To add to the detail of the things you can get from the community. Here is my updated post from MyITForum in 2008. I picked up the torch in 2006 and ended in 2010. Lots of great fixes out there that still work! Just like the Sunshine and Daises. Client Health is really easy now and free!
Below is a listing of features in a reworked version of Dudeworks (Thanks Rob and Brian), 1E, et al. (see bottom for longer list) start up scripts. I recently became aware of Chris Stauffers Client Health Checker v1.2. My script focuses on workstation health, Chris’ focuses on SMS health. It is my hope in 2009 to combine these two if it seems intelligent to do. Hopefully we can have this all together in early 2009. Be great to present and then for everyone to tear apart at MMS… anything is possible.
Workstation Client Health maintenance is a continuous process that must be maintained. The following document gives an overview on how to fix several common workstation issues.
Note: The original Link no longer works. I am actively looking for any version 4.18. CLIFIX_Public_V4_18
CliFix GPO startup script :- Can NO LONGER be downloaded from here http://myitforum.com/cs2/blogs/scassells/Public_SMS_CLIFIX_4.19.vbs.txt
In an effort to reduce the amount of common workstation issues I have developed a script to check and change the following common issues. This script is to be run via GPO startup scripts. This requires the script to work as the system account and have intranet connectivity. Both are accomplished by running as a GPO. Script Requirements
- Script must be in a location where the computers system account has access. Usually on your domain controller ex. \\FQDNDomain\sysvol\ FQDNDomain\
- sc.exe must be present for full successful run.
- Either in the run path
- Note: there are multiple versions floating around in the average environment
- regsvr32.exe needs to be present
- %systemroot%\system32 needs to be in system path
All, unless I missed some, sections of the script can be turned on and off in the top of the script. Please review the script as some features will fail without modification.
Please Review the following CONFIG SETTINGS Variables:
What the Script Does
- Checks to make sure the script has not run in X many hours.
- Example if X = 12 the script will not run again until at least 12 hours after the last occurrence.
- This will prevent a slow down on multiple reboots.
- Sets DCOM permissions to be correct for SMS / SCCM configuration
- Checks to make sure System Path has the 3 required windows paths enabled. (does NOT use WMI or require a restart to change values)
- Also removes %systemroot% from path replacing it with correct full path value
- If one of the 3 paths is missing, it will parse the full path removing duplicates and adding a,b,or c to the beginning of the path statement leaving all else unchanged.
- Check to see if sc.exe exists in the run from directory and if not in the system32 directory
- Checks to see if this script is run on a workstation or server. If a server kills the script
- Checks to make sure the correct local admin group is present (value is set in header of script)
- Checks WMI service to see if it is set to auto and running. If not executes sc.exe to start the service.
- Attempts to connect to WMI object
- If the WMI object connect fails
- Attempt to do a repair (if no previous status is present in the registry and approved via script switches)
- Attempt to do a rebuild (if ‘repair’ status is present in the registry and approved via script switches)
- If both the above have failed then do nothing and report major error
- Checks to see if Admin$ is present, if not forces existence via WMI
- Checks to see if msxml3.dll is registered, if not forces existence via WSH
- Checks to see if Qmgr.dll and qmgrprxy.dll are registered, if not forces existence via WSH
- Checks to see if OLEAut32.dll is registered, if not forces existence via WSH
- Checks to make sure the following services are set to appropriate Status and Mode
- Server Service
- Remote Registry
- Windows Update Services
- Terminal Services
- Windows Installer
- Note: You may want to review the settings for your environment on each of these services. All of the above services are set to default and either Manual or Automatic.
- Check the SMS version
- Checks the CCMExec service
- If SMS is not correct version can be forced to do an install
- Needs Review
- If the all of the above test passed without issue you have a healthy workstation. The following two checks are for SMS.
- Check log file last update time. If the PolicyEvaluator.log file has not been modified in past 14 days do a repair of the client.
- Check client assignment. If no assignment set new site code based on AD boundaries in which the client is present.
- Note: Some people may want to disable this as it relies on AD
- If any fixes above had to be preformed
- Check the advanced client state. Which client policies have enabled.
- Check the cache size
- Send a Client Configuration Request (CCR) to have client installed
- Run CCMSetup from the install share on the server.
Note during this script several forms of reporting, logging, and information submitting have been preformed. The standard methods of reporting are:
- Event log
- Log file in the %temp% directory for the account used to run
- Reporting to a website that submits client status to a SQL table.
- Future WebPost on how to do this
Other verbose methods include:· Two levels of command line reportingo Log to Command lineo Verbose to command line· network share copy
Area’s that need improvement
- Checking the SMS Client
- Install methods for SMS/ConfigMgr Client
- ConfigMgr 2007 specific changes
- WMI fixing / integration with WMIDiag.vbs
- BITS Checking – Correct security
- BITS version correct
· MyITForum Forum: http://www.myitforum.com/forums/tm.asp?m=107044 · 1E: http://www.1e.com · Chris Stauffers soon to be reviewed: http://myitforum.com/cs2/blogs/cstauffer/archive/2008/06/13/client-health-check-script-and-scheduled-task-version-1-1-release.aspx · Brian Mason: Original Author of CliFix · Rob Olson: Original Author of CliFix at http://www.dudeworks.com · Greg Ramsey:http://myitforum.com/cs2/blogs/gramsey/ · Steve Pruitt: http://myitforum.com/cs2/blogs/spruitt/ · And the MSSMS list http://www.myitforum.com