- Deployment Manager limitations
- Deployment Manager known issues
- Security Manager limitations
- Security Manager known issues
- OS Deployment Manager limitations
Deployment Manager limitations
Distribution of files with plus signs in their name may fail on IIS7
There is a known issue in IIS7 where plus signs are converted to spaces in PUT request URLs. This issue affects the ManageSoft for AIX managed devices upgrade package which contains a file named libstdc++.a. Microsoft have released a hotfix for this issue at http://support.microsoft.com/kb/957001.
Discovery and inventory via VMware Virtual Center
Discovery and inventory via VMware Virtual Center is not supported on administration servers and distribution servers running the following operating systems: Windows XP SP2 or earlier, Windows Server 2003 SP1 or earlier. There are also hotfixes available to enable support for for Windows XP SP2 and Windows Server 2003 SP1. See http://support.microsoft.com/kb/909425/ for details.
Package targeting and policy merging with Deployment Manager policies
If you use native Deployment Manager policies, rather than Active Directory policies, for targeting, note the following limitations in this release:
- Deployment Manager policies cannot be merged to a resultant single policy. Each policy must contain everything relevant to the managed devices that will use it.
- Package-level filtering is not supported
- Deployment Manager policies can be targeted to managed devices only, not to specific users.
Security settings on Windows Vista, Windows XP SP2, Windows Server 2003 R2 / SP2 and Windows Server 2008 systems
On these systems there are a number of security settings which may block the proper functioning of Deployment Manager for managed devices and Deployment Manager for distribution servers. The main issues are:
- If the File protocol is to be used for distribution of packages or upload of status information, the security settings will need to be adjusted to allow file and printer sharing.
- If the HTTP, HTTPS, or FTP protocols are to be used for distribution of packages, upload of status information, or polling for distribution jobs, the security settings will need to be adjusted to allow incoming connections to their respective ports.
- If managed devices or child distribution servers are to use ping to estimate the network distance or bandwidth to this distribution server, the server must be allowed to respond to ping requests. This is permitted automatically when allowing file and printer sharing.
For new managed devices, several strategies are available for preparing the machine so that the standard client adoption processes will work. These approaches cover both situations where a machine is in an Active Directory domain and where it is not in an Active Directory domain. They are documented in the Deployment Manager and personal firewalls chapter of the EDS Reference: Configuration.
For existing managed devices, it is recommended that when you upgrade to Vista, Windows XP SP2, Windows Server 2003, or Windows Server 2008, you should configure security settings to allow ongoing remote execution and immediate installation operations. However, if the operating system has been rolled out without these security settings, full functionality can be restored with a Deployment Manager software package that can be installed through machine policy.
Instructions and sample configuration files and software packages are available for both situations in article M100611 "How to configure security settings for Windows XP SP2".
MSI installations with Windows Installer 3.0
Deployment Manager agent user interface issues in Windows Vista and Windows 7
Because of restrictions in displaying user interfaces for "interactive services" introduced by Microsoft in Windows Vista, some Deployment Manager agent dialogs may need to be accessed through the "interactive services" detection dialog. A full description of these user interaction changes is described in article M100811
Multi-domain installation and configuration
The default installation of the Deployment Manager for administration servers in multi-domain mode only configures the system for management of the current domain of the installing user. Further, it assumes that the account with which to run Deployment Manager scheduled tasks has Domain Administrator privileges.
If Deployment Manager is installed on a computer in a 'parent' domain, and scheduled tasks have Enterprise administrator privileges, multi-domain support can be enabled for sub-domains through the Domain Configuration dialog. This dialog can be opened from the context menu on the root node of the administration console.
For more complex environments involving cross-domain authentication or where specific security requirements exist, please refer to your Flexera Software professional services consultants.
Internationalization limitations
Deployment Manager integrates with a range of technologies across a distributed environment. Due to limitations in some of these technologies, it is necessary to ensure that information transferred between them contains only characters in their respective supported character sets. Hence it is recommended that only standard characters are used in the naming of:
- Managed devices
- Domains
- The installation directory of the Deployment Manager administration server
- The directory chosen for the Deployment Manager data
Standard characters include letters (A-Z, a-z), digits (0-9), and hyphens (-).
