Failed to run task sequence with following error 0x80070570

In this case, during operating system deployment using SCCM 2012 r2 task sequence, I have experienced error 0x80070570 on some machines:

From the MSDN, descriptive information for the error (0x570) 1392 is: "The file or directory is corrupt and unreadable."

This task sequence job was to deploy new operating system using wipe and load scenario. In order to fix this issue and allow the task sequence to finish it's job, I've entered into debug mode using F8 and used diskpart. Since, the operating system deployment scenario was wipe and load, I didn't care much about the data stored on disk. So, here is the syntax for disk cleaning:

diskpart -> list disk -> select disk 0 -> clean -> exit

After cleaning the disk, the task sequence has successfully installed the required operating system.
 

Updated SCCM 2012 R2 clients version in Admin Console

In this case I was manually updating SCCM R2 clients on some Windows based servers with latest rollup update, but the newly (updated) SCCM client version for those servers was not refreshed (reported) in SCCM 2012 R2 Admin console. The reason for this behavior was that the SCCM client versions are reported by heartbeat discovery. Default value for heartbeat discovery is 7 days.

In order to make SCCM clients to report client version as soon as possible there are two options:

• Lowering the default value of 7 days for heartbeat discovery, or
• Manually trigger Discovery Data Collection Cycle action from client

Update the collection membership and new version of SCCM client will be shown in SCCM admin console.
 

Windows 7 SCCM 2012 R2 clients unable to download content

This is a case where Windows 7 x86 non domain workstations with SCCM 2012 R2 client installed were unable to download content from SCCM server. Network Access Account was properly configured, and the client was using it but was still unable to download content. Anonymous clients were not allowed to connect to distribution point. Here are the error messages from DataTransferService.log:

<![LOG[Job {...} impersonating Network Access Account.]LOG]!>
<![LOG[[CCMHTTP] ERROR: URL=http://servername:80/SMS_DP_SMSPKG$/PackageID, Port=80, Options=224, Code=0, Text=CCM_E_BAD_HTTP_STATUS_CODE]LOG]!>
<![LOG[Error sending DAV request. HTTP code 401, status 'Unauthorized']LOG]!>
<![LOG[GetDirectoryList_HTTP('http://servername:80/SMS_DP_SMSPKG$/PackageID') failed with code 0x80070005.]LOG]!>

After installing the following hotfix KB2522623, this client has successfully downloaded and installed packages. This hotfix is applicable to Windows Server 2008 R2 SP1 also, so this kind of behavior should be expected for those server 2008 R2 SP1 clients that are members of workgroup or DMZ.
 

Application Catalog website point Status:Critical

In this case I was deploying Cumulative Update 1 for SCCM 2012 R2 and installation of CU has completed successfully, but Application Catalog website point site system role was in status Critical. Before installation of CU1, Application Catalog website point was in status OK. So, the quest for searching why the application catalog website point was in status Critical after installation of CU1 has begun.

• I checked the log files and there were no errors in them.
• All components were in status OK
• There were no error messages for components
• All counts were reset
• System rebooted

And still the Application catalog website point was in status Critical, even though software center application catalog from clients was working as expected.
Finally, I have reinstalled the application catalog website point system role, and mysteriously the status was changed in OK state.
 

SCCM 2012R2 Task Sequence Error 0x8007000b

When deploying Windows 8.1 x64 using SCCM 2012 R2, you may experience task sequence error 0x8007000b, if you're trying to execute for example DISM command without path information for the executable. For example, running the following task sequence command to set the default file association from xml file will fail:

dism /online /Import-DefaultAppAssociations:AppAssociations.xml

The reason for this failure is Windows redirect feature which tries to execute the 32bit version of DISM. In order to fix this behavior and run the 64bit version of DISM, sysnative function can be used. So, running the DISM like this:

%windir%\sysnative\dism /online /Import-DefaultAppAssociations:AppAssociations.xml

will successfully import the default file associations. More info about file system redirector check http://msdn.microsoft.com/en-us/library/aa384187.aspx .
 

