SCCM WQL Collection to Create systems ending with S or R in Computer Name
select SMS_R_System.ResourceId, SMS_R_System.ResourceType, SMS_R_System.Name, SMS_R_System.SMSUniqueIdentifier, SMS_R_System.ResourceDomainORWorkgroup, SMS_R_System.Client from SMS_R_System where SMS_R_System.Name like "_____________E" or SMS_R_System.Name like "_____________R"
Each _ is treated as one character… So you can replace whereever you want with your target name based like … "______E______E
Security scan for a common PC
@echo 0ff
mkdir output
@echo on@echo **************************************************
@echo Tools are currently in progress of gathering System Info@echo **************************************************
@echo off
tools\reg.exe query HKLM\Software\Microsoft\Windows\CurrentVersion\Run /S > output\startup.txt
tools\reg.exe query HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall /S > output\uninstall.txt
tools\tasklist.exe /v > output\tasklist.txt
tools\psinfo.exe -d -s -h > output\psinfo.txt
tools\fport.exe > output\fport.txt
tools\ps.exe -ealW > output\ps.txt
tools\netstat.exe -a -b -v > output\netstat.txt
tools\listdlls.exe > output\listdlls.txt
tools\srvinfo.exe > output\srvinfo.txt
tools\dumpel.exe -t -l system -f output\syslog.txt
tools\dumpel.exe -t -l application -f output\applog.txt
tools\dumpel.exe -t -l security -f output\seclog.txt
tools\handle.exe -a > output\handle.txt
tools\ipconfig.exe /all > output\ipconfig.txt
tools\sysinspector.exe /silent /gen=output\sysinspector.
tools\rar.exe a output output
rmdir /q /s output
cls
@echo on@echo ****************************************************
@echo All Tools have been Run Successfully
@echo Please attach file output.rar to an email and send to Security Team
@echo Send Attachment to to Security Team Email:
@echo *****************************************************
@echo off
pause
Today I found KMS related article in this book step by step
Deploying Windows® 7 Essential Guidance from the Windows 7 Resource Kit and TechNet Magazine
Microsoft’s eBook Deploying Windows® 7 Essential Guidance from the Windows 7 Resource Kit and TechNet Magazine combine selected chapters written by industry experts Mitch Tulloch, Tony Northrup, Jerry Honeycutt, Ed Wilson, and the Windows 7 Team with select Windows 7 articles from TechNet Magazine. Sample topics include: Deployment Platform, Planning Deployment, Testing Application Compatability, and 8 Common Issues in Windows 7 Migrations.
IT Management HUB is Live on TechNet
The new Microsoft TechNet IT Management Community Hub is ready for you to participate. Connect, find resources, and get the information you need. Check out webcasts and podcasts from industry leaders, blogs by subject matter experts, community forums and more. And that’s just the beginning.
Tune in to the IT Manager Solution Blueprints and Webcasts
Tune in to the Platform Solution Blueprints webcast and podcast series each month to learn how these blueprints fit into the Microsoft platform and how a platform approach turns tactical decisions into long-term, strategic plans.
TechNet Flash Newsletter: Spotlight on IT Management
Register for the bi-monthly TechNet Flash newsletter to keep an eye on updates to the IT Management section for relevant activities, announcements, downloads, webcasts, podcasts, and events.
Download the Book from http://www.microsoft.com/en-us/download/details.aspx?id=12616
It’s free from MS
BCDboot.exe Provides initialization of the boot configuration data (BCD) store, and it enables you to copy boot environment files to the system partition during image deployment.
Bootsect.exe Updates the master boot code for hard disk partitions to alternate between
BOOTMGR and NTLDR. This will enables you to preinstall Windows 7 from Windows XP.
DiskPart.exe A text-mode command interpreter in Windows 7 that enables you to manage disks, partitions, or volumes by using scripts or direct input at a command prompt.
Drvload.exe A command-line tool for adding out-of-the-box drivers to a booted Windows PE image. It takes one or more driver .inf files as inputs.
Oscdimg.exe A command line tool for creating an image (.iso) file of a customized 32-bit or 64-bit version of Windows PE. You can burn the .iso file to a CD-ROM.
Dism.exe A command-line tool that can create or do service and modify a Windows PE 3.0 or Windows 7 image.
ImageX.exe A command-line tool that enables you to capture, modify, and apply file-based disk images for rapid deployment. It can also work with other technologies that use .wim files, such as Setup for Windows 7 and Windows Deployment Services.
Winpeshl.ini The default interface for Windows PE is a command prompt. You can
customize Winpeshl.ini to run our own shell application.
Wpeinit.exe A command-line tool that initializes Windows PE every time it boots.
Wpeinit replaced the initialization function previously supported by the Factory.exe -winpe
command earlier versions of Windows PE.
Wpeutil.exe a tool that enables you to run various commands in a
Windows PE session
What is a refresh Computer in Deployment?
