Q207589: Known Issues for Enterprise Deployment Suite 9.0

This article contains a list of limitations and known issues in the Enterprise Deployment Suite 9.0 release.
It is composed of six sections

Deployment Manager limitations

The following are limitations of the Deployment Manager 9.0 release:

Distribution of files with plus signs in their name may fail on IIS7

There is a known issue in IIS7 where plus signs are converted to spaces in PUT request URLs. This issue affects the ManageSoft for AIX managed devices upgrade package which contains a file named libstdc++.a. Microsoft have released a hotfix for this issue at http://support.microsoft.com/kb/957001.

Discovery and inventory via VMware Virtual Center

Discovery and inventory via VMware Virtual Center is not supported on administration servers and distribution servers running the following operating systems: Windows XP SP2 or earlier, Windows Server 2003 SP1 or earlier. There are also hotfixes available to enable support for for Windows XP SP2 and Windows Server 2003 SP1. See http://support.microsoft.com/kb/909425/ for details.

Package targeting and policy merging with Deployment Manager policies

If you use native Deployment Manager policies, rather than Active Directory policies, for targeting, note the following limitations in this release:

  • Deployment Manager policies cannot be merged to a resultant single policy. Each policy must contain everything relevant to the managed devices that will use it.
  • Package-level filtering is not supported
  • Deployment Manager policies can be targeted to managed devices only, not to specific users.

Security settings on Windows Vista, Windows XP SP2, Windows Server 2003 R2 / SP2 and Windows Server 2008 systems


On these systems there are a number of security settings which may block the proper functioning of Deployment Manager for managed devices and Deployment Manager for distribution servers. The main issues are:

  1. If the File protocol is to be used for distribution of packages or upload of status information, the security settings will need to be adjusted to allow file and printer sharing.
  2. If the HTTP, HTTPS, or FTP protocols are to be used for distribution of packages, upload of status information, or polling for distribution jobs, the security settings will need to be adjusted to allow incoming connections to their respective ports.
  3. If managed devices or child distribution servers are to use ping to estimate the network distance or bandwidth to this distribution server, the server must be allowed to respond to ping requests. This is permitted automatically when allowing file and printer sharing.

For new managed devices, several strategies are available for preparing the machine so that the standard client adoption processes will work. These approaches cover both situations where a machine is in an Active Directory domain and where it is not in an Active Directory domain. They are documented in the Deployment Manager and personal firewalls chapter of the EDS Reference: Configuration.


For existing managed devices, it is recommended that when you upgrade to Vista, Windows XP SP2, Windows Server 2003, or Windows Server 2008, you should configure security settings to allow ongoing remote execution and immediate installation operations. However, if the operating system has been rolled out without these security settings, full functionality can be restored with a Deployment Manager software package that can be installed through machine policy.

Instructions and sample configuration files and software packages are available for both situations in article M100611 "How to configure security settings for Windows XP SP2".

MSI installations with Windows Installer 3.0

Windows Installer 3.0 does not support FTP download of package components. This means that you should not specify FTP as the download protocol if you are installing MSI packages directly from a distribution location.

Deployment Manager agent user interface issues in Windows Vista and Windows 7

Because of restrictions in displaying user interfaces for "interactive services" introduced by Microsoft in Windows Vista, some Deployment Manager agent dialogs may need to be accessed through the "interactive services" detection dialog. A full description of these user interaction changes is described in article M100811

Multi-domain installation and configuration

The default installation of the Deployment Manager for administration servers in multi-domain mode only configures the system for management of the current domain of the installing user. Further, it assumes that the account with which to run Deployment Manager scheduled tasks has Domain Administrator privileges.

If Deployment Manager is installed on a computer in a 'parent' domain, and scheduled tasks have Enterprise administrator privileges, multi-domain support can be enabled for sub-domains through the Domain Configuration dialog. This dialog can be opened from the context menu on the root node of the administration console.

For more complex environments involving cross-domain authentication or where specific security requirements exist, please refer to your Flexera Software professional services consultants.