In a packaging environment, extended characters in the range of 0x80 to 0xA0 are not supported for use in package names and metadata.
Extended character support when using FTP with IIS
The following extended Unicode characters in the range of U+00F0 to U+00FF are known to not be supported when using Microsoft Internet Information Server (IIS) and FTP for distribution and installation of Deployment Manager policies, schedules, or packages: ðñòóôõö÷øùúûüýþÿ. As a workaround, the uppercase version of these characters can be used.
Setting up polling distribution servers with a Windows Server 2003 or Windows Server 2008 administration server
On installation of the Deployment Manager administration server on Windows Server 2003 and Windows Server 2008, the anonymous password must be manually configured for the ManageSoftJQ virtual directory in IIS. If this virtual directory is not configured, polling distribution servers will not function correctly.
To configure this password on Windows Server 2003, open the Internet Information Services Manager and go to the properties of the ManageSoftJQ virtual directory. Anonymous access settings can be found on the Directory Security tab and modified using the Edit button.
Push distribution
Multiple packages pushed to the same distribution server are transferred one after the other (serially). This limitation does not exist when using the Flexera Software patented pull distribution technology.
Data importer support
Distribution servers that are configured to import files in to the database must use the same SQL Server authentication method (Windows authentication or SQL authentication) as is used by the core administration server.
Installation status reports
In situations where multiple packages have been created in a software library with the same name and version, the number of rows in the installation detail reports may seem inconsistent with the summary counts shown in installation status reports. Be aware that the detail reports show information about all packages with a given name and version in the software library (regardless of location), while the summary reports give separate counts for each package in each unique location in the software library.
Adopting distribution servers
Distribution servers must be adopted before they are added to the distribution hierarchy through the Deployment Manager console. The adoption wizard will not allow adoption of a distribution server that is already in the hierarchy.
Adoption of distribution servers with data importers not supported
When automatically adopting a distribution server, you cannot configure the distribution server to directly import data into the Enterprise Deployment Suite database. This must be manually configured.
Configuring Deployment Manager Reports Server on Windows Server 2003 64-bit platforms
IIS 6.0 cannot run 32-bit and 64-bit applications concurrently on the same server. If you intend to run 32-bit ASP.NET applications, including Deployment Manager reports server configurations on 64-bit Windows, you must configure IIS 6.0 to create 32-bit worker processes.
The Microsoft TechNet reference for enabling 32-bit applications on 64-bit IIS 6.0 available at http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/55cd5e11-49a9-4158-8b1f-7f2aa4ad2f07.mspx?mfr=true.
Adopting Windows Vista clients when in a workgroup
Adoption of Windows Vista clients in a workgroup may fail over http. To workaround this issue, the Deployment Location should be reconfigured to use file protocol and the ManageSoftDL$ share should be added to the null session share list.
Linux Distribution Server support
Flexera Software has discontinued support for distribution servers running on Linux operating systems. The Deployment Manager administrative system will retain the ability to distribute packages to earlier Linux releases of Deployment Manager for distribution servers. However these devices cannot be upgraded to Deployment Manager for distribution servers 8.0 or later.
RPM package installation
If rpm is already running when Deployment Manager attempts to install a package, the managed device will hang until the current instance of rpm exits.
SELinux
Newer Linux distributions (for example, Redhat Enterprise Linux 5) running Security Enhanced Linux (SELinux) do not include a security policy which allows the RPM tool to execute pre-install and post-install scripts when invoked from a Java application. Deployment Manager for Linux managed devices is a Java application which uses the RPM tool to install packages. Therefore, RPM packages containing scripts will fail to install on such systems. A solution is to install a SELinux policy which allows Deployment Manager for Linux managed devices to install RPM packages that contain scripts. More details can be found in article M100895
SQL Server 2000 support
Support for Microsoft SQL Server 2000 is discontinued. Data and Reports servers should be upgraded to Microsoft SQL Server 2005 before upgrading Deployment Manager for administration servers.
Windows 2000 platform support
Support for administration servers running on Windows 2000 operating systems as a Core or Reports server is discontinued. Installation as a remote console or package servers is still supported, as is the ability to deploy Deployment Manager for distribution servers and Deployment Manager for managed devices to Windows 2000 systems.
