Arizona Systems Management User Group 10-year Anniversary Meeting – A Taste of MMS

microsoft-tempeThe history of AZSMUG:

We have been planning this meeting for a long time and I really wanted to make this a special meeting. I got the idea to start the user group from a session that I attended at the Microsoft Management Summit in 2006. A Microsoft MVP by the name of Ed Aldrich gave a session on starting a local user group and I followed up with him afterwards for help on get things started (ironically Ed is now my coworker at 1E – although neither of us worked at 1E when we first met).

I also went through several Microsoft employees trying to find someone (a Microsoft blue badge employee) that would sponsor us so that we could host the meetings at the Microsoft office (back then it was at Central and Thomas). After striking out multiple times, I came across a Microsoft person by the name of Harold Wong (many of you probably know him from the TechNet Events). At the time, Harold was traveling as much, if not more than I was, but he always made time for us  when we wanted to have a meeting (even during his personal time, as most of our meetings were in the evenings). So a huge thanks to Harold for helping out all of these years! (BTW – he still travels a lot)

Our very first meeting was on September 21st, 2006. I think we had about 12 people attend the very first meeting – ironically many of those people still attend the user group today, so another thanks to all of you for sticking with us throughout the years!

Now, I know it would have been epic to have the 10-year meeting on the same exact day this year, but due to logistics October 7th turned out to be the ideal day. I personally am super excited for this meeting and hope to see as many of you there as possible.

So what is a Taste of MMS? The AZSMUG 10-year Anniversary Meeting IS a Taste of MMS. MMS, the Midwest Management Summit, is a systems management conference that provides top quality real-world sessions in a relaxed, setting. There is plenty of time for questions or even talking to speakers and peers.

So what makes this 10-year Anniversary Meeting a Taste of MMS? Every single speaker (Kent Agerlund, Brian Mason, Peter Daalmans, Greg Ramsey, Michael Niehaus and myself) has presented multiple sessions at the previous MMS conferences, which makes this meeting a ‘taste’ of what you get by attending the next MMS.

Registration is filling up fast, so be sure to book your ticket soon.
10 Years of AZSMUG
6 Speakers
4 Microsoft MVPs
1 Day (Friday, October 7th 2016, Tempe, AZ Microsoft Office)

Mike Terrill
AZ Systems Management User Group

Originally posted on

Import Task Sequence Failure – CM 1606

UPDATE 9/17/2016: This issue is resolved in Update Rollup 1 for System Center Configuration Manager current branch, version 1606, so be sure to apply this when upgrading to 1606.

As soon as I saw the word on Twitter that Configuration Manager (CM) 1606 was released to the fast ring, I upgraded my primary CM lab that I use for just about everything (and yes, I was on vacation at the time but that didn’t stop me).  CM is a very stable platform and the upgrade process is getting easier and easier, but software is software and every now and then you will run into an issue. That is exactly what happened to me when I was trying to import an OSD Task Sequence that had been exported from another lab that was running CM 1602. I was greeted by the dreadful error messages: “One or more errors occurred result may be incomplete” and “Object reference not set to an instance of an object”
01 Import TS Wizard
02 Import TS Wizard

Luckily, the fix turned out to be pretty easy once I knew the possible culprit. It turns out that there was some changed made to the Install Software Update step and it causes the Import Wizard to fail. All you have to do is remove the Install Software Update step before exporting your Task Sequence from a down level CM site. If you do not have access to the site but only to the exported Task Sequence, you can still fix it and here is how:

  1. The exported Task Sequence is contained in a zip file. Using Windows Explorer, extract the zip file into a working directory. For my example, I have unzipped my TS export called W10 BIOS to UEFI.
    03 Exported TS
  2. Navigate into the SMS_TaskSequencePackage directory and then the ID of the TS. Mine happens to be PS10003C.
    04 Exported TS
  3. Edit the object.xml file using Notepad (or your favorite editor). Look for the step that contains “SMS_TaskSequence_InstallUpdateAction” and delete everything between the opening <step> and closing </step> like highlighted in the screen shot below and then save the file. NOTE: You might need to run it as administrator depending on the location of your extracted files.
    04 object.xml
  4. Re-zip up the directory structure and then you should be able to import the Task Sequence without any issues.

