impersonate}!\\.\root\sms")
SET results = objSMSNamespace.ExecQuery("SELECT * From "&_
"SMS_ProviderLocation WHERE ProviderForLocalSite = true")

' Process the results

FOR EACH r in results
namespacePath = r.NamespacePath

NEXT

' Fail if we did not find the site

IF namespacePath = "" THEN
WScript.Echo "Failed to locate SMS provider."
WScript.Quit 1
END IF

' Return

GetSiteNamespace = namespacePath

END FUNCTION

Update: This issue has been resolved in Confg Mgr SP2

MMS 2010 Here I Come...

Well it’s been three years in the making but I’m finally going to get a chance to attend the Microsoft Management Summit. I’ve only been looking after our SMS environment for just about three years now. So two years ago , by the time that I found out about MMS it had already taken place and then last year our training / conference budget was axed – not surprised. Besides last year all non-essential projects were shut down due to a few core business initiatives so a move to SCCM was out of the question. What a difference a year makes. We have already started our SMS – SCCM migration plus we a few other core client-side projects in the works so the timing of MMS couldn’t be better.

http://www.mms-2010.com/public/home.aspx

SCCM 2007 Integration with SQL Server Reporting Services

Recently I was catching up on some TechNet reading and came across a really good article detailing the integration of SCCM and SQL Server Reporting Services (SSRS) that is available with the SCCM R2 release. It details integrating the standard SCCM reports with SSRS as well as creating your own custom reports. Until the R2 release the SCCM reporting engine had remained fairly unchanged but with the integration of SSRS the possibilities are endless. Check out the full article here...

http://technet.microsoft.com/en-us/magazine/ee914611.aspx

Chasing down DCOM errors

A while back one of my SMS servers started getting DCOM errors, it was consistent every couple of minutes there would 10 – 15 entries. Shorty there after another one of my SMS servers starting getting the errors. After a little investigation it was discovered that the launch and activation permissions for the SMS Agent Host component had been changed for one of the local IIS accounts – probably due to OS patching. The error that we were getting was:

The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {CLSID}
to the user <username>. This security permission can be modified using the Component Services administrative tool.

To resolve the issue I did the following:

• In the registry locate the CLSID that is being reported as having problems in the Event Viewer
• Make note of the application ID associated with the CLSID
• Open up the Components Services snap-in and navigate to Component Services /  Computers / My Computer / DCOM Config
• Highlight DCOM Config and select the Details view
• On the Security tab locate the Launch and Activation Permissions, select Customize and then Edit
• Give the user account specified in the event log the appropriate permissions to the component

Booting a WinPE RIS based image with an Intel NIC

Currently the way we deploy workstations at my company is we load a WinPE image via RIS and then we utilize SMS OSD. Why are we still using RIS you ask? RIS used to be our primary deployment tool but now it’s just used as a PXE server which will be retired once we move to SCCM 2007. Every once in a while a workstation would fail during the initialization of our WinPE boot image. We were able to determine that this only happened on machines that had an Intel based NIC and the error that we received had to do with parsing of the driver .inf file. We found a post that referenced a Microsoft KB article (http://support.microsoft.com/kb/923831) about problems parsing the Intel driver .inf file during the WinPE boot process. In the .inf file there is a section called Minihelp which has a series of entries that contain long strings. These long strings couldn’t be parsed correctly causing the imaging process to fail. The solution – replace these long strings with a single character, any character. I went in and made this change in all of my Intel .inf driver files and the problem has not surfaced since.

Before:

; Minihelp


FlowControlMiniHelp = "Pauses packet transmission on receipt of full flow control frame and sends full flow control frame to notify the other side to stop transmission."
AutoNegMiniHelp = "The adapter can either negotiate with its link partner or force the speed and duplex. The link partner must match the setting chosen!"
AutoNegAdvertisedMiniHelp = "This can be used to restrict the speeds and duplexes advertised to a link partner during autonegotiation."
ChecksumTxTcpMiniHelp = "Allows the adapter to compute TCP or UDP checksum of transmitted packets. May improve TCP and UDP transmit performance."
ChecksumRxTcpMiniHelp = "Allows the adapter to verify the TCP checksum of incoming packets. May improve TCP receive performance."
ChecksumTxIpMiniHelp = "Allows the adapter to compute IP checksum of transmitted packets. May improve IP transmit performance."
ChecksumRxIpMiniHelp = "Allows the adapter to verify the IP checksum of incoming packets. May improves IP receive performance."
TcpSegmentationMiniHelp = "Allows the adapter to offload the task of segmenting TCP messages. May improve CPU utilization."
NumRxDescriptorsMiniHelp = "Sets the number of buffers the driver uses when copying data to protocol memory. Increasing this value can enhance receive performance, but also consumes system memory. Use the default if performance is not an issue."
NumTxDescriptorsMiniHelp = "Sets the number of data segments that enable the adapter to track transmit packets. Increasing this value can improve transmit performance, but also consumes system memory. Use the default if performance is not an issue."
JumboFramesMiniHelp = "Enables sending larger Ethernet packets on gigabit networks."
TaggingModeMiniHelp = "Enables sending and receiving of IEEE Tagged frames (802.3ac/802.1p/802.1Q), which include priority and VLAN indicators."
LAAMiniHelp = "Allows you to configure a custom MAC address for the adapter."
EnablePMEHelp = "Enables/disables wake-up from Advanced Power Management (APM) sleep states."
WakeOnHelp = "Determines how to wake the system."
WakeOnLinkHelp = "Allows wake-up from APM power management when link is reconnected."
LogLinkStateMiniHelp = "Enables/disables recording of the link state message to the Event Viewer."
SmartPowerDownMiniHelp = "Minimizes power consumption by enabling the adapter to enter a deep sleep mode when it does not have a valid link or when the operating system is in Suspend mode."
ITRMiniHelp = "Determines rate at which the controller moderates interrupts. Default is optimized for common configurations. Changing this setting may improve performance for some configurations."
MasterSlaveModeMiniHelp = "Determines IEEE 802.3ab Master-Slave resolution during gigabit auto-negotiation. Default is recommended for most configurations. Forcing a setting can break link if partner is not configured correctly."
WaitAutoNegCompleteMiniHelp = "Determines whether the driver waits for link to be detected before finishing initialization. Select Auto Detect to let the driver control the setting for copper or fiber adapters."
RssModeMiniHelp = "Distribute packet receive processing over 2 processors."
 
After:
 
; Minihelp


FlowControlMiniHelp = "h"
AutoNegMiniHelp = "h"
AutoNegAdvertisedMiniHelp = "h"
ChecksumTxTcpMiniHelp = "h"
ChecksumRxTcpMiniHelp = "h"
ChecksumTxIpMiniHelp = "h"
ChecksumRxIpMiniHelp = "h"
TcpSegmentationMiniHelp = "h"
NumRxDescriptorsMiniHelp = "h"
NumTxDescriptorsMiniHelp = "h"
JumboFramesMiniHelp = "h"
TaggingModeMiniHelp = "h"
LAAMiniHelp = "h"
EnablePMEHelp = "h"
WakeOnHelp = "h"
WakeOnLinkHelp = "h"
LogLinkStateMiniHelp = "h"
SmartPowerDownMiniHelp = "h"
ITRMiniHelp = "h"
MasterSlaveModeMiniHelp = "h"
WaitAutoNegCompleteMiniHelp = "h"
RssModeMiniHelp = "h"