Error Installing Cisco Anyconnect Secure Mobility Client: Must Be Admin to Install

 Click Start and type “regedit” in the box.


A dialogue box will pop up with the following text: Do you want to allow the following program to make changes to this computer?

Click Yes.


Browse to the following location: HKEY_CLASSES_ROOT\Installer\Products\


Within the Products folder, locate and delete the registry key which contains product information for Cisco AnyConnect. (We recommend making a backup of this registry key before deleting it.)


Each registry key within Products is an alphanumeric string. Select the first key and look on the right side for ProductName REG_SZ Cisco Anyconnect Secure Mobility Client. Go through each key in the Products folder until you find the one for Cisco AnyConnect.


For example,

the registry key GUID for Cisco Anyconnect Secure Mobility Client v4.4 is  31D43F43B3678C84490E6DDCF38F2486

the registry key GUID for Cisco Anyconnect Secure Mobility Client v4.5 is  89A926BE96E58E04ABE93C3998F959D9

the registry key GUID for Cisco Anyconnect Secure Mobility Client v4.10.05111 is A5EF3288780FD794198D259C9799A4B0


Each version of Cisco Anyconnect Secure Mobility Client will have a different GUID for this registry key.


Close the registry editor.


Install the latest version Cisco Anyconnect Secure Mobility Client.

MP Control Manager Detected User Service is not Responding to HTTP Requests. The HTTP status code and text is 12175, . Message ID: 5490 Source: SMS Server Component: SMS_MP_Control_Manager

 This error was encountered on a MECM Management Point using PKI certificates for IBCM. The cause of the error was discovered to be an expired certificate. 

Open CERTLM (Certificates - Local Computer\Personal\Certificates) and review expiration date for all listed certificates. Reissue any expired certificates and import.

Uninstall Windows Built-in Apps With Powershell

The following Powershell script uninstalls Windows built-in apps for all users on a machine with specific exceptions:


$GoodPackages = 'Camera',

'Calculator',

'Microsoft.WindowsCalculator',

'Microsoft.WindowsCamera',

'Microsoft.SecHelathUI',

'Microsoft.VP9VideoExtension',

'Microsoft.WebMediaExtensions',

'Microsoft.WindowsTerminal',

'Microsoft.Paint',

'Microsoft.MSPaint',

'Microsoft.MicrosoftEdge*',

'Microsoft.Net*',

'Microsoft.WindowsNotepad',

'MicrosoftTeams',

'Microsoft.MicrosoftStickyNotes',

'Microsoft.ScreenSketch',

'Office',

'OneNote for Windows 10',

'Notepad',

'snip & sketch',

'Voice Recorder'


$packages = Get-AppxPackage -allusers | Where-Object {$_.Name -notin $GoodPackages}


foreach ($package in $packages) {

Remove-AppxPackage -allusers $package.PackageFullName

}


$provisionedPackages = Get-AppxProvisionedPackage -online | Where-Object {$_.displayName -notin $GoodPackages}


foreach ($provisionedPackage in $provisionedPackages) {

Remove-AppxProvisionedPackage -online -packageName $provisionedPackage.PackageName

}

RSAT Fails to Install on Windows 11 Installer Encountered an Error: 0x8024001d

 When attempting to install RSAT tools on Windows 11, an error is encountered


This error is a result of the installer being unable to access online content from Windows Update.

To quickly resolve this issue, make a temporary change to the registry settings on the machine.