Windows NT4 platform support
Support for distribution servers and managed devices running on Windows NT4 operating systems is discontinued. The Deployment Manager administrative system will retain the ability to distribute packages to earlier releases of Deployment Manager for distribution servers, and to author and maintain packages for deployment to Windows NT4 devices that use earlier releases of Deployment Manager for managed devices. However these devices cannot be upgraded to Deployment Manager for managed devices 8.0 or later.
Windows 9x platform support
Support for managed devices running on Windows 9x operating systems is discontinued. The Flexera Software administrative system will retain the ability to author and maintain packages for deployment to Windows 9x devices that use earlier releases of Deployment Manager for managed devices. However these devices cannot be upgraded to Deployment Manager for managed devices 7.9 or later.
Adoption and zero touch inventory of non Windows devices
Features Comparison
Not all Deployment Manager features available on Windows managed devices are available on non Windows managed devices. Refer to the Supported Features Comparison in the administration server online help for a summary of supported Deployment Manager features across OS X, Solaris, Linux, AIX, HP-UX and Microsoft Windows platforms.
Deployment Manager known issues
Problem | Description |
---|---|
Admin console | |
39283 | Domain config UI does not work from a remote console |
Adoption | |
37406 | DSs cannot be adopted after being added to the distribution hierarchy |
37565 | Failed adoption of a DS may be reported as a success |
Application usage | |
45206 | Application usage logs with an empty NAME attribute fail to import |
47380 | Usage reports inconsistently include computers outside date range |
58004 | Usage reports may show bogus applications if UseAddRemove=true |
58103 | Blank or NetBIOS domain reported for users in usage files |
70533 | Application Usage update date |
73352 | Usage reporting inaccurate for machines that are suspended over weekends |
73397 | Not getting usage from significant #s of computers |
75421 | Active time may exceed total time on the usage report |
Configuration UI | |
36899 | Unable to start multiple config consoles when mmc.exe.config is present |
40626 | Enter "edit" mode immediately after creating new MD settings folder |
40828 | MD settings can't be deleted after removal from policy without polmerge |
75370 | wmitrack.ini import is not robust |
76133 | MGSConfigure wizard does not function properly on OS X |
Discovery | |
37286 | Devices that connect to both VPN & LAN may be discovered multiple times |
37442 | Undiscovered but inventoried devices are shown with "Unreported Domain" |
40245 | Only one NetworkDevice record for all VPN devices found by discovery |
57584 | Discovery shows only one node from Network Load Balancing (NLB) clusters |
76394 | Mgsipscan results of VLANs contain duplicated MAC Addresses |
Distribution | |
28534 | Event logs for failed remove jobs are not created for child DLs |
28591 | Synchronize of a non-shared DL does not pick up policy archive |
31028 | Synchronize of a DL on a Novell FTP servers does not work |
33772 | DS DNS name must match name in hierarchy for job polling to bootstrap |
35582 | Distribution subsystem may hang when using a Solaris 8 FTP server |
42655 | Empty folders are not deleted when deleting packages |
46634 | "Cleanup old policy files" option in wizard not available from nddistrb |
46676 | Old distribution event can overwrite more recent state recorded in DB |
51940 | Packages without info in dist cache do not get removed from staging area |
52515 | DS may be shown as offline with empty job type names in system status |
53163 | DS authentication with a group in a foreign domain does not work |
55009 | Packages cannot be deleted from DSs after manual copying and synchronize |
55506 | Empty package files created if DL$ share points to same folder as DS$ |
57820 | replag.log file grows infinitely on admin server while console is open |
58226 | Update Failover Locations fails if CompatibilityWithNDG setting = true |
58493 | Polling DS stops receiving jobs if it is recreated in the hierarchy |
75395 | Bandwidth Throttling numbers inconsistent between 7.9 and 8.2 |
75741 | DS may lose its configuration when out of disk space |
Documentation | |
78006 | IncludeExtension Incorrect in Ref-PreferencesForMD.pdf for 8.5 |
78871 | "CheckServerCertificate" preference is undocumented |
78872 | Details about rights required for ESX inventory not documented |
Install wizards | |
31095 | Admin server install fails if non-ASCII chars in ManageSoft folder name |
31096 | Domain name on which the AS is installed can't contain non-ASCII chars |
39256 | Polling mode needs manual config if parent and child DS accounts differ |
39996 | Default mgssetup.ini should be in the MD and DS self-update packages |
42961 | Upgrading MGS admin server overwrites existing Web.config file settings |
46027 | Standalone DPE easy to misconfigure because install wizard hard to use |
