Forum Widgets
Latest Discussions
SCOM 2022 and SCOM 2019
Hello All I have just joined this forum after 48 hours of intensive struggling, I am trying to apply for a job that requires SCOM experience, so I tried to install it on my Windows server 2019 domain on my home lab, I found that setting up SCOMJ 2022 or 2019 is a complete nightmare, possibly I tried over 50 times to no avail, I consistently get the error message in the SCOM setup log of: Error: :PopulateUserRoles: failed : Threw Exception.Type: System.Runtime.InteropServices.COMException, Exception Error Code: 0x80070539, Exception.Message: The security ID structure is invalid. (Exception from HRESULT: 0x80070539) Error: :PopulateUserRoles: failed : Threw Exception.Type: System.ArgumentException, Exception Error Code: 0x80070057, Exception.Message: Value does not fall within the expected range. Error: :StackTrace: at Microsoft.EnterpriseManagement.Interop.Security.Auth.AzAuthorizationStoreClass.Initialize(Int32 lFlags, String bstrPolicyURL, Object varReserved) The SQL connection during setup is ok as the first DB OperationsDatabase is created but it gets deleted after that error due to a rollback. Can anyone help me please as I am just about to give up on the SCOM and the job Cheers
Cannot update to Update Rollup 3 for System Center 2022
Hi, I tried update my DPM 2022 to the latest version. I tried also via Windows Update and manually but both method is unsuccessful. When I tried windows update method I got the following error message: There were some problems installing updates, but we'll try again later. If you keep seeing this and want to search the web or contact support for information, this may help: (0x80070643) For manually update I run this package but the setup wizard didn't show up: dataprotectionmanager-kb5059073_ce4e4e4b8dd358bd0b79e77235e9945dc96131fa.exe I restarted the server as recommended by Microsoft and tried again but not helped for me. My dpm setup: Virtual Machine Windows Server 2022 Standard Language: English Region: Hungarian
Unable to update Service request via SCO runbook
Good afternoon, Everyone, I’ve started developing a series of runbooks for our new service desk implementation, and one of the key requirements is the ability to automatically update Service Requests and other work items during the workflow. However, I’m running into an issue when attempting to pass the GUID of the Service Request into the “Update Object” activity. Even though the GUID is successfully retrieved from the Service Request and passed into the runbook as an input parameter, the activity reports that the value is an invalid GUID. This suggests that either the GUID is being transformed somewhere in the process, isn’t being interpreted correctly by the activity, or the wrong property is being supplied even though the value appears correct when inspected within the runbook. At this stage, I’m trying to determine whether the issue is caused by the way SCSM exposes the GUID, how the runbook passes the parameter, or a limitation quirk within the Update Object activity itself. Any guidance or examples of correctly updating Service Requests via runbooks especially when using GUID values dynamically would be greatly appreciated.System Center Orchestrator 2022
I have automations set up for user terminations. When a user is termed, i want to be able to give the manager access to their one drive (sharepoint module issues). The way i am authenticating is with a cert, app-only authentication. the problem that i have found with connect-sposervice is that the module is older than the connect-exchange online module and it only looks in the current users cert store so when i run a command it says it cant find it. so Ok, i connected to powershell with the orchestrator service account and imported the cert to that local store but it still didnt work. I then tried to use the newer powershell module, connect-pnponline but that requires powershell 7.x.x to even run and orchestrator is using powershell 5 (at least its 64 bit) So i then try to run powershell 7 with a run .net activity but when i use orchestrator variables, it just comes out as garbled text since the activity isnt the one running the command. Any suggestions on how i make this work? As i have said, i just need orchestrator to be able to assign the manager as full control over a terminated user's onedrive. The exchange modules work great for app only auth, but the sharepoint ones just arent working for me. I used to pass a password using basic auth but that is now deprecated, (and its not a good practice to do that anyways). Thank you so much in advance for any tips or tricks to get this working.
