Message

GetServerComponentAsync method started.

Fields

Message

GetServerComponentAsync method returned Completed.  Restart required: %1

Fields

Message

GetServerComponentAsync method returned InProgress. %1 of %2

Fields

Message

GetServerComponentAsync method returned Failed. Error: %1

Fields

Message

GetEnumerationState method started.

Fields

Message

GetEnumerationState method returned Completed. Restart required: %1

Fields

Message

GetEnumerationState method returned InProgress. %1 of %2

Fields

Message

GetEnumerationState method returned Failed. Error: %1

Fields

Message

GetServerComponent request started on a separate thread.

Fields

Message

GetServerComponent request ended on a separate thread.

Fields

Message

Generic Deployment Error: %1.

Fields

Message

Starting a GetServerComponent request.

Fields

Example Event

system:
  provider: Microsoft-Windows-ServerManager-DeploymentProvider
  guid: 66AF9A38-2D94-11E0-A076-8534E0D72085
  event_source_name: ''
  event_id: 111
  version: 0
  level: 4
  task: 2
  opcode: 0
  keywords: 9223372036854775808
  time_created: '2022-04-07T17:38:27.108245+00:00'
  event_record_id: 97
  correlation:
    ActivityID: 49C8BFAA-E4DA-4AEB-9E40-EA3CAAEDBA1F
  execution:
    process_id: 3364
    thread_id: 3920
  channel: Microsoft-Windows-ServerManager-DeploymentProvider/Operational
  computer: WIN-FPV0DSIC9O6.sigma.fr
  security:
    user_id: S-1-5-18
event_data:
  requestGuid: 5F4BA7DD-8723-42A4-9016-E0DD80603263
message: ''

References

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Message

Completed processing the GetServerComponent request.  Restart required: %1

Fields

Example Event

system:
  provider: Microsoft-Windows-ServerManager-DeploymentProvider
  guid: 66AF9A38-2D94-11E0-A076-8534E0D72085
  event_source_name: ''
  event_id: 112
  version: 0
  level: 4
  task: 2
  opcode: 0
  keywords: 9223372036854775808
  time_created: '2022-04-07T17:38:27.423429+00:00'
  event_record_id: 99
  correlation:
    ActivityID: 49C8BFAA-E4DA-4AEB-9E40-EA3CAAEDBA1F
  execution:
    process_id: 3364
    thread_id: 3920
  channel: Microsoft-Windows-ServerManager-DeploymentProvider/Operational
  computer: WIN-FPV0DSIC9O6.sigma.fr
  security:
    user_id: S-1-5-18
event_data:
  restartRequired: false
  requestGuid: 5F4BA7DD-8723-42A4-9016-E0DD80603263
message: ''

References

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Message

An error occured while processing the GetServerComponent. Error: %1

Fields

Message

An error occured while creating Wbem CIM entry: %1 ClassName: %2 Error: %3

Fields

Message

Component %1 has invalid DISM state %2

Fields

Message

AddServerComponentAsync method started. Adding ClassNames: %1

Fields

Message

AddServerComponentAsync method returned InProgress. %1 of %2

Fields

Message

AddServerComponentAsync method returned Failed. %1

Fields

Message

Processing request to add Server Components: %1

Fields

Example Event

system:
  provider: Microsoft-Windows-ServerManager-DeploymentProvider
  guid: 66AF9A38-2D94-11E0-A076-8534E0D72085
  event_source_name: ''
  event_id: 203
  version: 0
  level: 4
  task: 4
  opcode: 0
  keywords: 9223372036854775808
  time_created: '2022-04-07T17:06:34.072695+00:00'
  event_record_id: 22
  correlation:
    ActivityID: B118776B-5149-4D4B-8531-A47C40BCC8BA
  execution:
    process_id: 3948
    thread_id: 4900
  channel: Microsoft-Windows-ServerManager-DeploymentProvider/Operational
  computer: WIN-FPV0DSIC9O6
  security:
    user_id: S-1-5-18
event_data:
  serverComponentNames: AD-Domain-Services,GPMC,RSAT,RSAT-AD-AdminCenter,RSAT-AD-PowerShell,RSAT-AD-Tools,RSAT-ADDS,RSAT-ADDS-Tools,RSAT-Role-Tools
  requestGuid: 1DD4A88D-89D0-3C62-07DD-A16DAD2C3B49
message: ''