47393 | Default membership of MGS Distributors group may be inappropriate |
55769 | DS uploading functionality broken if MD software is installed |
56646 | Virtual directories reconfigured to use ASP.NET 2.0 during AS install |
75324 | Cannot prevent usage agent from installing during client install |
75932 | Deployment Manager installation fails if FIPS policy enforced |
76696 | Interacting with the desktop error on Windows 2008 R2 |
77950 | Bug when EDS installed to a non-default location |
Installation | |
27700 | User policy and schedule updates may not work with folder redirection |
31483 | Dependent packages are not uninstalled when top level pkg is uninstalled |
32102 | Bootstrap location is lost after failed boostrap on Unix |
32154 | No event logs generated if install fails due to network outage on Unix |
32156 | No event log when uninstall a package using the Unix client command line |
33244 | Staged files are not removed if package is taken out of policy |
34419 | Installed packages don't get uninstalled if pre-reqs are no longer met |
40441 | Old schedules are still reported as installed after new schedule applied |
40780 | Install of MSI package fails if .msi placed in same folder on DL as .ndc |
40815 | Network{High,Low}Usage saved from bandwidth slider are ignored |
45227 | Reboot required by prereq package is skipped if parent package fails |
45776 | Citrix callout script gets run on machines that are not Citrix servers |
46035 | Verify/repair of customized package tries to go to DL for base pkg OSD |
52345 | Setting NetworkMaxRate installation agent preference has no effect |
52521 | Package activation time ignored when upgrading a package with staging on |
53311 | Behavior based on if user is logged on doesn't work with custom shells |
53324 | Packages with thousands of files fail to install in UNIX/Mac platforms |
54682 | Callout processing in base package fails installing custom package |
56927 | "Before install" run command not executed if installer installer not run |
56954 | Download attempts continue after user cancels download in Auto UI mode |
57134 | File that keeps same size between package revisions may not be updated |
57144 | Installation error reported when package installed under fixed profile |
57348 | Reports show install as pending when updated package is not required |
57735 | "ndlaunch -a PackageName" fails with error "format not recognized" |
58871 | MsiUninstallArgs can't be specified when a package is uninstalled |
58918 | Variables referenced in MsiUninstallArgs preference are not expanded |
59144 | Callout on dependent package not executed |
75423 | Java based MDs uneccessarily loads the ndc of "not applicable" packages |
75728 | Linux/OS X/Solaris client issue handling files larger than 2GB |
Internal infrastructure | |
43110 | Command line processing fails to strip trailing double quote after \ |
78606 | System event log errors each minute after installing DM8.5 admin server |
Inventory | |
33033 | Can't use diff inv with Description=$Value in specific registry trackin |
34894 | Solaris inventory does not include software patches |
44008 | Different packages with same name & version may be reported as installed |
47415 | Inventory import fails with duplicate path under Reporter\CV\Registry |
56733 | IncludeRegistry support for wildcard within registry name |
75561 | Not able to get an ESXi Server Inventory from free version |
77300 | Oracle audit information may be missing hardware inventory |
78730 | Oracle Audit Evidence export does not include non DM hardware inventory |
Licensing | |
39510 | Parts of licensing ignore installations on computers in containers |
53103 | Code file needs to be hacked by user to get licensing reports appearing |
Network operations | |
47877 | HTTP PUT fails if file contains # characters in its name |
Operations portal | |
47151 | Menus defined in pre-7.8.1 Module.config files don't appear in 7.8.1+ |
56663 | Error writing to event log using Operation Portal as a non admin user |
Packaging and receiving | |
37074 | 3rd party install wizard copies *all* files in same dir as selected EXE |
41044 | Same MST file cannot be in both a base package and its customization |
42454 | Random packing console crashes deleting nodes in a package |
43977 | Failure to apply a transform is not detected and reported in MSI wizard |
44806 | Can't distribute >1 custom pkg at a time where the base pkg has a prere |
48902 | nddlm does not populate DB with information about custom packages |
51455 | Random packaging console crashes adding prerequisite packages |
51984 | Packer generates OSD files with invalid UTF, leads to parsing exceptions |
53323 | pkginfo.config files in Solaris packages are lost during packaging |
54906 | "Unspecified error" from COM importing RPM with non-existent dependency |
56849 | Unclear error when deleting a package that is still in policy |
58547 | Empty HW class & property lists adding HW prereq on packaging factory |
75434 | Packages with no metapkg.ndc.gz are repacked |
75772 | OS X package fails to import if path typed in manually |
77402 | Incorrect priority/order of run commands with different architectures |
