System Management – NINet.org

Flashing eeprom during imaging via PXE

July 11, 2013July 11, 2013 Ryan Leave a comment

I had a requirement to flash the eeprom on a FTDI chip while dropping a clonezilla image onto the system which is done via a PXE server

The 1st thing we need to do is get ftdi_eeprom tools on the clonezilla image, we do this by setting up an ubuntu system (I used ubuntu 12.04)

apt-get install squashfs-tools unzip

wget -O Clonezilla-2.1.2-20_amd64.zip http://downloads.sourceforge.net/project/clonezilla/clonezilla_live_stable/2.1.2-20/clonezilla-live-2.1.2-20-amd64.zip?r=http%3A%2F%2Fclonezilla.org%2Fdownloads%2Fdownload.php%3Fbranch%3Dstable&ts=1373475093&use_mirror=heanet

mkdir clonezilla-src clonezilla-sqfs
cd clonezilla-src
unzip ../Clonezilla-2.1.2-20_amd64.zip
cd ../clonezilla-sqfs
unsquashfs ../clonezilla-src/live/filesystem.squashfs
cd squashfs-root/root

wget http://ftp.de.debian.org/debian/pool/main/f/ftdi-eeprom/ftdi-eeprom_0.3-2_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/c/confuse/libconfuse0_2.7-4_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/c/confuse/libconfuse-common_2.7-4_all.deb

rm *.deb

chroot ~/clonezilla-sqfs/squashfs-root
cd root

dpkg -i libconfuse-common_2.7-4_all.deb
dpkg -i libconfuse0_2.7-4_amd64.deb
dpkg -i ftdi-eeprom_0.3-2_amd64.deb

cat > ./eeprom.conf <<@
vendor_id=0x0403
product_id=0x6001
manufacturer="ME"
product="XXXXX"
serial="FTABC123"
@

exit

cd ~/clonezilla-sqfs

mksquashfs squashfs-root filesystem.squashfs -comp xz -Xbcj x86 -b 1024k

Replace the Fields above with the values you want to use most important is the two _id fields as they tell ftdi_eeprom which device to attempt to flash, you can get these by running the command “lsusb” and identifying the device.

Copy the file “filesystem.squashfs” that has just been created and overwrite the one on the PXE server used to deploy the image. When you next PXE boot the target machines you will find ftdi_eeprom is available to use.

Now during the deployment run the command
ftdi_eeprom –flash-eeprom /root/eeprom.conf

Puppeteering with Puppet

March 20, 2013March 20, 2013 Ryan Leave a comment

So I’ve been a very naughty sysadmin recently, one of the things I intended to do early on in my new employment was setup some form of System Management as we have several Linux hosts. However truth be told I have never had a System Management system for Linux hosts (due to a lack of time to implement one) and due to a number of tight deadlines I’ve had to put this on the back burner and spin up servers for additional roles.

This road however will lead to ruin so I have put a stop to the random spinning up of hosts for anything other than testing until I get something in place to mange all the configurations centrally. The question for me was what to use, I’ve heard of both Puppet and Chef, but I have no experience of them. So after doing a bit of reading I figured I’d go with Puppet as it seems to have most of the bases I am interested in covered.

SCCM CDP to WMI version 0.0.0.3 out

January 6, 2013March 20, 2013 Ryan 5 Comments

Sorry for the lack of progress until recently but I’ve recently had a lot of more important priorities in life so working on this had to go on hold for a little while. I am hoping in the next few months to release version 1.0 but as on now this is still experimental so should only be used in a lab environment.

Please use the ticketing system on sourceforge to report any issues and add feature requests.

You can get it here: http://sourceforge.net/projects/cdptowmi/

ToDo:

See here: https://sourceforge.net/p/cdptowmi/wiki/ToDo%20List/ (work in progress)

Setting & Getting AD Properties during SCCM OSD Task sequence

October 31, 2012March 20, 2013 Ryan Leave a comment

This is a script I wrote over a year ago but have only just rediscovered, I can’t remember if it works / or if I ever used it in production. But hopefully will be of use to someone (assuming it works).

If anyone tries it please respond and let me know how worked / any issues you had.