Internationalization limitations

Deployment Manager integrates with a range of technologies across a distributed environment. Due to limitations in some of these technologies, it is necessary to ensure that information transferred between them contains only characters in their respective supported character sets. Hence it is recommended that only standard characters are used in the naming of:

  • Managed devices
  • Domains
  • The installation directory of the Deployment Manager administration server
  • The directory chosen for the Deployment Manager data

Standard characters include letters (A-Z, a-z), digits (0-9), and hyphens (-).

In a packaging environment, extended characters in the range of 0x80 to 0xA0 are not supported for use in package names and metadata.

Extended character support when using FTP with IIS

The following extended Unicode characters in the range of U+00F0 to U+00FF are known to not be supported when using Microsoft Internet Information Server (IIS) and FTP for distribution and installation of Deployment Manager policies, schedules, or packages: ðñòóôõö÷øùúûüýþÿ. As a workaround, the uppercase version of these characters can be used.

Setting up polling distribution servers with a Windows Server 2003 or Windows Server 2008 administration server

On installation of the Deployment Manager administration server on Windows Server 2003 and Windows Server 2008, the anonymous password must be manually configured for the ManageSoftJQ virtual directory in IIS. If this virtual directory is not configured, polling distribution servers will not function correctly.

To configure this password on Windows Server 2003, open the Internet Information Services Manager and go to the properties of the ManageSoftJQ virtual directory. Anonymous access settings can be found on the Directory Security tab and modified using the Edit button.

To configure this password on Windows Server 2008, open the Internet Information Services Manager and go to the Authentication properties of the ManageSoftJQ virtual directory. Edit the Anonymous Authentication settings for this virtual directory to set a specific user.

Push distribution

Multiple packages pushed to the same distribution server are transferred one after the other (serially). This limitation does not exist when using the Flexera Software patented pull distribution technology.

Data importer support

Distribution servers that are configured to import files in to the database must use the same SQL Server authentication method (Windows authentication or SQL authentication) as is used by the core administration server.

Installation status reports

In situations where multiple packages have been created in a software library with the same name and version, the number of rows in the installation detail reports may seem inconsistent with the summary counts shown in installation status reports. Be aware that the detail reports show information about all packages with a given name and version in the software library (regardless of location), while the summary reports give separate counts for each package in each unique location in the software library.

Adopting distribution servers

Distribution servers must be adopted before they are added to the distribution hierarchy through the Deployment Manager console. The adoption wizard will not allow adoption of a distribution server that is already in the hierarchy.

Adoption of distribution servers with data importers not supported

When automatically adopting a distribution server, you cannot configure the distribution server to directly import data into the Enterprise Deployment Suite database. This must be manually configured.

Configuring Deployment Manager Reports Server on Windows Server 2003 64-bit platforms

IIS 6.0 cannot run 32-bit and 64-bit applications concurrently on the same server. If you intend to run 32-bit ASP.NET applications, including Deployment Manager reports server configurations on 64-bit Windows, you must configure IIS 6.0 to create 32-bit worker processes.

The Microsoft TechNet reference for enabling 32-bit applications on 64-bit IIS 6.0 available at http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/55cd5e11-49a9-4158-8b1f-7f2aa4ad2f07.mspx?mfr=true.

Adopting Windows Vista clients when in a workgroup

Adoption of Windows Vista clients in a workgroup may fail over http. To workaround this issue, the Deployment Location should be reconfigured to use file protocol and the ManageSoftDL$ share should be added to the null session share list.

Linux Distribution Server support

Flexera Software has discontinued support for distribution servers running on Linux operating systems. The Deployment Manager administrative system will retain the ability to distribute packages to earlier Linux releases of Deployment Manager for distribution servers. However these devices cannot be upgraded to Deployment Manager for distribution servers 8.0 or later.

RPM package installation

If rpm is already running when Deployment Manager attempts to install a package, the managed device will hang until the current instance of rpm exits.


