Capturing and deploying error with IE 10

The Product Services team recently started to get a number of cases with users getting the following error during Capturing or Deploying a captured image that contained Internet Explorer 10:

Error:  "Windows could not parse or process unattend answer file [C:\windows\Panther\unattend.xml] for pass [specialize]. A component or setting specified in the answer file does not exist." 

This one has some of us spinning in circles quite a bit. We were able to deduce that it was something in the “Specialize” section of the unattended.xml, but weren’t sure which part was causing the error. 

After some researching and testing, I found that it was due to Internet Explorer 10. There is a component for Internet Explorer in the unattend.xml put in by MDT by default that is no longer a part of Internet Explorer 10. So, in this particular situation, when you go to create the capture or deploy the capture, the above error pops up. The good news is that even if you get the error after you create your capture you can still use that image. What you have to do is edit the Unattend.xml file on your Specops Deploy server in the following path for that particular captured image.

D:\Specops\Deploy\DeploymentRepository\Control\<GUID>\Unattend.xml

Search and remove the Internet Explorer component from the “Specialize” section which will be similar to this:

<component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<IEWelcomeMsg>false</IEWelcomeMsg> < /component>

After you save the unattend.xml file you will need to publish your Deployment Repository. You can use that captured image to successfully deploy now. 

Just keep in mind that this may be one of many errors/solutions to a unattend.xml error that is out here. Some good information on this issue I found on Microsoft’s MDT forum was in this article:

http://social.technet.microsoft.com/Forums/en-US/mdt/thread/c41a2b69-a591-4cd3-86ab-6a0f8a73b858

Happy Deployments!

Heather Pacan, Product Specialist

Solution: manage SCEP without SCCM

Problem:

Bundling Endpoint Protection management in SCCM means you have to accept sub-par antivirus administration if you don’t run SCCM.

Managing SCEP 2012 with group policy?

Forefront Endpoint Protection without SCCM?

Solution:

A desktop management alternative that gives you complete control of FEP/SCEP management.

When our customers explained this problem we decided to solve it. We understand that many companies with less than 1000 users would benefit from a desktop management solution that helps them automate OS upgrades and application installations, and still provides complete management of their antivirus. So, that’s what we developed with the latest version of Specops Deploy.

Click here to find out more about managing SCEP/FEP without SCCM

Aimée Ravacon, Marketing Manager

Troubleshooting Group Policy events

Walking through the basics in troubleshooting anything is a good process to follow. In a previous post I talked about the four areas where you should start your Group Policy troubleshooting:

• Install state of Client Side Extension (CSE)
• GPResult
• Events
• CSE Registrations

Getting a bit deeper into the Events can be super helpful. This post will provide some guidance to navigating Group Policy related events.

There is a very logical organization to Windows events. Understanding the organization is really helpful when troubleshooting Group Policy issues. In the previous post we mentioned Events with IDs 4016 and 5016. They represent the start of a Client Side Extension (CSE) and the Success Events of those CSEs respectively.

That’s good for a specific example. But what about Group Policy service issues? What about errors? Warnings? Information? The following table is taken from a TechNet article on sorting out Group Policy events. Understanding the high level can really speed up the process of figuring out what is the culprit when something goes awry.

Event ID Range	Description
4000–4007	Group Policy start events: These informational events appear in the event log when an instance of Group Policy processing begins.
4016–4299	Component start events: These informational events appear in the event log when a component of Group Policy processing begins the task described in the event.
5000–5299	Component success events: These informational events appear in the event log when a component of Group Policy processing successfully completes the task described in the event.
5300–5999	Informative events: These informational events appear in the event log during the entire instance of Group Policy processing and provide additional information about the current instance.
6000–6007	Group Policy warning events: These warning events appear in the event log when an instance of Group Policy processing completes with errors.
6017–6299	Component warning events: These warning events appear in the event log when a component of Group Policy processing completes the task described in the event with errors.
6300–6999	Informative warning events: These warning events appear in the event log to provide additional information about possible error conditions with the action described in the event.
7000–7007	Group Policy error events: These error events appear in the event log when the instance of Group Policy processing does not complete.
7017–7299	Component error events: These error events appear in the event log when a component of Group Policy processing does not complete the task described in the event.
7300–7999	Informative error events: These error events appear in the event log to provide additional information about the error condition with the action described in the event.
8000–8007	Group Policy success events: These informational events appear in the event log when the instance of Group Policy completes successfully.

The table by itself can be incredibly helpful. Check out the TechNet article mentioned above. Mastering reading Group Policy events can dramatically speed up your troubleshooting efforts.

Kevin Sullivan, Director of Sales Engineering

P.S.

There is an incredible developer at Microsoft who dedicated many of his years to the Group Policy area. His name is Rajive. Rajive took a weekend a few years back and came up with an incredible tool that every Group Policy administrator should have in their tool belt, Group Policy Log View. (Thanks Rajive!) Make sure to go download this free tool from Microsoft. You can find it here. 

Error when exporting from Specops Password Reset Reporting

I recently had a customer with a puzzling problem. My customer would go to the Specops Password Reset Reporting website but when exporting the results into a .csv file he would get a spreadsheet full of HTML code instead of the user statistics that he wanted to see.

After a lot of testing, it seemed that the error occurred only when looking at over 12,000 user objects at one time. The fix up until this point was to adjust the maxStringContentLength Value in the web.config file. But for some reason, we still just got the HTML code in the export. After going through the logs more carefully with my co-worker Kevin and some discussions with R&D we came to the conclusion that maximum size of the file for export was way too small (10MB by default) to export data for over 12,000 user objects.

 

If you run across this error in your environments what you would need to do it this:

Locate the web.config file on your Specops Web Server at c:\Program Files\Specopssoft\Specops Password Reset\Web and open it with notepad. Under wsHttpBinding update both the MaxReceivedMessageSize and the maxStringContentLength values to 100000000. See below:

<wsHttpBinding>

<binding name="wsHttpWindows" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="100000000" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">

<readerQuotas maxDepth="32" maxStringContentLength="100000000" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>

<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/> <security mode="Message"> <message clientCredentialType="Windows" negotiateServiceCredential="true"/>

</security>

</binding>

This will change the maximum file size and the string content length to 100MB which should be plenty for the file for large user exports. After you save the file, restart your IIS service and you should be good to go.

Heather Pacan, Product Specialist

Specops Deploy 4.8 is available

The latest release of this award-winning deployment solution is available for download. The new features include support for configuration and management of Forefront Endpoint Protection in Active Directory and Group Policy, support for App-V 5.0 and other general improvements.

Find out more about Specops Deploy 4.8