November 27, 2009

Patching Standards or objectives

Patching in SCCM 2007

Nice blog posted by Steve Pruiit.

November 3, 2009

New Features Configuration Manager RTM (from SMS 2003)

Operating system deployment
Operating System Deployment provides the Configuration Manager 2007 administrator with a tool for creating images that can be deployed to computers managed by Configuration Manager 2007, and to unmanaged computers using bootable media such as CD set or DVD. The image, in a WIM format file, contains the desired version of a Microsoft Windows operating system and can also include any line-of-business applications that need to be installed on the computer.

Operating System Deployment provides the following functionality:

• Image capture
• User state migration using the User State Migration Tool
• Image deployment
• Task sequences

Desired configuration management-

1. Desired configuration management in Configuration Manager 2007 allows you to assess the compliance of computers with regard to a number of configurations, such as whether the correct Microsoft Windows operating system versions are installed and configured appropriately, whether all required applications are installed and configured correctly, whether optional applications are configured appropriately, and whether prohibited applications are installed. Additionally, you can check for compliance with software updates and security settings.

2. Compliance is evaluated by defining a configuration baseline that contains the configuration items you want to monitor and rules that define how they should be defined for compliance. Configuration baselines can be imported from the Web as Best Practices, or defined within Configuration Manager, or defined externally and then imported into Configuration Manager.

Network Access Protection for Configuration Manager-

1. Network Access Protection (NAP) is a policy enforcement platform built into the Microsoft Windows Vista and Windows Server 2008 operating systems that allows you to better protect network assets by enforcing compliance with system health requirements. You can configure DHCP Enforcement, VPN Enforcement, 802.1X Enforcement, IPsec Enforcement, or all four, depending on your network needs. ConfigMgr 2007 SP1 will integrate with Windows NAP to allow you to restrict clients if they do not have the software updates that you designate as required.

2. Network Access Protection is not designed to secure a network from malicious users. It is designed to help administrators maintain the health of the computers on the network, which in turns helps maintain the network’s overall integrity. For example, if a computer does not have all the software updates required by ConfigMgr NAP policies, the computer is noncompliant and considered unhealthy. NAP enforcement can automatically install the required software updates and until these are successfully installed, the computer can be restricted from accessing the full network. Network Access Protection does not prevent an authorized user with a compliant computer from uploading a malicious program to the network or engaging in other inappropriate behavior.

Wake On LAN – The following scenarios are supported-

1. Sending a wake-up transmission prior to the configured deadline for a software update deployment.

2. Sending a wake-up transmission prior to the configured schedule of a mandatory advertisement, which can be for software distribution or a task sequence.

Enhanced and/or Changed Features-

1. Software Updates

The software update feature in ConfigMgr has been rewritten to make it simpler to use but the security requirements are similar to SMS 2003. When you download software updates to create packages, use proper access controls to prevent attackers from modifying valid software updates. Retrieve software updates directly from or from a trusted source in your environment so that you can validate the integrity of the files.

2. Software Update Point

The software update point is installed as a site system role in the Configuration Manager console. The software update point site system role must be created on a server that has Windows Server Update Services (WSUS) 3.0 installed, and provides the communication with WSUS and synchronizes with the WSUS database to retrieve the latest software updates from Microsoft Update, as well as custom published software updates.

3. Software Updates Client Agent

The Software Updates Client Agent in Configuration Manager 2007 is enabled by default, and client agent components are installed on client computers with the other Configuration Manager client components. The Software Updates Client Agent handles compliance assessment scan requests, software update evaluation requests, deployment policies for the client, and content download requests.

4. Software Updates Reporting

The predefined software updates reports and underlying software updates SQL Server views have been modified in Configuration Manager 2007 to work with the new software updates infrastructure. During a site upgrade, the Systems Management Server 2003 reports are migrated, but they might fail to run or retrieve the expected data. Several new reports have been created to support software updates in Configuration Manager and are grouped in the following categories:

• Software Update Management – Compliance

• Software Update Management – Deployment Status

• Software Update Management - Distribution Status

• Software Update Management - Infrastructure Status

Branch Distribution Points-

You can configure a branch distribution point to allow local access to packages without the overhead of installing a site server in that location. Branch distribution points can be installed on any Configuration Manager 2007 client, including Windows XP Professional workstation computers. Workstation computers are generally not subject to the same physical access controls as server computers, so you must monitor your usage of branch distribution points.

Internet connected clients-

Support of internet connected clients, clients will be able to communicate in a secure manner to receive software updates over the internet.

Planned integration of Softricity-

Application Virtualization will be the next “big thing” in the virtualization realm. With ConfigMgr SP1 (or perhaps R2), we should see a full integration of Softricity Softgrid with ConfigMgr 2007 distribution points.

Support of SCCM 2007 site systems on x64 platforms
Support of SCCM 2007 with SQL Server 2005 virtual cluster


The following features used to be available only in Feature Packs but are now incorporated into the core product:

Mobile device management-

The following device operating systems are supported with the Configuration Manager Device Management client that ships with Configuration Manager:

• Windows Mobile for Pocket PC 2003

• Windows Mobile for Pocket PC 2003 Second Edition

• Windows Mobile for Pocket PC Phone Edition 2003

• Windows Mobile for Pocket PC Phone Edition 2003 Second Edition

• Windows Mobile Smartphone 2003

• Windows Mobile for Pocket PC 5.0

• Windows Mobile for Pocket PC Phone Edition 5.0

• Windows Mobile 5.0 Smartphone

• Transfer site settings wizard
Enhancement for the ConfigMgr Administrator

• Manage site accounts tool (MSAC)
Enhancement for the ConfigMgr Administrator

New “Asset Management” Features-

1. Recent Usage Inventory:
◦SCCM metering agent will inventory the last time any executable was running in the user context.
◦Data returned through hardware inventory.
◦Additional reports will help you answer the “When was the last time this was used?” question.

2. Auto-created Metering Rules-

◦Last Usage Inventory can be used to auto-create full metering rules which you can decide to enable.
◦Simplifies the process of creating metering rules.

3. Asset Change Summarization-

◦A summary of changes to computer assets is stored in a central table.
◦Managing deltas help reduce the complexity of asset management.
◦Additional reports help you answer the “What has changed recently in my environment?” question.

4. Client Access Licenses usage tracking for Microsoft Windows and Exchange:

◦Both User and Device CALs usage is tracked.
◦Based on Security audit logs.
◦Additional reports answer the “who used up the CALs” , “when did they do that” questions.

November 2, 2009


Windows NT reserved words that cannot be used as a site code include:

For those on SCCM with R2, you cannot use the following: OSD - SRS and FCS as these will disable features in R2.

October 26, 2009

What is Cloud Computing?

Cloud computing is a general term for anything that involves delivering hosted services over the Internet. These services are broadly divided into three categories: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS).
A cloud service has three distinct characteristics that differentiate it from traditional hosting. It is sold on demand, typically by the minute or the hour; it is elastic -- a user can have as much or as little of a service as they want at any given time; and the service is fully managed by the provider (the consumer needs nothing but a personal computer and Internet access). Significant innovations in virtualization and distributed computing, as well as improved access to high-speed Internet and a weak economy, have accelerated interest in cloud computing.
A cloud can be private or public. A public cloud sells services to anyone on the Internet. (Currently, Amazon Web Services is the largest public cloud provider.) A private cloud is a proprietary network or a data center that supplies hosted services to a limited number of people. When a service provider uses public cloud resources to create their private cloud, the result is called a virtual private cloud. Private or public, the goal of cloud computing is to provide easy, scalable access to computing resources and IT services.
Infrastructure-as-a-Service like Amazon Web Services provides virtual server instances with unique IP addresses and blocks of storage on demand. Customers use the provider's application program interface (API) to start, stop, access and configure their virtual servers and storage. In the enterprise, cloud computing allows a company to pay for only as much capacity as is needed, and bring more online as soon as required. Because this pay-for-what-you-use model resembles the way electricity, fuel and water are consumed, it's sometimes referred to as utility computing.
Platform-as-a-service in the cloud is defined as a set of software and product development tools hosted on the provider's infrastructure. Developers create applications on the provider's platform over the Internet. PaaS providers may use APIs, website portals or gateway software installed on the customer's computer., (an outgrowth of and GoogleApps are examples of PaaS. Developers need to know that currently, there are not standards for interoperability or data portability in the cloud. Some providers will not allow software created by their customers to be moved off the provider's platform.
In the software-as-a-service cloud model, the vendor supplies the hardware infrastructure, the software product and interacts with the user through a front-end portal. SaaS is a very broad market. Services can be anything from Web-based email to inventory control and database processing. Because the service provider hosts both the application and the data, the end user is free to use the service from anywhere.

October 7, 2009

What are the SCCM 2007 Site System roles?

SCCM 2007 supports the following 14 Site System roles, with those prefixed with being new to SCCM:

Site Server - The server on which you install the SCCM software.
Site Database Server - The server running SQL and hosting the SCCM Site Database (only required for Primary Sites)
Configuration Manager Console - The interface for administering SCCM. Installed by default on Primary Site Servers this role can also be installed on workstations to allow remote administration.
SMS Provider - The intermediate Windows Management Instrumentation (WMI), layer that sits between the Configuration Manager Console and the Site Database (the Configuration Manager Console accesses the Site Database via the SMS Provider). Only required for Primary Sites.
Component Server - All SCCM Site System roles (except for the Distribution Point (DP)), requires SCCM-specific software to be installed in order for the Site System role to function. When such software is installed on a computer that computer becomes a Component Server.
Distribution Point (DP) - Stores SCCM Packages from where Clients can access them to install them. Only required for the Software Distribution, Software Updates, and Advertised Task Sequences functions of SCCM.
[NEW] Fallback Status Point - A "catch all" Site System for Clients that cannot be installed because of various issues such as assignment, or their inability to communicate with their Management Point (MP). Not required by default, but recommended to help with Client installation issues.
Management Point (MP) - SCCM Clients do not communicate directly with the SCCM Site Server and vice versa. Instead all communication is facilitated via the Management Point. A Default Management Point needs to be defined in every Site that has Intranet Clients.
[NEW] Pre-boot Execution Environment (PXE) Service Point - The Site System that responds to any computers requesting deployment of their Operating System (OS), via a PXE request. Only required if Operating System Deployments (OSD), are going to take place using PXE boot requests.
Reporting Point (RP) - Hosts the Report Viewer component that provides the web-based reporting functionality of SCCM. Only required if Reports need to be run on a particular Primary Site.
Server Locator Point (SLP) - Responsible for informing SCCM Clients which MP they should access in order to install the SCCM Client software. Only required in some Client Deployment scenarios.
[NEW] Software Update Point (SUP) - Assigned to the computer running Windows Server Update Services (WSUS). Only required if the Software Updates feature is going to be used.
[NEW] State Migration Point (SMP) - Stores the user's state migration data when a computer's OS is migrated. Only required if the OSD feature is going to be used.
[NEW] System Health Validator Point (SHVP) - This role is assigned to the computer running the Network Policy Service. Only required if the Network Access (NAP) feature is going to be used.

