|
Has anyone deployed Windows 10 1703 via an SCCM 1702 task sequence? I'm having issues where after the machine is imaged, it's stuck on "Getting ready" on boot. It does this for about 45 minutes then finally finishes. I didn't have this issue with the previous build of Windows 10.
|
#
?
Jun 12, 2017 20:26
|
|
|
|
| # ? May 29, 2024 00:20 |
|
|
I'm hearing a lot of issues with deploying 1703, but I haven't looked into it much myself.
|
|
#
?
Jun 12, 2017 22:01
|
|
|
GreenNight posted:Has anyone deployed Windows 10 1703 via an SCCM 1702 task sequence? I'm having issues where after the machine is imaged, it's stuck on "Getting ready" on boot. It does this for about 45 minutes then finally finishes. I didn't have this issue with the previous build of Windows 10. While technically not SCCM, I had this problem deploying 1703 with MDT. In my case it was failing to join the domain, and to fix it I removed the unattended domain join from the specialize portion of the unattend.xml. Now it no longer hangs at "getting ready", but one page of the OOBE shows for a few seconds and Cortana says something like "OK, almost ready. Now we will check for any updates." It startled me the first time.
|
|
#
?
Jun 12, 2017 23:29
|
|
|
You guys aren't crazy, they broke OOBE. from the patchlist email: quote:Terrible. There's a bug in the OOBE:
|
|
#
?
Jun 13, 2017 03:05
|
|
|
I literally captured the image today, so that patch is in there. I did find this link: https://social.technet.microsoft.com/Forums/en-US/618f4531-f824-476d-9327-f9f3f4f8d0b4/slow-sysprep-and-first-logon?forum=win10itprosetup Which explains the issue I ran into. I changed the services per the url and sysprep was noticeably faster. I left for the day as that new image was being captured, so I'll try it in the morning.
|
|
#
?
Jun 13, 2017 03:14
|
|
|
kiwid posted:It's in the pastebin link. Here you go, this might be easier: https://www.codetwo.com/freeware/active-directory-photos/
|
|
#
?
Jun 13, 2017 12:01
|
|
|
GreenNight posted:I literally captured the image today, so that patch is in there. This actually fixed the issue. Issue with 1511 only my rear end.
|
|
#
?
Jun 13, 2017 13:38
|
|
|
FISHMANPET posted:I'm hearing a lot of issues with deploying 1703, but I haven't looked into it much myself. Not a deployment issue but I installed it on my laptop to test it and I had to reset the PC to correct it. Not sure exactly where the issue was but here are a couple symptoms: Network drivers didn't work following the update Suddenly, every program with a switch for starting when I log in turned itself on. So, that sucked a lot. At this point, I realized something very wrong was going on so I went ahead with the OS reset (kept my files). tadashi fucked around with this message at 18:26 on Jun 13, 2017 |
|
#
?
Jun 13, 2017 18:03
|
|
|
Patch those XP/03 boxes now  https://www.theverge.com/2017/6/13/15790030/microsoft-windows-xp-vista-security-updates-june-2017 quote:Microsoft issued a “highly unusual” patch for Windows XP last month to help prevent the spread of the massive WannaCry malware. At least 75,000 computers in 99 countries were affected by the malware which encrypts a computer and demands a $300 ransom before unlocking it. Microsoft stopped supporting Windows XP in April 2014, but the software giant is now taking the unprecedented move of including it in the company’s Patch Tuesday round of security updates today.
|
|
#
?
Jun 13, 2017 22:48
|
|
|
incoherent posted:Patch those XP/03 boxes now
|
|
#
?
Jun 13, 2017 23:11
|
|
|
anthonypants posted:What the gently caress? No, don't patch them. Replace them. Seriously. The fact that they keep releasing these patches after the OS has been EOLd only legitimizes the C-levels who think that replacing "perfectly good computers" is a waste of money.
|
|
#
?
Jun 13, 2017 23:19
|
|
|
nexxai posted:Seriously. The fact that they keep releasing these patches after the OS has been EOLd only legitimizes the C-levels who think that replacing "perfectly good computers" is a waste of money. Just disable the boot partition on any remaining XP/2003 machines. When they don't come up next restart, simple answer is "Oh, must be some virus thing - did you know that XP is no longer supported? Let's just rebuild them with 10/2016R2!" Because surely you don't have any critical systems running on those platforms.
|
|
#
?
