Unable To Get Locations No Need To Continue With Download Sccm
Luther Lazaro
Hi, I work at an organization with 1 site and 7 distribution points (6 on prem and one cloud DP). I am getting the 0x87D00607 on every application that our users try to install via software center. I have checked everything in your post about this error and all seems well. The one thing to note is that we recently changed VPNs from cisco to forticlient. Whenever someone creates a tunnel to work and tries to install something via software center it fails with the 0x87D00607 error no matter the application. When we disconnect the VPN and the machine is still connected to the internet the software downloads from the cloud DP and installs just fine. Also machines in the office that do not need to use our VPN work just fine as well. Any thoughts as to why our VPN is stopping the download of the content? I assume that is what is happening.
You need to have enabled HTA-Support in your boot image for this solution to work.
You can find a step-by-step guide here on how to enable HTA-Support; -hta-support-to-a-boot-image-with-configmgr-2012/
unable to get locations no need to continue with download sccm
Download Zip ……… https://t.co/a1UmHT9QkL
...it ignores the existing files and tries to download the bundle again. I'm in a country with poor quality internet connections and the MS downloader is both extremely sensitive to momentary losses in connection and unable to resume downloads that are interrupted: re-downloading the files is not an option.
I don't believe the version number is essential (and I'm not re-installing to find out!); if anyone with similar problems discovers they do need theirs, I took mine from the folder name under Office\Data.
Alex York is leaving IFAS for a new UFAD/SCCM position with CNS/OSG. We wish Alex the best of luck and are confident he will continue to support us indirectly from his new "loftier" position. Chris Leopold has put together an interview committee for Alex's replacement.
On campus IFAS has over twelve academic departments with local IT support personnel and other departments w/o local support are handled by the IFAS Help Desk. We have a server support group (ITSA) that is called upon to assist local staff and sometimes handles direct support as well if needed. Finally we have IT support for various administrative units as well.
Rob noted that they are still refining this process and looking into developing a forum that would permit broader and more direct input from individuals at all levels across campus. This idea was initiated by Engineering and Rob believes it would be a valuable addition to the process. Today, however, Wendy, Dan, and the rest of the folks in the Campus IT Directors group are expected to provide their staff with these things for their review and further vetting with individual departmental constituencies. Rob mentioned that the planned forum would also provide a means of giving feedback on policies that were proposed but unable to be implemented for one reason or another; currently there is no mechanism for providing that information back to the community.
Rob said that he has been at UF three years now, and when he arrived he was hit with three major concerns from administration that needed addressing. Two of those were the Acceptable Use Policy and the UF Regulation for IT both of which required revision. The third concern related to the loss of mobile devices with UF ending up on the news and having to notify individuals of potential privacy violations. These devices were not secured appropriately, there is restricted data on them, and people were losing them; UF needed a Policy and Standard in place to fix that.
Dennis Brown asked what the overall experience has been with PGP and Avi responded that we currently have over 4000 laptops encrypted with the product. Avi was aware of very few problems. Upon hearing that we didn't feel enough training materials had been made available Avi asked what he might be able to do to improve that. Jimmy Anuszewski stated his feelings that as important as encryption is that he feels we should have annual workshops or at least something on-line that we can review as needed. Wendy Williams agreed that yearly encryption seminars would be good; they would serve as refreshers for non-security experts as well as for incoming IT support staff. Additionally, they would serve to keep us current with the constantly changing technologies and regulations.
Steve asked the very practical question of whether instead of switching all his encrypted laptops from BitLocker to PGP WDE that it would be reasonable to keep them on BitLocker until this new PGP agent was available. In response, Avi explained that Rob has been working with General Counsel to put together some documentation requirements for those using native encryption that doesn't meet all current Policy dictates and that would hopefully protect UF should something happen. Rob said that there currently is no case law for a Safe Harbor provision on anything that is not like the PGP solution, but Rob said that he understands our issue and realizes that we are all doing our best to protect the university's data and systems. He asked Counsel how he can tell someone who has taken the effort to encrypt a device that it's not good enough. The result was the development of a documentation exercise that we need to go through in order to use products such as FileVault and BitLocker that will put UF, according to the Counsel's Office, in the best defensible position. This will be announced soon.
Kevin Hill mentioned the need to have a location where smartphone users could be referred for information on what devices were and were not compliant. Avi responded that this was the intention behind the creation of the Mobile Device Compliance web page. This is meant to help end users take care of things for which they have personal responsibility should they be used for university business. Originally there were instructions here for FileVault and BitLocker, but those were removed because those methods do not meet the Policy requirements. Now that new documentation requirements are soon to be published, they should be able to restore those instructions to that site. The instructions for various platforms are available via buttons across the top or links within the "How" section.
Dennis Brown asked about enforcement. Rob responded that they had really wanted to turn some technology on effective August 17th but the risk of doing so was too great. At the end of the day people need to get their work done and crippling the university was simply not an option. Unfortunately the technology, especially for smartphones, is currently insufficient. Rob personally likes the technology that sort-of split-brains the device into personal and work areas so that UF could remotely wipe the business-side without eliminating personal data that we all keep on such devices. These technologies have been slow to evolve, however. This is one of the areas that is being investigated by an Endpoint Protection Platform working group that has been working for quite some time under the lead of Geof Gowan of PHHP IT.
Wendy Williams mentioned just learning that one of her users had purchased an external HDD; she wanted confirmation that this device must be encrypted if it is to be plugged into a UF computer. Avi responded that the answer was yes according to the Standard, but that this was a case where the technical solutions are somewhat lacking. Wendy asked if the Mobile Device Compliance web site had information on how to handle such devices and Avi responded that this web site was meant more for end users. Wendy said that this is where she has been sending people, but it is also where she has gone to get information. Wendy went on to say that this was one of the reasons she had wanted Avi and Rob to come talk with us today; we are all overworked anyway and we need help with learning new security techniques.
Wendy asked if she was responsible if a faculty member refused, for example, to let her encrypt an external hard drive. Rob responded that she would not be responsible; rather that individual would be responsible. Avi and Rob said that the proper course to take in such circumstances would be to document the situation. You would send the individual an e-mail saying that you understand they have this device and you need to encrypt it for them. If the faculty refuses or doesn't respond then you follow up with a message informing them that they are violating the policy; Rob suggesting siting the regulation as well as that is where the "teeth" lay.
Wendy Williams raised the issue of her struggles with the SafeConnect posture assessment. We are asked not to make users local administrators on their machines but the posture assessment on wireless for laptops is now making it abundantly clear that our patching procedures are not yet mature enough to truly support doing that. While IFAS does use WSUS for Windows updates, individual IFAS units currently have little to no automated tools available to assist with third-party application updates. The Secunia software which UF purchased to provide the means for this is not made available to unit staff individually; with SWFREC as the single exception, all of IFAS utilizes a single WSUS server but doesn't have the centralized staffing available to manage third-party patching for all via Secunia. The plan has been to eventually utilize SCCM for that, but such efforts continue to be delayed by the slow progress of UF's centralized SCCM project. As a result, the majority of our unit IT support staff are either leaving third-party patching up to the end users or spending a great deal of time installing updates by hand themselves. The former doesn't get the job done and the latter takes time away from the support staff for addressing other important duties.
Avi pointed out that the EPP Project may solve our third-party patching issues eventually. The idea behind that was that we currently have all sorts of different agents working on various aspects of management; wouldn't it be great if we could find a single "one agent to rule them all" solution that could address all of those needs. This workgroup has been setting up proof of concept trials this summer with various vendors.
08ab062aa8