Microsoft is aware of the issue, but hopefully this process helps out until it gets fixed.

Originally posted on

How to create a Power BI New Measure

I was recently working on a new Secure Boot State Power BI report and I wanted to use the native view from the ConfigMgr database that was created for the Secure Boot State hardware inventory extension (see Inventory Secure Boot State and UEFI with ConfigMgr). The value that gets returned is 0, 1 or null depending on how the hardware is configured. 0 means that Secure Boot is Off, 1 means it is On and null means that it is not reported and the system is probably running BIOS.

Those labels look much better than 0, 1 or nothing, so I wanted an easy way to modify the Power BI report without creating a custom query (which is also possible). Fortunately, Power BI has the ability to add a New Measure. For my New Measure, I selected New Column (New Measure is the other option). I gave my New Column the name “Secure Boot State”. The next thing was to translate the UEFISecureBootEnabled0 field into “On”, “Off”, or “BIOS”. Using the IF function, this was possible:

Secure Boot State = IF (ISBLANK(v_GS_UEFI_SecureBootState0[UEFISecureBootEnabled0]),”BIOS”, (IF (v_GS_UEFI_SecureBootState0[UEFISecureBootEnabled0]=1,”On”, (IF (v_GS_UEFI_SecureBootState0[UEFISecureBootEnabled0]=0,”Off”)))))

Now you can see that I have a new column and my source data set remains un-touched:

01 Power BI New Measure

This will be useful in creating my Power BI report for Secure Boot State.

Originally posted on

PXE Booting in the Real World

At the Midwest Management Summit today in the 7 AM OSD Birds of a Feather session, there was a lot of discussion around troubleshooting PXE booting issues. A reference was made to a session that Troy Martin and I gave at the 2014 Midwest Management Summit called PXE Booting in the Real World. Troy put together some nice SQL queries that help with the troubleshooting process:


/* Get list of devices and their Last PXE boot for (a) required deployments */
SELECT * FROM [CM_PS1].[dbo].[LastPXEAdvertisement] order by MAC_Addresses
/* Get item key for unknown records */
select * [CM_PS1].[dbo].[UnknownSystem_DISC]
/* Is device known and a valid client on the site */
Use CM_PS1
exec NBS_LookupPXEDevice N'45A74041-2F02-4A5E-B413-CD35DDE47123',N'1E:1E:1E:1E:1E:B1'
exec NBS_LookupPXEDevice N'2DCFD0F8-9134-44A3-84BB-0BFC114ADD87',N'1E:1E:1E:1E:1E:B2'
/* Get list of deployments for device */
Use CM_PS1
exec NBS_GetPXEBootAction N'16777278',N'2046820352',N'45A74041-2F02-4A5E-B413-CD35DDE47123',N'1E:1E:1E:1E:1E:B1',N''
exec NBS_GetPXEBootAction N'16777279',N'2046820353',N'2DCFD0F8-9134-44A3-84BB-0BFC114ADD87',N'1E:1E:1E:1E:1E:B2',N''

Here is a link to the slide deck that contains more information and a bunch of useful references.

Originally posted on

How to Inventory Dell BIOS and UEFI Settings with ConfigMgr Part 2

Dell LaptopWhen starting any operating system deployment project, it is a good idea to know what systems are in your environment so that you can determine which of these systems need to support the new OS. Some systems may need to be replaced, where as others might only need a BIOS UEFI update. It is also a good idea to standardize on the BIOS UEFI settings for each supported model in the environment. This ensures that consistent settings are used so that certain systems management features function correctly (for example, like wake-on-lan).

Now that Windows 10 is here, now is the time to standardize on native UEFI as the default boot mode. When making this switch, it is also important to enable Secure Boot at the same time. But, before you can do that, you need to determine not only what is in your environment, but how each system is configured.

You can inventory these hardware specific settings with System Center Configuration Manager. In How to Inventory Dell BIOS and UEFI Settings with ConfigMgr Part 1 I went through the steps for deploying the Dell Command | Monitor application to your Dell workstation clients. This is required in order to get the Dell specific information into WMI so that we can inventory it with ConfigMgr. Now we need to add the Dell classes to the Default Client Settings Hardware Inventory.

