ConfigMgr 2012 SP1 is a massive upgrade that includes many
new features and subtle changes
Support for Windows Server 2012 , Windows 8 and SQL Server 2012 SP1.
Clients are now supported on Mac computers, and on Linux and UNIX
Windows PowerShell cmdlets are available to automate Configuration
Expand a stand-alone primary site into a hierarchy that includes a new
central administration site, and the migration of a Configuration
Manager SP1 hierarchy to another Configuration Manager SP1 hierarchy.
Support for multiple software update points for a site to provide
automatic redundancy for clients in the same way as you can configure
multiple management points.
Client notification to initiate some client operations from the
Configuration Manager console.
Support for virtual environments that allow multiple virtual applications
to share file system and registry information instead of running in an
Email alert subscriptions are now supported for all features, not just
First, make sure you review the official KB and the
documents linked there: 2801416.
Here’s a list of things to download:
• The ADK is pretty big – 2.5GB big – so it may take a while to download.
• Latest supported SQL Server SP
• Latest supported SQL Server CU for the latest SP
• WMF 3.0
• Latest WSUS 3.0 SP2 hotfix 2734608 - Note that this hotfix includes 2720211.
• ConfigMgr SP1 installation files from the media (make sure you downloaded the media after
January 25, 2013)
Download the ConfigMgr 2012 SP1 pre-requisite files using setupdl.exe from the install media
and replicate these to all site servers also for use during setup.
1. Backup your SUSDB
2. Backup your System Center Configuration Manager DB
Note that with 2012, a normal SQL Server DB backup is sufficient for restoring a ConfigMgr
site. The only major difference between a SQL Backup and the site maintenance task is the
use of the afterbackup.bat process to initiate additional backup processing. Note that
inboxes are discarded for both methods.
3. Upgrade SQL Server to the latest supported SP and Cumulative
4. Resolve any major issues identified in the site status or component
5. Install the latest Windows stability and security updates.
6. Backup ---> Again ?
In addition to your normal backup location, make an extra copy particularly if you
are using the built-in task where it overwrites the backup every time. If you don’t
and you have an issue, the backup task may overwrite the known good DB and
you’ll be toast.
7. Restore a copy of the DB to a test server and test the DB upgrade
process using the /TESTDBUPGRADE option.
8. Uninstall WAIK and install the ADK.
9. Install WMF 3.0
WMF 3.0 will break your RTM Management Point (MP), so plan on doing this shortly
before the actual upgrade. Installing WMF 3.0 usually requires a reboot also.
10. Disable your anti-virus product.
11. Disable the “Delete Aged Client Operations site maintenance task” on
12. Uninstall PCM
• Ensure hotfix KB2734608 is installed on your WSUS 3.0 SP2 SUP
(Note: Windows Server 2012 includes WSUS 4.0 so this hotfix is not
• SUP on a remote server ? Install the hotfix on the site server as well
since it has the WSUS admin console installed. This will only present
a warning if it’s not installed (it actually states KB2720211, but
KB2734608 includes KB2720211)
• However, if you upgrade to SP1 without this WSUS hotfix, your SUP
will not function properly after the upgrade! Therefore it is highly
recommended you install the WSUS hotfix(es) before continuing.
• Additionally, if you have your 2012 hierarchy connected to your 2007
hierarchy for migration purposes, you will temporarily need to click the
“Stop Gathering Data” button in the Migration folder in order to install
• When the upgrade is completed, in order to be able to restart the data
gathering, you will need to go back into the Source Hierarchy section of
the Migration folder, select the hierarchy, and click “Configure”.
1. Restart the site servers.
2. Run setup! Follow the wizard.
3. Review the log.
4. Take a break.
Wait up to 30 minutes or so for the site components to re-install (watch the sitecomp.log)
before proceeding any further with any post-install steps. Sometimes there may be
component installation failures or sometimes the re-install of the management point
completes but states that a reboot is required (3010 exit code.)
1. Perform your standard health checks like reviewing replication, site
status, and component status.
2. Perform a backup.
Make sure you don’t overwrite any of the previous backups made during the course of
upgrading the sites – you may still need them.
3. Perform a functionality check.
4. Re-enable the “Delete Aged Client Operations site maintenance task”
on all sites.
5. Simply redeploy the default boot images to your PXE enabled DPs and
look if they were successfully updated.
