SCUP 2011 and File Digest errors

This one has been bugging be for quite some time...

Sometimes, when you've published an update from SCUP to WSUS as metadata only, it fails to publish the full content later and gives an error of "incorrect file digest".
What's going on here?
This is where the publisher has created an updated binary for the same release, but not updated the Origin File Digest in the metadata.
When SCUP imports a update, it stores a SHA-1 Base64 hash of the file which is held in the SCUP database. When you go to publish "full content", it compares the hash of the downloaded file with that in the database. When the don't match, you get the file digest error.
Ultimately, this is a mistake on the part of the vendor, but they're pretty inconsistent at fixing them (Dell being a particular offender).

So how do we fix it to get that critical update out?

Download the binary directly from the vendorGet the SHA-1 Base64 encoded of the file (I used a cop…

Repairing non-booting Windows 2012 R2 and others

If you're stuck in a "Preparing Automatic Repair" boot loop that always takes you back to the blue screen of unhelpful menu options:

Disable Automatic repair

Get to the recovery command prompt

bcdedit /enum

Get the name of the Windows entry (likely to be {default}

bcdedit /set {default} recoveryenabled No


Now instead of getting into the loop of a failing repair it'll show you the real problem that it's failing to fix. This is likely to be a corrupt file. In my case it was c:\windows\system32\drivers\cng.sys which I copied from a working server that was at the same patch level.

All things WSUS

A variety of fun things that have dug me out of multiple WSUS related holes

Cleaning Unused Updates Getting reset server node is pretty common with this, so spin up SQL Management Studio and run:

Windows has no updates from WSUS Had this after creating a new VM from a fully patched VHDX. Updates from WSUS would only work after checking against Microsoft Update first.
1. Stop Windows Update Service 2. Delete contents of c:\windows\softwaredistribution 3. Check for Updates against WSUS again

DFS "Waiting for Initial Replication"

Taken directly from Technet Forum post by scorprio_milo. Pop along and give them an up vote!

You may encounter the error message "waiting for initial replication" when no primary member is currently specified on the DFS Replication. This DFS member is waiting for initial replication for replicated share folder Public and is not currently participating in replication. This delay can occur because the member is waiting for the DFS Replication service to retrieve replication settings from Active Directory. After the member detects that it is part of replication group, the member will begin initial replication.  Besides, there is also possiblity that DFS servers cannot contact domain controller which could result in the issue.

1. Please first verify that all the target folder of Public folder is enabled.  

2. Please use Dfsradmin to set the primary member in the situation where there is an existing replication group that is waiting for initial replication and no primary member is s…

VAMT not discovering Windows 10 machines

There's currently a bug in VAMT 3.1 that prevents it finding Windows 10 machines in AD.
Quick fix for now:

Change search settings to LDAPAdd this as the query  LDAP://,DC=com??sub?(&(objectClass=computer))Search and there are your Windows 10 machines

Things I'm bound to forget: Error importing drivers into SCCM 2012 SP1

Massively helpful post here as to why I couldn't import drivers into SCCM from a de-duped drive.

Things I'm bound to forget: Error importing drivers into SCCM 2012 SP1:

ARR, Caching and Ajaxtoolkit files

A fun little episode today.
We're moving a website that uses Ajaxtoolkit to an ARR based web farm.
One of the pages would show OK the first time and then subsequent calls would show the code from common.js.
We had no idea what common.js was.We could see files in ARR's cache and the page worked fine when not going via ARR, but had no idea what was going on.Changing ARR's cache to "do not cache" for query strings made it go away, but that didn't really satisfy me as to why it was happening.Changing to "Include query string" was the eye opener. This put three entries in the cache for the file scriptresource.axd each with a unique query string.Any subsequent calls to the page worked perfectly.Further reading revealed these files are generated at runtime so when the default of "ignore query string" was turned on, a single file was generated and cached when the page actually required the different versions to work.I won't pretend to understa…