Newer Linux distributions (for example, Redhat Enterprise Linux 5) running Security Enhanced Linux (SELinux) do not include a security policy which allows the RPM tool to execute pre-install and post-install scripts when invoked from a Java application. Deployment Manager for Linux managed devices is a Java application which uses the RPM tool to install packages. Therefore, RPM packages containing scripts will fail to install on such systems. A solution is to install a SELinux policy which allows Deployment Manager for Linux managed devices to install RPM packages that contain scripts. More details can be found in article M100895

SQL Server 2000 support

Support for Microsoft SQL Server 2000 is discontinued. Data and Reports servers should be upgraded to Microsoft SQL Server 2005 before upgrading Deployment Manager for administration servers.

Windows 2000 platform support

Support for administration servers running on Windows 2000 operating systems as a Core or Reports server is discontinued. Installation as a remote console or package servers is still supported, as is the ability to deploy Deployment Manager for distribution servers and Deployment Manager for managed devices to Windows 2000 systems.

Windows NT4 platform support

Support for distribution servers and managed devices running on Windows NT4 operating systems is discontinued. The Deployment Manager administrative system will retain the ability to distribute packages to earlier releases of Deployment Manager for distribution servers, and to author and maintain packages for deployment to Windows NT4 devices that use earlier releases of Deployment Manager for managed devices. However these devices cannot be upgraded to Deployment Manager for managed devices 8.0 or later.

Windows 9x platform support

Support for managed devices running on Windows 9x operating systems is discontinued. The Flexera Software administrative system will retain the ability to author and maintain packages for deployment to Windows 9x devices that use earlier releases of Deployment Manager for managed devices. However these devices cannot be upgraded to Deployment Manager for managed devices 7.9 or later.

Adoption and zero touch inventory of non Windows devices

The Adoption and zero touch inventory agents currently do not support File or HTTPS protocols for file upload and download on non Windows devices. Only HTTP and FTP protocols are currently supported.

Features Comparison

Not all Deployment Manager features available on Windows managed devices are available on non Windows managed devices. Refer to the Supported Features Comparison in the administration server online help for a summary of supported Deployment Manager features across OS X, Solaris, Linux, AIX, HP-UX and Microsoft Windows platforms.