Scripted checking of SCCM Backups

October 31, 2012March 24, 2014 Ryan 2 Comments

This is a script that parses the smsbkup.log and outputs results (in html) and the relevant portions of the file to the specified folder. The idea being that the with a small bit of tweaking you could have the report hosted on a webserver to check or emailed (there will be a post on emailing in Powershell later) to you.

This is best run from the central primary under credentials that have access to the other sites.

Note: The script requires UNC paths for the $fpath variable as it is expecting be be run remotely.

Note2: This script was written for SCCM 2007 and not for SCCM 2012, however thanks to one of my readers, Satish, the following should fix that:
Change
if ($content | where {$_ -like "Backup task completed successfully*"}) {
to
if ($content | where{$_ -like "*SQL Backup task completed successfully*"}) {

Note3:
Potential Dates issues with SCCM 2012 R2. Thanks to Marius for the update.
Change
$cdate = $cdate.adddays($days) | get-date -format “ddd MMM dd”
to (this is probably US specific and will probably vary depending on locale)
$cdate = $cdate.adddays($days) | get-date -format “MM-dd-yyyy”

Programs without MSI Product ID

April 5, 2012March 20, 2013 Ryan Leave a comment

Recently I had an issue where ActiveSetup wasn’t installing some applications when deployed. It turned out that it was due to some of the packaged applications not having a program with the Windows installer information populated. As it was believed that this may not an isolated issues I was tasked with producing a report of all Packages where the information was missing. This is not actually possible via the default reports as none of the views exposed to SCCM actually contain this information. The only way to get this information is to query the SCCM database table “PkgPrograms”, and to do that and have a permenant report SSRS is needed as it can run with the credentials of the user generating it or with an execution account which may have more access.

SCCM Patch Compliance Reports

April 3, 2012November 20, 2013 Ryan 51 Comments

Updated: 2013-11-20 – Fixes for rdl files and 2012 report, I’ve edited the RDLs but I have no infrastructure currently to test on so feedback is welcome.

I was watching SCCM Guru Episode 9 with Garth Jones, when I saw in his powerpoint presentation two reports for patch compliance that I liked the look of. So I decided to see if I could emulate the reports, I will say here having only seen the final product in his slide my reports will look similar to his, and may even share code, however I have not seen ANY of his code so any similarities here are purely coincidental and not me just copying his code and taking credit.

Task Sequence and Package Management Reports

March 2, 2012March 20, 2013 Ryan Leave a comment

There are 3 reports in this group;

The first returns a list of all packages in a Task Sequence and the DPs they are targeted at that are in a “not installed” state. Currently this only detects targeted and not installed, once I figure out the SQL i’ll update this so it includes DPs that it is not targeted at as well.

The second lists all Task Sequences that reference a specific package, the idea here is if you wish to replace a package with a newer version or decommission a package you can get a list of all of the TSes that include it.

The third and final report compares two Task Sequences and returns a list of packages that are in one but not the other along with the ID of the Task Sequence that it is in.

Software Distribution Reports

February 29, 2012March 20, 2013 Ryan Leave a comment

I have 85 or so DPs across more than 5 Primary sites and sometimes I see failures in newly created Task Sequences (or even old ones) during an OS deployment due to a package not being available.

Distribution status of a specific package on a specific distribution point – This report shows the installation status of a package on the specified distribution point.
Distribution points without a specific package – This report shows any Distribution Points a Package is not installed on. N.B. Package MUST be targeted to the site in order to be detected
Distribution points without a specific package in a site – This report shows any Distribution Points a Package is not installed on in the specified site. N.B. Package MUST be targeted to the site in order to be detected
Distribution status of a specific package in a site – This report shows the installation status of a package on each of its distribution points in the specified site

Deployment Management Report

February 28, 2012March 20, 2013 Ryan Leave a comment

Sorry it’s taken so long but here is my 1st post (of many) since my change of Job.

In my new environment machine history isn’t retained upon a machine rebuild, so how do I determine what a machine had before it was rebuilt? Well there is no “easy” answer to this, the company historically used a vbs script to diff the uninstall reg key against a list of standard or core applications. This worked to some extent but was far from perfect and could result in very large lists of applications that were not even installed by SCCM.