Moved: Microsoft System Center Configuration Manager (SCCM)

[kev2021]

Hi all,

Anyone ever setup SCCM?

I’ve setup a separate domain in vmware on a different Ip range and now given it no internet access meaning i can just use it within its own network on vmware.  I can ping the DC from the SCCM server and the SCCM server form the DC.

When i create a new VM, it boots up, i select the EFI network option on the menu list, it goes through starting ip4…. it gets a IP from the DHCP server so proves it talks to the DC and then just sits there for a bit then goes back to the menu.

I can’t figure out why it wont load the bootimage…..

I setup SCCM a while back (SCCM 2012) and it worked ok i could PXE boot etc but on the newer version current branch, it just not having it and I can’t see why…

Anyone know what logs to look at?  I don’t think the client VM has any logs to check as its not actually loaded anything and I didn’t see much in the server.

One interesting this is I’ve deployed all the boot images in SCCM, all showed 100% success BUT I don’t see any images in the windows deployment service which it says needed to be installed…. Should they appear in it? I don’t recall doing that in SCCM 2012 but i may have – was a good few years ago now.

I can’t boot up my old SCCM box as the license has expired and wont allow me to login.

I’ve added options 66,67 to DHCP but still no joy…

Thanks

Kev

Share the knowledge

You need to login in order to vote

[UK Sentinel]

I am sure you are aware but SCCM is now Endpoint Manager ?

Q. how have you separate the new domain in vmware  (different Ip range) and given it no internet access ? is it all sitting on a single (hardware) server with NAS / RAID etc ?

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[kev2021]

Hi,

Yes, sorry – I’ve been so used to calling it SCCM, i just continue to call it that :)

I’m running the latest version.

In my vmware, I’ve setup a virtual switch which is connected to a virtual NIC which is disconnected.  The SCCM DC, SCCM and Win10Client VM are all connected to this virtual switch so effectively can ping each other BUT unable to reach my desktop PC or internet etc. I connect via the console window in vmware, I can connect and login ok and I can ping the sccm DC and sccm server ok between the both.  When i PXE boot the win10client, it gets a DHCP address from the sccmdc in the correct range so that’s all good, it just doesn’t progress.

Yes, I’ve also assigned them a different network range i.e 192.168.2.0 network IP addresses.

Like I say, I had this all working in SCCM 2012 but unsure why it wont work now.  I know there has been a lot of changes and some stuff has been deprecated since 2012 SCCM so I’ve tried following some guide i had for 2012 as best I can and also looking up new guides but I’m at a loss now.

I want to try and learn more SCCM to try and progress my career in this avenue as I’m pretty much stagnated in my current role, I been doing it for a long time and have been given endless promises of being involved in other things and doing a hybrid type role etc but nothing ever happens, it all sounds good and then all goes quiet. From my existing role, SCCM or end point manager seems like the next logical step but getting into it seems pretty hard as all jobs I’ve seen want x years experience etc and I don’t have that as I’ve only used SCCM from the client perspective with no real access to be able to add drivers or software and deploy it.  Been looking for some entry type jobs into sccm but doesn’t seem to be any about.

My current role, I’m starting to see not much future in so looking to try and get some experience/exposure to something else to try and move on into something that will be around for another 15 years or so as not getting any younger to keep learning new stuff :)

Thanks

Kev

Share the knowledge

You need to login in order to vote

[UK Sentinel]

Ok, just a thought, but does the vSwitches support layer 2 or Layer 3 networking ?

• ICMP (ping)  is a layer 3 protocol
• TCP/IP is a layer 3 protocol.
• Address Resolution Protocol  (ARP) is layer 3 etc.

If vSwitches support layer 3, then good news.

Any Firewall / VLANs (Virtual) ?

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[kev2021]

Hi,

I’m not sure what the vSwitches are, there is just a option to add vSwitch and that’s it, it doesn’t say Layer or Layer 3 anywhere.

I can ping between the DC and SCCM box from either machine to the other so that’s ok. and my VM for PXE booting and installing a image on picks up a DHCP address from the server so I presume that is all ok.

The only Firewall is the vmware firewall as it cannot access the internet so the Asus firewall shouldn’t be any impact.

I’ve not setup any VLANs, just different network 192.168.2.0 for the SCCM domain etc.

My SCCM has the boot images distributed BUT i also have the WDS service installed and in the WDS MMC, it shows no boot images at all so i’m wondering if SCCM was meant to add them to WDS but it hasn’t hence PXE is booting, getting DHCP IP but then WDS has no bootimages hence nothing happens?  I don’t recall doing much with WDS before and I thought it should of talked directly to SCCM server to get the boot images but I could be wrong.

Thanks

Kev

Share the knowledge

You need to login in order to vote

[UK Sentinel]

Interesting, will the following work …

Can you enable Command Line support in the Boot Image, you can then press F8 and be able to check the Log files to see what’s going on. ?

Also/

Have a look at this article as I think this might be applicable, i.e. (co-exist with other Boot Images)

https://adinermie.com/using-wds-to-deploy-sccm-images-without-pxe-enabled-dps/

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[kev2021]

Thanks.