  1. Open the Default Client Settings, select Hardware Inventory and click the Set Classes button.
    01 Dell-Default Client Settings
  2. On the Hardware Inventory Classes window, click the Import button.
    02 Dell-Hardware Inventory Classes
  3. On the Add Hardware Inventory Class window, click the Connect button.
    03 Dell-Add Hardware Inventory Class
  4. If the system that is running the ConfigMgr Console is a Dell with the Dell Command | Monitor installed, leave the pre-populated computer name. Otherwise type the computer name of a Dell system that has Dell Command | Monitor installed and is currently on the network. For the WMI namespace field, enter: root\dcim\sysman and check the Recursive box. Enter credentials if connecting to a remote system and click the Connect button.
    04 Dell-Connect to WMI
  5. On the Add Hardware Inventory Class window, select the following class: DCIM_BIOSEnumeration and click OK. This enables us to inventory BIOS UEFI settings (current and possible).
    05 Dell-Add Hardware Inventory Class
  6. Back on the Hardware Inventory Classes window, I recommend un-selecting the class for the Default Client Settings (in fact, I recommend trimming the Default Client Hardware Inventory Classes down to just a few and target only the necessary classes via Custom Client Settings). We will add them to a Custom Client Settings designed for Workstations. Unselect DCIM_BIOSEnumeration and click OK.
    06 Hardware Inventory Classes
  7. On the Default Settings windows, click OK.
    07 Dell-Default Settings
  8. Next, create a Custom Client Device Settings, give it the name Workstation Client Settings, select Hardware Inventory (or use a previously created one).
    08 Dell-Create Custom Client Device Settings
  9. Click on Hardware Inventory in the left pane and click Set Classes.
    09 Dell-Create Custom Client Device Settings
  10. Select DCIM_BIOSEnumeration and the following fields should be selected: AttributeName, CurrentValue, DefaultValue, IsReadOnly, PossibleValues, PossibleValuesDescription (InstanceName gets selected by default) and click OK. These are the fields that have useful information that we can use for reporting.
    10 Dell-Hardware Inventory Classes
  11. On the Create Custom Client Device Settings window, adjust the desired Hardware Inventory schedule and click OK.
    11 Dell-Create Custom Client Device Settings
  12. Deploy the newly created Workstations Client Settings out to a collection that contains Dell workstation systems. I have one called All Workstation Clients.
    12 Dell-Workstation Client Settings
  13. On a targeted Dell system, kick off a Machine Policy Retrieval & Evaluation Cycle and then a Hardware Inventory Cycle. In the InventoryAgent.log on the client, you should find an entry being inventoried for the newly defined namespace.
    13 Dell-Inventory Agent Log
  14. Back in the ConfigMgr Console, use the Resource Explorer and open up the Hardware Inventory for the system that was used in the previous step. Here you will see that the new class and corresponding values have been added.
    14 Dell-Resource Explorer

Hopefully you found this post useful and it helps you to gather and report on Dell specific settings using System Center Configuration Manager.

Originally posted on

How to Inventory Dell BIOS and UEFI Settings with ConfigMgr Part 1

Dell monitor logoSimilar to the Dell Command | Configure utility, Dell recently released the Dell Command | Monitor utility (previously known as OMCI or OpenManage Client Instrumentation). Where as the Dell Command | Configure utility enables IT administrators to configure Dell Enterprise client systems, the Dell Command | Monitor allows IT administrators to monitor and inventory system configurations and system health with enterprise management consoles, like System Center Configuration Manager. Now that Windows 10 is here, organizations are going to want to be able to report on UEFI capable systems as part of their planning so that they can be reconfigured for UEFI (instead of legacy BIOS). Running UEFI is a requirement in order to take advantage of the new security features in Windows 10 like Secure Boot, Device Guard and Credential Guard.

