Cireson Remote Manage as a Right Click Tool

If you’re not aware of Cireson’s excellent Remote Manage tool I would suggest you check out Wally Mead’s webcast on Vimeo and then download the App directly from Cireson

The App is marketed as an Analysts dream and judging from my recent rollout to our Desktop and Service Desk Teams I can say they were right. The Feedback I’ve had has been overwhelmingly positive, with only one caveat. Our Senior analysts wanted the ability to launch the app directly from the Configuration Manager Console and have it connect to the Selected System. Luckily with Configuration Manager 2012’s XML extensibility achieving this is a relatively trivial task.

To Achieve this, we need the following:

  • The Console Component GUID
  • The XML File Location
  • An XML File

The Console Component GUID can be tricky to ascertain. There’s plenty of resources out there on how to do this so just a Google away so I’ll not repeat them here. For this tool we only need to know two.

  • ed9dee86-eadd-4ac8-82a1-7234a4646e62 (This GUID references Devices under the Devices Node)
  • 3fd01cd1-9e01-461e-92cd-94866b8d1f39 (This GUID references Devices under a Devices Sticky Node)

Now that we have the GUID’s we can create the XML File Location. The Folder location will be as follows %Program Files%\Microsoft Configuration Manager\AdminConsole\XmlStorage\Extensions\Actions\<GUID> where the GUID equals the Console Component GUID above. These folders don’t exist by default, so unless you’ve installed some other right click enabled tools for Configuration Manager you will need to create the empty folders.

Configuration Manager Right Click Extensions

Next We Need the XML File -In this instance we just need one file which will be copied to both locations-

<ActionDescription Class="Executable" DisplayName="Remote Manage" MnemonicDisplayName="Remote Manage" Description="Remote Manage">
        <FilePath>"C:\program files (x86)\Cireson\Remote Manage app\ConfigMgrClientTools.exe"</FilePath>
        <Parameters> "##SUB:NAME##" "FQDN OF YOUR SMS PROVIDER/SITE SERVER"  </Parameters>

So What does this XML Mean? If you really want to get your hands dirty this is all documented on MSDN however for the needs of this action we only need to understand the following:

  • Class=”Executable” As we’re spawning another Executable this one should be fairly self explanatory.
  • DisplayName, MnomicDisplayName and Description, Can be set to relevant String Values so the Action is easily Identifiable
  • Showon for this action I just want it to show up on the Context Menu so I’ve set the String to ContextMenu this could also be set to DefaultHomeTab or DefaultContexturalTab if appropriate for your action
  • Executable. Here we have the Path to the File we’re executing and some Parameters. Running Remote Manage from the command line takes the following inputs: Client (The computer We’re connecting to) and smsprovider (The Site server or computer hosting the SMSProvider Role) Configuration Manager extensions allow us to parse data from the site and pass it through to our custom actions. In this instance ##SUB:Name## tells Configuration Manager to execute our command line and while doing so SUBstitute the variable with the name of the system we right clicked on.

Now that we have our XML file we just save a copy of it into each of the GUID folders created above and restart our Console. If all goes well and your XML syntax is correct you should get a new menu item when you right-click on a system in either the Devices Node or a Devices Sticky Node.

Remote Manage Right Click Tool

Configure Sharepoint Management Pack Fails

Today while configuring our SCOM 2012 R2 environment to use the Sharepoint 2013 Management pack I came across an infuriating error.

Kevin Holman has already produced an excellent post on how to configure this pack and I won’t repeat his work here. Please go and check it out for yourself.

In my environment the configuration task failed with the unusual error:
”powershell.exe’ is not recognized and an internal or external command’


What I am going to supply now is a work around and possibly what is wrong. I haven’t had time to reproduce and diagnose this error in a lab environment, so my thoughts could be incorrect. However the workaround did work.

Using process explorer I noticed that Powershell wasn’t in the path environment variable for processes spawned by my action account. Logging on with the Action account showed the path variable to be correct.


As a quick fix I copied the into the C:\Windows\System32\WindowsPowerShell\v1.0 directory.
When rerunning the ‘Configure SharePoint Management Pack’ Task I Overrode the working directory to be ‘C:\Windows\System32\WindowsPowerShell\v1.0’ after doing this the task ran successfully.


If I find the root cause of this error I’ll update this post accordingly.