I have enabled command line support, my issue is it doesn’t get as far as loading the boot image… it literally gets Ip from DHCP then sits there and goes back to the menu option of boot from network etc… it doesn’t stat to load the bootimage so hence I’m not aware of any logs anywhere that i can check to get a idea of what’s happening i.e. can it not find the boot image, is it looking in the wrong location, does it simply thin there isn’t a boot image..

I’ll check out that article

Thanks

Kev

Share the knowledge

You need to login in order to vote

[UK Sentinel]

Does sound like boot image problem (location / type / file reference) , let us know if the article helps ?

 

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[kev2021]

So just to update – I got it working in my lab on a virtual switch, it PXE booted and build ok BUT I was having issues with it joining the domain – it wouldn’t do it via task sequence BUT if I logged into the PC and joined, it worked fine… so something was amiss somewhere.

So I’ve basically setup a new MECM box on my main actual network and now I’m able to PXE boot, built a machine and join domain and now just trying trying out different things to see if they are possible etc and getting used to using it :)

Thanks

Kev

Share the knowledge

You need to login in order to vote

[UK Sentinel]

kev2021 wrote:

So I’ve basically setup a new MECM box

Your home setup is getting involved but glad you now able to PXE boot.

 

 

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[kev2021]

Yeah, I’m now able to deploy win10 to a VM (just eval version as just working on deploying a OS).  In theory not too much hassle to add a license or if was doing in corp. environment they prob have enterprise license so same key for all or I guess you point it to some server that auto licenses it.

Now just need to play around with different deployment methods for apps and figure out how to get them to install ok etc.

Next step after that is to actually get a old laptop and add the drivers and get it to determine what device it is and to install the right drivers for the right laptop but that’s a bit later, want to get the software sorted out first so i know that’s all working via a VM and then last stage is to build a actual laptop as it will be the same except for needing to add drivers.  VM doesn’t need any drivers, it works fine on defaults.

Recently updated MECM to latest version, was 1 option I had to remove as its been deprecated so did that and then it was all ok and has updated fine, took a while though.

Kev

Share the knowledge

You need to login in order to vote

[kev2021]

Hi all,

So been playing around with the MECM, was able to get the TS to add the machine to AD groups so that in software center, certain software was available to that PC from the get go.

Not used it much for last 3 or 4 months, pwoered on the VM couple of days ago and…. it no longer boots…. brings up a menu of options and complains about security violation etc.

So looked into it, found several possible solutions.  It appears a windows update has caused this and the solution is to either update ESXi to 7.0.3k (or newer) (I’m on 7.0.2 as 7.0.3 was pulled when I set it up due to complaints and issues).

So basically had to go in turn off virtualisation security think was 2 sections had to turn it ff in VM settings.  Then was able to power it on, then run win updates which i hadn’t realised but it had started to pull a CU update which contained the update required and now I’ve re-enabled the virtualisation security and all ok.

Now I have another issue….

IF i setup a new VM and power it on, it PXE boots and gets to the MECM screen to etner pswd etc so thats perfect.

IF i try a physical laptop, PXE boot it, I get:-

server IP: x.x.x.x

NBP filename is SMSBoot\x64\wdsmgfw.efi

NBP filesize is 0 bytes

pxe-e23: client received TFTP error from server

 

So not had much success solving this…. I mean MECM must be ok as VM and laptop on same network, VM works, laptop doesn’t..

On the router i have added a manual DHCP entry for the MAC of the adapter I’m using on the laptop and set it to the MECM server for DNS (same i did with the VM mac address)

Not sure why its not working.

everything online says don’t’ use DHCP scope options, not supported by MS, use IP helper BUT with my ASUS rt-ax86U router and my HP 1810-24g switch I don’t have a option to add a Ip helper so not sure on solution here….

Kev

Share the knowledge

You need to login in order to vote

[UK Sentinel]

You are having fun

Only a thought, can you moving DHCP from ASUS Router to a Domain Controller to enable the appropriate IP helper rules to forward DHCP etc ?

Or convert one of your ASUS routers to run DD-WRT or simular third party firmware that supports IP helper or IP helper relay

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[kev2021]

Hi,

So I have a slightly different setup to normal.

Basically the RT-AX86U issues out IP addresses i a given range and I have DHCP running on my DC that also gives out IPs in a different range BUT both are in same subnet.

Reason being, don’t always have my DC running so hence Router issues IP.

So far never had an issue, any device connecting to the network is issued by Router and if a PC is in my domain it is issued from DHCP on DC.

So to get round issue on PXE boot for my VM, i have added a manual entry on the DHCP made for the MAC address and told it to use x Ip address and point to MECM server.  All works fine.

So for a laptop, I’ve done the same – added MAC of adapter, and told it t use a IP address and use MECM server. When iboot up, i see the IP and it isn’t the one i told asus to use so seems it is getting it from my DHCP on DC which is fine but it then gets the file size 0 and TFTP error…

I thought i found fix last night but didn’t work, it implied a file was missing for UEFI but I’ve copied it over and still no change so not got a solution yet.

The fact it is saying File size 0 must mean its attempting to pull the file but i need t find a log file and see what error it is getting as no log on the laptop.

Kev

Share the knowledge

Liked by:

You need to login in order to vote

[UK Sentinel]

Sounds like the perfect excuse to purchase the Raspberry Pi and tinker a little

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[Author]

Posts