Failed to recreate client evaluation task

In this case there was SCCM 2012R2 client that was reported as client that failed check from All Desktop and Server clients. The error message was Failed to recreate client evaluation task :



This SCCM 2012R2 client was installed on Windows Server 2003 R2 were the local administrators have disabled some services and among them was Task Scheduler. After setting the Task Scheduler service to Automatic and starting the service, and restarting the SMS Agent Host service the Configuration Manager Health Evaluation task was successfully created and the client was no longer reported as client that failed check.
 

Configuring HP Desktop BIOS using SCCM 2012 Task Sequence

In this case I wanted to unify BIOS settings (setup password and bios version) on HP Desktop Computers (DC5800, DC6000, DC6300, 600 G1). I was using SCCM 2012 R2 for operating system deployment, and in the task sequence for operating system deployment I have added steps for setting the BIOS password and updating the BIOS to latest available version for HP desktop model. For setting up the BIOS password I was using BiosConfigUtility.exe from HP sp52095.exe, and for updating the BIOS to the latest available version I was using HPQFlash which is part of BIOS update package and can be downloaded from support web page of the HP desktop model.
What I want to notify here is that BIOS password set with numbers from numerical part of the keyboard is not the same when typed with same numbers from regular part of the keyboard. So, in my case I wanted to set the BIOS password with numbers from numerical part of the keyboard. For example, for BIOS password I wanted to set seven,eight and nine from numerical part of the keyboard, knowing that previous BIOS password is either blank or "abcd". And syntax for achieving that task is following:

BiosConfigUtility.exe /cspwd:"" /cspwd:"abcd" /nspwd:"<KEYPAD 7><KEYPAD 8><KEYPAD 9>"

Note that several "old" BIOS password can be specified in same line using /cspwd, and new password is specified after /nspwd with syntax specified as above when wanted to use numerical part of the keyboard.
My next step was to update BIOS version. For updating the BIOS using HPQFlash when BIOS setup is password protected, setup password has to be provided in encrypted form. Setup password must be encrypted using HPQPswd utility which is part of BIOS update package. HPQPswd will create a file with encrypted setup password. Specifying that file for BIOS setup password will allow HPQFlash to update the BIOS version. Presuming that BIOS update file is located in same location as HPQFlash, the syntax for updating BIOS in silent mode is:

HPQFlash.exe -s -psetuppass.bin

Where setuppass.bin is the encrypted BIOS setup password file created with HPQPswd, and note that there is no space between -p and name of the encrypted BIOS setup password file.

Happy BIOS flashing !

Unable to update to SCCM 2012 R2 SCEP client

In this case I was upgrading SCCM 2012 SP1 infrastructure to SCCM 2012 R2, and one of my tasks was to upgrade SCCM client to SCCM 2012 R2 version 5.00.7958.1000. During SCCM 2012 R2 client upgrade procedure, SCEP client upgrading is part of the upgrading process to version 4.3.220.0. SCCM 2012 R2 client together with SCEP client were upgrading without any issues on most of the clients, but there were some clients where SCCM client was successfully upgraded to R2 version, but SCEP client was still with old version. SCCM 2012 R2 console for those clients was reporting the following information:

Deployment State: Failed 

Deployment Return Code: 0x80004005 

Deployment Description: Failed to trigger EP Installer to install.

On Client Side EndpointProtectionAgent.log was having following info:

![LOG[Failed to load xml from string <?xml version="1.0"?><SecurityPolicy xmlns="http://forefront.microsoft.com/FEP/2010/01/PolicyData" .........(truncated) > 

<![LOG[Failed to generate AM policy settings for SCEP installation with error code 0x80004005]LOG]!>

The reason for this behavior was that the Antimalware Policy assigned to client was having the ampersand "&" sign. After removing the "&" from the Antimalware policy, the SCEP client was successfully upgraded to version 4.3.220.0.