Monitoring Agent Restarts on Service Manager Servers

Recently I’ve been troubleshooting an issue where the Health Service(Microsoft Monitoring Agent) would restart and in some instances just Stop on our Service Manager Servers.

You may see events similar to the following in the Operations Manager Event Log on the affected Servers.

Log Name: Operations Manager
Source: Health Service Script
Date: 10/08/2014 13:16:12
Event ID: 6024
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
LaunchRestartHealthService.js : Launching Restart Health Service. Health Service exceeded Process\Handle Count or Private Bytes threshhold.

Log Name: Operations Manager
Source: Health Service Script
Date: 10/08/2014 13:20:14
Event ID: 6061
Task Category: None
Level: Error
Keywords: Classic
User: N/A
RestartHealthService.js : Restarting Health Service. Failed to restart service.

Operations Manager has a built in Recovery Task to restart an Agent when it Exceeds a threshold for Handle Count or Memory usage.

Out of the box this Recovery task is disabled at the Class level  for all Operations Manager Management Servers.

Class disabled

This Class does not contain the Service Manager Management Servers. You can see this by using discovered inventory view and changing the target type to ‘Management Server’



Notice however a Second Class ‘Management Server Agent’. Viewing this class will show your Service Manager Servers.

I don’t know why there isn’t a built in Override for this Class, luckily this is easily remedied by creating an Override  targeted at the ‘Management Server Agent’ Class or if you want a Group.

Disable Recovery at the Class Level

  • Navigate to Authoring
  • Expand Management Pack Objects
  • Select Overrides
  • Enter ‘Restart System Center Management’ in the Look for: box and Click ‘Find Now’
  • Expand the Tree and Right Click the Recovery and Select ‘Override Target Properties’
  • Select the Overrides Tab
  • Click Disable and Select ‘For All Objects of Another Class’
  • Enter ‘Management Server Agent’ in the ‘Look for:’ Box
  • Select the Target and Click ok.
  • Ensure enabled is set to ‘False’ and Select a destination Management Pack to save into and Click ok.



Disable Recovery for a group.

  • Navigate to Authoring
  • Right click Groups and select ‘Create New Group’
  • Give your Group a name and Select a Management Pack to save to.
  • Click next until you reach dynamic members
  • Click ‘Create/Edit Rules…’
  • Select the Class ‘SCSM 2012 Management Server’ and insert an OR group
  • From the property drop down Select ‘Name of Management Group’ Equals and Enter your Management Group name
  • Select the Class ‘System Center DataWarehouse 2012 Server’ and Click insert
  • From the property drop down Select ‘Service Manager Management Group(s)’ Equals and Enter your Management Group name (if you don’t know your Management Group Name the take a look at this blog post. )

Your Query should look like this:


( ( Object is SCSM 2012 Management Server AND ( Name of Management Group Equals IT Service Manager ) AND True ) OR ( Object is System Center DataWarehouse 2012 Server AND ( Service Manager Management Group(s) Equals IT Service Manager ) AND True ) )

 Click OK. To ensure your group is correct right click your newly created group and select View members and confirm it contains the Servers you expect.

  • Navigate to Authoring
  • Expand Management Pack Objects
  • Select Overrides
  • Enter ‘Restart System Center Management’ in the Look for: box and Click ‘Find Now’
  • Expand the Tree and Right Click the Recovery and Select ‘Override Target Properties’
  • Select the Overrides Tab
  • Click Disable and Select ‘For A Group’
  • Search for the group you created in the previous steps
  • Select the group and Click ok.
  • Ensure enabled is set to ‘False’ and click OK to save into the Same Management Pack as the group.



Java the IT administrators bane? Can WMIC help?

Cisco state in their 2013 Annual security Report that 87% of total web exploits are based on Java vulnerabilities. For home users I recommend removing the Java Runtime unless the user has a specific need for it. Sadly in a corporate environment it’s not quite that simple. Many Web based LOB applications use Java Applets to provide key functionality. SAP portals and the Blackboard E-Learning portal are key dependants in the environment I support.

Writing a Configuration Manager report can give you a useful and possibly scary overview of your environment. If you don’t already have a report for Java versions in your environment you could do a lot worse than importing this one

Now that you have the information at hand what do you do with it? First of all test all of your enterprise applications against the latest and safest version. If you don’t have a dependency list I highly recommend you create one.