Jun 13, 2017 23:23
|
|
|
AreWeDrunkYet posted:Just disable the boot partition on any remaining XP/2003 machines. When they don't come up next restart, simple answer is "Oh, must be some virus thing - did you know that XP is no longer supported? Let's just rebuild them with 10/2016R2!" I've been out of healthcare for years now but I'd imagine they're all still running on Server 2003.
|
|
#
?
Jun 14, 2017 01:40
|
|
|
AreWeDrunkYet posted:Just disable the boot partition on any remaining XP/2003 machines. When they don't come up next restart, simple answer is "Oh, must be some virus thing - did you know that XP is no longer supported? Let's just rebuild them with 10/2016R2!" Ahaha ha. Aha hahhaha. Ha.  Only the main internally developed LOB application, has to run on 32bit 2k3 or 2k8. At least we just went live with a SaaS offering to replace it, but we won't have all of our customers migrated until the end of the year.
|
|
#
?
Jun 14, 2017 02:29
|
|
|
Zero VGS posted:I've been out of healthcare for years now but I'd imagine they're all still running on Server 2003. The Healthcare client I'm working for has a couple of windows xp and server 2003 boxes. At least they're segmented off on their own network. All told they're pretty progressive for a hospital.
|
|
#
?
Jun 14, 2017 02:39
|
|
|
nexxai posted:Seriously. The fact that they keep releasing these patches after the OS has been EOLd only legitimizes the C-levels who think that replacing "perfectly good computers" is a waste of money. devmd01 posted:Ahaha ha. Aha hahhaha. Ha.
|
|
#
?
Jun 14, 2017 02:41
|
|
|
wolrah posted:Exactly. Microsoft needs to let these things die and let the idiots still keeping them around suffer like they deserve.
|
|
#
?
Jun 14, 2017 03:03
|
|
|
wolrah posted:Exactly. Microsoft needs to let these things die and let the idiots still keeping them around suffer like they deserve. That's where 15 years of bolt-ons, too many cooks in the kitchen, and no clear plan to migrate off "because it works." Thankfully, we have a new CIO that understands moving systems to cloud platforms, getting rid of old cruft, and streamlining where possible. We have a ton of SSO SaaS usage where it makes sense, picking the best solution that fits and plopping it into ADFS. I made a side comment in a meeting a couple of months ago about the legacy on-prem exchange, and he told me to get rid of it right then and there. I have full independence to work with every IT group, working as the technical lead on any infrastructure/SaaS/cloud implementations of business applications, so I'm not worried about my job going away for a long time. devmd01 fucked around with this message at 04:10 on Jun 14, 2017 |
|
#
?
Jun 14, 2017 03:41
|
|
|
anthonypants posted:We have an internally-developed LOB app that breaks on anything after .NET 4. Functionality on a supported, contemporary framework (4.7 is out!) isn't a high priority for the development team, and they bring in more money than the IT department, soooooooooooo HOW? net framework is literally a drop in upgrade that, unless the app is literally "microsoft exchange server", shouldn't impact the app.
|
|
#
?
Jun 14, 2017 19:29
|
|
|
Do I dare learn Forefront or Microsoft Identity Manager? What am I getting myself into?
|
|
#
?
Jun 21, 2017 19:55
|
|
|
Whole lotta C#, from my FIM2010 experiences.
|
|
#
?
Jun 21, 2017 20:14
|
|
|
Is anyone using OMS update management? I have been testing it out on the free plan and don't understand the billing model at all, because it seems to me that on the free plan I can do everything the paid plan does, just with less log retention? 
|
|
#
?
Jun 21, 2017 21:22
|
|
|
Tab8715 posted:Do I dare learn Forefront or Microsoft Identity Manager? MIM is the current version and has some really cool new Just in Time Admin features to really up your security game as far as privileged accounts are concerned. Also pain. Much pain and torment when processes change even a little bit and you have to account for those new changes. 2 weeks later you're in a tortured mess of spaghetti handling weird one off user provisioning cases.
|
|
#
?
Jun 21, 2017 21:38
|
|
|
I'm trying to analyze an Office 365 mail trace. I'm assuming that a ##Receive, Send; means it was sent and a ##Receive, Fail; means it failed to send. But what does just a ##Receive; mean?
|
|
#
?
Jul 5, 2017 14:11
|
|
|
It means that maybe you should expand that column and you might get more context.
|
|
#
?
Jul 5, 2017 16:13
|
|
|
Has anyone here done the 70-246? My company needs it ASAP. How hosed am I?
|
|
#
?
Jul 5, 2017 16:30
|
|
|
orange sky posted:Has anyone here done the 70-246? My company needs it ASAP. How hosed am I? Uhh unless you're already really familiar with system center 2012 and all the stuff it's testing on... pretty hosed
|
|
#
?