Peer2Peer | |
43012 | Uninstallation of MD leaves packages in cache |
48179 | Packages cannot be installed from non-DL filesystem if P2P is in use |
51168 | p2p fail to down load packages with long name |
57878 | Read-only files are left in P2P cache but removed from catalog.ctx |
Policy distribution | |
30221 | Policy distribution fails with OU names containing " (double quotes) |
45376 | NPL file may not be generated if a user and computer have the same name |
73574 | Policy distribution may fail if there is non-ASCII characters in OU name |
Policy editing | |
37171 | Need to be able to use Add to Policy wizard for MD settings & schedules |
46453 | mgspoled does not validate package paths being added to policy |
46876 | Group filtering in Add to Policy wizard works incorrectly cross domain |
47245 | DPE always removes non-existent schedules from policy |
51653 | Package filtering may be removed if group moved in AD while DPE is open |
Policy merging | |
35808 | SSPM generates .npl files using computer CN but MD expects SAM AC name |
41463 | Policy data about Admin accounts from different domains incorrect |
42937 | polmerge fails if the domain GUID changes in AD (e.g. domain rebuild) |
45683 | All but one GPO with same GUID appears in the ManageSoft database |
45744 | Info about filtering by groups from root domain not accurately recorded |
46888 | User policy merge using a local account can cause domain account lockout |
79106 | Policy management fails in black box domain with long computer names |
Remote execution | |
51958 | Unclear: Time for RE tasks with dynamic device selection local to the AS |
52528 | DSs used for RE cannot be controlled with dynamic target selection |
54437 | Usability problems in selecting DSs in remote execution wizard |
55478 | Remote execution may target the wrong machine if DNS/IP info out of date |
58649 | Remotely executed apps fail to access network on Vista workgroup members |
70652 | Oracle/ESX/AMT inv tasks fail if strict mode enabled w/out RPC creds |
75604 | Add package to policy wizard auto generates remote task to update policy |
75873 | RemoteExecution alerts in event log if interactive services disabled |
78607 | Windows ndtrack command line shown for UNIX remote inventory |
78640 | SSH logon with "\" in username is not allowed |
Reporting | |
27118 | Installations of dependent packages are reported as "out of policy" |
27445 | Special characters in OU names cause problems with reports pages |
30198 | Filtered report page number links above 10 link back to pages 1 to 10 |
33493 | Installation reports don't list packages that aren't in the SW library |
34863 | Incorrect subnets for adapters with >1 IP address shown in asset reports |
39751 | Drilldown from software installation summary reports may show extra rows |
42053 | Software report lists everything but drill down only lists used versions |
42966 | Report sorting may sometimes fail with reference to irrelevant column |
43947 | "NT4 domain" heading in "Computer * domain and role" reports incorrect |
53510 | Installation Pending/Failed/Postponed reports slow at large scales |
Resolvers/Importers | |
78627 | Oracle inventory importer should be case sensitive for user names |
Rights and Roles | |
52507 | ArgumentOutOfRangeException reported in non-AD mode if user is not in DB |
Scheduling | |
26490 | Renaming/removing distribution group breaks schedules without warning |
31284 | Need a way for non-admin users to run pre-approved commands as System |
31729 | Changed Update User Policy events stop executing until next logon |
45217 | Schedule agent may invoke policy agent with bad case in path to .npls |
45300 | Scheduled events have duplicate names by default and can't be renamed |
45515 | ndpolmig overwrites customized policy update events in schedules |
58183 | Currently running scheduled events may be re-run on network connection |
79191 | Task scheduler corrupted on restart for 64 bit Linux client machines |
Selection | |
27066 | Admin users can't uninstall mandatory packages using selection agent |
29025 | Pre-req pkgs of manadatory pkgs can be uninstalled using the Selector |
37388 | Opening the selector on Solaris may take a long time |
42845 | Custom config not shown using example selection agent config package |
76664 | Mandatory and Removable packages appear Optional in selector |
UnixMD | |
78988 | Cached failover settings get reapplied in preference to server failover |
Uploading | |
56212 | Obscure ASP.NET error 1309 in event log on problematic uploads |
70432 | Path MKCOL forbidden |
75828 | Admin Server calling ndupload and getting 'file not found' errors |
Wake on LAN | |
31100 | Managed device with NIC inventoried twice halts creation of WOL job |
Security Manager limitations
Security Manager node may disappear from the administration console
The Security Manager node may disappear from the administration console after upgrading a Deployment Manager for administration servers installation. Performing a Windows Installer "repair" operation of the Security Manager product from Add/Remove Programs will resolve this issue.