Deployment Manager known issues

The following issues are known in the Deployment Manager 9.0 release.
Admin console
39283 Domain config UI does not work from a remote console
37406 DSs cannot be adopted after being added to the distribution hierarchy
37565 Failed adoption of a DS may be reported as a success
Application usage
45206 Application usage logs with an empty NAME attribute fail to import
47380 Usage reports inconsistently include computers outside date range
58004 Usage reports may show bogus applications if UseAddRemove=true
58103 Blank or NetBIOS domain reported for users in usage files
70533 Application Usage update date
73352 Usage reporting inaccurate for machines that are suspended over weekends
73397 Not getting usage from significant #s of computers
75421 Active time may exceed total time on the usage report
Configuration UI
36899 Unable to start multiple config consoles when mmc.exe.config is present
40626 Enter "edit" mode immediately after creating new MD settings folder
40828 MD settings can't be deleted after removal from policy without polmerge
75370 wmitrack.ini import is not robust
76133 MGSConfigure wizard does not function properly on OS X
37286 Devices that connect to both VPN & LAN may be discovered multiple times
37442 Undiscovered but inventoried devices are shown with "Unreported Domain"
40245 Only one NetworkDevice record for all VPN devices found by discovery
57584 Discovery shows only one node from Network Load Balancing (NLB) clusters
76394 Mgsipscan results of VLANs contain duplicated MAC Addresses
28534 Event logs for failed remove jobs are not created for child DLs
28591 Synchronize of a non-shared DL does not pick up policy archive
31028 Synchronize of a DL on a Novell FTP servers does not work
33772 DS DNS name must match name in hierarchy for job polling to bootstrap
35582 Distribution subsystem may hang when using a Solaris 8 FTP server
42655 Empty folders are not deleted when deleting packages
46634 "Cleanup old policy files" option in wizard not available from nddistrb
46676 Old distribution event can overwrite more recent state recorded in DB
51940 Packages without info in dist cache do not get removed from staging area
52515 DS may be shown as offline with empty job type names in system status
53163 DS authentication with a group in a foreign domain does not work
55009 Packages cannot be deleted from DSs after manual copying and synchronize
55506 Empty package files created if DL$ share points to same folder as DS$
57820 replag.log file grows infinitely on admin server while console is open
58226 Update Failover Locations fails if CompatibilityWithNDG setting = true
58493 Polling DS stops receiving jobs if it is recreated in the hierarchy
75395 Bandwidth Throttling numbers inconsistent between 7.9 and 8.2
75741 DS may lose its configuration when out of disk space
78006 IncludeExtension Incorrect in Ref-PreferencesForMD.pdf for 8.5
78871 "CheckServerCertificate" preference is undocumented
78872 Details about rights required for ESX inventory not documented
Install wizards
31095 Admin server install fails if non-ASCII chars in ManageSoft folder name
31096 Domain name on which the AS is installed can't contain non-ASCII chars
39256 Polling mode needs manual config if parent and child DS accounts differ
39996 Default mgssetup.ini should be in the MD and DS self-update packages
42961 Upgrading MGS admin server overwrites existing Web.config file settings
46027 Standalone DPE easy to misconfigure because install wizard hard to use
47393 Default membership of MGS Distributors group may be inappropriate
55769 DS uploading functionality broken if MD software is installed
56646 Virtual directories reconfigured to use ASP.NET 2.0 during AS install
75324 Cannot prevent usage agent from installing during client install
75932 Deployment Manager installation fails if FIPS policy enforced
76696 Interacting with the desktop error on Windows 2008 R2
77950 Bug when EDS installed to a non-default location
27700 User policy and schedule updates may not work with folder redirection
31483 Dependent packages are not uninstalled when top level pkg is uninstalled
32102 Bootstrap location is lost after failed boostrap on Unix
32154 No event logs generated if install fails due to network outage on Unix
32156 No event log when uninstall a package using the Unix client command line
33244 Staged files are not removed if package is taken out of policy
34419 Installed packages don't get uninstalled if pre-reqs are no longer met
40441 Old schedules are still reported as installed after new schedule applied
40780 Install of MSI package fails if .msi placed in same folder on DL as .ndc
40815 Network{High,Low}Usage saved from bandwidth slider are ignored
45227 Reboot required by prereq package is skipped if parent package fails
45776 Citrix callout script gets run on machines that are not Citrix servers
46035 Verify/repair of customized package tries to go to DL for base pkg OSD
52345 Setting NetworkMaxRate installation agent preference has no effect
52521 Package activation time ignored when upgrading a package with staging on
53311 Behavior based on if user is logged on doesn't work with custom shells
53324 Packages with thousands of files fail to install in UNIX/Mac platforms
54682 Callout processing in base package fails installing custom package
56927 "Before install" run command not executed if installer installer not run
56954 Download attempts continue after user cancels download in Auto UI mode
57134 File that keeps same size between package revisions may not be updated
57144 Installation error reported when package installed under fixed profile
57348 Reports show install as pending when updated package is not required
57735 "ndlaunch -a PackageName" fails with error "format not recognized"
58871 MsiUninstallArgs can't be specified when a package is uninstalled
58918 Variables referenced in MsiUninstallArgs preference are not expanded
59144 Callout on dependent package not executed
75423 Java based MDs uneccessarily loads the ndc of "not applicable" packages
75728 Linux/OS X/Solaris client issue handling files larger than 2GB
Internal infrastructure
43110 Command line processing fails to strip trailing double quote after \
78606 System event log errors each minute after installing DM8.5 admin server
33033 Can't use diff inv with Description=$Value in specific registry trackin
