How to get a detailed list of all your Configuration Manager Deployments using Powershell

In this blog I will show you step by step how to quickly get a detailed list of all your Configuration Manager deployments, output in Excel table format, including the following details

  • Application Name
  • Assignment ID
  • CI_ID
  • Collection
  • Collection Name
  • DeploymentID
  • Creation Time
  • Deployment Time
  • Enforcement Deadline
  • PackageID

You can also download this guide from the Technet Gallery here

First, open the System Center Configuration Manager Console

SCCMDeployments1

Click on the down arrow in the upper right hand corner and choose “Connect via Windows Powershell”.  This opens PowerShell with the Configuration Manager module loaded.  Type the following command (use whatever path you want to save the output)

Get-CMDeployment | Export-csv -NoTypeInformation c:\temp\Deployments.CSV

SCCMDeployments13

 

Next, open the Deployments.CSV file using Microsoft Excel.

Highlight / select all the rows and columns with data, select the “Insert” Tab, click on “Table”

SCCMDeployments16

Make sure to tick “My table has headers”, the click OK

SCCMDeployments11

You now have an excel spreadsheet, in table format, with detailed information about all your deployments including

  • Application Name
  • Software Name
  • Assignment ID
  • CI_ID
  • Collection
  • Collection Name
  • DeploymentID
  • Creation Time
  • Deployment Time
  • Enforcement Deadline
  • PackageID

SCCMDeployments12

 

Unable to run Office 365 / Exchange Hybrid Wizard – “Content was blocked because it was not signed by a valid security certificate”

Unable to run Office 365 / Exchange Hybrid Wizard – “Content was blocked because it was not signed by a valid security certificate”

Problem

From the Exchange Admin Center you run the Hybrid configuration setup

Hybrid1

You are prompted to login to Office 365

Hybrid2

You enter your credentials

Hybrid3

And then receive this message / warning

 

Hybrid4

You are unable to complete the Hybrid configuration

 

Solution

You can resolve this issue by installing the certificate as follows:

1: Click on the security report icon (the lock symbol in the browser address bar)

2: Click View Certificates

Hybrid5

3: Click “Install Certificate”

Hybrid6

4: Select “Local Machine” and click next

Hybrid7

5: Click Next

Hybrid8

6: Click Finish

Hybrid9

7: Click Ok

Hybrid10

8: Restart Internet Explorer & the Exchange Admin Center.

9: Click enable on the Hybrid setup

10: Log into Office 365 when prompted

You will be returned to the Hybrid setup page

Hybrid1

This time, when you click Enable, the Exchange Hybrid setup wizard will start

Hybrid11

 

How to enable MAC address spoofing on a Hyper-V 2012 R2 Virtual Machine using PowerShell

I recently had to enable MAC address spoofing on the network adapters of two virtual machines deployed on Hyper-V 2012.  Here’s how I did it using PowerShell:

First, use the following command to take a look at the current configuration of our network adapter

Get-VMNetworkAdapter -VMName  VirtualMachineName –ComputerName HyperVHostName |fl Name,MacAddressSpoofing

MAS-1

  • VMName = Virtual Machine Name
  • Computer Name = Hyper-V host name

MAS-2

  • Name = Virtual Network Adapter Name

We can see that MacAddressSpoofing is currently Off

Run the following command to turn MacAddressSpoofing On

Set-VMNetworkAdapter  VMName VirtualMachineName –ComputerName HyperVHostName –VMNetworkAdapter  NetworkAdapterName -MacAddressSpoofing On

MAS-3

Re-run the following command to verify MacAddressSpoofing is On

Get-VMNetworkAdapter -VMName  VirtualMachineName –ComputerName HyperVHostName |fl Name,MacAddressSpoofing

MAS-4

WSUS – The file for this update failed to download

Edit:  I’ve posted this on youtube here 

Problem

During a recent deployment of WSUS on Windows 2012 R2, using WID database, I ran into a problem whereby after I approved updates, they would fail to download.  The WSUS console show the following error “The files for this update failed to download”

WSUS-1

The application log showed the following Event ID 364 error

WSUS-2

And also the following Event ID 10032 error

WSUS-3

With such a specific error description in the Event Id 364 I thought finding a solution would be straight forward.  And indeed I quickly found this following KB article describing the issue I was experiencing