Assuming you have tested and get the go ahead to upgrade what is the most efficient way to remove these legacy versions? I’ve seen many long -and very good- VB Scripts and command files with lists of MSI product codes, they will work once you’ve customised them to suite your needs. One area that does appear to get overlooked is WMI. We all know what Configuration Manager can do with WQL and WMI so why can’t we take advantage of that.

WMIC (WMI Console) is a WMI command line too which allows you to execute WMI queries.

Want to know the Mac Address, Product name and PNP ID of the active network adapter on a device. Easy just Execute this commandline.

WMIC path win32_NetworkAdapter Where “NetEnabled = True” Get “MACaddress”, “ProductName”, “PNPDeviceID”


So How do we go about removing all Old Java versions with this?

Lets Specify the criteria. I want to remove all versions of the Java runtime except Version 7.0.510 and I DON’T want to remove Java Development kits.

WMIC product where (name like "%%Java%% Update%%" and not name like "%%Development Kit%%" and version !="7.0.510") Call Uninstall /nointeractive

Is it really that simple? Pretty much.  I need to use the %% wildcards as over the years Sun/Oracle haven’t used a consistent naming convention. Some versions are named Java  some are Java(TM) so the wildcards take care of that. the two and not Statements ensure I don’t remove the Development kit or the version of Java I want out in my environment.

Here’s a before and after screen shot of a test system.

Before the Script has executed


After the Script has executed



To deploy this with Configuration Manager save the command line with start /wait added to the beginning to a .cmd file and deploy it.
Start /Wait WMIC product where (name like "%%Java%% Update%%" and not name like "%%Development Kit%%" and version !="7.0.510") Call Uninstall /nointeractive


System Center 2012 Configuration Manager Support Center

Microsoft have just release a beta of a new System Center 2012 Configuration Manager Support Tool.

Below is a quick overview of this tools capabilities. If you want access to this tool then sign up to the ConfigMGR Open Beta Community at Microsoft Connect.

The Installer adds two new applications to your start menu/screen under Microsoft System Center 2012 ( R2 if you’re using that) Support Center and Support Center Viewer.

Support Center can be installed and ran locally or a connection to a remote Device can be initiated for troubleshooting.

The UI is broken into 6 tabs

Data Collection:

Data Collection Tab

Clicking the Start Collection Button will initiate a data collection and prompt for a Save location for a bundle file which can then be analysed later in the Support Center Viewer. An ideal tool for service desk to collect relevant data for second and third  line support.

Client details:

Client details

Lists details relating to the clients site connection and configuration

Client Policy:

Client Policy

Allows you to view and Request policy. Compare the Requested to Actual and ‘listen’ to the policy request events.



Allows you to view Deployments/Content currently targeted at the client. A details pane shows whether the Deployment is applicable and or installed and Deployment types available. Right clicking on a Deployment type allows you to launch a new Window to Verify the Content is accessible. Maybe this tab should read Deployments?




Allows you to run a Series of health and connectivity tests with an individual log output for each test.



The Logs tab allows you to view -Support Center has a lot of the functionality of CMTrace built in which is a great feature.- and configure client logging for in depth troubleshooting. For those of us with ageing memories the ‘Open Log Group’ drop down is very useful – for the rest of us it’s also a great time saver- This allows you to open a set of logs based on the issue you are trying to troubleshoot. Current options are ‘Application Management’, ‘Client Policy’ and ‘Client registration’.

I can see this tool -once it is out of Beta- being used extensively in most Configuration Manager Environments. If you aren’t a member of the open beta program yet, I suggest you sign up and get involved at

The Return of the Crashing Configuration Manager Console

Configuration Manager SP1 Console users who also had the Orchestrator Runbook Designer and the System Center 2012 Integration Pack for System Center 2012 Configuration Manager installed, suffered from a crash when launching the console. Details of this crash are available in the following KB article

Much to my surprise after upgrading our environment to the R2 release and deploying the latest Configuration Manager R2 IP, the issue returned on my windows 8.1 desktop this morning.

IP version and the update which was released yesterday both register the following dll’s in the GAC

  • AdminUI.WqlQueryEngine.dll  (
  • Microsoft.ConfigurationManagement.ManagementProvider.dll  (

This results in a console which crashes with exactly the error as stated in the above KB.