34894 Solaris inventory does not include software patches
44008 Different packages with same name & version may be reported as installed
47415 Inventory import fails with duplicate path under Reporter\CV\Registry
56733 IncludeRegistry support for wildcard within registry name
75561 Not able to get an ESXi Server Inventory from free version
77300 Oracle audit information may be missing hardware inventory
78730 Oracle Audit Evidence export does not include non DM hardware inventory
39510 Parts of licensing ignore installations on computers in containers
53103 Code file needs to be hacked by user to get licensing reports appearing
Network operations
47877 HTTP PUT fails if file contains # characters in its name
Operations portal
47151 Menus defined in pre-7.8.1 Module.config files don't appear in 7.8.1+
56663 Error writing to event log using Operation Portal as a non admin user
Packaging and receiving
37074 3rd party install wizard copies *all* files in same dir as selected EXE
41044 Same MST file cannot be in both a base package and its customization
42454 Random packing console crashes deleting nodes in a package
43977 Failure to apply a transform is not detected and reported in MSI wizard
44806 Can't distribute >1 custom pkg at a time where the base pkg has a prere
48902 nddlm does not populate DB with information about custom packages
51455 Random packaging console crashes adding prerequisite packages
51984 Packer generates OSD files with invalid UTF, leads to parsing exceptions
53323 pkginfo.config files in Solaris packages are lost during packaging
54906 "Unspecified error" from COM importing RPM with non-existent dependency
56849 Unclear error when deleting a package that is still in policy
58547 Empty HW class & property lists adding HW prereq on packaging factory
75434 Packages with no metapkg.ndc.gz are repacked
75772 OS X package fails to import if path typed in manually
77402 Incorrect priority/order of run commands with different architectures
43012 Uninstallation of MD leaves packages in cache
48179 Packages cannot be installed from non-DL filesystem if P2P is in use
51168 p2p fail to down load packages with long name
57878 Read-only files are left in P2P cache but removed from catalog.ctx
Policy distribution
30221 Policy distribution fails with OU names containing " (double quotes)
45376 NPL file may not be generated if a user and computer have the same name
73574 Policy distribution may fail if there is non-ASCII characters in OU name
Policy editing
37171 Need to be able to use Add to Policy wizard for MD settings & schedules
46453 mgspoled does not validate package paths being added to policy
46876 Group filtering in Add to Policy wizard works incorrectly cross domain
47245 DPE always removes non-existent schedules from policy
51653 Package filtering may be removed if group moved in AD while DPE is open
Policy merging
35808 SSPM generates .npl files using computer CN but MD expects SAM AC name
41463 Policy data about Admin accounts from different domains incorrect
42937 polmerge fails if the domain GUID changes in AD (e.g. domain rebuild)
45683 All but one GPO with same GUID appears in the ManageSoft database
45744 Info about filtering by groups from root domain not accurately recorded
46888 User policy merge using a local account can cause domain account lockout
79106 Policy management fails in black box domain with long computer names
Remote execution
51958 Unclear: Time for RE tasks with dynamic device selection local to the AS
52528 DSs used for RE cannot be controlled with dynamic target selection
54437 Usability problems in selecting DSs in remote execution wizard
55478 Remote execution may target the wrong machine if DNS/IP info out of date
58649 Remotely executed apps fail to access network on Vista workgroup members
70652 Oracle/ESX/AMT inv tasks fail if strict mode enabled w/out RPC creds
75604 Add package to policy wizard auto generates remote task to update policy
75873 RemoteExecution alerts in event log if interactive services disabled
78607 Windows ndtrack command line shown for UNIX remote inventory
78640 SSH logon with "\" in username is not allowed
27118 Installations of dependent packages are reported as "out of policy"
27445 Special characters in OU names cause problems with reports pages
30198 Filtered report page number links above 10 link back to pages 1 to 10
33493 Installation reports don't list packages that aren't in the SW library
34863 Incorrect subnets for adapters with >1 IP address shown in asset reports
39751 Drilldown from software installation summary reports may show extra rows
42053 Software report lists everything but drill down only lists used versions
42966 Report sorting may sometimes fail with reference to irrelevant column
43947 "NT4 domain" heading in "Computer * domain and role" reports incorrect
53510 Installation Pending/Failed/Postponed reports slow at large scales
78627 Oracle inventory importer should be case sensitive for user names
Rights and Roles
52507 ArgumentOutOfRangeException reported in non-AD mode if user is not in DB
26490 Renaming/removing distribution group breaks schedules without warning
31284 Need a way for non-admin users to run pre-approved commands as System
31729 Changed Update User Policy events stop executing until next logon
45217 Schedule agent may invoke policy agent with bad case in path to .npls
45300 Scheduled events have duplicate names by default and can't be renamed
45515 ndpolmig overwrites customized policy update events in schedules
58183 Currently running scheduled events may be re-run on network connection
79191 Task scheduler corrupted on restart for 64 bit Linux client machines
27066 Admin users can't uninstall mandatory packages using selection agent
29025 Pre-req pkgs of manadatory pkgs can be uninstalled using the Selector
37388 Opening the selector on Solaris may take a long time
42845 Custom config not shown using example selection agent config package
76664 Mandatory and Removable packages appear Optional in selector
78988 Cached failover settings get reapplied in preference to server failover
56212 Obscure ASP.NET error 1309 in event log on problematic uploads
70432 Path MKCOL forbidden
75828 Admin Server calling ndupload and getting 'file not found' errors
Wake on LAN
31100 Managed device with NIC inventoried twice halts creation of WOL job

