The Service Manager data warehouse SQL Reporting Services server is currently unavailable

Recently, while rolling out System Center Service Manager 2012 R2 for a customer, I received the following error when opening Service Manager as it attempted to load the SQL Reporting Services plugin: “The Service Manager data warehouse SQL Reporting Services server is currently unavailable.  You will be unable to execute reports until this server is available.”

SCSM-SQLReporting

The even log showed Event ID 33569:

Cannot connect to SQL Reporting Services Server.  Message= An unexpected error occurred while connecting to SQL Reporting Services server: System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. —> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
SCSM-SQLReporting2

The last line was the key.  Ideally you would want to put a trusted cert from your CA onto the SQL Reporting Services Server but the work around would be to make the certificate trusted on the machine running the Service Manager Console.

Browse to the SQL Reporting Services web page, click past the cert error.
SCSM-SQLReporting2a

Click on the certificate icon at the top and “View Certificate”
SCSM-SQLReporting2b

Install the certificate into your local machine Trusted Root Certification Authorities.
SCSM-SQLReporting3
SCSM-SQLReporting4

Now go back and re-open the SCSM Console and all should be good!
SCSM-SQLReporting5

Migrate 2008 DHCP to Server 2012 R2 with DHCP Failover

Recently needed to migrate an existing 2008 DHCP server to two new Server 2012R2 DHCP servers with Failover enabled.  Thankfully, this is a very straightforward process!

Logged onto to one of your new DHCP servers run the following PowerShell commands:

Export-DhcpServer –ComputerName OLDDHCPSERVERNAME.company.local -Leases -File C:\OLDDHCPSERVER-dhcpexp.xml -verbose

Import-DhcpServer –ComputerName NEWDHCPSERVER1.company.local -Leases –File C:\OLDDHCPSERVER-dhcpexp.xml -BackupPath C:\dhcp\backup\ -Verbose

Import-DhcpServer –ComputerName NEWDHCPSERVER2.company.local –File C:\OLDDHCPSERVER-dhcpexp.xml –ServerConfigOnly –verbose –BackupPath C:\dhcp\backup\

Note: If the C:\dhcp\backup\ path doesn’t exist you will need to re-run the command or create it first.

Next to enable the new failover functionality, right-click on your scope and select “Configure Failover.”
DHCP1
Specify “Hot standby” and specify your reservervation for standby server(this can generally be fairly low as clients will hold their lease for awhile.).  Specify a State Switchover Interval if you want your server to automatically failover after a period of disruption on the primary server.  Finally enable a Message Authentication Shared Secret if desired between the servers.
DHCP2

That’s it! 🙂

“You cannot use the vSphere Client to edit the settings of virtual machines of version 10 or higher.”

After using the VMware 5.5 Convertor to perform a physical to virtual migration, I noted the following error when attempting to edit the properties of the VM in vSphere:

“You cannot use the vSphere Client to edit the settings of virtual machines of version 10 or higher.”

esxiversion10-error

Thankfully there is an easy work around!

Confirm the VM is powered-off.
Right-click the VM and remove from inventory:
remove-vm-from-inventory
Enable SSH on the host and connect.
03-enablessh
Change directory to your vm:
cd /vmfs/volumes/YOURDATASTORENAMEHERE/YOURVMNAME
04-cdvmfs

Open your VMX file with vi:
vi VMNAME.vmx
05-vivmx

Find the line that says ‘virtualHW.version'(ie.virtualHW.version = “10”) and change to “8”
Hint: Delete 10, type “i” to start editing, put 8 between the quotes, then Esc key when done, “:wq” to save changes (:q! to exit without saving).
06-vihwversion 06-vihwversionb

Re-register the VM in Vsphere: vim-cmd solo/registervm /vmfs/volumes/YOURDATASTORENAMEHERE/YOURVMDIRECTORY/YOURVM.vmx

You should now be able to edit your VM!

07-vmedit

Windows Deployment Services service will not start (Error 0x2740 )

Starting Windows Deployment Services on a recently assigned Distribution Point for System Center Configuration Manager, I received the following error in the Application Event log on the DP:

An error occurred while trying to create the UDP endpoint for WDSPXE provider on interface x.x.x.x:67. This can happen if the network interface was disabled or changed, or some other application is already using the port. The provider  will not be able to receive requests on this interface.

Error Information: 0x2740
dhcp-pxe-error2

This was because the DP was setup as a DHCP server and for WDS.  Unfortunately WDSUTIL /set-server /UseDHCPPorts:No did not work. The fix was to perform the following registry change:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WDSServer\Providers\WDSPXE
Set the registry value to: UseDHCPPorts = 0

dhcp-pxe-error1
The service then started without any issues.