Unable to patch Windows Server 2025/24H2
Windows updates will not display in software center for 2025/24H2 clients. Currently running SCCM version 2503 hotfix rollup KB32851084. SCCM client version on test server is 5.00.9135.1013. Test server OS is 24H2 build 2600.2894. I have verified that the 24H2 product is enabled in the software update point configuration and within the ADR. ADR preview shows the 24H2 update (KB5068861). I see KB5068861 under the deployments tab of the test server device. I have a daily maintenance window on the collection, and this shows on the test client within "installation status -->upcoming" tab in software center. I do realize that this hotfix rollup included a fix for 2025 OS. Windows Server 2025 updates use the incorrect Maximum run time value in the properties for the software update component. The value can lead to update installations being incorrectly canceled. I did change the maximum run time for KB5068861 from 10 minutes to 60 minutes. Could this be a metadata related issue with the existing KB that is currently downloaded to SCCM (via WSUS)? I hope I'm not missing something obvious but do welcome an easy resolution if that's the case. Thanks for any suggestions or troubleshooting suggestions.need help with a problem related to the system center
This problem started after the September database server update. I can't access the system center interface to view reports, see devices, check updates, track device status, etc. When I try to open it, I see the attached image. Has anyone else experienced this problem and resolved it? What is the solution for this issue?
How to Configure SCOM 2025 Email Alerts with Microsoft Graph or SMTP OAuth (SMTP AUTH Deprecation)
Hi all, I'm just getting started with SCOM 2025 and need help configuring email notifications to use modern authentication. I understand that SMTP AUTH is being deprecated by Microsoft in April 2026, so I want to set up either: Microsoft Graph API for sending alerts Or SMTP with OAuth 2.0 (e.g., via Office 365) I haven’t done any configuration yet—just looking for clear guidance on how to get started. Specifically: What steps are needed to register an app in Entra ID (Azure AD) to support this? What permissions should the app have (e.g., Mail.Send)? How do I configure the notification channel in SCOM to use OAuth? Is Microsoft Graph supported directly in SCOM 2025, or is SMTP with OAuth the only option? Do I need to manually generate tokens, or does SCOM handle that automatically once the app is registered? Any documentation, walkthroughs, or examples would be hugely appreciated. Thanks in advance!
System Center Orchestrator SSL error when running DBConfig against existing DB
Hey all, I migrated the server to a new AD domain, and ran a repair on SQL, and re installed Orchestrator. SQL is working as expected. but when Orchestrator goes to configure the Database, it gives an ssl error. I told it to trust the server cert, SQL is on the same server. It sees the existing Orchestrator DB, but gives ssl error, even i try to use it, or try and create a new DB. Orchestrator 2025, SQL 2022 This is in the dbconfig error log The certificate chain was issued by an authority that is not trusted. Do I need to delete the certs form the old domain or something weird? (We don't have the new CA set up yet; I just need to run locally for now) TY
Orchestrator 2025 Security Credentials Problem
Hi, I’m experiencing an issue in SCO 2025 that has occurred across three different installations. In the Text File Management and File Management IPs, I’m unable to save the security credentials information for the activities. In other activities, such as Get Service Status, it works as expected. If I enter the account information, click Finish, and then reopen the properties, the fields are empty. As a result, the activity runs using the service account specified for the Orchestrator Runbook Service. Has anyone else experienced the same issue, or could there be something wrong with my installations? Get file status: Get service status:All Clients Showing with Question Mark in MECM Console - ResourceID Issue
All of a sudden (2 weeks ago) all my MECM Clients (~ 4000) in MECM 2409 are showing with a question mark (?) in the console and no values in Last Online Time, Last Activity or HeartBeatDDR. Upon investigation in the statesy.log file on our single site server we see the following message for all clients: SQL MESSAGE: dbo.spProcessStateReport - The record for machine MYCLIENT (GUID:CF5413C8-1DA7-450D-9243-33DB539DE8FF) was not found in the database. SMS_STATE_SYSTEM 24/09/2025 10:36:45 15356 (0x3BFC) We then ran MS SQL profiler and see that this external CLR stored proceedure checks for the existince of the client in the SQL view vLocalSystemIDXRef. This view is defined as follows: create view [dbo].[vLocalSystemIDXRef] as select MachineID, GUID from MachineIdGroupXRef where ArchitectureKey=5 and MachineID between dbo.fnGetSiteRangeStart() and dbo.fnGetSiteRangeEnd() The issue is that all clients are actually in the underlying table MachineIdGroupXRef but due to the filter dbo.fnGetSiteRangeStart() and dbo.fnGetSiteRangeEnd() they are not part of the view. The reason is their ResourceID is only 4 digits and the value returend from fnGetSiteRangeStart is 16777216. Q: How could the clients be getting this 4-digit resourceID all of a sudden? We have made no chnagesto MECM (no upgrades, DB restores etc. ).