June 26, 2009

Ten Coolest Features of Windows Server 2008

1. Virtualization
Although it will not be available with the initial launch of Server 2008, Microsoft's Hyper-V hypervisor-based virtualization technology promises to be a star attraction of Server 2008 for many organisations.
Although some 75 percent of large businesses have started using virtualization, only an estimated 10 percent of servers out are running virtual machines. This means the market is still immature. For Windows shops, virtualization using Server 2008 will be a relatively low-cost and low-risk way to dip a toe in the water.
At the moment, Hyper-V lacks the virtualized infrastructure support virtualization market leader VMware can provide. Roy Illsley, senior research analyst at U.K.-based Butler Group, noted that Microsoft is not as far behind as many people seem to think, however. "Don't forget Microsoft's System Center, which is a fully integrated management suite and which includes VM Manager. Obviously it only works in a Wintel environment, but if you have Server 2008 and System Center, you have a pretty compelling proposition.
"What Microsoft is doing by embedding virtualization technology in Server 2008 is a bit like embedding Internet Explorer into Windows," said Illsley. "This is an obvious attempt to get a foothold into the virtualization market."
At launch, Microsoft is unlikely to have a similar product to VMware's highly popular VMotion (which enables administrators to move virtual machines from one physical server to another while they are running), but such a product is bound to available soon after.
2. Server Core
Many server administrators, especially those used to working in a Linux environment, instinctively dislike having to install a large, feature-packed operating system to run a particular specialized server. Server 2008 offers a Server Core installation, which provides the minimum installation required to carry out a specific server role, such as for a DHCP, DNS or print server. From a security standpoint, this is attractive. Fewer applications and services on the sever make for a smaller attack surface. In theory, there should also be less maintenance and management with fewer patches to install, and the whole server could take up as little as 3Gb of disk space according to Microsoft. This comes at a price — there's no upgrade path back to a "normal" version of Server 2008 short of a reinstall. In fact there is no GUI at all — everything is done from the command line.
3. IIS
IIS 7, the Web server bundled with Server 2008, is a big upgrade from the previous version. "There are significant changes in terms of security and the overall implementation which make this version very attractive," said Barb Goldworm, president and chief analyst at Boulder, Colorado-based Focus Consulting. One new feature getting a lot of attention is the ability to delegate administration of servers (and sites) to site admins while restricting their privileges.
4. Role-based installation Role-based installation is a less extreme version of Server Core. Although it was included in 2003, it is far more comprehensive in this version. The concept is that rather than configuring a full server install for a particular role by uninstalling unnecessary components (and installing needed extras), you simply specify the role the server is to play, and Windows will install what's necessary — nothing more. This makes it easy for anyone to provision a particular server without increasing the attack surface by including unwanted components that will not do anything except present a security risk.
5. Read Only Domain Controllers (RODC)
It's hardly news that branch offices often lack skilled IT staff to administer their servers, but they also face another, less talked about problem. While corporate data centers are often physically secured, servers at branch offices rarely have the same physical security protecting them. This makes them a convenient launch pad for attacks back to the main corporate servers. RODC provides a way to make an Active Directory database read-only. Thus, any mischief carried out at the branch office cannot propagate its way back to poison the Active Directory system as a whole. It also reduces traffic on WAN links.
6. Enhanced terminal services
Terminal services has been beefed up in Server 2008 in a number of ways. TS RemoteApp enables remote users to access a centralized application (rather than an entire desktop) that appears to be running on the local computer's hard drive. These apps can be accessed via a Web portal or directly by double-clicking on a correctly configured icon on the local machine. TS Gateway secures sessions, which are then tunnelled over https, so users don't need to use a VPN to use RemoteApps securely over the Internet. Local printing has also been made significantly easier.
7. Network Access Protection
Microsoft's system for ensuring that clients connecting to Server 2008 are patched, running a firewall and in compliance with corporate security policies — and that those that are not can be remediated — is useful. However, similar functionality has been and remains available from third parties.
8. Bitlocker
System drive encryption can be a sensible security measure for servers located in remote branch offices or anywhere where the physical security of the server is sub-optimal. Bitlocker encryption protects data if the server is physically removed or booted from removable media into a different operating system that might otherwise give an intruder access to data which is protected in a Windows environment. Again, similar functionality is available from third-party vendors.
9. Windows PowerShell

Microsoft's new(ish) command line shell and scripting language has proved popular with some server administrators, especially those used to working in Linux environments. Included in Server 2008, PowerShell can make some jobs quicker and easier to perform than going through the GUI. Although it might seem like a step backward in terms of user friendly operation, it's one of those features that once you've gotten used to it, you'll never want to give up.
10. Better security

We've already mentioned various security features built into Server 2008, such as the ability to reduce attack surfaces by running minimal installations, and specific features like BitLocker and NAP. Numerous other little touches make Server 2008 more secure than its predecessors. An example is Address Space Load Randomization — a feature also present in Vista — which makes it more difficult for attackers to carry out buffer overflow attacks on a system by changing the location of various system services each time a system is run. Since many attacks rely on the ability to call particular services by jumping to particular locations, address space randomization can make these attacks much less likely to succeed.
It's clear that with Server 2008 Microsoft is treading the familiar path of adding features to the operating system that third parties have previously been providing as separate products. As far as the core server product is concerned, much is new. Just because some technologies have been available elsewhere doesn't mean they've actually been implemented. Having them as part of the operating system can be very convenient, indeed.
If you're running Server 2003 then, now is the time to start making plans to test Server 2008 — you're almost bound to find something you like. Whether you decide to implement it, and when, is up to you.

June 17, 2009

My Reports: SMS & SCOM

No of Additional customized reports = 277 (SMS) still in progress...
SCOM reports - 14 (pulling the ways to record all the data and manipulating as SCOM report.. )


Error message when you try to generate a report in System Center Operations Manager 2007: Cannot initialize report


When you run Microsoft System Center Operations Manager 2007, you experience the following symptoms:
When you try to generate a report by using a link in a view in the Operations Manager 2007 Operations Console, you receive the following error message:
Application: System Center Operations Manager 2007
Application Version: 6.0.5000.0
Severity: Error
Message: Cannot initialize report.

Microsoft.Reporting.WinForms.ReportServerException: The item
ehouse.Report.Alert' cannot be found. (rsItemNotFound)
at Microsoft.Reporting.WinForms.ServerReport.GetExecutionInfo()
at Microsoft.Reporting.WinForms.ServerReport.GetParameters()
Microsoft.EnterpriseManagement.Mom.Internal.UI.Reporting.Parameters.ReportParameterB lock.Initialize(ServerReport serverReport) at Microsoft.EnterpriseManagement.Mom.Internal.UI.Console.ReportForm.SetReportJob(Objec t sender, ConsoleJobEventArgs args)
When you try to view a report by using the Reporting node in the Operations Manager 2007 Operations Console, no unpublished reports appear.
The following events may be logged in the Operations Manager log on the management server.
Event Type: Warning
Event Source: HealthService
Event Category: None
Event ID: 2115
Date: date
Time: time
User: N/A
Computer: ComputerName
Description: A Bind Data Source in Management Group ManagementGroupName has posted items to the workflow, but has not received a response in NNNN seconds. This indicates a performance or functional problem with the workflow. Workflow Id : Microsoft.SystemCenter.DataWarehouse.CollectEntityHealthStateChange Instance : FQDN Instance Id : GUID

Event Type: Warning
Event Source: Health Service Modules
Event Category: None
Event ID: 11411
Date: date
Time: time
User: N/A
Computer: ComputerName
Description: Alert subscription data source module encountered alert subscriptions that were waiting for a long time to receive an acknowledgement. Alert subscription ruleid, Alert subscription query low watermark, Alert subscription query high watermark:

Note Event ID 11411 is logged every 10 minutes.

This problem occurs if the data warehouse database was created by using the DBCreateWizard tool. The DBCreateWizard tool is located on the Microsoft System Center Operations Manager 2007 media.

To determine whether you experience the problem that is described in the "Symptoms" section, follow these steps:
On the data warehouse database server, start the Microsoft SQL Server Management Studio program.
Click New Query, and then click OperationsManagerDW in the list that appears in the standard toolbar.

Note If the database that houses the data warehouse is not OperationsManagerDW, click the appropriate database.
Type the following query, and then press F5 to run the query:
Select * from MemberDatabase
Note This query is used to determine whether required information is missing from the database.
Examine the results that are returned.

If this query returns no rows in the query results, you are experiencing the problem that is described in this article. In this scenario, continue to the "Resolution" section.

If this query returns rows in the query results, and if the server name is returned in the query results, you are not experiencing the problem that is described in this article. Instead, you may be experiencing a SQL Server permissions-related issue. In this scenario, do not follow the steps in the "Resolution" section.

To resolve this problem, follow these steps:
On the data warehouse database server, start the Microsoft SQL Server Management Studio program.
Click New Query, and then click OperationsManagerDW in the list that appears in the standard toolbar.

