Custom Configuration of "System Center Endpoint Protection" for Macs

Many organisations have started using "Microsoft System Center Endpoint Protection (SCEP)" on their macs and replacing other antivirus (like, Symantec, TrendMicro, AVG and others) from it.

If i talk about Microsoft SCEP, it is basically a part of SCCM and it is managed by SCCM itself, it also works fine on macs without any problem and it can be installed on enterprise macs but its has many limitations. So according to me, you should test it, analyze it and check its all limitations and then consider it for your enterprise environment.

I am going to discuss about it in more details below with manual configuration which you can do when you plan to have it in your environment.

DFS Replication State Codes

Sometimes it is really important to know health status of all replication groups. If there is any problem in the DFS replication, this is the first step to perform to check the state of replication groups of each server.

Lets say, you have two file servers in your office, FS001 and FS002 and has many DFS replication groups in your DFS management. On a particular group, files and folders are replication from FS001 to FS002, but not replicating from FS002 to FS001. It seems that there is some problem with the replication from FS002 to FS001. Best way is to run the below mentioned command on both servers.

SCCM 2012 R2 Client Push Installation Error 53

If you have pushed the SCCM clients on workstations from Configuration Manager Console and few of them are not showing active. Go to Monitoring > Overview (Left Pane) > Client Status > Production Client Deployment.
You will the graph under "Client Deployment Failure Detail". Click on the graph to see the workstation names on which SCCM client is not installed.
Select any workstation, there would be a status window underneath of it. In summary tab, come in the last and see the error. Example of the common error which comes mostly.

Few below things and it would be solved for you.
- Check firewall, if it is enable then check SCCM inbound and outbound connections.
- Check its name resolution. If need, fix its Host and PTR record.
- Check "Server Service" on client. It should be started.
- Check "Remote Registry Service" on client. It should not be disabled. Enabled and started.

Operation not permitted "NSPOSIXERRORDOMAIN 1" on Safari

It started happen all of sudden that you are not able to access very specific things on intranet and internet on safari but things work normally on other browsers like Chrome and Firefox.

Solution:

Just check if you are able access them in Safari Private Window.

If yes, then your mac has something installed which is preventing safari to communicate with intranet and internet things.

Run this command in terminal and check its output.

kextstat -kl | awk ' !/apple/ { print $6 } '

My output was:

So, i tried to uninstall the things which were very less critical. Like uninstalled Virtual box and it fixed the issue. In your case, there could be some other thing which could fix it after uninstalling it.

Failed to get dp locations as the expected version from mp. error 0x87d00215

Unable to push SCCM client on workstations and servers. When checked log file (C:\Windows\ccmsetup\Logs\ccmsetup.log) i was getting error "Failed to get dp locations as the expected version from mp. error 0x87d00215"

Here are the things which i did to fix it.

- SCCM server as an local administrator.
- Boundary and Boundary group.
- Distribution Point status.
- Client installation files permission.
- Reinstall MP.
- Reinstall DP.

Here is the explanation of each point.

Folder showing 24-Jan-1984 date and greyed out as well

Sometimes it happens that when you will mount any network folder or your local folder. You will see some folder which will be greyed out, non accessible and modified date would be 24-Jan-1984. It will look like as per the below screenshot.

Restore file from VSS (Previous Version) by powershell

Sometimes it really gets too much frustrating when you restore any folder or files from VSS (Previous Version) and you get an error prompt about Source path too long / large destination path / long file name issue. Error screenshot below.

In this situation, we lost our all hope to get the files restored. But with the help of power shell we can do that and we can restore files without any issue.

Powershell Win32_Classes Error : Invalid Class

Many times you have seen this error when you try to use classes in Get-WMIObject and get error "invalid class" as attached below.

And you will many thing to troubleshoot it and sometimes you will be messed up with your operating system. Here is the solution which i use always and it works for me.

Airtel huawei E3372 datacard fix for OS X EL Capitan 10.11

In my organisation we have Airtel 4G dongles which we assign to our users so that they work from home too. But these dongles were showing some problem after upgrade to new OS X El Capitan. After a deep research, drivers were not compatible and Airtel didn't have new drivers for OS X 10.11.

So here is the way to fix it and make it compatible device for OS X 10.11.

Installation

Go to Huawei Support Site (consumer.huawei.com).

Click on Support and Search for your device model. In my case, i searched for E3372.

Click on Your Device image and Click on Update on left bottom corner.

Download "Stick Mobile Partner(for MAC10.11)"

Extract it and Install it. (No rocket science in it.)

Get the list of non-inherited folders

As i work on network share permissions, sometimes i get over burden when i get a such request to give permission on a folder which have lots of non-inherited sub-folders. So in that you should have a list or information of all sub-folders which have their own individual permissions and not inheriting from their parent folder.

So to reduce my burden i wrote a script which gives me a list of all folder which have not inheriting from their parent folder.

I kept one thing under consideration while writing it. When we disable inheritance from any folder we keep Administrator with Full Control to manage the folders. You can make the change if you use any other group or service account for the same.