Security Manager limitations

The following are limitations of the Security Manager 9.0 release:

Security Manager node may disappear from the administration console

The Security Manager node may disappear from the administration console after upgrading a Deployment Manager for administration servers installation. Performing a Windows Installer "repair" operation of the Security Manager product from Add/Remove Programs will resolve this issue.

Blocked applications

Deployment Manager for managed devices can only block applications that load user32.dll. For example, the command prompt application (cmd.exe) does not load user32.dll, so Deployment Manager for managed devices cannot block this application.

Application blocking is not supported on computers with IIS installed

Security Manager agent software does not block applications on a Deployment Manager administration server, a Deployment Manager distribution server, or other computers with IIS installed, due to conflicts with IIS.

Microsoft Baseline Security Analyzer (MBSA) installation limitations

MBSA 2.0 will not install on Windows 2000 Professional unless service pack 4 or higher is installed. MBSA 2.0 performs scans on Windows 2000 SP4 and later operating systems and Flexera Software recommends that this service pack is installed on all Windows 2000 computers.

When upgrading from previous releases of Security Patch Management, the existing MBSA 1.2 packages can interfere with the installation of the new MBSA 2.0 packages due to prerequisite conflicts. To resolve this issue, older versions of the MBSA 1.2 packages should be removed from policy and replaced with the latest available MBSA 1.2 packages.

Additionally, it should be noted that MBSA 1.2.1 will incorrectly report Microsoft Internet Explorer 7 installations as IE6 installations. Further details about this problem and its recommended resolution can be found in Enterprise Deployment Suite Knowledge Center article 100790.

Configuration issues with Office patches

Some Microsoft Office patches require access to the original install media that was used when Office was installed. See Microsoft knowledge base article 828451 (http://support.microsoft.com/?kbid=828451) for details.

Proxy settings

Security Manager uses the proxy settings from Internet Explorer for downloading patches. This relies on the proxy to be entered explicitly in Internet Explorer. Switch to an explicitly specified proxy server if downloads are not working with the automatic proxy detection option set in IE.

Vulnerability scanning on Windows Vista

Microsoft MBSA does not currently return any security vulnerability information when run on Microsoft Vista platforms. Consequently, Security Manager is not able to report this information for Windows Vista based computers.

Download and import prerequisite packages

Prerequisite package refreshes are not supported from Security Manager remote consoles. Administrators must download the pre-requisite packages from an administration server.

Security Manager known issues

The following issues are known in the Security Manager Manager 9.0 release.
Application Blocking
56687 Application blocking does not work on Vista
Configuration UI
41010 Need to be able to suppress all reboots when applying security settings
76835 Client agent can't uninstall Windows 7 security patches(.msu style)
Packaging and receiving
46911 Patches with long names may not be added to policy after mgspatchreceive
Patch management
43767 Intermittent file in use error for mssecure*.cab during errata refresh
44334 SUSE patches do not get added to policy from admin server
57635 Superseded patches are hard to identify and manage in console
75481 Bulletins that supersede themselves will be put into hidden list
76457 Patch selections are not always saved
79297 ‘Hide bulletins’ in SM UI includes patches that are current and required
45332 Scan status drill down does not list "Unknown" machines
45333 Different Security Manager reports report on different sets of devices
74995 SPM reports with Maximum request length exceeded error
76718 Patches that are superseded are not reported explicitly in install logs
Security analysis
46066 MBSA preferences are inconsistently located and missing from CSPs
47568 Bad status reported for patches superseded by patches not in mssecure
54938 MBSA output fails to be found if %USERPROFILE% different from %APPDATA%