References

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Message

Add request complete. Server Components added: %1

Fields

Example Event

system:
  provider: Microsoft-Windows-ServerManager-DeploymentProvider
  guid: 66AF9A38-2D94-11E0-A076-8534E0D72085
  event_source_name: ''
  event_id: 204
  version: 0
  level: 4
  task: 4
  opcode: 0
  keywords: 9223372036854775808
  time_created: '2022-04-07T17:07:12.593098+00:00'
  event_record_id: 32
  correlation:
    ActivityID: B118776B-5149-4D4B-8531-A47C40BCC8BA
  execution:
    process_id: 3948
    thread_id: 4900
  channel: Microsoft-Windows-ServerManager-DeploymentProvider/Operational
  computer: WIN-FPV0DSIC9O6
  security:
    user_id: S-1-5-18
event_data:
  serverComponentNames: AD-Domain-Services;GPMC;RSAT;RSAT-AD-AdminCenter;RSAT-AD-PowerShell;RSAT-AD-Tools;RSAT-ADDS;RSAT-ADDS-Tools;RSAT-Role-Tools;
  requestGuid: 1DD4A88D-89D0-3C62-07DD-A16DAD2C3B49
message: ''

References

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Message

RemoveServerComponentAsync method started. Removing ClassNames: %1

Fields

Message

RemoveServerComponentAsync method returned InProgress. %1 of %2

Fields

Message

RemoveServerComponentAsync method returned Failed. Error: %1

Fields

Message

Processing request to remove Server Components: %1

Fields

Message

Remove request complete. Server Components removed: %1

Fields

Message

GetAlterationState method started.

Fields

Message

GetAlterationState method ended. Reboot required: %1

Fields

Message

GetAlterationState method returned InProgress. %1 of %2

Fields

Message

GetAlterationState method returned Failed. Error: %1

Fields

Message

Calling MI_RefuseUnload method.

Fields

Message

Calling MI_RequestUnload method.

Fields

Message

CreateEvent method call failed.

Fields

Message

CreateMutex method call failed.

Fields

Message

MI_PostResult method call failed.

Fields

Message

MI_Application_Initialize method call failed.

Fields

Message

MI_Application_Close method call failed.

Fields

Message

MI_RefuseUnload method call failed.

Fields

Message

MI_RequestUnload method call failed.

Fields

Message

The KeepAlive Callback method threw an exception.

Fields

Message

Starting the KeepAlive Mechanism.

Fields

Message

The KeepAlive Mechanism started on another thread.

Fields

Message

The KeepAlive Mutex is in Abandoned state.

Message

Loading Deployment provider.

Message

Unloading Deployment provider.

Message

Invalid Request GUID: %1

Fields

Message

A WMI operation failed. Op: %1 ErrorCode: %2

Fields

Message

Exception detected while reporting a failure. Unable to recover. %1

Fields

Message

ExecuteEnumerationCommand %1 Guid %2.

Fields

Message

ExecuteEnumerationCommand ReadFromCache %1 Guid %2.

Fields

Message

ExecuteEnumerationCommand SpawnThread %1 Guid %2.

Fields

Message

Enumerate Function Call %1 Guid %2.

Fields

Message

Component Repository LoadFromCache %1.

Fields

Message

Component Repository BuildRelationshipModel %1.

Fields

Message

Component Repository ScanSystem %1.

Fields

Message

Create DismSessionManager %1.

Fields

Message

LoadRepository delete existing components %1.

Fields

Message

LoadRepository DismGetFeaturesEx API %1.

Fields

Message

LoadRepository add updates %1.

Fields

Message

LoadRepository add components %1.

Fields

Message

LoadRepository validate components %1.

Fields

Message

Original Server components, Update WMI CLass definitions %1 Guid %2.

Fields

Message

Write component results to registry %1 Guid %2.

Fields

Message

Write ServiceReport to registry %1 Guid %2.

Fields

Message

Consequtive Get Status requests %1 Guid %2.

Fields

Message

Consequtive Get requests read from registry %1 Guid %2.

Fields

Message

Consequtive Get requests build sorted component tree %1 Guid %2.

Fields

Message

Consequtive Get request select based on component names %1 Guid %2.