So far I haven’t done any further digging except to say un-installing the IP and repairing the console fixes the issue. Time to head over to connect and file a bug report.

Dynamic Service Manager CMDB with System Center Orchestrator

Finding the need to investigate extending the built in Service Manager CMDB and being relatively new to Service Manager I found this blog post by MVP Marcel Zehner an invaluable starting point.

One thing you have to keep in mind with Private Cloud Computing is the fact that requirements for CMDB change dramatically. Not only that your CMDB needs to manage new classes (e.g. Virtualization Hosts, Hypervisors, Guests, Clouds etc.) and Relationships (e.g. VM belongs to Cloud, Cloud uses Virtualization Hosts, Virtualization Hosts run Hypervisor etc.,), but it must also be able to be enough dynamic to support Cloud scenarios. Cloud configurations are dynamic (e.g. VM Live Migration, VM Storage Migration), configuration changes can happen any time and can be triggered in many different situations (e.g. System Maintenance, End user Self Service). I had a speech about this topic some days ago at a Microsoft TechNet Event in Switzerland and I’d like to share that information with my blog readers.

View original post 693 more words

Client Health in Configuration Manager 2012

Even with Chris Stauffer’s Excellent Client Health Startup script ( ) Client Health monitoring in Configuration Manager 2007 was still a large pain point. Configuration Manager 2012 thankfully has a built in client health checking and remediation process. This process -which runs as a scheduled task every 24 Hours- evaluates client health then attempts to repair the client should any issues be found. If the client is installed with the default settings a Scheduled Task which runs between 12 and 1am is created, if this task is missed due to the client being powered off or in sleep mode the task will run when the OS starts or the client wakes from sleep.  The Executable called by this task is CCMEVAL.EXE which is located in the %windir%\CCM folder.

To manually trigger a configuration manager Client Health check.

  1. On the system where you wish to trigger the check launch a command prompt as Administrator.
  2. Navigate to %windir%\CCM
  3. Type CCMEVAL.EXE and press enter
  4. CCMEVAL.LOG will be generated in the /logs subfolder
  5. This log can be checked for errors using the CMTrace tool or notepad.

CCMEVAL.EXE has a supporting  XML file (CCMEVAL.XML) which details what should be checked. Default checks include the following tests:

  • Verify WMI service Exists
  • Verify/Remediate WMI Service startup type
  • Verify/Remediate WMI Service startup Status
  • WMI repository read write test
  • Verify/Remediate client WMI Provider
  • WMI repository Integrity test
  • Verify BITS exists.
  • Verify/Remediate BITS startup type
  • Verify/Remediate client prerequisites
  • Verify/Remediate client installation
  • Verify SMS Agent Host service exists
  • Verify/Remediate SMS Agent Host service startup type
  • Verify/Remediate SMS Agent Host service status
  • WMI Event Sink Test
  • Verify/Remediate Microsoft Policy Platform service startup type
  • Verify/Remediate Antimalware service startup type
  • Verify/Remediate Antimalware service status
  • Verify/Remediate Network Inspection service startup type
  • Verify/Remediate Windows Update service startup type

Two useful CCMEVAL.EXE settings can be configured using the Registry keys located in  HKEY_LOCAL_MACHINE\Software\Microsoft\CCM\CcmEval\

NotifyOnly –a String Value with a default setting of FALSE- instructs CCMEVAL.EXE to attempt to remediate any problems discovered during the client check process. Changing the value to TRUE  disables remediation and instructs CCMEVAL to report status only. This is a particular important setting for critical servers where you would want to investigate and remediate any issues manually during scheduled maintenance or downtime slots.

SendAlways –also a String Value with a default setting of FALSE- instructs CCMEVAL.EXE to send status information only when a change in client health is discovered. Setting this to TRUE forces status to be sent every time CCMEVAL.EXE Runs.

NOTIFYONLY=’VALUE’ and SENDALWAYS=’VALUE’  are both available as client installation properties.

Given we have Configuration Items we could always create a Compliance Baseline to configure these settings as required on a Collection for troubleshooting purposes.

Even nicer is the availability of this information in the Console.  With a Dedicated Node in the Monitoring Workspace, health details available in the lower pane for every client you select and dedicated reports, keeping track of Client Health has never been easier.

Thanks for Reading.