Note If the database that houses the data warehouse is not OperationsManagerDW, click the appropriate database.
Type the following query, and then press F5 to run the query:
EXEC MemberDatabaseAttach 'dbserver\instanceName', 'datawarehouseDBname', 1, 1, 1

Note In this query, replace dbserver\instancename with one of the following:
If you do not use the default instance of SQL Server, replace dbserver\instancename with the NetBIOS name of the computer that is running SQL Server together with the name of the instance of SQL Server. For example, replace dbserver\instancename with DWServer\Instance-1.
If you use a default instance of SQL Server, replace dbserver\instancename with only the NetBIOS name of the computer. For example, replace dbserver\instancename with DWServer.
To verify that the table has been updated successfully, delete the contents of the query window, type the following query, and then press F5 to run the query:
Select * from MemberDatabase
If the table is updated successfully, one row is returned in the query results. For example, the query results may resemble the following.
Collapse this tableExpand this table
MemberDatabaseRowId ServerName DatabaseName MasterDatabaseInd DefaultDatabaseInd ComponentAutoDeploymentAllowedInd MasterDatabaseReferenceServerName MasterDatabaseReferenceDatabaseName
DWServer OperationsManagerDW 1 1 1 NULL NULL

Note After you follow these steps, several Event ID 31554 events may be logged in the Operations Manager log on the management server. These events have the following Description information:

Workflow succeeded storing data in the Data Warehouse.

June 16, 2009

SQL Server Best Practices

Pls refer to the below link:


SMS 2003 Advanced Client takes lots of time to download many policies


Microsoft Systems Management Server (SMS) 2003 Advanced Client takes lots of time to download many policies.


This issue occurs because Background Intelligent Transfer Service (BITS) cannot handle more than about 500 simultaneous jobs. When more than 500 simultaneous jobs are submitted, many I/O operations must occur, and many BITS state files must be maintained. Therefore, a decrease in performance occurs.

In large SMS 2003 hierarchies that have many sites, site-to-site replication slows down

Symptoms -

In large Microsoft Systems Management Server (SMS) 2003 hierarchies that have many sites, site-to-site replication slows down.

The volume of files may be larger than you expect in the following folders on a site server:
These files represent site-to-site replication data that has been queued for processing by several components of the SMS_EXECUTIVE service. A baseline for the site is required to determine whether the counts are larger than expected. Large queues of replication information are occasionally expected. These large queues are typical when specific conditions exist.

Note The baseline is defined here as some historical measure of the volume of files in the Inboxes folder structure.

The following conditions can cause backlog scenarios:
Network or other infrastructure issues prevent the sender component from completing pending replication work.
Poor disk performance or slow I/O occurs because of a contention for disk resources.
SMS bandwidth restrictions limit the throughput of the sender component. This behavior keeps more send requests and jobs around for longer periods.
When addresses are unavailable, the SMS Scheduler component cannot schedule send requests by using the sender for the given address. This issue delays the part of the work that is associated with scheduling the send request until the address is available.
Distributing many or large packages in a short time creates a high load on the components that are involved in site-to-site replication.
Overly aggressive schedules exist for discovery data generation, inventory collection, collection evaluation, and so on.
In a hierarchy that has three or more tiers, middle-tier sites that have many child sites handle larger volumes of jobs and replication objects. This behavior occurs because of site-to-site replication routing. The load of a middle-tier site is increased for each child site that is attached. Therefore, reducing the number of attached sites can, in some cases, reduce this load.
Sites are removed from the hierarchy incorrectly.
In most cases, when the conditions that cause significant replication queuing have been corrected or when these conditions have subsided, the queued replication data is processed and then cleared.


When the SMS Scheduler component is processing large quantities of active jobs and send requests, the throughput of the Scheduler component begins to slow. This behavior occurs because of a corresponding increase in processing overhead for the increased quantities of objects.

In some instances, if a large enough queue of data is formed, it can take days or even weeks to be completely processed. The time that is required to process the queued data depends on the many variables that affect replication performance in the hierarchy and in the environment. These variables include disk I/O performance, network speeds, bandwidth restrictions, size of queued data, and object count. When a large queue of backlogged replication data has been formed, adding additional loads increases the time that is required for all data to be processed.

In most cases, the appropriate action for a large backlog of replication data is to first correct any issue that may be preventing processing of replication data. Next, you may have to reduce the quantity of site-to-site replication traffic. Finally, make sure that the SMS_EXECUTIVE service can run uninterrupted to complete processing in a timely manner. Service restarts can add significant overhead. Limiting SMS_EXECUTIVE service restarts is important because the initialization work for the SMS Scheduler component is proportional to the number of jobs, send requests, and routing requests that are currently queued for processing.

Note The SMS_EXECUTIVE service hosts the SMS Replication Manager, SMS Scheduler, and SMS Sender components.

How to change the credentials for the OpsMgr SDK Service and for the OpsMgr Config Service in Microsoft System Center Operations Manager 2007



June 5, 2009

Antivirus software blocks script execution in System Center Operations Manager 2007

In Microsoft System Center Operations Manager 2007, you may receive alerts that have a warning severity that resembles the following:

Script or Executable Failed to run

The process started at 10:41:22 AM failed to create System.PropertyBagData, no errors detected in the output. The process exited with 1

Command executed: "C:\WINDOWS\system32\cscript.exe" //nologo "C:\Program Files\System Center Operations Manager 2007\Health Service State\Monitoring Host Temporary Files 73\3456\ScriptName.vbs"

Working Directory: C:\Program Files\System Center Operations Manager 2007\Health Service State\Monitoring Host Temporary Files 73\3456\

One or more workflows were affected by this.

This problem occurs because some antivirus software blocks Visual Basic scripts or Java scripts.

To resolve this problem, verify that your antivirus software is not blocking scripts from running.

OpsMgr 2007: Files and Folders starting with "Program" causing unmonitored Agent


The Operations Manager Service Pack 1 (SP1)Â Agent or Management Server may be shown as greyed out in the Operations Manager console and the following events may be logged in the event log:

Event ID: 10000
Source: DCOM
Description: Unable to start a Dcom Server: {}. The error: description> Happened while starting this command: -Embedding
regarding monitoring host


Event Type: Error
Event Source: HealthService
Event Category: Health Service
Event ID: 1102
Description: Rule/Monitor
"Microsoft.SystemCenter.DiscoveryHealthServiceCommunication" running for instance
"" with id:"{38696FAA-2A83-6068-B008-DB43D49FB879}" cannot be
initialized and will not be loaded. Management group ""

Computers having files or folder that start with "Program" on the root drive may not be monitored. All workflows fail when file "c:\Program" is present on the machine. This happens because HealthService.exe is unable to start MonitoringHost.exe.

Workaround Information
To resolve this issue, delete or rename the file or folder named Program on the affected computer.

The W3WP.exe process crashes when the Anonymous authentication is disabled on the IISADMPWD virtual directory

When a user's password is expired, you can use the Anonymous user account to change the expired password through the achg.asp file even when the Anonymous authentication is disabled on the IISADMPWD virtual directory.In this situation, if the AnonymousUserName and the AnonymousUserPass metabese properties are inconsistent or the "denied access this computer from the network" policy is applied for the Anonymous user, the Anonymous user cannot log on the server and an access violation occurs. In addition, the W3WP.exe process crashes.

To avoid this effect, use one of the following methods:
Set correct AnonymousUserName and AnonymousUserPass metabese properties or disable the "denied access this computer from the network" policy for anonymous user.
Separate the Application pool for the IISADMPWD virtual directory. Note A user may receive the 403.18 error when the request is redirected to the IISADMPWD password change pages, and the password cannot be changed through IISADMPWD. However, the W3WP.exe process does not crash.Note These settings violate the Internet Information Services (IIS) requirements that are described in the following Microsoft Knowledge Base:
812614Â ( ) Default permissions and user rights for IIS 6.0

Steps to reproduce this problemTo reproduce the problem, follow these steps:
On the IISADMPWD virtual directory, set an incorrect password in the AnonymousUserPass metabase for the IUSR account, or apply the "denied access this computer from the network" policy for the IUSR account.
Create a new local or domain user and enable "change their password the next time that the user logs on." This means the user's password is expired.
Disable Anonymous authentication for IISADMPWD.
Enable Basic authentication or Integrated Windows authentication for IISADMPWD.
Create a new TEST virtual directory that is enabled Basic or Integrated Windows authentication. When you access the TEST virtual directory, you will be redirected to the aexp3.asp Web page because the password is expired. If you enter an old password and a new password, and then click OK, the dialog box for Basic authentication appears. If you enter the old password, you will experience the symptoms that are described in the "Symptoms" section.

June 1, 2009

Operations Manager 2007 Design Tips

The following are some tips to consider when designing your Operations Manager 2007 infrastructure.

1. Always setup a minimum of 1 RMS and 1 MS. Do not have agents report directly to the RMS. remember that the RMS functions to distribute configuration information to all MS. Having additional load on to this process is not recommended. Besides, with this, you'll have a failover scenario in place.
2. 3-node clusters for RMS is not supported
3. To have a affordable failover strategy for your Operations DB, use SQL Log shipping. Unfortunately, DB Mirroring is an unsupported method.
4. When dealing with multi-site monitoring (branches), use a Gateway Server instead of a MS. Have MS in close proximity with your SQL Server. Why? Cause whenever MS needs to write data, it establishes a SQL ODBC connectivity. This takes up resources and the data is uncompressed. By using a GWS, data is compressed and the connection to a MS is always connected.
5. Have a dedicated MS for reporting from a GWS. Do not have other agents reporting to the same MS as a GWS. Reason is that Management Servers divide their processes by number of connections. Let's say that you have 10 servers reporting to the GWS. When the MS receives that connection, it is treated as 1. If you had an additional of 10 servers reporting to that MS, the MS will divide its performance 11 ways. You would then see a significant performance drop for the servers handled by the GWS. If GWS is the only one connected to the MS, it will be given the full 100%.
6. The RMS consumes CPU and RAM as its core process. So bulk up on these
7. Use 64-bit for the RMS so that there are opportunities to scale beyond 4GB of RAM
8. There is a Datawarehouse Grooming tool found in the Resource Kit that will help trim down the size of the Operations DW
9. Support for SQL 2008 will be around the August 2008 timeframe or SP2. This will be cool cause there will be no dependency on IIS
10. Each GWS can support up to 800 Agents with the SP1

April 12, 2009

What is the same in SCCM 2007?

