KB4343900 – Failed to resolve package [HRESULT = 0x80070490 – ERROR_NOT_FOUND]

Hey! Just got a problem in the service window this Sunday, I’m just in need to share this with everyone.

The platform that has the problem.
Server 2008 SP1

The real problem
KB4343900 just not installing, Error code: 0x80070490

When I’m digging the C:\Windows\Logs\CBS\CBS.log, find some interesting stuffs.

Exec: Package: Package_533_for_KB4343900~31bf3856ad364e35~amd64~~6.1.1.5 is already in the correct state, current: Installed, targeted: Installed
2018-08-23 14:58:44, Info CBS Exec: Skipping Package: Package_533_for_KB4343900~31bf3856ad364e35~amd64~~6.1.1.5, Update: 4343900-1784_neutral_LDR because it is already in the correct state.
2018-08-23 14:58:44, Error CBS Failed to resolve package ‘Package_424_for_KB4103718~31bf3856ad364e35~amd64~~6.1.1.4′ [HRESULT = 0x80070490 – ERROR_NOT_FOUND]

And Solution was to Install this patch
KB4103718 – https://support.microsoft.com/en-us/help/4103718/windows-7-update-kb4103718

Look in this post if you want a script to run this on more computers than just one –
https://pontuswendt.blog/2018/06/25/windows-update-problem-code-800f0831-store-corruption-manifest-missing-for-package-package_2165_for_kb4103725

If you have another KB but still have ERROR_NOT_FOUND line, you´ll just install that patch instead.

 

Cheers
Pontus

MDT – Check if the model is certified, with mail flow.

Hey Again! Long time no seen, just had an amazing vacation. How are you guys?
Now with some new pieces of stuff that I´ve been working on.

In our company, we have a lot of different models, and sometimes they deploy them without me knowing. And therefore I didn’t put in any drivers.

Goal:

  • A pop-up box prompt while deploying a machine in MDT (this could work in SCCM also, not tested), So the installation doesn’t continue
  • A mail with the model name, computer name, and deployment share name, So i can put the correct model drivers into the MDT workbench.

Solution:

I made a PowerShell script that solves this. You need to fill the parameters to make it work in your environment.

Like this2018-08-13 14_01_16-Administrator_ Windows PowerShell.png
.\ComputerNotCertfied.ps1 -SMTPServer relay.liverpool.com -SMTPPort 25 -From Home@liverpool.com -To Away@liverpool.com

Little explanation of the parameters
-SMTPServer (To send an email without putting any credentials, I’m I using a SMTP relay)
-SMTPPort (And I need to specify the ports as well for the relay)
-From (From which address I want to specify )
-To (To which address I want to specify)

#Synopsis
#    ComputerNotCertfied.ps1
#DESCRIPTION
#Make a step in MDT, and a popup will promt the user, that the "Computer is not certified, #a mail have been sent to the system administrator"
#Then the script is sending a email to the system-admins.
#And after that, Shuts down the computer.

#Created: 2018-08-13
##Version: 1.0

#Author : Pontus Wendt
#Twitter: @pontuswendt
#Blog   : https://pontuswendt.blog

#Disclaimer: This script is provided "AS IS" with no warranties, confers no rights and
#is not supported by the author
#EXAMPLE
#ComputerNotCertfied.ps1 -SMTPServer relay.liverpool.com -SMTPPort 25 -From liverpool@anfield.com -to
# liverpool@anfield.com

#Parameters
Param(
[parameter(mandatory = $True, HelpMessage = "Name of the SMTP server?")]
[ValidateNotNullOrEmpty()]
$SMTPServer,

[parameter(mandatory = $True, HelpMessage = "Name of the SMTP relay port?")]
[ValidateNotNullOrEmpty()]
$SMTPPort,
[parameter(mandatory = $True, HelpMessage = "Which adress are you sending from?")]
[ValidateNotNullOrEmpty()]
$From,
[parameter(mandatory = $True, HelpMessage = "Which adress are you sending to?")]
[ValidateNotNullOrEmpty()]
$To
)
#Popup-message
$wshell = New-Object -ComObject Wscript.Shell
$wshell.Popup("Computer is not certified, a mail have been sent to the system administrator.", 0, "Error", 0x0 + 0x1000)

#Gather computer information
$log = get-content "C:\MININT\SMSOSD\OSDLOGS\BDD.log"
foreach ($line in $log) {
    if ($line -like "*DeployRoot is now =*") {
        $Deploymentshare = "Deploymentshare " + "$($line.split("=")[1].split(']')[0])"
    }
}