Blocked applications
Deployment Manager for managed devices can only block applications that load user32.dll. For example, the command prompt application (cmd.exe) does not load user32.dll, so Deployment Manager for managed devices cannot block this application.
Application blocking is not supported on computers with IIS installed
Security Manager agent software does not block applications on a Deployment Manager administration server, a Deployment Manager distribution server, or other computers with IIS installed, due to conflicts with IIS.
Microsoft Baseline Security Analyzer (MBSA) installation limitations
MBSA 2.0 will not install on Windows 2000 Professional unless service pack 4 or higher is installed. MBSA 2.0 performs scans on Windows 2000 SP4 and later operating systems and Flexera Software recommends that this service pack is installed on all Windows 2000 computers.
When upgrading from previous releases of Security Patch Management, the existing MBSA 1.2 packages can interfere with the installation of the new MBSA 2.0 packages due to prerequisite conflicts. To resolve this issue, older versions of the MBSA 1.2 packages should be removed from policy and replaced with the latest available MBSA 1.2 packages.
Additionally, it should be noted that MBSA 1.2.1 will incorrectly report Microsoft Internet Explorer 7 installations as IE6 installations. Further details about this problem and its recommended resolution can be found in Enterprise Deployment Suite Knowledge Center article 100790.
Configuration issues with Office patches
Some Microsoft Office patches require access to the original install media that was used when Office was installed. See Microsoft knowledge base article 828451 (http://support.microsoft.com/?kbid=828451) for details.
Proxy settings
Security Manager uses the proxy settings from Internet Explorer for downloading patches. This relies on the proxy to be entered explicitly in Internet Explorer. Switch to an explicitly specified proxy server if downloads are not working with the automatic proxy detection option set in IE.
Vulnerability scanning on Windows Vista
Microsoft MBSA does not currently return any security vulnerability information when run on Microsoft Vista platforms. Consequently, Security Manager is not able to report this information for Windows Vista based computers.
Download and import prerequisite packages
Prerequisite package refreshes are not supported from Security Manager remote consoles. Administrators must download the pre-requisite packages from an administration server.