Some things have remained the same or have changed very little in ConfigMgr compared to SMS 2003:

Discovery, Inventory, Queries and Reporting.

Key terminology such as Sites, Primary Sites, Secondary Sites remains the same.

Services, file names, share names and ConfigMgr-related groups retain the SMS prefix.

Many Status Messages still mention SMS as these could potentially refer to a Child SMS SMS 2003 Site.

Some programmatic elements have not been renamed such as the SMS Provider to avoid potential backwards compatibility issues for those people using WMI scripting.

What is changed in SCCM 2007?

There have been several changes from SMS 2003 to ConfigMgr including:

Feature Packs that used to be separate add-ons in SMS 2003 are now incorporated into the core ConfigMgr product (for example the Administration Feature Pack, Device Management Feature Pack, Operating System Deployment Feature Pack Update).

Improvements/ enhancements to Feature Packs include:

Operating System Deployment (OSD) - Images created in Windows IMage (WIM) format can be deployed (including any required applications), using bootable media such as CD/ DVD. One or more tasks can be created and combined to create a Task Sequence to control and customise the deployment of the image and Software Distribution actions.

Mobile Device Management - The ability to manage Windows CE and Windows Mobile devices in the same way as regular ConfigMgr Clients (such as Hardware and Software Inventory, Software Distribution, Software Updates, and of course Windows Mobile settings).

Transfer Site Settings Wizard - Allows the settings from one ConfigMgr Site to be transferred to another to save the admin having to reconfigure the settings on every Site. Settings covered by the wizard include Client Agent configuration, Discovery Method configuration, Package and Collection properties amongst others.

Manage Site Accounts Tool (MSAC.exe) - A command line tool used to create, list, verify, update and delete user-defined accounts for use by ConfigMgr.

All Site Servers and Site Systems must be a member of an AD Domain.

Primary Sites only support Windows Authentication for the Site Database.

Asset Intelligence introduced as an optional component in SMS 2003 SP3 is now included in the core product.

NOTE: As a result of the above two changes the core product requires a greater amount of server resources.
Major changes to the way Backup and Recovery works - Volume Shadow Copy Service (VSS), available with XP, Windows 2003 and later OSs allowing a capture of a ConfigMgr Site to be made and stored on other media.
Improved Remote Tools integration with Remote Desktop and Assistance - RDP is now used to communicate with XP, Vista and Windows 2003 (or later) Clients (Windows 2000 machines use a modified version of the SMS 2003 Remote Tools Client Agent). Remote Reboot, Chat, File Transfer, Remote Execute, Ping and Windows 98 diags are no longer available in ConfigMgr.

Minor improvements to Collections, Software Distribution and Software Metering compared to SMS 2003.
Senders can only now be installed on Primary or Secondary Site Servers.

Only one Client type (basically the SMS 2003 Advanced Client so no Legacy Clients).

Only a single Security mode (similar to SMS 2003 Advanced Security mode).

The Site Server's local boundary is no longer automatically configured as a Site Boundary - you need to define this post installation.

Site Boundaries are no longer supported - only Roaming Boundaries are with a choice of "Slow or unreliable" or "Fast (LAN)".

Client Push uses the Site Code of the Primary rather than being set to "Auto" as in SMS 2003.

April 10, 2009

ConfigMgr/SMS Query and Report for Spyware

RSYS.Name0 AS 'Computer',
RSYS.User_Name0 As 'Last User ID',
SF.FileName As 'File Name',
SF.FileDescription As 'File Description',
SF.FilePath As 'File Path',
SF.FileSize As 'File Size',
SF.FileVersion As 'File Version'
ON RSYS.ResourceID = SF.ResourceID
AND ( SF.FileDescription like '%doom%' OR /* DOOM Game */
SF.FileDescription like '%GNUTE%' OR /* MP3 Resources */
SF.FileDescription like '%l0pht%'OR /* Password cracker */
SF.FileDescription like 'Lime%' OR /* Peer-to-Peer file sharing */
SF.FileDescription like '%nuke%' OR /* DOOM Game */
SF.FileDescription like '%orafice%' OR /* Keystroke mapper */
SF.FileDescription like '%sniff%' OR /* Network sniffer */
SF.FileDescription like '%unreal%' OR /* Games */
SF.FileName like '%as-101%' OR
SF.FileName like '%babylon%' OR
SF.FileName like '%bearshare%' OR
SF.FileName like '%bindery%' OR
/* SF.FileName like '%bindin%' OR */
SF.FileName like '%bo2k%' OR
SF.FileName like '%chknull%' OR
SF.FileName like '%Cracker%' OR /* Password cracker */
SF.FileName like '%Craserv%' OR
SF.FileName like '%doom%' OR /* DOOM game */
SF.FileName like '%EbatesMoeMoney%' OR /* Spyware */
SF.FileName like '%expolit%' OR
SF.FileName like 'gator%' OR /* Gator Spyware/Adware */
SF.FileName like '%getadmin%' OR
SF.FileName like '%gnucleus%' OR
SF.FileName like '%GNUTE%' OR /* MP3 Resources */
SF.FileName like '%GROK%' OR
SF.FileName like '%hack%' OR /* Password cracker */
SF.FileName like '%hotbar%' OR /* IE Toolbar - Spyware/Adware */
SF.FileName like '%kazaa%' OR /* Peer-to-Peer file sharing */
SF.FileName like 'keygen%'OR /* Password cracker */
SF.FileName like '%l0phtcrack%' OR /* Password cracker */
SF.FileName like '%lc252install%' OR /* Password cracker */
SF.FileName like '%LIME%' OR /* Peer-to-Peer file sharing */
SF.FileName like '%morpheus%' OR
SF.FileName like '%Napster%' OR /* Peer-to-Peer file sharing - MP3 Resources */
SF.FileName like '%nbsvr%' OR
SF.FileName like '%nbtscan%' OR
SF.FileName like '%ndssnoop%' OR
SF.FileName like '%netbusr%' OR
SF.FileName like '%nmapNT%' OR
SF.FileName like '%nuke%' OR /* DOOM Game */
SF.FileName like '%nwpcrack%' OR
SF.FileName like '%orafice%' OR /* Keaystroke mapper */
SF.FileName like '%otglove%' OR
SF.FileName like '%precisiontime%' OR
SF.FileName like '%pwdump%' OR /* Password cracker */
SF.FileName like '%quake%' OR /* DOOM game */
SF.FileName like '%Retina%' OR
SF.FileName like '%RFPoison%' OR
SF.FileName like '%smbdie%' OR
SF.FileName like '%smurf%' OR
SF.FileName like '%unreal%' OR
SF.FileName like '%XUPITER%' OR
SF.FileName like 'POPSRV%' OR
SF.FileName IN ('_DLL.exe', /* Troj_Bagle.AC Trojan */
'ARR.exe', /* Dial-up Hijacker - high cost toll number */
'asart.exe', /* ? */
'av.exe', /* W32.Alphx.Word.A Virus */
'BackWeb.exe', /* Spyware - BackWeb Technologies */
'Bargains.exe', /* BargainBuddy - Adware/Spyware */
'BELT.exe', /* Spyware - */
'Bling.exe', /* W32.SDBot-OH.Worm */
'BLSS.exe', /* Spyware - CBlaster Trojan */
'Bootconf.exe', /* Sypware - Homepage Hijacker */
'BonziBdy.exe', /* Spyware */
'botzor.exe', /* W32.ZOTOB.Worm */
'BPC.exe', /* Spyware - Grokster */
'Bundle.exe', /* Adware.SAHAgent */
'businessbg0002.exe', /* Spyware - ? */
'cmesys.exe', /* Adware.W32.Claria */
'crafty.exe', /* ? */
'CFD.exe', /* Spyware - Motive Cleint Foudation */
'csm.exe', /* W32.ZOTOB.B Worm */
'Datemanager.exe', /* Pop-Ups via Gator */
'DIVX.exe', /* MASTAK Virus or NALDEM Trojan */
'DPPS2.exe', /* Don't Panic! Pop-up blocker - Spyware */
'DSSagent.exe', /* Adware - Broderbund - Spyware? */
'eanthology.exe', /* eAcceleration Software Station - Spyware? */
'EditSRV.exe', /* Spyware - Email_Update.exe */
'email_Update.exe', /* StopSign Email Scanner - eAcceleration Software - Spyware? */
'EMSW.exe', /* Spyware - Alset Inc. */
'Gator.exe', /* Adware.W32.Claria */
'gmt.exe', /* Adware.W32.Claria */
'haha.exe', /* Myet Trojan */
'Hbinst.exe', /* Spyware - HotBar */
'HBSRV.exe', /* Spyware - HotBar */
'Hotbar.exe', /* Spyware - HotBar */
'HXDL.exe', /* HXDL Spyware - Gator */
'HXIUL.exe', /* Adware - HelpExpress - Alset Inc. */
'IDHost.exe', /* Topicks Spyware */
'IEDll.exe', /* Homepage Hijacker */
'IEDriver.exe', /* Peer-To-Peer File Sharing */
'INFUS.exe', /* Dial-up Hijacker - high cost toll number */
'InfWin.exe', /* MSView Parasite */
'INTDEL.exe', /* Adware - Pop-ups */
'ISTSVC.exe', /* Spyware - Integrated Search Technologies */
'KeenValue.exe', /* Spyware - Gator */
'loader.exe', /* Backdoor.Prorat Virus */
'lol.exe', /* W32.HLLW.Rackus Virus */
'Lspmonitor.exe', /* Spyware - StopSign */
'mapisvc32.exe', /* KX Virus */
'MD.exe', /* System MD Virus */
'MDie.exe', /* Backdoor.Win32.Rbot.Gen Virus */
'MemoryMeter.exe', /* Grokster Peer-To-Peer File Sharing Suite */
'MFIN32.exe', /* Adware - MyFreeInternet Update */
'MMod.exe', /* Adware.W32.EarnBundleWare */
'MOStat.exe', /* Spyware - Wurld Media */
'mousebm.exe', /* W32.ESBot Virus */
'mousemm.exe', /* W32.ESBot.A Virus */
'MSBB.exe', /* Adware.W32.BargainBuddy - 180Solutions */
'MSCache.exe', /* Spyware - Integrated Search Technologies */
'MSCMan.exe', /* Spyware - Odysseus Marketing */
'msdefr.exe', /* Spybot Worm */
'MSMACROPROTXZ.exe', /* Spybot Worm */
'MSMGT.exe', /* Spyware - Total Velocity */
'MSSVR.exe', /* Spyware - 2020DownLoader - 2020 Internet Search Toolbar */
'MSUpdater.exe', /* TrojanDownLoader.Win32.WinShow Trojan */
'MWSOEMON.exe', /* MyWebSearch Toolbar */
'mwsvm.exe', /* Adware - Adw.ScanPortAL.A */
'Nail.exe', /* Trojan.Win32.Stervis.B Trojan */
'nb32ext2.exe', /* MyDoom.BV worm */
'nbmanager.exe', /* Spyware - eAnthology */
'netbutler.exe', /* ? */
'onsrvr.exe', /* Spyware - OnWebMedia */
'PC32.exe', /* Mastak Virus */
'per.exe', /* Worm.ZOTOB.C Virus */
'PGMonitr.exe', /* Adware.W32.DelFin */
'PowerScan.exe', /* Adware.W32.PowerScan */
'PRMVR.exe', /* Spyware - */
'pnpsrv.exe', /* W32.SDBOT.Worm Virus */
'Precisiontime.exe', /* Adware.W32.ClariaPrecision */
'PrizeSurfer.exe',/* Spyware - PrizeSurfer */
'Prmt.exe', /* Spyware - OpiStat */
'RAY.exe', /* Homepage Hijacker */
'RB32.exe', /* Adware.W32.RapicBlaster */
'RCSync.exe', /* Spyware - PrizeSurfer */
'Run32DLL.exe', /* Key Recorder - Screen Capture - PAL PC Spy */
'SAHAgent.exe', /* Adware.W32.CyDoor - CyDoor Desktop Media */
'savenow.exe', /* Coupons - */
'SBHC.exe', /* IE Plugin - GIGATech Software */
'ShowBehind.exe', /* Adware - MicroSmarts Enterprise */
'SLMSS.exe', /* Spyware - 2nd Thourgh by CPM Media */
'SRNG.exe', /* Spyware - Search Hijacker */
'STCLoader.exe', /* Spyware - 2nd Thourgh by CPM Media */
'SUSP.exe', /* Spyware - ABetterInternet */
'SVCINIT.exe', /* Backdoor.Sinit Trojan */
'svnlitup32.exe', /* Worm.RBOT.CBJ */
'syscpy.exe', /* Backdoor.Hogle Trojan */
'Systesm32.exe', /* Spyware - Bling.exe */
'thefourthcoming.exe', /* ? */
'Trickler.exe', /* Spyware - Gator GAIN (Gator Advertising and Info Network) */
'TSADBot.exe', /* Adware */
'TVMD.exe', /* Spyware */
'TVTMD.exe', /* Spyware */
'UCMWESKU.exe', /* ? */
'Updates32.exe', /* Spyware - Bling.exe */
'uptodate.exe', /* Adware - BrowserPal */
'veloz.exe', /* StopSign Email Scanner - eAcceleration Software */
'velozsys.exe', /* StopSign Email Scanner - eAcceleration Software */
'Weather.exe', /* Adware */
'webcel.exe', /* eAcceleration Software - Spyware - ? */
'WebDev.exe', /* ? */
'Win32US.exe', /* Dial-up Hijacker - high cost toll number */
'WinActive.exe', /* Homepage Hijacker */
'windrg32.exe', /* W32.ZOTOB.D Worm */
'WinMain.exe', /* Trojan.KonDeli */
'WinNet.exe', /* Adware/Spyware - CommonName I.E. Search */
'winpnp.exe', /* W32.SDBOT.Worm */
'WinServN.exe', /* Adware.W32.PurityScan - ClickSpring LLC */
'WinStart.exe', /* Homepage Hijacker - iGetNet */
'WinStart001.exe', /* Adware */
'wintbp.exe', /* W32.ZOTOB.E Worm */
'wintbpx.exe', /* W32.BOZORI.Worm.B */
'WNAD.exe', /* Spyware - */
'wpa.exe', /* ESBOT Worm */
'ygpmrgsb.exe', /* ? */
'zeus.exe', /* Zeus:Master of Olympus game */
'zmanager.exe' /* Spyware - eAcceleration */