In general, you should be injecting fewer drivers into your boot images though because they
will hopefully already be built in. Also note of course that older systems (6+ years or so) are
not Win8 (and thus not WinPE 4.0) compatible and neither are some ATOM processors
because of the lack of some processor options. This goes for some versions of VMWare also.
There is currently no supported fix or work-around for this – you have been warned.
6. Deploy the updated client agent.
Use the auto-upgrade process was completely re-designed in 2012 SP1 to handle this for
any size organization (in fact, they used this at Microsoft to upgrade all 250,000+ clients to
7. Review, test, and update Task Sequences
Native task sequences have changed a bit in SP1 but you shouldn’t haven’t any issues with
them after the upgrade; however, if you have anything non-native, like MDT in your task
sequence, then you will have some work ahead of you. Generally, MDT based task sequences
need lots of TLC after the upgrade and many folks just end up recreating them. Also note
that MDT 2012 Update 1 had a minor update also to support SP1 so make sure you have the
That is another reason why I stay away from MDT
8. Track ConfigMgr client and WUA upgrade process.
Using reporting or console queries (not collections).
9. Re-enable your Anti-virus product.
Make sure you have all of the recommended exclusions in place before doing this.
If you are using SCEP, there are templates built-in.
• Software Center
After upgrade to Configuration Manager SP1, the following Software Center items will be
reset to their default values:
• Work information is reset to business hours from 5.00am to 10.00pm Monday to Friday.
• Computer maintenance is reset to Suspend Software Center activities when my
computer is in presentation mode.
• Remote control is set to the value configured by the client settings assigned to the
• Software update summarization schedules
Custom summarization schedules for SU or SU groups are reset to the default value of 1 hour.
After the upgrade completes, reset custom summarization values to the desired frequency.
Post SP1 Hotfixes
• Post SP1 Hotfixes to install
Cumulative Update 1 for SP1
Post CU1 Hotfix - packages getting stuck in “In progress – Waiting
for Content” after updating a package to a distribution point
Gotcha 1 – Built-in collections
• The built-in collections are overwritten in the site database. If you have
customized a built-in collection, create a copy of that collection before you
• This issue occurs because built-in collections are read-only and cannot be
changed in System Center 2012 Configuration Manager SP1.
More details in http://support.microsoft.com/kb/2739984.
• When you use a Configuration Manager console that is of a lower service
pack version than the site you connect to, the console cannot display or
create some objects and information that are available in the new service
• When you use a Configuration Manager console that is of a higher service
pack version than the site you connect to, the connection is blocked.
Hint: If you have many administrators connecting to your hierarchy, the ConfigMgr 2012 admin
console is a prime candidate for virtualization using App-V v5 – which by the way has no more Q:
• Using dynamic ports in SQL? You must change them back to static in
order to successfully install SP1 on your SQL instance (this includes
secondary sites). Configuration Manager does not support dynamic
For more information refer to http://technet.microsoft.com/en-
If you aren’t sure how to configure SQL to listen on a specific TCP/IP port, visit
• Have Secondary sites to upgrade? SQL Server cumulative updates must
be manually installed on secondary sites that use SQL Express.
See http://support.microsoft.com/kb/2688247 for more
information. You must update to SQL 2008 R2 SP1 CU6 or SP2 at
• Visit :
or prepare to suffer from corrupted boot images or setup failure. There are
some additional A/V exclusions that are important to add to insure this
• Using a service account for your “Site System Installation Account”
(rather than the site server’s computer account)?
There is a known issue if you are using an AD account. The evidence that you are experiencing
this issue is your console will have errors on the DP Monitoring stating “Distribution Manager
failed to find or create the defined share or volume on distribution…” Your distmgr.log will say
things like “Failed to set share security on share serverSMSSIG$. Error = 5” (which is access
denied and “Failed to set access security on share SMSSIG$ on server xxx”.
• To resolve this issue, change your site server settings back to use the “site
server’s computer account” to install the site system, and your DP will
• OS Deployments on older hardware may become an issue due to the
fact that SP1 changes from utilizing WAIK (WinPE v3.x) to using ADK
(WinPE v4.0 – Win8/Server 2012).