Security Manager known issues
Problem | Description |
---|---|
Application Blocking | |
56687 | Application blocking does not work on Vista |
Configuration UI | |
41010 | Need to be able to suppress all reboots when applying security settings |
Installation | |
76835 | Client agent can't uninstall Windows 7 security patches(.msu style) |
Packaging and receiving | |
46911 | Patches with long names may not be added to policy after mgspatchreceive |
Patch management | |
43767 | Intermittent file in use error for mssecure*.cab during errata refresh |
44334 | SUSE patches do not get added to policy from admin server |
57635 | Superseded patches are hard to identify and manage in console |
75481 | Bulletins that supersede themselves will be put into hidden list |
76457 | Patch selections are not always saved |
79297 | ‘Hide bulletins’ in SM UI includes patches that are current and required |
Reporting | |
45332 | Scan status drill down does not list "Unknown" machines |
45333 | Different Security Manager reports report on different sets of devices |
74995 | SPM reports with Maximum request length exceeded error |
76718 | Patches that are superseded are not reported explicitly in install logs |
Security analysis | |
46066 | MBSA preferences are inconsistently located and missing from CSPs |
47568 | Bad status reported for patches superseded by patches not in mssecure |
54938 | MBSA output fails to be found if %USERPROFILE% different from %APPDATA% |
OS Deployment Manager limitations
Internationalization limitations
OS Deployment Manager integrates with a range of technologies across a distributed environment. Due to limitations in some of these technologies, it is necessary to ensure that information transferred between them contains only characters in their respective supported character sets. Hence it is recommended that only standard characters are used in the naming of:
- Managed devices
- Domains
- Installation directory chosen for OS Deployment Manager
Standard characters include letters (A-Z, a-z), digits (0-9), and hyphens (-).
Personality migration for Windows Server operating systems
Microsoft User State Migration Tool (USMT) does not support personality migration for any version of Windows Server operating systems. Capturing and restoring personality data to Windows Server requires custom scripts and Deployment Manager packages. For more information, talk with your Flexera Software consultant. Refer to the Microsoft USMT documentation for limitations.
Deployment Manager download and reporting locations must support file protocol
The Deployment Manager download and reporting location, typically shared as ManageSoftDL$ and ManageSoftRL$ respectively, must be configured to enable access using the file protocol in order to successfully use the Microsoft WAIK imaging tools. Refer to the WAIK documentation for further information about WAIK and its limitations.
Distribution of OS images limited to 4GB over HTTP, HTTPS and FTP
The Deployment Manager distribution infrastructure is unable to distribute files larger than 4GB over HTTP, HTTPS and FTP. To work around this issue, file protocol may be used, or alternatively images can be split into files that are each smaller than 4GB.
Unattended install of 64-bit operating systems
OS Deployment Manager release 8.5 does not currently support deployment of 64-bit operating systems using the unattended installation technique. These operating systems should be deployed using standard or hardware-portable installation techniques.
Deployment of Windows 7 and Windows Server 2008 R2 standard or hardware-portable images
OS Deployment Manager release 8.5 requires standard or hardware-portable images to be captured from a single disk partition. On a default install, Windows 7 and Windows Server 2008 R2 creates a separate reserved boot partition which cannot currently be captured by OS Deployment Manager.
To install Windows 7 or Windows Server 2008 R2 onto a single partition
- Boot from the installation media
- Choose a Custom (advanced)install
- Click Drive options (advanced)
- Click New
- Select the System Reserved partition and click Delete
- Proceed with the installation as per normal
Alternatively Windows 7 (32-bit) may be installed using the unattended installation technique.
Unattended install of Windows XP and Windows Server 2003, using other imaging technologies (non-WAIK) may fail to install Deployment Manager for managed devices
OS Deployment Manager release 8.5 does not currently support installation of Deployment Manager for managed devices during postwork processing of an unattended install of Windows XP and Windows Server 2003 using non-WAIK imaging technologies, such as Ghost. Deployment Manager for managed devices may instead be installed via Remote Execution based adoption or logon scripts.
OS Deployment Manager known issues
Problem | Description |
---|---|
Computer name mapping | |
30903 | Machine naming page uses old computer names until AD reconcile is done |
Discovery | |
30968 | Discovery data cannot be imported through UI if NNM is on a separate box |
Distribution | |
57869 | Obscure failures reported handling images larger than 4GB |
Install wizards | |
77889 | Site server installer UI does not allow install folder to be customized |
OS imaging | |
41670 | OMC download failure ignored by DownloadOSMigrationConfigurationFile |
45649 | HTTP WiDep traffic does not support Windows Authentication |
54530 | User logged on and console is accessible during postwork processing |
54840 | WiDep7.2 PostWork uploads fail to 7.8.1+ admin server |
55097 | Bootstrap location may be set to C:\Stage when installing pre-staged pkg |
75471 | Missing drive configuration when importing an unattended image |
77632 | Error if the Windows folder and the boot files are on different drives |
Rollout configuration management | |
31116 | Can get circular references to OS image folders using 2 consoles at once |
Comments