April 9, 2009

Understanding Software Updates in SCCM 2007

Configmgr 2007 comes with a totally new way of deploying software updates. The new method offers some great advantages over the old one(s) available in Sms 2003. It didn't take me too long to see the benefits the new architecture brings, but it did take me quite some effort in understanding how I could create a working operational process to maximize these benefits, it actually took a fellow mvp (Thanks Pannu) and Wally to set things straight in my head (Thanks Wally). This 2 -series post will try to give you some insight in how the Configmgr 2007 solution stacks up with the sms 2003 implementation. The second portion will explain the objects involved and will guide you through a potential implementation of Software updates in Sccm 2007.

Let's start by briefly explaining how the sms 2003 infrastructure operates, followed by the currently known issues. Later in this post we'll review what the Sccm 2007 architecture looks like, and how this new architecture deals with the known issues of the past.

In sms 2003 the backend infrastructure relied on software distribution packages and advertisements to initiate the sofware catalog download, the software update scan and patch installation processes. The scan process itself, using the final scan engine itmu, was based on the Windows automatic update agent. The scan engines prior to that were sms specific engines like the software update inventory scan tool, the office update inventory scan tool or the extended software update inventory tool. Clients have always reported their software update compliance state based on hardware inventory regardless of the scan engine used.

One of the downsides of the sms 2003 infrastructure was the fact that multiple scan engines were necessary, which complicated the software update management quite a bit. And no matter what engine you used, all engines first downloaded the catalog locally and cached it in a specific folder prior to starting the scan. This caching of the catalog files didn't always work flawlessly resulting in clients scanning with an old catalog which obviously didn't report the expected information. Another issue was the fact that the reporting process relied on hardware inventory to do its reporting, this resulted in a slower and not very flexible reporting process.

Now let's look at how this all works in sccm 2007. Sofware updates now integrates/relies on a Wsus 3.0 server. The Wsus server is used to download the catalog and to serve as the "scan point" for the Configmgr2007 clients. This eliminates the problem that the sms 2003 engines had with caching the catalog, because the clients now scan directly from a wsus server. Another benefit of this integration is the increased content that can be deployed. The sms 2003 engines only supported security updates whereas wsus 3.0 supports a wide variety of updates ranging from security updates over critical updates, feature pack, service packs, drivers and more. All these benefits come at a fairly low cost, yes you now need to install a wsus server but all management of this wsus server is done from the Sccm 2007 admin console. (This is why you need to install the wsus admin console on the site server if you want to use a remote wsus server).

Another major change afaic is that clients now report their software update compliance state based on state messages. This allows for faster more flexible and more detailed status reporting from the clients to flow up to the server.

The above view is presented by Kim oppalfenss (My one of the favourite SMS Expert).

Sccm 2007 client agent deployment using Software updates

Sccm 2007 has a new client deployment method called Software update point based client installation. The idea behind Software update point based client installation is to publish the Sccm 2007 client as a critical update, and hence its name is installed from the Software update point. Most of you will probably now that Software Update management in Sccm 2007 integrates with Wsus 3.0 Sccm 2007 relies on Wsus to synchronize the catalog and to scan clients, but that's food for another post.


Why does sccm 2007 require a new installation method? What was wrong with the previous installation methods we had in sms 2003? To be honest, not much, but they all had their drawbacks. Let's just have a look at each of the installation methods and their drawbacks before we continue and see what Software update point based installation has in store for us.

Manual installation: This installation method lacks automation and requires the end-user to be a local administrator on the machine which is obviously a big NONO security wise.

Login script installation: Lacks from the same security issue as manual installation and is by consequence a NOGO.

Software Distribution based installation: Good installation method but this is often a chicken or egg kinda problem, you already need to have a software distribution mechanism out there for this to work.

Client Push Installation (Wizard): Great installation method but it has some requirements that could prove to be problematic in a real secure environment. It requires remote local admin privileges which is usually fine. But it also requires remote registry and access to the admin$ share. A secure environment should have file and print sharing disabled on desktops or laptops, or at the very least have them blocked by a personal firewall.

GPO based installation: Nice installation method with very modest requirements on the machine to be installed, but it suffers from its own drawbacks. The main problem with GPO based installation is that it is end-user driven. GPO's software installation only happens at logon or after a restart. Both events normally only happen after the end-user gave their user name and password or powered on the machine. If you have pesky users that just close their laptop lid in the evening and open it back up the next morning then your out of luck with gpo's. With todays more stable os's like Windows XP and Windows Vista It could take a pretty long time before the machine actually needs to be rebooted on the lan.

Software update based client installation: Superb installation method that mixes the benefits of GPO based installation with those of software distribution based installation. In other words it has pretty low requirements on the target machine, even lower as software distribution based installation as it does not require a software distribution solution in place and doesn't require the target machine to be in active directory. (You'll need a different way than adm templates to set the registry keys though). On top of that it offers a Schedule based installation which eliminates the end-user initiated drawback of gpo's. By the way if you install a newer version of the SCCM 2007 beta or install a Service pack after RTM you will be able to update your publication so that you can use this method to easily upgrade your existed install base to the new version.


How do you get this to work? Remarkably easy actually.

STEP 1 Configure the Windows Update agent GPO:

Open a GPO
Go to Computer configuration\Windows Components\Windows Update
Configure the Configure automatic updates option, Set it to auto download and shedule the install
Choose your own schedule
Configure the Specify intranet microsoft update service location
Configure both options with the value

STEP 2 Import the SCCM-2007 adm template:

Download the adm template to configure SCCM 2007 client installation command line parameters

Open a GPO
In Computer Configuration Right-click on Administrative templates

Browse to the SCCM-2007 and add the template.