$Model = wmic computersystem get model
$Make = wmic computersystem get manufacturer

#Send mail with gathered information
$Subject = "New Model to certify"
$Body = "$Model `n $Make `n $Computername `n $Deploymentshare"
Send-MailMessage -From $From -to $To -Subject $Subject -Body $Body -SmtpServer $SMTPServer -port $SMTPPort

#Shutting down computer
Stop-Computer

Guide:

  1. Copy this script ( ComputerNotCertfied.zip  zip it up first 😉 ) into the script folder in your Deployment share.
    comasdfadsfadsfdfsadfdf.png
  2. Make a new step in your MDT task sequence, Choose PowershellScript
    2018-08-13 14_39_30-Photos.png
  3. Put this script into an MDT Step, and specify the parameters you want to use.
    PowerShell script: ComputerNotCertified.ps1
    Parameters: -SMTPServer relay.liverpool.com -SMTPPort 25 -From Home@liverpool.com -To Away@liverpool.com
    2018-08-13 14_41_04-sql.invidjkp.local - ASG-RemoteDesktop 2018 - invjkp-mdt01.png
  4.  Go to Options tab and click on Add button.
    add.png
  5. Add then “If statement“, then choose “none
    2018-08-13 14_45_15-sql.invidjkp.local - ASG-RemoteDesktop 2018 - invjkp-mdt01.png
    2018-08-13 14_45_56-sql.invidjkp.local - ASG-RemoteDesktop 2018 - invjkp-mdt01.png
  6. Mark “if none of the conditions are true, then Add Query WMI2018-08-13 14_47_14-sql.invidjkp.local - ASG-RemoteDesktop 2018 - invjkp-mdt01.png
  7. Now we need to specify the models that are already certified.
    (Put in following text (in this example I put in the Virtual machine, in your case it could be “HP 820 G3”:
    SELECT * FROM Win32_ComputerSystem WHERE Model Like “Virtual Machine”
    2018-08-13 14_49_56-sql.invidjkp.local - ASG-RemoteDesktop 2018 - invjkp-mdt01.png
    2018-08-13 14_55_06-sql.invidjkp.local - ASG-RemoteDesktop 2018 - invjkp-mdt01.png
  8. Click Ok, then Apply, close the Task Sequence.
  9. Then “Update Deployment Share”
    123123123.png
  10. Done

How does it looks like when we run a computer that is not certified?

When the computer run the “Check If the computer is certified” step.
This will pop-up
error1.png

When you click “Ok“, the computer stops and shuts down.

Then you check your mail inbox.
2018-08-13 14_57_44-mdt - Inkorg - mdt - Outlook.png

Voila! Now you got an email that they tried to run a un-certified model.

Thanks for reading

/Pontus

Windows update Problem – Installing KB4284815 – Code 800F0831 – Store corruption, manifest missing for package: Package_2165_for_KB4103725

Hey! I discovered that some of my servers (Server 2012 R2) have some patching problems now in June.

When im trying to patch the KB4284815 – June 12, 2018—KB4284815 (Monthly Rollup)

Then im getting this Error.
Code 800F0831

I started to investigate the CBS.log in “C:\Windows\Logs\CBS\CBS.log”

And as I assumed, I got an Error Code
2018-06-25 09:25:48, Info CBS Store corruption, manifest missing for package: Package_2165_for_KB4103725~31bf3856ad364e35~amd64~~6.3.1.4

2018-06-25 09:25:48, Error CBS Failed to resolve package ‘Package_2165_for_KB4103725~31bf3856ad364e35~amd64~~6.3.1.4′ [HRESULT = 0x800f0831 – CBS_E_STORE_CORRUPTION]

Ok. It says something about KB4103725 – May 8, 2018—KB4103725 (Monthly Rollup)

To solve this we need to reinstall that patch again (last month patch), something happend with the Store Corruption.

And I´ve made a simple Powershell script to solve it.
CBS_E_STORE_CORRUPTION_0x800F0831_KB4103725.zip

Just follow these instructions:

#Synopsis
#CBS_E_STORE_CORRUPTION_0x800F0831_KB4103725.ps1
#Created: 2018-06-25
#Version: 1.0

#Author : Pontus Wendt
#Twitter: @pontuswendt
#Blog : https://pontuswendt.blog
#Disclaimer: This script is provided "AS IS" with no warranties, confers no rights and
#is not supported by the author.