OS Deployment Manager limitations

The following are limitations of the OS Deployment Manager 9.0 release:

Internationalization limitations

OS Deployment Manager integrates with a range of technologies across a distributed environment. Due to limitations in some of these technologies, it is necessary to ensure that information transferred between them contains only characters in their respective supported character sets. Hence it is recommended that only standard characters are used in the naming of:

  • Managed devices
  • Domains
  • Installation directory chosen for OS Deployment Manager

Standard characters include letters (A-Z, a-z), digits (0-9), and hyphens (-).

Personality migration for Windows Server operating systems

Microsoft User State Migration Tool (USMT) does not support personality migration for any version of Windows Server operating systems. Capturing and restoring personality data to Windows Server requires custom scripts and Deployment Manager packages. For more information, talk with your Flexera Software consultant. Refer to the Microsoft USMT documentation for limitations.

Deployment Manager download and reporting locations must support file protocol

The Deployment Manager download and reporting location, typically shared as ManageSoftDL$ and ManageSoftRL$ respectively, must be configured to enable access using the file protocol in order to successfully use the Microsoft WAIK imaging tools. Refer to the WAIK documentation for further information about WAIK and its limitations.

Distribution of OS images limited to 4GB over HTTP, HTTPS and FTP

The Deployment Manager distribution infrastructure is unable to distribute files larger than 4GB over HTTP, HTTPS and FTP. To work around this issue, file protocol may be used, or alternatively images can be split into files that are each smaller than 4GB.

Unattended install of 64-bit operating systems

OS Deployment Manager release 8.5 does not currently support deployment of 64-bit operating systems using the unattended installation technique. These operating systems should be deployed using standard or hardware-portable installation techniques.

Deployment of Windows 7 and Windows Server 2008 R2 standard or hardware-portable images

OS Deployment Manager release 8.5 requires standard or hardware-portable images to be captured from a single disk partition. On a default install, Windows 7 and Windows Server 2008 R2 creates a separate reserved boot partition which cannot currently be captured by OS Deployment Manager.


To install Windows 7 or Windows Server 2008 R2 onto a single partition

  1. Boot from the installation media
  2. Choose a Custom (advanced)install
  3. Click Drive options (advanced)
  4. Click New
  5. Select the System Reserved partition and click Delete
  6. Proceed with the installation as per normal

Alternatively Windows 7 (32-bit) may be installed using the unattended installation technique.

Unattended install of Windows XP and Windows Server 2003, using other imaging technologies (non-WAIK) may fail to install Deployment Manager for managed devices

OS Deployment Manager release 8.5 does not currently support installation of Deployment Manager for managed devices during postwork processing of an unattended install of Windows XP and Windows Server 2003 using non-WAIK imaging technologies, such as Ghost. Deployment Manager for managed devices may instead be installed via Remote Execution based adoption or logon scripts.

OS Deployment Manager known issues

The following issues are known in the OS Deployment Manager 9.0 release:


Computer name mapping
30903 Machine naming page uses old computer names until AD reconcile is done
30968 Discovery data cannot be imported through UI if NNM is on a separate box
57869 Obscure failures reported handling images larger than 4GB
Install wizards
77889 Site server installer UI does not allow install folder to be customized
OS imaging
41670 OMC download failure ignored by DownloadOSMigrationConfigurationFile
45649 HTTP WiDep traffic does not support Windows Authentication
54530 User logged on and console is accessible during postwork processing
54840 WiDep7.2 PostWork uploads fail to 7.8.1+ admin server
55097 Bootstrap location may be set to C:\Stage when installing pre-staged pkg
75471 Missing drive configuration when importing an unattended image
77632 Error if the Windows folder and the boot files are on different drives
Rollout configuration management
31116 Can get circular references to OS image folders using 2 consoles at once


Powered by Zendesk