Recently, we had an issue where KB4038777 was failing to install on some Windows 2008 R2 servers, but was fine on others.

Sometimes, this indicates that the “maximum run time” on a patch has been set ludicrously low (generally 10 minutes) on a specific patch – and the servers that it is failing on, are those that don’t perform so well – and therefore time out.

In this case, the patch was failing with the following line in the CBS.log

Failed to find file: x86_microsoft-windows-directwrite_31bf3856ad364e35_7.1.7601.23688_none_c657164201eacd8d\DWrite.dll [HRESULT = 0x80070002 – ERROR_FILE_NOT_FOUND]

We tried a number of things to “fix” this, including comparing file versions of Dwrite.dll, cleaning out the softwaredistribution cache, disabling AV etc – to no avail.

After a few hours, we found that installing the “desktop experience” feature (which requires a reboot), then running a disk cleanup (including windows updates) on the server then allowed us to install this update.

Its not an ideal “solution” – and quite frankly – all Windows 2008 R2 server should be in the process of being decommissioned… but aside from that, it seems that admins have the option of

a) installing desktop experience, rebooting, then running a disk cleanup

b) waiting for next months rollup – which may not have the same issue.

 

https://support.microsoft.com/en-us/help/4034314/smbv1-is-not-installed-by-default-in-windows-10-rs3-and-windows-server

As per the link above, SMB 1 will no longer be installed by default in Win 10 1710 (which, given the release date, I’m guess that’s what it will be called) or the next version of Server 2016 (whatever that ends up being called).

Considering the recent-ish SMB1 targeted attacks, this isn’t surprising – and is a good move in my opinion. Issue is of course, the companies likely to hit by SMB1 (or other old-school attacks) are likely to not be up to date with their patching and even less likely to be up to date with OS versions – so it wont help secure the more vulnerable networks out there….

It is very common to get the following errors in your SCCM component status window for the component “SMS_Inventory_Data_loader” – the most of common of which goes something along the lines of

Inventory Data Loader failed to process the file D:\Program Files\Microsoft Configuration Manager\inboxes\auth\dataldr.box\Process\H38H6C71.MIF because it is larger than the defined maximum allowable size of 5000000.

The size of the MIFs can be checked by navigating to D:\Program Files\Microsoft Configuration Manager\inboxes\auth\dataldr.box\BADMIFS\ExceedSizeLimit and taking note of the largest MIF, then adding a bit of headroom, modifying the registry as per https://thedesktopteam.com/heinrich/event-id-2719-sms_inventory_data_loader-error-sccm-2012-r2/

For one client recently, once that was done, the larger MIFs started processing, however they then got many entry’s in D:\Program Files\Microsoft Configuration Manager\inboxes\auth\dataldr.box\BADMIFS\ErrorCode_4

This article – https://blogs.technet.microsoft.com/umairkhan/2014/10/01/configmgr-2012-hardware-inventory-resync-and-badmif-internals/ nicely documents some of the errors you may get, but not specifically what error code 4 relates to. This TechNet forum post seems to nail the issue, but not necessarily how to solve it.

In my case, I navigated to the SCCM logs directory, open dataldr.log and searched for errors to find the specific line of SQL which was not being imported nicely – it was pretty easy to find thanks to CMTrace’s desire to highlight lines with “error” in them to red.

With this, its fairly easy to see that the troublesome statement is

*** [23000][547][Microsoft][SQL Server Native Client 11.0][SQL Server]The INSERT statement conflicted with the FOREIGN KEY constraint “WINDOWS8_APPLICATION_USER_INFO_DATA_FK”. The conflict occurred in database “CM_xxx”, table “dbo.System_DATA”, column ‘MachineID’. : pWINDOWS8_APPLICATION_USER_INFO_DATA

 

Armed with this information, you can then choose if you care about this hardware inventory information – and if not, you can exclude it from inventory.

Its fair to say I’m not a fan of Microsoft support.

Premier support is anything but premier, and partner’s are completely unsupported, in fact, Microsoft products in general fall under “effectively un-contactable” if you don’t have premier, and if you do have premier they still fall into “effectively unsupported”… and if it wasn’t for community support, they would be completely unsupported.

But there are phone lines you can call and forums…. yes… but

<listen to attached audio, its a little soft, so you may have to turn your volume up>

https://mspartner.microsoft.com/he/il/pages/support/partner-technical-services-contact-information.aspx

Keep in mind these are the same technical advisory hours that Microsoft employs a call centre to actively ring partners and query why they are not using them.

This is, unfortunately, pretty standard for Microsoft. Its just so baffling disappointing that they are so focused on sales, that they don’t support their products.

SCCM admin, console works from all machines….

try a 8.1 machine at a remote site, “Configuration manager cannot connect to the site (FQDN of primary)”

Found this helpful article

https://sccmfaq.wordpress.com/2013/10/22/sccm-2012-r2-console-on-windows-8-1-cant-connect-to-sms-provider/

 

Basically dump these entries into a text file, rename to .reg and import….

 

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ConfigMgr10\AdminUI\QueryProcessors\WQL] "Assembly Path"="C:\\Program Files (x86)\\Microsoft Configuration Manager\\AdminConsole\\bin\\AdminUI.WqlQueryEngine.dll"
"Depends On"=""
"Type"="Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlConnectionManager

http://www.microsoft.com/en-us/evalcenter/evaluate-skype-for-business?i=1