In my environment we were not using a Sonicwall firewall device, so Method 1 applied to my scenario.  Specifically, configure BITS to work in foreground mode.  The KB article details the command to run, and for my scenario (WSUS 3.0 with a Windows Internal Database that was created by a default WSUS installation) the solution described was to run the following command:

%programfiles%\Update Services\Setup\ExecuteSQL.exe -S %Computername%\MICROSOFT##SSEE -d “SUSDB” -Q “update tbConfigurationC set BitsDownloadPriorityForeground=1”

However, I did not have the ExecuteSQL.exe utility anywhere on my WSUS server.  A missing ExecuteSQL.exe utility scenario is also described on this blog, and pointed me in the right direction.

Solution

Firstly, download and install the Microsoft SQL Server 2012 Feature Pack from here.  Specifically, you want to install the Native Client & Command Line Utilities

WSUS-4

Then open an administrative command prompt to C:\Program Files\Microsoft SQL Server\110\Tools\Binn

Run the following command

SQLCMD.exe -S \\.\pipe\Microsoft##WID\tsql\query -d “SUSDB” -Q “update tbConfigurationC set BitsDownloadPriorityForeground=1”

WSUS-5

Once complete, restart the Windows Update service.

After that, my WSUS server was able to download updates successfully from Microsoft Update.

 

Error creating a public folder migration batch when the “Folder to Mailbox Map” CSV file has more than 1000 rows

Problem Description

Trying to migrate public folders from Exchange 2007 to 2013 using the batch migration process detailed here

On step 5, when running the New-Migration cmdlet to create the migration batch as follows

New-MigrationBatch -Name PFMigration -SourcePublicFolderDatabase (Get-PublicFolderDatabase -Server SERVER01) -CSVData (Get-Content Public_Folder_to_mailbox_map.csv -Encoding Byte) -NotificationEmails user@domain.com -BadItemLimit $BadItemLimitCount   

I was getting the following error

The CSV File contains more than 1,000 rows.  Please divide the files into two or more files and submit them separately

PFMigration

Solution

Use the -TotalCount switch the to specify the number of row’s in the CSV file

New-MigrationBatch -Name PFMigration -SourcePublicFolderDatabase (Get-PublicFolderDatabase -Server SERVER01) -CSVData (Get-Content Public_Folder_to_mailbox_map.csv -TotalCount 1595 -Encoding Byte) -NotificationEmails user@domain.com -BadItemLimit $BadItemLimitCount   

In my case, the Public Folder to Mailbox Map csv file has 1595 rows, so I used -TotalCount 1595

 

Mailbox Management & SSO after Office 365 Hybrid Migration

So you are coming to the end of an Exchange Online Hybrid migration, and are considering decommissioning the on-premise Hybrid Exchange server.  Are there any considerations that need to be taken into account?

By the end of the mailbox migrations, you may have configured Azure AD Sync and made the on-premises Active Directory the source of authority. Therefore, going forward, you must perform any required changes on the objects in the on-premises Active Directory and not in Office 365, as most attributes on  are read only.

You may also have also configured identity federation via ADFS in order to achieve single sign-on (SSO). With ADFS configured, you must create new users via the on-premises Active Directory to use SSO.

Active Directory users also need to be created with the required mail attributes in order for Exchange Online to accept the object and convert to mail enabled user. This can be done without an on-premise Exchange. Active Directory Users and Computers will create the required mail related attributes:

  • mail
  • proxyAddresses
  • targetAddress

Once synchronized, you can assign it an Exchange license in order to make it a mailbox-enabled object.

However, you may need to enable more advanced Exchange features on the object e.g.

  • hiding the object from the global address list
  • adding additional email addresses

While this is possible using ADSI Edit the Exchange Product Group doesn’t support this approach.  The Exchange Product Group recommends you keep an Exchange server with the Mailbox role on-premises even if all your mailboxes are located in Exchange Online.  This blog has some further references

Note
If you deploy an on premise Exchange for Hybrid management only (i.e. no mailboxes) you can apply for an Exchange Hybrid Key at no cost here .