Deploy SCCM packages to a Security group

I found this article useful and thought of sharing source from http://www.windows-noob.com/forums/index.php?/topic/892-deploy-software-through-ad-groups-linked-to-collections-in-sccm/

Active Directory System Group Discovery
Active Directory Security Group Discovery

once done... in Active directory you need to setup a structure for this,

You will need to create some Active Directory Security Groups, and then create an OU in Active Directory and call it Applications Group

Resized to 94% (was 1024 x 682) - Click image to enlarge

now, you need to create your corresponding Collections in SCCM,

so lets create three new collections

Office 2003
Computers in the Office 2003 Security Group
Users in the Office 2003 Security Group



The two sub collections will have separate queries to determine their contents:

The query for Computers in the Office 2003 Security Group shall be

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM
.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.SystemGroupName = "SCCM2007\\Office 2003 Users"

so from the above, SCCM2007=your domain and Office 2003 Users is the Active Directory Sercurity Group you added Computer Objects to.

Note: To define collection queries please read this post

The query for Users in the Office 2003 Security Group shall be

select SMS_R_USER.ResourceID,SMS_R_USER.ResourceType,SMS_R_USER.Name,SMS_R_USER.UniqueU
serName,SMS_R_USER.WindowsNTDomain from SMS_R_User where UserGroupName = "sccm2007\\Office 2003 Users"

Now you can target these sub collections with software to install, so in this case you would target the collections above with an advertisement to install Microsoft Office 2003.

once done, you can start adding computer or user objects to the respective Active Directory Group in active directory, and based on your Discovery Methods schedule they will appear within the correct Collection

Resized to 67% (was 1440 x 286) - Click image to enlarge

and based on the collection they are in they will receive the correct advertisement,



as this is a common question, I have renamed the topic, and pinned it.

Tech-Ed 2011

http://technet.microsoft.com/en-us/hh134198

Remote Desktop is not connecting

I found an issue some times remote desktop is not connecting telling about a network error. When i check on the event viewer i found "The RDP protocol component "DATA ENCRYPTION" detected an error in the protocol stream and has disconnected the client."

I managed to get this sorted with

http://support.microsoft.com/kb/323497

1. Start Registry Editor.
2. Locate and then click the following registry subkey:
   HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TermService\Parameters
3. Under this registry subkey, delete the following values:
   • Certificate
   • X509 Certificate
   • X509 Certificate ID
4. Quit Registry Editor, and then restart the server.

SCCM Right Click Tools

SCCM Right Click Tools

I found that SCCM takes some times to install applications to the computer and if you really wanna enforce it you have to do it on the client side. These right click tools are very handy so you can right click and enforce the application installation.


Source :http://myitforum.com/cs2/blogs/rhouchins/archive/2008/04/09/sccm-right-click-tools.aspx

http://myitforum.com/cs2/blogs/rhouchins/0401ConfigMgrTools.zip

Remotely enable Remote desktop

I found some times we need to access the computers remotely but its disabled.

source from : http://oreilly.com/windows/archive/server-hacks-remote-desktop.html

Fortunately, there's a workaround. Sit down at your desk and log on to your Windows XP workstation using your administrator credentials and start Registry Editor by Start --> Run --> regedit --> OK. Then select the Connect Network Registry option under the File menu (Figure 2).

Figure 2. Connecting to the Registry on a remote machine.

This opens the Select Computer search box. Either browse Active Directory to locate the remote server, or type its name in the textbox (Figure 3).

Figure 3. Connecting to the Registry on a remote server named SRV220.

Click OK and a node will be displayed in Registry Editor for the remote machine (Figure 4).

Figure 4. HKLM and HKU hives on SRV220.

Now browse HKLM on SRV to find the following Registry key (Figure 5).

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server

Figure 5. Registry key for Terminal Server on remote machine.

Under the Terminal Server key, you'll find a REG_DWORD value named fDenyTSConnection. Double-click on that value to open the Edit DWORD Value box and change the value data from 1 (Remote Desktop disabled) to 0 (Remote Desktop enabled), as in Figure 6 below.

EMC Celerra VM and VMware ESX

http://www.youtube.com/watch?v=B5Qn4EMgbDc

i found this video useful and thought of sharing....