Note: Another thing to remember, is that if you are running your WDS server on your DHCP server, you will need to set the 060 option in your DHCP Server Options. From a command prompt run the following command:WDSUTIL /set-server /DHCPOption60:yes

 

System Center PXE/WDS “Processor Architecture Boot Image (0) not found”

When setting up a new System Center Distribution Point recently, I received the following error in the SMSPXE.log:

Warning: Matching Processor Architecture Boot Image (0) not found
PXE-Error1
This is because, even if you only using the x64 WinPE image, SCCM/WDS requires that both x64 & x86 to be present.  Simply distribute your x86 image from SCCM and restart the Windows Deployment Service on your Distribution Point.

PXE-Error2

PXE-Error3

 

WMI Model Query for System Center or MDT Task Sequence

In order to specify device driver install package for a specific model during your SCCM or MDT task sequence, you can create a WMI Query for the specific models covered by your driver pack. ie.
Select * From Win32_ComputerSystem WHERE Model LIKE “%HP%%600” or LIKE “%HP%%800”
WMIQuery1-Update

To find the WMI specific model info, open command prompt and run the following commands:
WMIQuery2

In the above example, as I am running an HP Zbook 15, it would be Select * From Win32_ComputerSystem WHERE Model LIKE “%HP%%Zbook”

Offline Servicing DISM/WIM – SCCM PXE Deployment

Recently while testing an System Center Configuration Manager 2012 R2 PXE Deployment on a new HP Elitebook 840 or 850, I received the following error:
“Windows could not configure one or more system components.  To install Windows, restart the computer and then restart the installation.”
The reason for this is that the new hardware requires a later version of the Kernel Mode Driver Framework than is included with the Windows 7 install media.  The easiest fix for that is to download a copy of the updated Framework: http://support.microsoft.com/kb/2494168.  From there we can perform an offline servicing of the WIM image using the DISM command.

Dism /Get-WIMInfo /WimFile:D:\Software\OSImages\Windows_7_Ent_SP1_X64-KMDF1.11\Win7x64entSP1.wim
wim1
Dism /Mount-WIM /WimFile:D:\Software\OSImages\Windows_7_Ent_SP1_X64-KMDF1.11\Win7x64entSP1.wim /index:1 /MountDir:D:\Temp\offline
wim2
Dism /image:D:\Temp\offline /Add-Package /PackagePath:D:\Software\Patches\kmdf-1.11-Win-6.1-x64\Windows6.1-KB2685811-x64.cab
wim3
Finally: Dism /Unmount-WIM /MountDir:D:\Temp\offline /Commit.  Update your distribution points with updated WIM and re-run deployment to resolve.

Set SharePoint site to read-only

In some situations you may have a need to set a SharePoint site to read-only.  In my case because we were moving the customer from WSS 3 to SharePoint 2013 and needed to reference the old data, while testing to confirm there were no issues with the new site.  This can be done using the following command from the SharePoint bin folder:

stsadm -o setsitelock -url http://sharepointsite -lock readonly

sharepointreadonly

Veeam: A VSS critical writer has failed

While deploying Veeam Backup & Replication recently for a customer, we came across the following error message while backing up a domain controller:

Unable to release guest. Error: Unfreeze error: [Backup job failed.
Cannot create a shadow copy of the volumes containing writer’s data.
A VSS critical writer has failed. Writer name: [NTDS]. Class ID: [{b2014c9e-8711-4c5c-a5a9-

3cf384484757}]. Instance ID: [{bcc3ddec-3a1b-4bbd-bb5c-2da62e9bcb4d}]. Writer’s state: [VSS_WS_FAILED_AT_POST_SNAPSHOT]. Error code: [0x800423f4].]
veeamerror

Running VSSAdmin List Writers showed in fact that the NTDS Writer was in an Error state with [11] Failed, “Non-retryable error”.

The issue was due to a conflict with Shadow Protect, which was also doing VSS Backups.  As Veeam was going to be replacing ShadowProtect, the fix for this was to remove the Shadow Protect VSS Provider:

First re-run the ShadowProtect backup which restored the NTDS Writer to a Ready State.
veeamerror1

Open Regedit
Browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS\Providers\
You should see the GUID {24602736-bed9-4619-91b0-243447c6409c} listed.  Clicking on it shows “StorageCraft Volume Snapshot Software Provider”
veeamerror3
Backup this registry key, then delete it.
veeamerror2
Open Windows services and restart the “Volume Shadow Copy” service. It may be stopped to begin with, that’s okay.
Check and see if the provider is gone from: vssadmin list providers
Reboot the server when next possible.

Re-run Veeam backup and all should be successful!

Remove Exchange 2010 Archive Database from Provisioning

After creating an Archive Database in Exchange 2010, you find that Exchange will put new user mailboxes on this database, in order to balance mailboxes across stores.  The easiest way to avoid this is to exclude the Archive Database from your mailbox provisioning.

Using Exchange 2010 Powershell, get a list of your mailbox databases by running Get-MailboxDatabase:
1ExcludeArchiveDB
Once you confirm the name of your archive database, exclude it from automatic provisioning by running the following PowerShell command: Set-MailboxDatabase -Identity “Archive Database” -IsExcludedFromProvisioning $True
2ExcludeArchiveDB