Script

Macbook gets log out after when it is not in use

If your Macbook or Macmini or iMac gets logout when it is not in use or it is inactive for some duration. Below are the settings to get rid from this.

From Clients

Go to System Preferences > Security & Privacy > General > Advanced... (right bottom corner)
Uncheck "Log Out After"

From Profile Manager

LiveUpdate Stopped Working on SEPM with return code = 2

I came to know that our SEPM server was not updated for last 7 days and showing old virus definition version on home screen. I did some normal stuff to update SEPM but none of them helped. Every time i try to update it i was getting error messages as per below attached screenshot.

While troubleshooting, i found that LUALL.exe is not available and LiveUpdate is also not showing in "Programs And Features" in control panel. And Return Code = 2 is also saying about Live Update. So after more dig in it, i fixed it, below i am going to share all steps which i performed.

Microsoft lync keychain password pop-ups

Issue reported with fix Here and Here.

This issue is old and have been posted on many blogs, but i faced this issue first time with some of my users, not one or two. So i decided to create a script and made it available for users to use it if they are experiencing this problem.

Scrip:

Macbook doesn't sleep after upgrade to El Capitan

After upgrade my macbook to El Capitan (10.11.3) from Yosemite 10.10.5. I was experiencing as issue that my macbook doesn't go to sleep mode even after close the lid. It keeps doing some processing and drained my full battery.

Cause : While doing upgrade, some permission on "com.apple.PowerManagement.plist" gets corrupted and macbook/macmini starts behaving abnormally.

Solution : Here we have two solutions.

1) You can set "SleepDisable" boolean value to "NO" by below mentioned command.

sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.PowerManagement.plist SystemPowerSettings -dict SleepDisabled -bool NO

If you want to undo this settings, then use this command.

sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.PowerManagement.plist SystemPowerSettings -dict SleepDisabled -bool YES

2) Delete "com.apple.PowerManagement.plist".
> Open Terminal
> Sudo rm -rf /Library/Preferences/SystemConfiguration/com.apple.PowerManagement.plist
> Reboot your mac.

Thankyou

Storage issue due to deduplication

So this time, i was little occupied with some issue related to file services where i was running out of space on a SAN volume. After troubleshoot a lot, i found some useful info about DeDuplication problems. So i am going to explain each and every stuff about his issue. Might be it can help you in your environment if in case you run in to the same problem.

Information about Servers and Folder :

I have two server FS01 and FS02.

Each server has 3 SAN Volumes. (E.g. Users, Public, Work)

Three DFS Namespaces \mydoamin.net\Users\India, \mydoamin.net\Users\Public and \mydoamin.net\Users\Work

Deduplication is enabled on all three volumes.
All users hits FS02 to access Public drive, FS01 Public is just for backup.

Keychain Issue After Password Change

If you have a mixed environment in your organisation where you have macs and windows systems and authentication is from active directory. You could have seen this problem many times that if a user has mac and windows system both and he/she changes his password on windows system, user starts facing lots of problem on his mac systems. Like, keychain pop-up which asks to enter old password again and again. User is not able to access network resources and network drives.

So, here is the solution.

Create Parallels 11 package for mass deployment

In my environment, i had a task in which i need to install parallels 11 on 150 macbooks. Which was really a pain for me to download or copy the setup of it on every macbook and install it. After dig out a little i found some help from Parallels and able to make its package which i used by IBM Endpoint Manager to schedule a deployment on all macbooks.

So i am going to share each any every step which i used to complete this task.

Schedule Backup of DeployStudio Custom Scripts and Workflows by launchd

Many time we have been faced this issue when we want to schedule any task on our mac servers. There is one inbuilt tool crontab but it doesn't work as per our expectations. So its better to use launchd to schedule tasks, it perfectly works in all scenarios. I have explained a simple task below which i used to take backup of DeployStudio server scripts and workflows and save them on a remote location.

Verify & Repair Permissions - El Capitan

As you all know, Apple has removed this feature in new OS X El Capitan. But if you have Macbooks or Macmini in your office and using them on enterprise level infrastructure. It could be a bad news for you because in many cases and troubleshooting we use "Repair Disk Permissions".

There is no need to feel sad because it is still possible by command line.

So open up your Terminal.app and use below mentioned commands to Verify and Repair Disk Permissions.

To Verify, Please use the below mentioned code.

sudo /usr/libexec/repair_packages --verify --standard-pkgs /

To Repair, Please use the below mentioned code.

sudo /usr/libexec/repair_packages --repair --standard-pkgs --volume /

Office 2016 Security Update 15.17.0

There are lot of fixes have been released in this security update of Office 2016. In older version on which i experienced lot of issues was 15.13.1, it had many issues after upgrade my system to El Capitan 10.11.2 from 10.11. So it was minor update but it messed up office version.

Issues which i experienced are mentioned below.

1. SSO error while activating Office 2016.
2. All MS apps where getting crashed while launching them.