Jul 5, 2017 17:46
|
|
|
Hopefully someone else has dealt with this. I have an RDS farm, 2 terminal servers that some people log into via thin clients and some people have desktops that they are served remote apps to and we use DNS round robin. Currently I have one of the terminal servers in drain mode and everyone that is on network is getting pushed over to the other terminal server just fine, but I have VPN users that are still hitting the loving drained server so they can't log in. Is this a local DNS cache issue, or is something else going on? The remote users are using links provided to them that connect to the farm name, not directly to a server, but it keeps having them hit the drained server and I can't figure out why.
|
|
#
?
Jul 6, 2017 18:49
|
|
|
Are you not running a broker server? That's the only way I know for it to properly coordinate sessions and forward them off a drained server reliably.
|
|
#
?
Jul 6, 2017 18:59
|
|
|
BangersInMyKnickers posted:Are you not running a broker server? That's the only way I know for it to properly coordinate sessions and forward them off a drained server reliably. yeah we have a 3rd server handling broker services and licensing.
|
|
#
?
Jul 6, 2017 19:06
|
|
|
I'd start by running nslookups from a client to make sure its returning both server IPs for the a record that they are pulling then try manually connecting the client to the individual hostnames to verify connectivity. What you are describing should only be occurring in the event that they can't reach the other server which smells like a DNS or firewall issue.
|
|
#
?
Jul 6, 2017 19:12
|
|
|
I'm assuming DNS as everything works fine when not drained and they hit both hosts without issue. Thanks I'll bark up that tree once I can get in touch with one of these guys.
|
|
#
?
Jul 6, 2017 20:23
|
|
|
I have two main sites on opposite ends of the US, and our primary datacenter is on the west coast. Some of the people who work out of the east coast site remote in to virtual/physical workstations on the west coast. Right now, all the drive mapping is centered around the west coast datacenter, but we have a mostly unused east coast datacenter and I would really like for them to start using it. Is it possible to set up drive mapping in such a way that users logging on to a computer on the west coast will be connected to shares from the west coast datacenter, and users logging in to an east coast computer will be connected to the east coast datacenter? I can't think of a method of accomplishing this without a bunch of login scripts or DNS trickery, and I'm hoping there's something out there I can use.
|
|
#
?
Jul 7, 2017 00:01
|
|
|
DFSR? Edit: Oh, I've entirely misread this. Perhaps something like WMI filtering based on the subnet of the client?
|
|
#
?
Jul 7, 2017 00:03
|
|
|
You can setup Sites in AD where you add subnets to each site. Then you setup a GPO with specific drive maps and apply it to the Site. Then any user on that specific subnet will get the GPO applied. That's how we get computers in different locations to connect to local WSUS servers.
|
|
#
?
Jul 7, 2017 00:03
|
|
|
anthonypants posted:I have two main sites on opposite ends of the US, and our primary datacenter is on the west coast. Some of the people who work out of the east coast site remote in to virtual/physical workstations on the west coast. Right now, all the drive mapping is centered around the west coast datacenter, but we have a mostly unused east coast datacenter and I would really like for them to start using it. Is it possible to set up drive mapping in such a way that users logging on to a computer on the west coast will be connected to shares from the west coast datacenter, and users logging in to an east coast computer will be connected to the east coast datacenter? I can't think of a method of accomplishing this without a bunch of login scripts or DNS trickery, and I'm hoping there's something out there I can use. Yeah, use AD sites and GPOs to those sites.
|
|
#
?
Jul 7, 2017 00:04
|
|
|
GreenNight posted:You can setup Sites in AD where you add subnets to each site. Then you setup a GPO with specific drive maps and apply it to the Site. Then any user on that specific subnet will get the GPO applied.
|
|
#
?
Jul 7, 2017 00:05
|
|
|
I'm still confused at why DFS wouldn't be the best route here. Are these going to be different folders for different regions or what? Also move away from Home Folders, there's really no reason for them to exist anymore.
|
|
#
?
Jul 7, 2017 00:08
|
|
|
anthonypants posted:Is there anything like this for mapping the home folder drive mapping? Depends if you want to map the home folder via GPO or specifically in each AD user account. GPO, sure. AD user, not so much.
|
|
#
?
Jul 7, 2017 00:10
|
|
|
|
| # ? May 29, 2024 00:20 |
|
|
Internet Explorer posted:I'm still confused at why DFS wouldn't be the best route here. Are these going to be different folders for different regions or what?
|
|
#
?
Jul 7, 2017 00:26
|
|