With the recent ransom attacks going on please ensure you anti-virus and malware scanner are up-to-date. Below is some information from Microsoft to help protect you against these attacks. There is a free scanner as well you can download and run. This free scanner expires after 10 days, please download it again to receive updated protection. Malware Detection Windows Defender, System Center Endpoint Protection, and Forefront Endpoint Protection detect this threat family as Ransom:Win32/WannaCrypt. In addition, the free Microsoft Safety Scanner http://www.microsoft.com/security/scanner/ is designed to detect this threat as well as many others. Useful information - https://docs.microsoft.com/en-us/msrc/customer-guidance-for-wannacrypt-attacks Update 28/06/2017 - In light of the latest attacks called "Petya Ransonware" ensure your anti-virus is up-to-date. Windows Defender should be the following Malware Detection Ensure you have a definition version equal to or later than: • Threat definition version: 22.214.171.124 • Version created on: 12:04:25 PM : Tuesday, June 27 2017 • Last Update: 12:04:25 PM : Tuesday, June 27 2017
In my time dealing with SCCM or as it is also known as ConfigMgr, it is a very good tools to maintain, update and monitor an environment. Features that is comes with are Software Updates, Application management, Operating System (OS) deployments and a whole host of other features.
The point of this blog is to help troubleshoot issues, this is an open blog so feel free to point out other options or mistakes from myself. I am not saying I am master of SCCM in any way shape or form. SCCM is a beast of a system, and as always there are many ways to troubleshoots and fix issues. If there is a better way to troubleshoot an issue let us know.
Let's start with log files.
Log Files Log files in ConfigMgr 2012 is a mine field. From Site System Server to Site Server to Client side log files are everywhere. Hope the following information will help out in what direction to start troubleshooting. Of course you will need to know how to read the log files. Notepad is most people's default, but the issue with Notepad is the log files are not well formatted in it. Plus that when you want to read the log file when it is being generated and try and find an issue. Notepad does not auto update, so when you load a log file that is being generated any new event(s) that get added to the log file will not show up. So I use CMTrace, this can be found from here
The link takes you to Microsoft's download center for System Center 2012 R2 Configuration Manager Toolkit. This Toolkit, has 15 very useful tools to help you manage and troubleshoot SCCM 2012. As always Microsoft's TechNet website is a good place to start.