Refresh Computer: The Refresh Computer scenario is similar to the New Computer scenario. The differences are that the destination computer contains a Windows operating system, and this scenario preserves users’ existing files and settings as shown below :
What tool is used to embed Office 2013 App-V licensing into a manifest?
Integrator.exe
True or False: Remote Desktop Services support with Office 365 Subscription Licensing is only available with Office 365 ProPlus.
| Click-To-Run |
|
|
| Software-as-a-Service from Portal | On-Premise Software “Service” | Traditional Packaged Software |
| Office 365 Portal, deploy in OS image, stand-alone, or via ESD (SCCM).. You can do it from GPO Control also.. | Deploy via App-V Server, in OS image, stand-alone, or ESD (SCCM) | Deploy, in OS image, stand-alone or via ESD (SCCM) |
| “Always Up-to-Date” or Admin Controlled Updates | Admin Controlled Updates by Monthly from Admin one click to Update | Service Pack and Updates (via MU/WSUS) or from SCCM 2012 |
| Basic Install-Time Controls, GPO | Basic Install-Time Controls, GPO | Granular Install-Time Control (OCT), GPO |
| Customizations via GPO’s and add-ins | Customization with App-V deployment configuration, GP, and add-ins | Customizations via OCT, GP, Config.xml, and add-ins |
| Component | Folder Path | SCAN / Exclude |
| NTDS Logs | D:\NTDS-LOGS | Exclude |
| NTDS Database | E:\NTDS-DB | Exclude |
| FRS | %SystemRoot%\NTFRS\Jet %SystemRoot%\NTFRS\Jet\logs %SystemRoot%\NTFRS\Jet\Sys | Exclude |
| DFSR | %SystemDrive%\System Volume Information\DFSR <replicated folder path>\dfsrprivate | Exclude |
| SYSVOL | E:\Sysvol E:\sysvol\staging E:\sysvol\staging areas E:\sysvol\sysvol E:\sysvol\domain\DO_NOT_REMOVE_NtFrs_PreInstall_Directory | Exclude |
| E:\sysvol\domain E:\sysvol\domain\Policies E:\sysvol\domain\Scripts | Scan | |
| DNS | %SystemRoot%\System32\DNS | Exclude |
| DHCP | %SystemRoot%\System32\DHCP | Exclude |
By default 1E Nomad logs are stored in directory %programdata%\1E.
Below is a folder structure for NomadBranch and PXELite.
If not found there, there is a chance they are moved to same location as SCCM logs described above.
| Log name | Description | Computer with log file |
| Logfiles\NomadBranch.log | Shows activity when clients are downloading data from Distribution Point | Site system server |
| Logfiles\NomadBranchAdminUI.log | Logs when Nomad properties on packages are changed from SCCM console | Site server |
| PXELite\WebService.log | Shows validation questions from remote PXE Lite clients | Site server |
| Log name | Description | Computer with log file | ||
| adctrl.log | Records enrollment processing activity. | Site server | ||
| ADForestDisc.log | Records Active Directory Forest Discovery actions. | Site server | ||
| ADService.log | Records account creation and security group details in Active Directory. | Site server | ||
| adsgdis.log | Records Active Directory Group Discovery actions. | Site server | ||
| adsysdis.log | Records Active Directory System Discovery actions. | Site server | ||
| adusrdis.log | Records Active Directory User Discovery actions. | Site server | ||
| ccm.log | Records client push installation activities. | Site server | ||
| CertMgr.log | Records the certificate activities for intra-site communications. | Site system server | ||
| chmgr.log | Records activities of the client health manager. | Site server | ||
| Cidm.log | Records changes to the client settings by the Client Install Data Manager (CIDM). | Site server | ||
| colleval.log | Records details about when collections are created, changed, and deleted by the Collection Evaluator. | Site server | ||
| compmon.log | Records the status of component threads monitored for the site server. | Site system server | ||
| compsumm.log | Records Component Status Summarizer tasks. | Site server | ||
| ComRegSetup.log | Records the initial installation of COM registration results for a site server. | Site system server | ||
| dataldr.log | Records information about the processing of Management Information Format (MIF) files and hardware inventory in the Configuration Manager database. | Site Server | ||
| ddm.log | Records activities of the discovery data manager. | Site server | ||
| despool.log | Records incoming site-to-site communication transfers. | Site server | ||
| distmgr.log | Records details about package creation, compression, delta replication, and information updates. | Site server | ||
| EPCtrlMgr.log | Records information about the synchronization of malware threat information from the Endpoint Protection site system role server into the Configuration Manager database. | Site server | ||
| EPMgr.log | Records the status of the Endpoint Protection site system role. | Site system server | ||
| EPSetup.log | Provides information about the installation of the Endpoint Protection site system role. | Site system server | ||
| EnrollSrv.log | Records activities of the enrollment service process. | Site system server | ||
| EnrollWeb.log | Records activities of the enrollment website process. | Site system server | ||
| fspmgr.log | Records activities of the fallback status point site system role. | Site system server | ||
| hman.log | Records information about site configuration changes, and the publishing of site information in Active Directory Domain Services. | Site server | ||
| Inboxast.log | Records the files that are moved from the management point to the corresponding INBOXES folder on the site server. | Site server | ||
| inboxmgr.log | Records file transfer activities between inbox folders. | Site server | ||
| inboxmon.log | Records the processing of inbox files and performance counter updates. | Site server | ||
| invproc.log | Records the forwarding of MIF files from a secondary site to its parent site. | Site server | ||