Go to Computer configuration\Windows Components\SCCM 2007\Software Update point client installation

Configure the command line with the parameters you want.

STEP 3 Publish the SCCM 2007 client (As documented in the SCCM 2007 help file)

To publish the Configuration Manager 2007 client to the WSUS server:
In the Configuration Manager console, navigate to System Center Configuration Manager / Site Database / Site Management / / Site Settings / Client Installation Methods.
Right-click Software Update Point Client Installation, and click Properties.

To enable client installation, select the Enable Software Update Point Client Installation check box.
If the client software on the Configuration Manager 2007 site server is newer than that stored on the software update point, the Upgrade Client Package Version dialog box will open. You should click Yes in this dialog box to publish the most recent version of the client software to he software update point.

To finish configuring the software update point client installation, click OK.

http verification .sms_aut () failed with status code 503, service unavailable

If MPControl.log file throwing error “http verification .sms_aut () failed with status code 503, service unavailable” then check for your IIS application pool. SMS management point pool and CCM server framework pool might have stopped.

For resolution please check site server’s for Netlogon service is stopped or not.

Starting of Netlogon service solved our problem.

SMS Client on X64 bit systems

Last few days, I was working closely to find out the way to manage the x64 bit servers in my infrastructure and here's the findings-

1) Go to control panel. Click on view x86 control panel Icons
2) It will open in new window and there you will find System management Icon

You will find C:\WINDOWS\sysWOW64. In the same folder you will find VPcache folder.

April 7, 2009

List of updates in Windows Server 2003 Service Pack 2

This article lists problems that are fixed in Microsoft Windows Server 2003 Service Pack 2 (SP2). Service packs are cumulative. This means that the problems that are fixed in a service pack are also fixed in later service packs.

Step-by-Step Guide to Getting Started with Microsoft Windows Server Update Services 3.0 SP1

This guide provides instructions for getting started with Microsoft Windows Server Update Services 3.0 Service Pack 1 (WSUS 3.0 SP1)

How to Allow remote administration (VBScript)

' This code enables the remote administration exception
Set Firewall = CreateObject("HNetCfg.FwMgr")
Set Policy = Firewall.LocalPolicy.CurrentProfile
Set AdminSettings = Policy.RemoteAdminSettings
AdminSettings.Enabled = TRUE
WScript.Echo "Setting enabled"