If a BIOS update does not resolve it, make sure your PC is Windows 8 compatible or the new
WinPE 4 in the ADK will not boot properly. Freezing or blue screens with errors such as
“HAL_INITIALIZATION_FAILED”, and “UNSUPPORTED_PROCESSOR” along with a 0x0000005D
are the more common symptoms of this.
More importantly, see this blog posting on how to collect NX, PAE, and SSE2 supportability
information from your [PowerShell execution capable] clients at
• VMware’s vSphere 4 doesn’t and will not support running Windows 8 and
Windows Server 2012
• Solution : Upgrade your vSphere environment to version 5.1 Hyper-V
• Capturing images with ConfigMgr 2012 SP1, 8dot3name creation is
disabled on all volumes. They changed the default behavior of the
formatting tools in Windows 8. (ADK).
• In some environments, certain applications do not work properly. (Almost
all Legacy XP Apps that work on Win7).
To manually enable 8.3 naming after formatting, you can use fsutil.exe from the command
line: fsutil 8dot3name set x: 0 (where x: is the drive letter to enable 8.3 naming on)
More info at : http://scug.be/sccm/2013/01/15/configmgr-2012-sp1-the-8dot3name-settings-are-
• After the upgrade was successfully performed , suddenly all applications within my OSD task
sequence start failing :
The task sequence failed to install application Intel Management Engine 22.214.171.1245(ScopeId_67A221E3-
64F0-47D4-AA5A-BB3729EC221F/Application_2071f753-7604-42a5-b6be-b1b45c3c1f0a) for action (Install
HW Driver Applications for HP8540P) in the group () with exit code 615. The operating system reported
error 615: The password provided is too short to meet the policy of your user account. Please choose a
The task sequence failed to install application NVIDIA Quadro/NVS Mobile Drivers
68491516b0e1) for action (Install HW Driver Applications for HP8540P) in the group () with exit code 580.
The operating system reported error 580: An event pair synchronization operation was performed using the
thread specific client/server event pair object, but no event pair object was associated with the thread.
The task sequence failed to install application Synaptics Touch Pad Driver(ScopeId_67A221E3-64F0-47D4-
AA5A-BB3729EC221F/Application_a0628bfc-3f06-4096-a001-c1a6c92675ea) for action (Install HW Driver
Applications for HP8540P) in the group () with exit code 16389. The operating system reported error 2: The
system cannot find the file specified.
• We found a workaround, you have simply to add a comment to each DT and it will update
the content ID. Nevertheless, the change means that a redistribution of your application
on all your DP’s.
• Confirmed with Application Catalog downloads as well. You will see “+++ Did not detect
app deployment type”… in the AppDiscovery.log file. Additionally, the Software Center will
show the error message “Failed”. Clicking on the details will result in “The software change
returned error code 0x87D00607(-2016410105).”
Following the steps above and further discussed at http://scug.be/sccm/2013/01/27/configmgr-
the application will successfully install.
This is also resolved with an upgrade from SCCM 2012 SP1 RTM to SCCM 2012 SP1 CU1
• You get an access denied (hresult of 0×80070005) when downloading the
application content and is clearly denoted in either smsts.log (if the
application install is during a task sequence) or CAS.log.
• This only happens on client systems in untrusted domains (note that
workgroups are essentially untrusted domains); for task sequences, this is
of course the case during a build and capture.
Create a deployment tasksequence that install’s the following hotfix :
For a build and capture task sequence, simply put the hotfix msu into a “classic” package and use a
Software Install task followed by a reboot task before you try to deploy any applications.
• For build and capture task sequences, you should also be specifying the
SMSMP public property in the Setup Windows and ConfigMgr task so
that the MP can be found.
• During a build and capture, the client is in a workgroup and thus has no
way to locate the MP which is needed for Application installs as well as
Software Updates during the task sequence.
Reason : You have the following components running in
your environment :
• McAfee Virus Scan Enterprise (VSE) 8.8 Patch 2
• TrendMicro enterprise scan
• Windows 7 Setup.exe install is not supported (but also VISTA , Windows
Server 2008 / 2008 R2) on ConfigMgr 2012 SP1. With SP1, you need to use
a WIM installation unless you’re installing Windows 8.
• You must add a Set Task Sequence Variable step before the Apply
Operating System step that sets OSDPreserveDriveLetter=False if you
want to have the WIM file on the c: drive
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.