| migmctrl.log | Records information for Migration actions involving migration jobs, shared distribution points, and distribution point upgrades. | The top-level site in the System Center 2012 Configuration Manager hierarchy, and each child primary site
| ||
| mpcontrol.log | Records the registration of the management point with WINS. Records the availability of the management point every 10 minutes. | Site system server | ||
| mpfdm.log | Records the actions of the management point component that moves client files to the corresponding INBOXES folder on the site server. | Site system server | ||
| mpMSI.log | Records details of about the management point installation. | Site server | ||
| MPSetup.log | Records the management point installation wrapper process. | Site server | ||
| netdisc.log | Records Network Discovery actions. | Site server | ||
| ntsvrdis.log | Records the discovery activity of site system servers. | Site server | ||
| Objreplmgr | Records the processing of object change notifications for replication. | Site server | ||
| offermgr.log | Records advertisement updates. | Site server | ||
| offersum.log | Records the summarization of deployment status messages. | Site server | ||
| OfflineServicingMgr.log | Records the activities of applying updates to operating system image files. | Site server | ||
| outboxmon.log | Records the processing of outbox files and performance counter updates. | Site server | ||
| PatchDownloader.log | Records details about the process of downloading software updates from the update source to the download destination on the site server. | The computer hosting the Configuration Manager console from which downloads are initiated | ||
| PerfSetup.log | Records the results of the installation of performance counters. | Site system server | ||
| PkgXferMgr.log | Records the actions of the SMS Executive component that is responsible for sending content from a primary site to a remote distribution point. | Site server | ||
| policypv.log | Records updates to the client policies to reflect changes to client settings or deployments. | Primary site server | ||
| rcmctrl.log | Records the activities of database replication between sites in the hierarchy. | Site server | ||
| replmgr.log | Records the replication of files between the site server components and the Scheduler component. | Site server | ||
| ResourceExplorer.log | Records errors, warnings, and information about running the Resource Explorer. | The computer that runs the Configuration Manager console | ||
| ruleengine.log | Records details about automatic deployment rules for the identification, content download, and software update group and deployment creation. | Site server | ||
| schedule.log | Records details about site-to-site job and file replication. | Site server | ||
| sender.log | Records the files that transfer by file-based replication between sites. | Site server | ||
| sinvproc.log | Records information about the processing of software inventory data to the site database. | Site server | ||
| sitecomp.log | Records details about the maintenance of the installed site components on all site system servers in the site. | Site server | ||
| sitectrl.log | Records site setting changes made to site control objects in the database. | Site server | ||
| sitestat.log | Records the availability and disk space monitoring process of all site systems. | Site server | ||
| SmsAdminUI.log | Records Configuration Manager console activity. | The computer that runs the Configuration Manager console | ||
| SMSAWEBSVCSetup.log | Records the installation activities of the Application Catalog web service. | Site system server | ||
| smsbkup.log | Records output from the site backup process. | Site server | ||
| smsdbmon.log | Records database changes. | Site server | ||
| SMSENROLLSRVSetup.log | Records the installation activities of the enrollment web service. | Site system server | ||
| SMSENROLLWEBSetup.log | Records the installation activities of the enrollment website. | Site system server | ||
| smsexec.log | Records the processing of all site server component threads. | Site server or site system server | ||
| SMSFSPSetup.log | Records messages generated by the installation of a fallback status point. | Site system server | ||
| SMSPORTALWEBSetup.log | Records the installation activities of the Application Catalog website. | Site system server | ||
| SMSProv.log | Records WMI provider access to the site database. | Computer with the SMS Provider | ||
| srsrpMSI.log | Records detailed results of the reporting point installation process from the MSI output. | Site system server | ||
| srsrpsetup.log | Records results of the reporting point installation process. | Site system server | ||
| statesys.log | Records the processing of state system messages. | Site server | ||
| statmgr.log | Records the writing of all status messages to the database. | Site server | ||
| swmproc.log | Records the processing of metering files and settings. | Site server | ||
| WCM.log | Records details about the software update point configuration and connections to the Windows Server Update Services (WSUS) server for subscribed update categories, classifications, and languages. | Site server that connects to the Windows Server Update Services (WSUS) server | ||
| WSUSCtrl.log | Records details about the configuration, database connectivity, and health of the WSUS server for the site. | Site system server | ||
| wsyncmgr.log | Records details about the software updates synchronization process. | Site system server | ||
| WUSSyncXML.log | Records details about the Inventory Tool for the Microsoft Updates synchronization process. | The client computer configured as the synchronization host for the Inventory Tool for Microsoft Updates. |