Fix for File Explorer crash when using “Send To – Mail recipient” context menu

Some of you maybe noticed, that the option Send to –> Mail recipient in the context menu  from Windows 10 (several Builds) can cause crashing the File Explorer.
This is in combination with Office365 and Click-To-Run as the application is based on an App-V technology. The bug is not new and should really be fixed in a next CU of Windows 10, please MS. There is a very easy fix for that. Use a registry key to get it sorted. This is tested on many Windows 10 Enterprise 1709 Build.

Registry Key value:
*******************************************************************

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ClickToRun\OverRide]
“AllowJitvInAppvVirtualizedProcess”=dword:00000001

*******************************************************************
As always: Be careful when you do changes in the registry.

Copy the value from the reg key above to a notepad and save it as “FixSendToMail.reg”. Double click the reg file and import ist to the client with the issue. This will fix it immediately.

You can also add this step directly in your ConfigMgr Tasksequence. Just make sure you add the step after installing Office365. Use the reg key above and add it to your Customization Package for Windows 10.
Run a command line step in your Tasksequence by using the command bellow:

*******************************************************************
regedit.exe /s FixSendToMail.reg
*******************************************************************

2017-12-07 13_17_07

Hope this helps.

Cheers, Al

 

 

Still buggy: #ConfigMgr Current Branch 1610 – download still hangs in the console

I thought that some bugs will be fixed during the time. Ok, sometimes it happens with a new KB :-).

Today I had to upgrade a 2012 R2 ConfigMgr Server to 1606 and then 1610. 1606 is not an big deal as you have the baseline ISO for that. After that you will receive the 1610 in the console. But it hangs still with the status “Downloading”.

As one solution you will find to restart the SMS_Executive. But with restartig the service you won’t still be able to install the CB 1610. Restarting the SMS_Executive restarts also the SMS_DMP_Downloader and you can follow the process using the dmpdwonloader.log under the log folder from your Primary Site server.

In that log you recognize that some cab files can’t be downloaded. All sources will be downloaded to the CM “Program Files\Microsoft Configuration Manager\EasySetupPayload” folder. The log shows you the download link of the mssing root cab file and also the used proxy server. Copy that link to your preferred browser link bar and download the cab file. Place it in the EasySetupPayload folder. – Restart SMS_Executive. The download will continue after 1-2 minutes.

In my case was ConfigMgr not able to download all the prereq tools to the “redist” folder. Some where Ok, but not all. 14 tools where still missing. If you have the same issue, navigate to \EasySetupPayload\”extractedCABName”\SMSSETUP\BIN\x64 and run setupdl.exe to download all the Prereq tools. You can directly download the contet to the \EasySetupPayload\”extractedCABName”\redist folder.

Restart the SMS_Executive Service again. The Configuration Manager 1610 Update should now switch to the status Available.

configmgr

Have fun installing 1610.

 

 

 

#ConfigMgr 1702 released – Enable FastRing

Yesterday Microsoft released the new Current Branch version 1702 of ConfigMgr. The update will bring a lot of new features. For a detailed overview visit the docs.microsoft.com site.

Be aware that the support for following products dropped with the version 1702:

SQL Server 2008 R2, for site database servers. Deprecation of support was first announced on July 10, 2015. This version of SQL Server remains supported when you use a Configuration Manager version prior to version 1702.

  • Windows Server 2008 R2, for site system servers and most site system roles. Deprecation of support was first announced on July 10, 2015. This version of Windows remains supported when you use a Configuration Manager version prior to version 1702.
  • Windows Server 2008, for site system servers and most site system roles. Deprecation of support was first announced on July 10, 2015.
  • Windows XP Embedded, as a client operating system. Deprecation was first announced on July 10, 2015. This version of Windows remains supported when you use a Configuration Manager version prior to version 1702.

 

If you’re not seeing the update in you console and your ConfigMgr Server is running in the online mode using the Service Connection Point (available with Version 1602 and later) , you can enable the Fast Ring using the TechNet gallery PowerShell script.

2017-03-28 07_37_02-S2023 - ConfigMgr

  • Force an update check in the CM console
  • The new update starts to download. You can verify that in the dmpdownloader.log file.

After the upgrade you will have installed following version numbers:

Version 1702
Console Version 5.000.8498.1400
Site Version:5.0.8498.1000

ConfigMgr 1606 – Configure Office 365 Client Agent Settings(Configuration Manager Current Branch)

Hi reader,

The newest Version of System Center Configuration Manager Current Branch (1606) is rolling out these days with a lot of new features and opportunities.

As the update is rolled out globally in the coming weeks, it will be automatically downloaded and you will be notified when it is ready to install from the “Updates and Servicing” node in your Configuration Manager console. If you can’t wait to try these new features, this PowerShell script can be used to ensure that you are in the first wave of customers getting the update.

Beginning in Configuration Manager version 1606, you can use the Configuration Manager client setting to manage the Office 365 client agent. Configure your Client Settings \ Software Updates Settings. There you can find now a new option called “Enable management of the Office 365 Client Agent“.

Capture

After you configure this setting and deploy Office 365 updates, the Configuration Manager client agent communicates with the Office 365 client agent to download Office 365 updates from a distribution point and install them. Configuration Manager takes inventory of Office 365 ProPlus Client settings.

Find more details on TechNet: https://technet.microsoft.com/en-us/library/mt741983.aspx

Configuration Manager 1602- backup your CD.Latest folder

Today I got a support case where I had to restore my first ConfigMgr Current Branch 1602.