Batch Scripting - Commands

Commands A-M
@ (Batch) Used before a batch command so that the command will not be displayed before it is executed
ACCDATE (Config) Enables/disables recording file last access date
ACLCONV (Command) Converts OS/2 HPFS386 file/directory permissions to NTFS volumes
ADPREP (Command) Prepares Windows 2000 domains and forests for an upgrade to Windows Server 2003
ANSI.SYS (Config) Defines functions that change display graphics, control cursor movement, and reassign keys
APPEND (Command) Enables programs to open data files in specified directories as if the files were in the current directory
ARP (Command) Changes the IP-to-Ethernet or token ring physical address translation tables used by the Address Resolution Protocol
ASSIGN (Command) Redirects requests for disk read/write operations on one drive to a different drive
ASSOC (Command) Change file extension associations
ASSOCIATE (Command) One step file association
AT (Command) Schedule a command to run at a later time
ATMADM (Command) Monitors connections and addresses registered by the ATM Call Manager on an ATM network
ATTRIB (Command) Change file attributes
BACKUP (Command) Backs up one or more files from one disk to another
BASIC (Command) BASIC programming language interpreter
BASICA (Command) Advanced BASIC programming language interpreter
BLAT (Command) Public Domain utility that sends the contents of a file in an e-mail message using SMTP
BOOTCFG Configures, queries, or changes Boot.ini file settings
BOOTCFG /ADDSW (Command) Adds BOOT.INI load options
BOOTCFG /COPY (Command) Makes another operating system instance copy
BOOTCFG /DBG1394 (Command) Configures 1394 port debugging
BOOTCFG /DEBUG (Command) Adds or changes the debug settings
BOOTCFG /DEFAULT (Command) Designate the default operating system entry
BOOTCFG /DELETE (Command) Deletes an operating system entry
BOOTCFG /EMS (Command) Adds or changes the EMS console redirection
BOOTCFG /QUERY (Command) Displays the [boot loader] and [operating systems] sections
BOOTCFG /RAW (Command) Adds load options to an [operating systems] entry
BOOTCFG /RMSW (Command) Removes BOOT.INI load options
BOOTCFG /TIMEOUT (Command) Changes the operating system time-out value
BREAK (Command) Sets or clears extended CTRL+C (^C) checking
BREAK.SYS (Configuration) Sets or clears extended CTRL+C (^C) checking
BUFFERS (Configuration) Set number of disk buffers
CACLS (Command) Change file permissions
CALL (Batch) Call one batch program from another
CERTREQ (Command) Requests certificate from a certification authority (CA)
CERTUTIL (Command) Certification Authority (CA) utility
CERTUTIL archival/recovery (Command) Key archival and recovery.
CERTUTIL backup/restore (Command) Backing up and restoring certificates.
CERTUTIL certificates (Command) Managing certificates.
CERTUTIL configure (Command) Configuring a Certification Authority (CA).
CERTUTIL CRLs (Command) Managing certificate revocation lists (CRL).
CERTUTIL decode/encode (Command) Encoding and decoding certificates.
CERTUTIL manage (Command) Managing a Certification Authority.
CERTUTIL troubleshooting (Command) Troubleshooting certificates.
CHANGE LOGON (Terminal Services Command) Enables/disables logons from client sessions
CHANGE PORT (Terminal Services Command) Change the COM port mappings
CHANGE USER (Terminal Services Command) Changes .INI file mapping
CD (Command) Change Directory - move to a specific Folder
CHCP (Command) Display or change the active character set for all devices that support character set switching
CHDIR (Command) Change Directory - move to a specific Folder
CHKDSK (Command) Check Disk - check and repair disk problems
CHKNTFS (Command) Check the NTFS file system
CHKSTATE.SYS (Configuration) Used exclusively by MEMMAKER
CHOICE (Batch) Accept keyboard input to a batch file
CIPHER (Command) Changes the encryption of directories [files] on NTFS partitions
CLEARMEM (Command) Forces pages out of RAM
CLIP (Command) Copy STDIN to the Windows clipboard
CLS (Command) Clear the screen
CLUADMIN (Command) Connect to a server cluster
CLUSTER (Command) Administer server clusters
CMD (Command) Start a new CMD shell
CMDKEY (Command) Creates, lists and deletes stored user names and passwords or credentials.
CMSTP (Command) Installs/removes a Connection Manager service profile
CODEPAGE (Command) Selects the code pages that the system will use
COLOR (Command) Change colours of the CMD window
COMMAND (Command) Starts a new instance of the operating system command interpreter
COMMANDMAIL (Command) Commercial command-line SMTP Mailer
COMP (Command) Compare the contents of two files or sets of files
COMPACT (Command) Compress files on an NTFS partition
CON2PRT (Command) Connect or disconnect a Printer
CONVERT (Command) Convert a FAT/FAT32 drive to NTFS
CONLOG (Command) Convert Web server log files to NCSA Common file format
COPY (Command) Copy one or more files to another location
BREAK.SYS (Configuration) Set country-dependent information
CPROFILE (Terminal Services Command) Cleans specified profiles
CSCRIPT (Command) Command-line-based script host
CSVDE (Command) Imports/exports Active Directory data to CSV format file
CTTY (Command) Changes the terminal device used to control your computer
DATE (Command) Display or set the date
DBLSPACE (Command) Enables the loading of the real-mode driver (DblSpace.bin) into upper memory
DBLSPACE.SYS (Config) Real-mode driver
DCGPOFIX (Command) Restores default Group Policy objects to original state
DEBUG (Command) A program testing and editing tool
DEFPRINT (Command) Set default printer
DEFRAG (Command) Reorganizes the files on a disk to optimize disk performance
DEL (Command) Delete one or more files
DELOLDOS (Command) Delete files from previous versions of DOS after a 5.0 or 6.0 installation.
DELSRV (Command) Unregisters service
DELTREE (Command) Delete a folder and all subfolders
DEVICE (Config) Set device driver
DEVICEHIGH (Config) Load device driver into upper memory
DEVINFO (Config) Prepares a device to use code pages
DFSCMD (Command) Command-line distributed file system management
DIR (Command) Display a list of files and folders
DIRUSE (Command) Display disk usage
DISKCOMP (Command) Compare the contents of two floppy disks
DISKCOPY (Command) Copy the contents of one floppy disk to another
DISKPART (Command) Manage objects (disks, partitions, or volumes) by using scripts or direct input
DISKPERF (Command) Controls the types of counters viewed by System Monitor
DISPLAY.SYS (Config) Display international character sets on EGA, VGA, and LCD monitors
DOS (Config) Load DOS into high memory
DOSHELP (Command) Starts operating system command Help
DOSKEY (Command) Edit command-line, recall commands, and create macros
DOSONLY (Config) Prevents starting non-MS-DOS-based applications from the COMMAND.COM prompt
DOSSHELL (Command) A graphical interface to the operating system
DRIVER.SYS (Config) Phantom floppy support
DRIVERQUERY (Command) List of all installed device drivers
DRIVPARM (Config) Define block device
DRVSPACE (Command) Enables the loading of the real-mode driver (DrvSpace.bin) into upper memory
DRVSPACE.SYS (Config) Real-mode driver
DSADD (Command) Adds specific types of objects to the directory
DSGET (Command) Displays specific objects selected properties in the directory
DSMOD (Command) Modifies specific types of objects in the directory
DSMOVE (Command) Moves/renames single object within a domain/tree
DSQUERY (Command) Queries Active Directory according to specified criteria
DSRM (Command) Deletes an specific/general object from the directory
DYNALOAD (Command) Dynamically load device drivers from the command line
E editor (Command) OS/2 editor
ECHO (Batch) Display message on screen
ECHOCONFIG (Config) Displays messages during the processing of the MS-DOS subsystem CONFIG.NT and AUTOEXEC.NT when the MS-DOS subsystem is invoked
EDIT (Command) A text editor you can use to create and edit ASCII text files
EDLIN (Command) A line editor to create or modify text files
EGA.SYS (Config) Save/restore EGA monitor for Shell Task Swapper
EMM386 (Command) Enables or disables EMM386 expanded-memory support on a computer with an 80386 or higher processor
EMM386.EXE (Config) 80386+ Expanded-memory device driver
ENDLOCAL (Batch) End localisation of environment changes in a batch file
ERASE (Command) Delete one or more files
Errorlevel, IF (Batch) Conditionally executes command if the previous program run returned an exit code
EVENTCREATE (Command) Create a custom event in specified log
EVENTQUERY[.vbs] (Command) Lists the events and properties from event logs
EVENTTRIGGERS Displays/configures event triggers on local or remote machines
EVNTCMD (Command) Displays SNMP events
EXE2BIN (Command) Converts files from .EXE format to binary format
Exist, IF (Batch) Conditionally executes command if filename exists
EXIT (Batch) Quit the CMD shell
EXPAND (Command) Uncompress files
EXTRACT (Command) Uncompress CAB files
FASTHELP (Command) Displays a list of all commands and gives a brief explanation of each
FASTOPEN (Command) Tracks the location of files on a hard disk and stores the information in memory for fast access
FC (Command) Compare two files
FCBS (Config) Set control blocks
FDISK (Command) Configure/partitition a hard disk for use
FILES (Config) Set maximum open files
FIND (Command) Search for a text string in a file
FINDGRP (Command) Finds all direct and indirect group memberships for a specified user in a domain
FINDSTR (Command) Search for strings in files
FINGER (Command) Displays information about a user on a specified system
FLATTEMP (Terminal Services Command) Enables or disables flat temporary folders
FOR Conditionally perform a command several times
FOR (Batch) Loop through a set of files in one folder
FOR /D (Batch) Loop through several folders
FOR /F (Batch) Loop through items in a text file, Loop through the output of a command
FOR /L (Batch) Loop through a range of numbers
FOR /R (Batch) Loop through files (recurse subfolders)
FORCEDOS (Command) Starts the specified program in the MS-DOS subsystem
FORFILES (Batch) Batch process multiple files
FORMAT (Command) Format a disk
FREEDISK (Batch) Checks available disk space
FSUTIL Perform many FAT and NTFS file system related tasks, such as managing reparse points, managing sparse files, dismounting a volume, or extending a volume
FSUTIL USN (Command)
FTP (Command) File Transfer Protocol
FTYPE (Command) Display or modify file types used in file extension associations
GDISK (Command) Ghost disk
GETDC (Command) Get server name for a give domain
GETMAC (Command) Returns the MAC address
GETTYPE (Batch) Sets %ERRORLEVEL% to Windows value
GLOBAL (Command) Display membership of global groups
GOTO (Batch) Direct a batch program to jump to a labelled line
GPRESULT (Command) Displays Group Policy settings and RSOP for a user/computer
GPUPDATE (Command) Refreshes local and Active Directory-based Group Policy settings
GRAFTABL (Command) Loads a table of character data into memory
GRAPHICS (Command) Loads a program into memory that allows MS-DOS to print the information displayed on your screen
GWBASIC (Command) Basic language command interpreter.
HELP (Command) Starts operating system command Help
HELPCTR (Command) Starts Help and Support Center
HIMEM.SYS (Config) Extended memory manager
HOSTNAME (Command) Prints the name of the current computer
IF (Batch) Conditionally perform a command
IFMEMBER (Command) Checks whether current user is a member of a specified group
IISAPP[.VBS] (Command) IIS application query
IISBACK[.VBS] (Command) IIS backup management
IISCNFG[.VBS] (Command) IIS configuration
IISEXT[.VBS] (Command) IIS Web service extension
IISFTP[.VBS] (Command) IIS FTP site management
IISFTPDR[.VBS] (Command) IIS FTP directory
IISREPL[.VBS] (Command)
IISRESET (Command) IIS restart Web services
IISSYNC[.VBS] (Command)
IISWEB (Command) IIS virtual directory
IISVDIR (Command) IIS Web site management
INCLUDE (Config) Include one config-block within another
INSTALL (Config) Load TSR into memory
INTERLNK (Config) (Command) Connects two computers via parallel or serial ports and enables the computers to share disks and printer ports
INTERSVR (Config) (Command) Starts the Interlnk server
INUSE (Command) On-the-fly replacement of files currently in use by the operating system
IPCONFIG (Command) Configure IP
IPSECCMD (Command) Configures Internet Protocol Security policies in a directory service or in a local/remote registry
IPXROUTE (Command) Changes information about the IPX protocol routing tables
IRFTP (Command) Sends files over an infrared link
JOIN (Config) (Command) Allows access to the directory structure and files of a drive through a directory on a different drive
KEYB (Config) (Command) Configures a keyboard for a specific language
KILL (Command) Remove a program from memory
:LABEL (Batch) Used as the target of GOTO command(s)
LABEL (Command) Edit a disk label
LASTDRIVE (Config) Specify last system drive
LDIFDE (Command) Creates/modifies/deletes directory objects
LFNFOR (Batch) Enables/Disables Long file names when processing FOR commands
LH (Command) Loads a program into the upper memory area
LIBPATH (Config) Specifies the directories to search for dynamic-link libraries
LINK (Command) 16-bit link system libraries to object program
LOADFIX (Command) Ensures that a program is loaded above the first 64K of conventional memory, and runs the program
LOADHIGH (Command) Loads a program into the upper memory area
LOCAL (Command) Display membership of local groups
LOCK (Command) Locks a drive, enabling direct disk access for an application
LODCTR (Command) Registers new Performance counter names
LOGEVENT (Command) Write text to the NT event viewer
LOGMAN (Command) Manages/schedules performance counter/event trace log collections
LOGOFF (Terminal Services Command) Terminates a session
LOGTIME (Command) Log the date and time in a file
LPQ (Command) Diagnostic utility obtains status of a print queue on a LPD server computer
LPR (Command) Connectivity utility to print a file to a LPD server computer
MACFILE (Command) Manage File Server for Macintosh servers, volumes, directories, and files
MAKECAB (Command) Cabinet (.CAB) archive file maker
MAPISEND (Command) Send email from the command-line
MD (Command) Create new folders
MEM (Command) Display memory usage
MEMMAKER (Command) Optimizes your computer's memory by moving device drivers and memory-resident programs to upper memory
MENUCOLOR (Config) Set text and background color
MENUDEFAULT (Config) Specify default menu item
MENUITEM (Config) Define an item on the startup menu
MIRROR (Command) Used to store information about a disk's file allocation table, boot record, and root directory
MKDIR (Command) Create new folders
MMC (Command) Microsoft Management Console
MODE Configure a system device (Command)
MODE (Command) Configure Printer
MODE (Command) Configure Serial Port
MODE (Command) Display Device Status
MODE (Command) Redirect Printing
MODE (Command) Set Device Code Pages
MODE (Command) Set Display Mode
MODE (Command) Set Typematic Rate
MORE (Command) Display output, one screen at a time
MOUSE.SYS (Config) Mouse pointer driver
MOUNTVOL (Command) Manage a volume mount point
MOVE (Command) Move files from one folder to another
MRINFO (Command) Queries specified multicast router
MSAV (Command) Scans your computer for known viruses
MSBACKUP (Command) Backs up or restores one or more files from one disk onto another
MSCDEX (Command) Provides access to CD-ROM drives
MSD (Command) Provides detailed technical information about your computer
MSG (Terminal Services Command) Send a message to a user
MSIEXEC (Command) Install, modify, and perform operations on Windows Installer
MSINFO32 (Command) Windows NT diagnostics
MSTSC (Terminal Services Command) Creates/edits/migrates connections to terminal servers or other remote computers
MUNGE (Command) Find and Replace text within file(s)
MV (Command) Copy in-use files