In a previous post, Inventory Secure Boot State and UEFI with ConfigMgr, I provided a method that will inventory systems that are running Secure Boot. This method results in the return of three possible values On (1), Off (0) or not detected (Null). Since UEFI is a requirement for Secure Boot, we can determine that UEFI is not enabled for a device if the Secure Boot state is not detected. This is great for high level reporting on how much of the environment is running UEFI, but it does not tell us how many systems (that are not running UEFI) can run UEFI.  Using Dell Command | Monitor and System Center Configuration Manager, we can determine not only which systems are running UEFI, but also which systems are UEFI capable. Dell Command | Monitor creates the necessary classes and properties in WMI that enables the monitoring and reporting of this information programmatically.

Part 1 of this post will show you what you need to do in order to distribute Dell Command | Monitor out to your existing systems using System Center Configuration Manager.

Part 2 of this post will show you how to extend System Center Configuration Manager to be able to collect this information and show the exact class that needs to be enabled.

The first thing you need to do is download the x86 and x64 versions (from here: Download 32-bit Dell Command | Monitor v9.1/Download 64-bit Dell Command Monitor v9.1) and install/extract it on a Dell system that is already running Windows 7/8/8.1/10 (there is an option to just extract the contents of the package as well). As of this post, version 9.1 is the latest release.

  1. After downloading (starting with the 64-bit version) and running the exe, click on extract.
    01 Extract package
  2. Create a temporary folder to extract the contents.
    02 Extract temp folder
  3. After the extraction completes, click View Folder.
    03 Extract complete
  4. Create a new folder structure on your Application repository (for this example I use Applications>Dell>Command-Monitor>9.1>x64) and copy the extracted contents to this location.
    04 App repository
  5. Download, extract the contents and copy to your Application repository (place the contents in Applications>Dell>Command-Monitor>9.1>x86).
    05 App repository x86
  6. In the ConfigMgr Console, create a new Application by browsing to the MSI in the x64 subdirectory on the Application repository and click Next.
    06 New App
  7. View the imported information from the MSI and click Next.
    07 New App
  8. On the General Information screen verify the following information and click Next. Note: I like to add REBOOT=ReallySuppress and /qn to the command line.
    08 New App
  9. Confirm the settings on the Summary screen and click Next.
    09 New App
  10. Verify that The Create Application Wizard completed successfully and click Close.
    10 New App
  11. Next, open up the Properties of the newly created Application.
    11 New App
  12. Select the Deployments Types tab and edit the listed Deployment Type.
    12 DT x64
  13. On the Deployment Type Properties, select the Requirements tab. Note: I like to add x64 to the name of the Deployment Type.
    13 DT x64
  14. On the Requirements tab, click the Add button.
    14 DT x64
  15. Select all of the 64-bit workstation versions of Windows that are supported in your environment and click Ok.
    15 DT x64
  16. Back on the Deployment Type Properties screen verify the following and click Ok.
    16 DT x64
  17. Now we need to add in the 32-bit Deployment Type. Back on the Deployment Types tab, click the Add button.
    17 DT
  18. On the General screen of the Create Deployment Type Wizard, browse to the Application repository for the 32-bit MSI and click Next.
    18 DT x86
  19.  Verify the that import succeeded and click Next.
    19 DT x86
  20. On the General Information screen, verify the following information and click Next. Note: I like to x86 to the Name and add REBOOT=ReallySuppress and /qn to the command line.
    20 DT x86
  21. On the Requirements screen, click the Add button.
    21 DT x86
  22. Select all of the 32-bit workstation versions of Windows that are supported in your environment and click Ok.
    22 DT x86
  23. Back on the Requirements screen, verify the following information and click Next.
    23 DT x86
  24. On the Dependencies screen, click Next.
    24 DT x86
  25. On the Summary screen, verify the settings and click Next.
    25 DT x86
  26. On the Completion screen, verify success and click Close.
    26 DT x86
  27. Back on the Deployment Types tab click Ok.
    27 App DT tab
  28. You will now see the Application with two Deployment Types listed in the console. Now we need to distribute the content to our Distribution Point(s). Right-click and select Distribute Content.
    28 Distribute Content
