This simple script shows you how to migrate a scopes leases from one DHCP server to another,disable the old scope and enable the new one Continue reading…
You know how it is, Windows 7 is going EOL, you have had a bit of Windows 10 in play, starting at 1511 and upgraded last year to 1703 and you looking at rolling out 1809 and getting off Windows 7 before January 2020. You have thousands of Windows 7 devices and 50 – 100 Windows 10 mobile devices that you have been piloting with Windows 10, they are well less that the margin of error for devices with faulty Windows Update or SCCM Clients
So now your starting to roll out more devices and your finding that Windows Updates on Windows 10 is not working. Why?
Ok so how does the new dangled Dual Scan functions work. For what matter – how does Microsoft Updates work in Windows 10 1607 and higher??
To get powershell access to Solarwinds Orion you need to install the SDK
The powershell module installed is
The best way to visually see what you are getting back is to first use SWQL Studio that in installed on your device when you install the SDK
Here is some example powershell code to get back the device and what switch port it is on
#Solarwinds Server $SolarwindsServer = "SolarwindsServer" #Username password is a local username password for Solarwinds $SolarwindsUser = Read-Host -Prompt "Username" $Password = Read-Host -Prompt "Password" $swis = Connect-Swis -UserName $SolarwindsUser -Password $Password -Hostname $SolarwindsServer #Get Connected devices, what port and switch they were connected to and when last seen Get-SwisData $swis 'SELECT LastSeen, MACAddress, RawMAC, AdministrativeStatus, OperationalStatus, PortType, NodeAccessPoint, ClientSSID, NodeStatus, NodeStatusIcon, PortIcon, IPAddress, PortDescription, PortName, HostName, VendorIcon, ShutdownIcon, MACVendor, EndpointID, IsWireless, IsRWCommunityDefined, NodeID, PortID, MacUrl, PortUrl, APUrl, HostNameUrl, MEMBERS.ContainerID, MEMBERS.MemberPrimaryID, MEMBERS.MemberEntityType, MEMBERS.Name FROM Orion.UDT.MACCurrentInformation UDT JOIN Orion.ContainerMembers MEMBERS ON UDT.NodeID = MEMBERS.MemberPrimaryID ' #Get Container(group)members returns nodes and the container they are in Get-SwisData $swis 'SELECT ContainerID, MemberPrimaryID, MemberEntityType, Name, Status, MemberUri, MemberAncestorDisplayNames, MemberAncestorDetailsUrls, EntityDisplayName, EntityDisplayNamePlural, FullName, DetailsUrl,ContainerMembers.Container.Displayname AS ContainerName FROM Orion.ContainerMembers
This is a simple script to list all the SCCM objects that have duplicate names
Basically , as my dad would say, WSUS has got its knickers in a knot, as by default the application pool is limited to RAM.
It needs a heeeeeeeeaaaaaaaaaaaaap of RAM and time for it to run to unravel it’s self.
Plus it needs a bunch of reconfiguration of the app pool as listed below
After that you will then be able to see what amount of ram it needs on a day to day basis
Increase temporarily the RAM on the server.
When I say increase give it 2 or 3 times the RAM.
Un-limit the memory used by the AppPool (Private memory limit = 0)
The rest of this is stolen from here
|1. On your WSUS Server, launch the IIS Manager
2. Open Application Pools
3. Right click ‘WsusPool’ and select ‘Advanced Settings…’
4. To support the maximum SCCM Software Update Point clients, change ‘Queue Length’ from the default 1,000 to 25,000
5. Change ‘”Service Unavailable” Response Type’ from the default HttpLevel to TcpLevel
|6. Change ‘Failure Interval (minutes) from the default 5 to 30
7. Change ‘Maximum Failures’ from the default 5 to 60
8. Click ‘OK’ to save the App Pool changes
9. Recycle the application pool.
10. If the memory is not reduced : Restart the WSUS Administration Website
11. If the memory is not reduced : Restart the World Wide Web Publishing Service
Monitor, but eventually after a few days you should not see the “new normal” for the RAM required for the application pool to run
Then after a week reduce the memory to the new normal
Another weird one – KB4457144 was deployed to a collection of computers. On those that said it was still required, if you forced Software updates evaluation, it would error in the event log with
Package KB4457144 failed to be changed to the Installed state. Status: 0x80070017
A weird one – KB3114874 was deployed to a collection of computers. On those that said it was still required, if you forced Software updates evaluation, it would not show in the windows update log as being installed, or failing to install. Nothing, nada, zip! If you check what updates were installed , it was not listed. If I used my Get-UpdatesAvailableOnServer.ps1 script , it showed me what SCCM thought there was still outstanding.
Computername ArticleID Name URL ------------ --------- ---- --- Computer1 3114874 Security Update for Microsoft Office 2010 (KB3114874) 32-Bit Edition https://support.microsoft.com/kb/3114874
There was a disconnect between the SCCM Client and Windows Update
So I used my SCCM Client Sledgehammer to reset the SCCM Client and low and behold the KB now installed fine!
The following is a SCCM Client Health Checklist that I run through.
The following code forces a reset/repair of the Windows Update Client on a device. It is based on https://support.microsoft.com/en-us/help/10164/fix-windows-update-errors
Fixes errors in WindowsUpdate.log