ConfigMgr Frontline

Ran across some Windows 7 systems that were not getting updates. I started down the normal troubleshooting path by looking at various logs. The logs mostly looked good. However, the datatransferservice.log was lit up like a Christmas tree! The log was full of all kinds of HTTP errors but these two stood out: WINHTTP_CALLBACK_STATUS_SECURE_FAILURE WINHTTP_CALLBACK_STATUS_FLAG_SECURITY_CHANNEL_ERROR After researching a bunch of IIS sites including this one , I finally narrowed it down to something with TLS. Turns out they had disabled TLS 1.0 on the MP but the client (Windows 7 SP1) did not support TLS 1.2. In order for a Windows 7 client to support TLS 1.2, you have to upgrade .NET and apply KB3140245 . This patch appears to be standalone and not part of any other cumulative. It can be found in the Microsoft Catalog . After installing the patch and rebooting, the client was then able to communicate with the MP and get the patches it needed. Good luck!

Happy Monday, fellow ConfigMgr administrators! I ran across a pretty difficult Task Sequence last week that had me scratching my head. It involved a pretty complex Task Sequence that contained over 50 applications. The Task Sequence would fail within 5 seconds upon launch from the Software Center with an message of  “The software could not be found on any servers at this time.” No error code was given. I ended up removing all the apps from the TS and adding them back one at a time. Many of the applications had at least one supersedence, dependencies and dependency chaining. It turned out there was one particular superseded application that  was missing its content!! Yeah, that would do it. Unfortunately, ConfigMgr did not log what application or package ID had its content missing so it was a crap shoot trying to find it.  I really feel like there should have been a log somewhere that gave this information. This is the only log info...