  29. On the General screen of the Distribute Content Wizard, click Next.
    29 Distribute Content
  30. On the Content screen, click Next.
    30 Distribute Content
  31. On the Content Destination screen, select the desired Distribution Point Group (or Distribution Point) and click Next.
    31 Distribute Content
  32. On the Summary screen, confirm the settings and click Next.
    32 Distribute Content
  33. On the Completion screen, verify the wizard completed successfully and click Close.
    33 Distribute Content
  34. Now we need to create a collection that contains only Dell workstation clients that we can use to deploy the newly created Dell Command | Monitor Applications. Create a new collection called All Dell Workstation Clients. On the General screen of the Create Device Collection Wizard, enter the following information and click Next. Note: I like to limit workstation collections to my All Workstation Clients collection.
    34 Dell Collection
  35. On the Membership Rules screen, click Add Rule and select Query Rule.
    35 Dell Collection
  36. On the Query Rule Properties screen, type All Dell Systems for the Name and then click Edit Query Statement.
    36 Dell Collection
  37. On the Query Statement Properties screen, select the Criteria tab and use Computer System.Manufacturer is like “%Dell%” and click Ok.
    37 Dell Collection
  38. Back on the Query Rule Properties screen, verify the following information and click Ok.
    38 Dell Collection
  39. Back on the Membership Rules screen, verify the following information and click Next.
    39 Dell Collection
  40. On the Summary screen, confirm the settings and click Next.
    40 Dell Collection
  41. On the Completion screen, verify the wizard completed successfully and click Close.
    41 Dell Collection
  42. Once the collection evaluation has completed, verify that the collection membership is working as expected and only contains Dell Workstation Clients.
    42 Collection
  43. Create a test deployment of the Dell Command | Monitor Application and verify that it is installing correctly. Back in the Software Library in the ConfigMgr Console, right click on Dell Command | Monitor Application and select Deploy.
    43 Deploy
  44. On the General screen of the Deploy Software Wizard, select the All Dell Workstation Clients collection and click Next. Note: Be sure to thoroughly test this in a lab first!
    44 Deploy
  45. On the Content screen, verify that the content has already been distributed to the Distribution Point Group(s)/Distribution Point(s) and click Next.
    45 Deploy
  46. On the Deployment Settings screen, choose Required for the Purpose and click Next.
    46 Deploy
  47. On the Scheduling screen, select the desired schedule and click Next.
    47 Deploy
  48. On the User Experience screen, select the desired settings and click Next.
    48 Deploy
  49. On the Alerts screen, click Next.
    49 Deploy
  50. On the Summary screen, verify the settings and click Next.
    50 Deploy
  51. On the Completion screen, verify the wizard completed successfully and click Close.
    51 Deploy
  52. Next, verify that it installed successfully by looking in Software Center and Programs and Features.
    52 Software Center52 Programs and Features
  53. Using Wbemtest, you will now see all of the Dell specific classes in root\dcim\sysman.
    53 Wbemtest

Now that Dell Command | Monitor is deployed, we can now use this information in a whole new way with System Center Configuration Manager. We can use it in Reports, Settings Management, and query criteria (just to name a few). Part 2 of this blog will show you how to extend System Center Configuration Manager to be able to collect this information and show the exact class that needs to be enabled to report on BIOS-UEFI settings.

Originally posted on

HP BIOS Screens

HP LaptopI was getting ready for some of my upcoming presentations that I need to give on the BIOS options of the various hardware manufacturers and since some projectors do not always like to display the low level BIOS screens, I thought it would be a good idea to do some screen captures as backup.

The following screen shots were taken from a HP EliteBook Folio 9470m. I plan on explaining some of the necessary settings in the future as they relate to UEFI and Secure Boot for Windows 10, but for now if you need some screen shots for documentation or are just curious as to some of the settings feel free to use the ones below. I did not grab every screen, but I did get the important ones.























Originally posted on

Configuration Manager and OSD with a side of PowerShell

Greg's Systems Management Blog

Enterprise Systems Management - the good, bad, and ugly

Coretech Blog

Configuration Manager and OSD with a side of PowerShell

Chris Nackers Blog

Just another site

Steve Thompson [MVP]

The automation specialist