Start

Run 

Regedit

Navigate to:
Computer\HKEY_Local_Machine\Software\Policies\Microsoft\Windows\WindowsUpdate\AU

change the value for UseWuServer from 1 to 0

Start or Restart the WindowsUpdate Service from Services.msc

Reattempt to install RSAT

once RSAT tools are installed, reset the registry key to 1

Restart WindowsUpdate

MECM SCCM: Site Component Manager Failed to Install Component, Because Microsoft Installer File for This Component (bgbisapi.msi) Could Not Install

Issue

 After installing a MECM hotfix update, the following error began showing in Component Status for SMS_NOTIFICATION_SERVER:


Site Component Manager Failed to Install Component, Because Microsoft Installer File for This Component (bgbisapi.msi) Could Not Install

Source: SMS Server

Component: SMS_NOTIFICATION_SERVER

Severity: ERROR

Message ID: 4951



Resolution

Restore Performance Counter Registry Settings

  • On the Site Server, open a command prompt with administrator privileges
  • run the following command:
    LODCTR /R

  • If the command fails with error code 2, run the command again:
    LODCTR /R
  • Restart the Site Server


Microsoft Endpoint Configuration Manager - MECM - SCCM Error: Distribution Manager Failed to Find or Create the Define Share or Folder on Distribution Point

 Configuration Manager Error

While reviewing:

Monitoring - Overview - Distribution Status - Distribution Point Group Status - All Distribution Points

Noted error distributing content:
Distribution Manager Failed to Find or Create the Define Share or Folder () on Distribution Point

=================================================

Summary

The Distribution Manager failed to find or create the defined share or volume on the distribution point for distributing the package.

Causes

This condition could occur because Windows NT distribution points might not have at least one available NTFS drive.

Resolutions

Verify that there is at least one NTFS drive with enough free disk space to store the package. Then, verify that the distribution point directory exists, has the proper permissions, and is accessible.

=====================================================================

Upon reviewing distmgr.log on site server, noted the following error:

Failed to find a drive with 83,958,980 KBytes of free disk space SMS_DISTRIBUTION_MANAGER


Resolution:

Increased drive capacity on distribution server



Microsoft Endpoint Configuration Manager MECM SCCM Failed to Decode Message Hook Authenticate Error 0x87d00309 InvokeDecodingHooks failed 0x87d00309 HandleRemoteSyncSend Failed Cforwarder_Sync:Send failed

After upgrading to MECM current version 2111, deployments were not progressing, imaging was failing, devices all showing offline in Assets and Compliance - Devices. 

 Upon reviewing CcmMessaging.log (C:\Windows\CCM\logs) on a client machine, the following error messages were noted: 
Failed to decode message. 
Hook authenticate. Error 0x87d00309 
InvokeDecodingHooks failed (0x87d00309). 
HandleRemoteSyncSend failed (0x87d00309). 
CForwarder_Sync::Send failed (0x87d00309). 
CForwarder_Base::Send failed (0x87d00309). 

After coming through server logs, discovered an issue with Active Directory Publishing 
In Endpoint Configuration Manager console: Administration - Hierarchy Configuration - Active Directory Forests 
Publishing Status was blank Right Clicked domain for domain properties 

When domain properties displayed, clicked Publishing tab Site was not checked under "Select the site that will be published" 
checked the checkbox by the sitename 
clicked OK 
Publishing status updated to display "Insufficient Access Rights" 

MECM AD Forest publishing requires that the Management Points computer accounts have full access to the System Management OU in AD 

Launched Active Directory User and Computers 
Clicked View and select Advanced 
expanded domain expanded System 
right clicked System Management
clicked properties 
clicked Security tab 

Noted only one MP listed with full access, but permissions were "This Object Only"
Changed permissions to "This object and all descendant objects" (as per https://docs.microsoft.com/en-us/mem/configmgr/core/servers/deploy/configure/publish-site-data)

Added computer account for second MP, granted full access and set permissions to "This object and all descendant objects" 
Clicked OK 
Closed AD Users and Computers 
 Refreshed screen in MECM console for Administration - Overview - Hierarchy Configuration - Active Directory Forests 
After a few minutes, publishing displayed "Succeeded" 
 After 30 minutes, devices began to show online in Assets and Compliance - Devices 
After an hour, deployments began to show progress. 
Tested imaging a workstation and it completed successfully.