Archive
System Center Virtual Machine Manager problems began in 2018
In November and December of 2018 Microsoft released few Windows Updates for Windows Server 2016 that caused havoc in SCVMM for Hyper-V switch management.
More info is available here: System Center Virtual Machine Manager fails to enumerate and manage Logical switch deployed on the host
I had switch management problem in two different environments and each one of them was different than the one documented on the link above. Since I didn’t have any better suspect than recent Windows Updates (and I knew about WMI repository problems), I decided to run the following PowerShell command:
Get-CimClass -Namespace root/virtualization/v2 -classname *vmm*
To my surprise and relieve above command didn’t return any object. The solution was easy – follow the instructions and re-add VMM related classes to the WMI repository:
Mofcomp “%systemdrive%\Program Files\Microsoft System Center 2016\Virtual Machine Manager\setup\scvmmswitchportsettings.mof”
Mofcomp “%systemdrive%\Program Files\Microsoft System Center 2016\Virtual Machine Manager\DHCPServerExtension\VMMDHCPSvr.mof”
Second customer that had similar switch management problem wasn’t on the latest Update Rollup for SCVMM and so we decided to first update SCVMM server and host management agents. This steps resolved their problem since agent update re-registered mof files.
One more blog post, related to SCVMM switch management that resembles closely to what I have seen (Hardware management error, Unknown error 0x8033801a, Check that WinRM is installed…): Logical\Standard Switch Deployment Failures in System Center Virtual Machine Manager 2016 (UR 6).
AaronLocker – automate AppLocker configuration
AppLocker is application whitelisting security feature that became available in Windows 7 and Windows Server 2008 R2. With Windows 10 and Windows Server 2016 Microsoft decided to rebrand it to Windows Defender Application Control or WDAC for short. Other than rebranding it, AppLocker didn’t receive any major improvements. In most of the management tools you will still find it under AppLocker name.
If you want to learn more about it, I would recommend you to check out official documentation.
If you or your company is using Windows Enterprise or Education client operating system, then you should look at setting up AppLocker. The implementation itself doesn’t take much time but it can drastically improve overall security of Windows environment. In Windows 10 and Windows Server 2016 AppLocker represents one part of multi-layer defense strategy.
To ease the implementation, Aaron Margosis put together set of PowerShell scripts including detailed documentation called AaronLocker. What AaronLocker helps you do is automate most of the tasks needed to implement and maintain AppLocker.
Few of the nice to have features are:
– Selective scan of any folder and subfolders with rule merge
– Additional rules for domain-joined PCs
– Find user writable paths and set exclusions
– Exclude sensitive build-in Windows programs, that are rarely used by non-admins
– Policy report in Excel
– Audit and Enforce policy
– Audit/Enforce summary reporting from AppLocker Logs in Event Viewer
– Reporting supports forwarded events with Event Forwarding (How-to in the documentation)
– Detailed documentation including how to implement Pilot / Broad / Production phases
You can learn more about AaronLocker from the documentation available on the GitHub portal. If you prefer or like video content, you can also check two YouTube videos, first one introducing the solution and second one quick start.
SloWUG – 2019.02 – Pohitrimo nadzor Windows okolja s SCCM
On 13th of February I was presenting at Slovenian Windows Users Group (SloWUG) in Ljubljana. We looked at different SCCM features, some fully released, some in preview in latest stable build (1810) and some in preview in preview builds. Focus of the presentation was on the features administrators can use, to decrease time of their daily work and at the same time improve existing procedures.
Attached to this post you can find link to my presentation.
After short discussion with attendees, I plan to do another SCCM-related presentation, this time focusing on SCCM maintenance and WSUS.
Going down the IT rabbit hole 