NBTSTAT (Command) Display networking statistics (NetBIOS over TCP/IP)
NET Manage network resources (Command)
NET ACCOUNTS (Command) Updates the user accounts database and modifies password and logon requirements for all accounts
NET COMPUTER (Command) Adds or deletes computers from a domain database
NET CONFIG (Command) Displays your current workgroup settings
NET CONFIG SERVER (Command) Displays or changes settings for the Server service
NET CONFIG WORKSTATION (Command) Displays or changes settings for the Workstation service
NET CONTINUE (Command) Reactivates a Windows service suspended by NET PAUSE
NET DIAG[NOSTICS] (Command) Microsoft Network Diagnostics
NET FILE (Command) Closes a shared file and removes file locks
NET GROUP (Command) Adds, displays, or modifies global groups on servers
NET HELP (Command) Displays information about NET commands and error messages
NET HELPMSG (Command) Displays information about Windows network messages
NET INIT[IALIZE] (Command) protocol and network-adapter drivers without binding them to Protocol Manager
NET LOCALGROUP (Command) Modifies local groups on computers
NET LOGOFF (Command) Breaks the connections between your computer and the shared resources to which it is connected
NET LOGON (Command) Identifies you as a member of a workgroup
NET NAME (Command) Adds or deletes a messaging name (alias) at a computer
NET PASSWORD (Command) Changes your logon password
NET PAUSE (Command) Suspends a Windows service or resource. Pausing a service puts it on hold
NET PRINT (Command) Displays print jobs and shared queues
NET SEND (Command) Sends messages to other users, computers, or messaging names on the network
NET SESSION (Command) Lists or disconnects sessions between the computer and other computers on the network
NET SHARE (Command) Makes server's resources available to network users
NET START (Command) Starts services
NET STATISTICS (Command) Displays the statistics log for the local Workstation or Server service
NET STOP (Command) Stops services
NET TIME (Command) Synchronizes or displays the computer's clock with another computer or domain
NET USE (Command) Connects or disconnects your computer from a shared resource or displays information about your connections
NET USER (Command) Creates and modifies user accounts on computers
NET VER (Command) Displays the type and version number of the workgroup redirector
NET VIEW (Command) Displays a list of resources being shared on a computer
NETSH (Command) Command-line, scripting interface for configuring and monitoring Windows
NETSTAT (Command) Display networking statistics (TCP/IP)
NLB (Command) Network Load Balancing
NLBMGR (Command) Network Load Balancing Manager
NLSFUNC (Config) (Command) Loads country-specific information for national language support
Not, IF (Batch) Conditionally executes command if the previous program run returned an exit code
NOW (Command) Display the current Date and Time
NSLOOKUP (Command) Name server lookup
NTBACKUP (Command) Backup folders to tape
NTBOOKS (Command) Accesses online Windows NT manuals
NTCMDPROMPT (Config) Runs CMD.EXE command interpreter, rather than COMMAND.COM
NTDSUTIL (Command) Active Directory management
NTSD (Command) NT System Debugger
NUMLOCK (Config) Turn on/off numlock key
OPENFILES (Command) Queries, displays, or disconnects files opened
PAGEFILECONFIG (Command) Display/configure Virtual Memory settings
PATH (Command) Display or set a search path for executable files
PATHMAN (Command) Adds/removes components from system/user paths
PATHPING (Command) IP trace utility
PAUSE (Batch) Suspend processing of a batch file and display a message
PAX (Command) Portable Archive Interchange utility
PBADMIN (Command) Administers phone books
PENTNT (Command) Corrects floating point hardware error with emulation
PERFMON (Command) XP Performance console configured with NT 4.0 Performance Monitor settings files
PERMS (Command) Show permissions for a user
PING (Command) Test a network connection
PIPE (<) () (>), MOVE (Command) Redirection
POPD (Command) Restore the previous value of the current directory saved by PUSHD
PORTUAS (Command) Merges LAN Manager 2.x users into Windows 2000 accounts database
POWER (Config) (Command) Turns power management on and off
POWERCFG (Command) Control system power settings
PRINT (Command) Print a text file
PRNCNFG (Command) Configures printer information
PRNDRVR (Command) Adds, deletes, and lists printer drivers
PRNJOBS (Command) Pauses, resumes, cancels, and lists print jobs
PRNMNGR (Command) Adds, deletes, and lists printers
PRNPORT (Command) Creates, deletes, and lists standard TCP/IP printer ports
PRNQCTL (Command) Prints a test, pauses or resumes a printer
PROMPT (Command) Change the command prompt
PROTSHELL (Config) Protected Shell?
PSTAT (Command) Various system tables contents
PUSHD (Command) Save and then change the current directory
QBASIC (Command) Runs Basic computer language programs
QUERY PROCESS (Terminal Services Command) Displays terminal server running processes information
QUERY SESSION (Terminal Services Command) Displays terminal server sessions information
QUERY TERMSERVER (Terminal Services Command) Displays a list of all network terminal servers
QUERY USER (Terminal Services Command) Displays terminal server user session information
RAMBOOST (Command) Aggressive memory optimization
RAMDRIVE (Config) Emulate disk drive in RAM
RAMSETUP (Command) Installs RAMBOOST
RASDIAL (Command) Automates the connection process
RASPHONE (Command) Manage RAS/DUN connections
RCP (Command) Copies files between Window computer and system running remote shell daemon
RD (Command) Delete folder(s)
RDISK (Command) Create Recovery Diskette(s)
RECOVER (Command) Recover a damaged file from a defective disk.
REDIRECTION (<) () (>), MOVE (Command) redirection
REG (Command) Read, Set or Delete registry keys and values
REG ADD (Command)
REG BACKUP (Command)
REG COPY (Command)
REG DELETE (Command)
REG DUMP (Command)
REG FIND (Command)
REG LOAD (Command)
REG QUERY (Command)
REG SAVE (Command)
REG UNLOAD (Command)
REG UPDATE (Command)
REGEDIT (Command) Import or export registry settings
REGEDT32 (Command) Read, Set or Delete registry keys and values
REGISTER (Terminal Services Command) Registers a program so that it has special execution characteristics
REGSVR32 (Command) Registers .dll files as command components in registry
RELOG (Command) Extracts performance counters from logs into other formats
REM (Config) (Batch) Record comments (remarks) in a batch file
REN (RENAME) (Command) Rename a file or files.
REPLACE (Command) Replace or update one file with another
RESET SESSION (Terminal Services Command) Reset (delete) a session from the terminal server
RESTORE (Command) Restores files that were backed up by using any version of BACKUP
REXEC (Command) Runs commands on remote computers
REXX (Command) REXX language command interpreter
RKILL (Command) List/terminate remote system processes
RISETUP (Command) Remote Installation Services management
RM (Command) Remove file
RMDIR (Command) Delete folder(s)
RMTSHARE (Command) Share a folder or a printer
ROBOCOPY (Command) Robust File and Folder Copy
ROUTE (Command) Manipulates network routing tables
RSH (Command) Runs commands on remote computers
RSM (Command) Manages media resources using Removable Storage
RSS (Command) Enables Remote Storage, used to extend server disk space
RUNAS (Command) Execute a program under a different user account
SC (Command) Service Control
SCANDISK (Command) Disk analysis and repair tool
SCANDSKW (Command) Disk analysis and repair tool
SCHTASKS (Command) Schedules commands and programs to run
SCLIST (Command) Display NT Services
SCOPY (Command) File Copy with Security
SCRIPT-IT (Command) Automate interactive software installations and system configuration tasks
SECEDIT (Command) Configures and analyzes system security
SELECT (Command) Formats a disk and installs country-specific information
SET (Command) Display, set, or remove environment variables
SETLOCAL (Batch) Begin localisation of environment changes in a batch file
SETVER (Command) Reports a earlier version number to programs or device drivers
SETX (Command) Set environment variables permanently
SFC (Command) Scans and verifies the versions of all protected system files Connects to another session
SHADOW (Terminal Services Command) Enables you to remotely control an active session of another user
SHARE (Config) (Command) Installs file-sharing and disk locking capabilities
SHARE.VBS (Command) List, create, and delete shares on a remote system
SHELL (Config) Specify command processor
SHIFT (Batch) Shift the position of replaceable parameters in a batch file
SHORTCUT (Command) Create a windows shortcut (.LNK file)
SHOWACL (Command) Show file Access Control Lists
SHUTDOWN (Command) Shutdown the computer
SHUTGUI (Command) GUI version of SHUTDOWN
SIZER (Command) Determine the size in memory of device drivers and memory-resident programs
SLEEP (Batch) Wait for x seconds
SMARTDRV (Config) (Command) Creates a disk cache in extended memory
SOON (Command) Schedule a command to run in the near future
SORT (Command) Sort input
STACKS (Config) Allocate interrupt storage
START (Command) Start a separate window to run a specified program or command
SU (Command) Switch User
SUBINACL (Command) Modify Access Control Lists
SUBMENU (Config) Define a submenu on the startup menu
SUBST (Command) Associate a path with a drive letter
SWITCHES (Config) Specifies special options in MS-DOS
SYS (Command) Creates a startup disk
SYSCOMGR (Command) Installs a limited set of optional components
SYSTEMINFO (Command) Displays detailed configuration information
TAKEOWN (Command) Change file ownership
TAPICFG (Command) TAPI application directory partition configuration
TASKKILL (Command) Ends one or more tasks or processes
TASKLIST (Command) Displays a list of applications and services
TCMSETUP (Command) Sets up the telephony client
TELNET (Command) TCP/IP terminal emulation
TFTP (Command) Transfers files to and from a remote computer
TIME (Command) Display or set the system time
TIMEOUT (Batch) Delay processing of a batch file
TIMESERV (Command) NT service that automatically synchronizes local system time
TITLE (Command) Set the window title for a CMD.EXE session
TLIST (Command) Task List
TOUCH (Command) Change file date/timestamp
TRACERPT (Command) Processes event trace logs or real-time data
TRACERT (Command) Trace route to a remote host
TREE (Command) Graphical display of folder structure
TRUENAME (Command) Displays the actual path corresponding to virtual drives
TSCON (Terminal Services Command) Connects to another session
TSDISCON (Terminal Services Command) Disconnects a session from a terminal server
TSECIMP (Command) Imports assignment information from XML file into tsec.ini
TSKILL (Terminal Services Command) Ends a process
TSPROF (Terminal Services Command) Copies the user configuration information, which is displayed in the Terminal Services extensions to Local Users and Groups and Active Directory Users and Computers, from one user to another
TSSHUTDN (Terminal Services Command) Enables an administrator to remotely shut down or reboot a terminal server
TYPE (Command) Display the contents of a text file
TYPEPERF (Command) Writes performance counter data
UNDELETE (Command) Restores files that were previously deleted using DEL
UNFORMAT (Command) Restores only local hard and floppy disk drives
UNLOCK (Command) Unlocks a drive, disabling direct disk access for an application
UNLODCTR (Command) Removes Performance counter names and Explain text
USRSTAT (Command) List domain usernames and last login
VER (Command) Display version information
VERIFY (Command) Verify that files have been saved
VOL (Command) Display a disk label
VSAFE (Command) Continuously monitors your computer for viruses
VSSADMIN (Command) Displays current volume shadow copy backups
W32TIME (Command) NT time service
W32TM (Command) Diagnose problems occuring with Windows Time
WAIT (Command) Pause for given amount of time
WHERE (Command) Locates and displays all matching files
WHOAMI (Command) Output the current UserName and domain
WIN (Command) Starts the Windows Graphical User Interface (GUI)
WIN386 (Command) Starts the Windows Graphical User Interface (GUI)
WINDISK (Command) Disk administration
WINMSD (Command) Windows NT Diagnostics
WINMSDP (Command) Windows NT Diagnostics II
WINNT (Command) Performs an installation of or upgrade to Windows NT
WINNT32 (Command) Sets up or upgrades Windows 2000 Server or Professional
WINPOP (Command) POP3 service administration
WMIC (Command) Windows Management Instrumentation interface
XCACLS (Command) Change file permissions
XCOPY (Command) Copy files and folders