No prob, we do have a nice SQL DB backup of the ConfigMgr database.

Let’s do the following:

  1. Close all consoles
  2. Stop all SMS Services (will also be done by the recovery wizard)
  3. Start the setup.exe from the CD.Latest (“Your Install Directory”\Microsoft Configuration Manager\cd.latest\SMSSETUP\BIN\X64)

But here I got stock. The “Recovery Site” option was greyed out. Of course I tried different ways to start the splash.hta or the setup.exe using admin rights. No way. The option was never available.

123

During research I found that the Site Maintenance job in ConfigMgr is also creating a folder called CD.Latest. But the customer did never activate the Site Maintenance job as they use a third party backup solution to backup the SQL Databases.

However, I configured the Site Maintenance Task and started the SMS_SITE_BACKUP service. This was creating the CD.Latest folder under my backup folder.

124

With this version of the setup.exe file could restore the database .

What we did:

–          Stopped all services
–          Detached the no longer needed CM_”SiteCode” database from the SQL Server using the SQL Server Management Studio
–          Restored the good database from Sunday (used the SQL option “override existing files”)
–          Started CD.Latest from the newly created backup folder (F:\Backup\W01Backup\CD.Latest)
–          Used “Site Database that has manually recovered” as we restored it in SQL

125

Conclusion

Please be aware of a very important change required to your backup strategy in Configuration Manager 1511, 1602 (and later). As you know regular upgrades will be available for the product (every 4 months or so) and you will be able to upgrade using update packages in the “Updates and Servicing” node of the Administration > Cloud Services workspace.

–          Make sure you enable the “Site Maintenance” Job for the site.
–          Backup the Backup folder as this will allow you to restore the ConfigMgr 1602 server in case of a bare metal restore

This folder will be required when you are recovering a failed site so it must be included in a backup strategy. Note that the built in backup maintenance task will back up this folder automatically. Also note that there is no point in backing up this folder once. It must be ongoing because, when upgrades are installed, Configuration Manager also updates the CD.Latest folder with the current files.

Find more informations on TechNet:
https://technet.microsoft.com/en-us/library/mt703293.aspx

 

ConfigMgr 1511 MP Troubleshooting – HTTP test request failed, status code is 403. “Forbidden” – Managing MAC OSx

I have recently faced following issue “HTTP test request failed, status code is 403. “Forbidden” ” on Management Point and was not Abel to connect MAC OSx Devices to the MP. To fix this issue, I followed the below steps and maybe you can do so.

Issue

We have HTTPS enabled on the Management Point for managing MAC OSx Clients and it is still not able authenticate. Due to this it is reporting this error.

The MPControl.log is reporting following error:
“Call to HttpSendRequestSync failed for port 443 with status code 403, text: Forbidden” “HTTP test request failed, status code is 403. ‘Forbidden”

error1

Solution

Look at the IIS Log files under your inetpub folder for more details of the error. The log files are located under  (C or D drive)  \inetpub\logs\Logfiles\W3SVC1

As you see in the below highlighted line error code 403 13, which indicates an issue with Client Certificate Revocation (CRL) Check on IIS.

error2

To fix this issue disable the Revocation check. Client Certificate Revocation is enabled by default. We need to delete all existing bindings on IIS and readd them again. The easiest way to do this is using the netsh command.

  1. Run the below command line and make a note of the details
    netsh http show sslcert
    blog_060115_3
  2. Delete existing SSL bindings
    netsh http delete sslcert ipport=0.0.0.0:443
    blog_060115_4
  3. Readd SSL binding and disable CRL check
    netsh (enter)
    http add sslcert ipport=0.0.0.0:443 certhash= 6cfa619aa7cb9eed29d1ccb0ec783ee40d20281c appid={4dc3e181-e14b-4a21-b022-59fc669b0914}  certstorename=My  verifyclientcertrevocation=disable
    blog_060115_5
  4. Run “netsh http show sslcert” again to check the status of the CRL check
    blog_060115_6
  5. Check the mpcontrol.log. The error is gone.

Tray again to connect your MAC OSx ConfigMgr Client to your ConfigMgr Primary Site Server. You should now be able to connect. Your MAC will also appear in the ConfigMgr console.

blog_060115_7.PNG

Connection to ConfigMgr established:

blog_060115_9.PNG

Now manage your MAC under “Devices” in the ConfigMgr Console:

blog_060115_8

Use this as a workaround if you’re not able to publish the CRL for your Site Servers.

Enjoy ConfigMgr!

 

House of cards – new WSUS Option in ConfigMgr 1511

In the past we used the guide from Kent Agerlund (MVP) for cleaning up the WSUS Database in ConfigMgr, also called the house of cards! This guide is still very popular and of course necessary for having a correct configured WSUS Server. As Kent mentioned, you should do the cleanup task every Monday morning before you start any other work :-)!

But now we got a new option in ConfigMgr 1511 when we setup the Software Update Point. This will allow ConfigMgr to cleanup the WSUS Database and remove any obsolet updates from the WSUS DB.

1

To enable and run the WSUS cleanup job

  1. In the Configuration Manager console, navigate to Administration > Overview > Site Configuration > Sites.

  2. Click Configure Site Components in the Settings group, and then click Software Update Point to open Software Update Point Component Properties.

  3. Click the Supersedence Rules tab, select Run WSUS cleanup wizard, and then click OK.

Thanks to the MS Product Team to integrate this feature in future ConfigMgr versions!