# 1. Download the .MSU file from Microsoft. https://www.catalog.update.microsoft.com/Search.aspx?q=KB4103725

# 2. Put it in the C:\Temp folder.
# 3. Locate the folder
Set-location C:\temp
# 4. Extract .msu file.
expand .\windows8.1-kb4103725-x64_cdf9b5a3be2fd4fc69bc23a617402e69004737d9.msu -f:* C:\TEMP

# 5. Install the update again,
DISM.exe /Online /Add-Package /PackagePath:C:\TEMP\Windows8.1-KB4103725-x64.cab

# 6. Your done. Try to install the new patch again.

If you have more servers with this kind of problems, you can just download the .msu file, put it in a sccm package. Then add this to the script.

#Make folder
New-item -Path .\Temp -ItemType Directory -Force
#Copy .msu file
Copy-Item -Path .\windows8.1-kb4103725-x64_cdf9b5a3be2fd4fc69bc23a617402e69004737d9.msu -Destination C:\temp

Good Luck
/Pontus

 

Is Windows Powershell Complete? What about Powershell Core?

Just looked at a very exciting video with Jeffrey Snover, and its about Powershell.

Gonna recap this video in a few pictures for you guys.

11.png
He explains that Windows Powershell is done, no more “New features” and so on. Just security patches etc.

33.png
So whats happens now? They building a New Tool, called Powershell Core

22.png
Taking the best of Windows Powershell, and its no need of .net framework.

44.png

55.png
They finnally go “Open source” and run on Anything, even your dishwasher 😉

To download this go to : https://github.com/PowerShell/PowerShell

Rmodule.png
And you can remote “Windows powershell” from that tool. So dont be scared.

66
And like picture above, you can just
Import -module .\rModule.psm1 (Ofc you need to download that module first to your machine and its not available yet unfortunately)
77.png
Then
Get-Command -Module rModule  (Ah Okay, we can write Get-rModule)
Get-rModule -ListAvailable -computername Localhost

88.png
Now its imported all the modules that are on the local machine. Then we take Applocker for an example.
So now
Import-rModule Applocker -computername Localhost
Get-Command -Module Applocker

And it Works.

Kinda cool huh?

Here’s the video if you wanna look at it: https://youtu.be/us4HTxtjfa8

Cheers
Pontus

ZTIWindowsupdate has run And Failed too Many Times. Microsoft – Printer 6/21/2006 12:00:00 AM 10.0.15063.0

Recently I discovered a really annoyoing issue when:
Error message: ZTIWindowsupdate has run And Failed too Many Times. Microsoft – Printer 6/21/2006 12:00:00 AM 10.0.15063.0
Deploying with MDT
NO WSUS
Both Windows 10 1703 and Windows 10 1709

Here´s the issue, when running the Windows update step in the MDT, it hangs on some Updates
2017-11-06 16_05_17-TEST F12 på PONWEN-LAP01 - Anslutning till virtuell dator.png

2017-11-06 16_11_41-TEST F12 på PONWEN-LAP01 - Anslutning till virtuell dator.png

Biggest question, What it is?
Its two drivers,
Microsoft to PDF
XPS Services

And somehow it causes the Windows update to retry, retry and retry. Its simply cant succeed. These updates are not in the WSUS just when you going to microsoft.com

My solution is to “Disable” the feature before the updates, and “Enable” them after the updates. Because of bad drivers from Microsoft.

The solution:
1. First, Open the Task Sequence that you are deploying.

2. Add a Step into the task sequence. (Make sure you add it After Windows is Installed, Add it just before Windows update is running.)
Add\Roles\Uninstall Roles and Features
2017-11-06 15_39_59-sql.invidjkp.local - ASG-RemoteDesktop 2017 - invjkp-mdt01.png

3. Check Microsoft Print to PDF
2017-11-06 15_42_39-sql.invidjkp.local - ASG-RemoteDesktop 2017 - invjkp-mdt01.png

4. Check XPS Services
2017-11-06 15_48_20-sql.invidjkp.local - ASG-RemoteDesktop 2017 - invjkp-mdt01.png

5. Then We add a new step in the task sequence. Pretty down in the task sequence. Just before “Apply Local GPO Package”
Add\Roles\Install Roles and Features
2017-11-06 15_51_07-sql.invidjkp.local - ASG-RemoteDesktop 2017 - invjkp-mdt01.png

6. Check Microsoft Print to PDF
2017-11-06 16_12_58-sql.invidjkp.local - ASG-RemoteDesktop 2017 - invjkp-mdt01.png

7. Check XPS Services
2017-11-06 16_17_41-sql.invidjkp.local - ASG-RemoteDesktop 2017 - invjkp-mdt01.png

8. Then apply

9. Update your Deploymentshare and try again. On my machine, it solved the issue. Good luck!
doen.png

/Pontus