Fields

Message

Consequtive Get request returning InProgress %1 Guid %2.

Fields

Message

Add server component %1 Guid %2.

Fields

Message

Add server component on vhd %1 Guid %2.

Fields

Message

Reset component repository before Add %1.

Fields

Message

Prepare components for Add %1.

Fields

Message

Validate Mutual exclusion groups before add %1.

Fields

Message

Open Dism session for adding components %1.

Fields

Message

Get updates to deploy %1.

Fields

Message

DismEnableFeatures API %1.

Fields

Message

DismCommitImage API called after EnableFeatures %1.

Fields

Message

Refresh state fo modified components %1.

Fields

Message

Remove server component %1 Guid %2.

Fields

Message

Remove server component on vhd %1 Guid %2.

Fields

Message

Reset repository before removing components %1.

Fields

Message

Prepare components for remove %1.

Fields

Message

Create a list of components that are left installed after remove %1.

Fields

Message

Refresh the state of the modified components after refresh %1.

Fields

Message

Get the list of updates to remove %1.

Fields

Message

Update the children of Dism updates for removal %1.

Fields

Message

Add unused dism updates to the list for removal %1..

Fields

Message

DismDisableFeatures API %1.

Fields

Message

DismCommitImage API for remove %1.

Fields

Message

Refresh the state of the modified components after refresh %1.

Fields

Message

Submit Alteration request %1 Guid %2.

Fields

Message

Convert Ids to unique names and save config data %1 Guid %2.

Fields

Message

Validate component identities %1 Guid %2.

Fields

Message

Mount Image %1 Image %2.

Fields

Message

Renmount Image %1 Image %2.

Fields

Message

Unmount Image %1 Image %2.

Fields

Message

UpdateImageInfo %1 Image %2.

Fields

Message

CBS Restart Check %1.

Fields

Message

Unknown MUM2 element detected. FeatureName: %1 UnknownElement: %2

Fields

Message

Unknown MUM2 attribute detected. FeatureName: %1 Element: %2 UnknownAttribute: %3

Fields

Message

Server components require the Id property. Container Update: %1

Fields

Example Event

system:
  provider: Microsoft-Windows-ServerManager-DeploymentProvider
  guid: 66AF9A38-2D94-11E0-A076-8534E0D72085
  event_source_name: ''
  event_id: 1283
  version: 0
  level: 3
  task: 2
  opcode: 0
  keywords: 9223372036854775808
  time_created: '2022-04-07T17:07:12.226234+00:00'
  event_record_id: 28
  correlation:
    ActivityID: B118776B-5149-4D4B-8531-A47C40BCC8BA
  execution:
    process_id: 3948
    thread_id: 4900
  channel: Microsoft-Windows-ServerManager-DeploymentProvider/Operational
  computer: WIN-FPV0DSIC9O6
  security:
    user_id: S-1-5-18
event_data:
  ptzMessage: 'NULL'
message: ''

References

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Message

Server components require the UniqueName property. Feature: %1

Fields

Message

Server components require the DisplayName property. Container Update: %1

Fields

Example Event

system:
  provider: Microsoft-Windows-ServerManager-DeploymentProvider
  guid: 66AF9A38-2D94-11E0-A076-8534E0D72085
  event_source_name: ''
  event_id: 1285
  version: 0
  level: 3
  task: 2
  opcode: 0
  keywords: 9223372036854775808
  time_created: '2022-04-07T17:07:12.226233+00:00'
  event_record_id: 27
  correlation:
    ActivityID: B118776B-5149-4D4B-8531-A47C40BCC8BA
  execution:
    process_id: 3948
    thread_id: 4900
  channel: Microsoft-Windows-ServerManager-DeploymentProvider/Operational
  computer: WIN-FPV0DSIC9O6
  security:
    user_id: S-1-5-18
event_data:
  ptzMessage: Containers-SDN
message: ''

References

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Message

Server components require the Description property. Feature: %1

Fields

Example Event

system:
  provider: Microsoft-Windows-ServerManager-DeploymentProvider
  guid: 66AF9A38-2D94-11E0-A076-8534E0D72085
  event_source_name: ''
  event_id: 1286
  version: 0
  level: 3
  task: 2
  opcode: 0
  keywords: 9223372036854775808
  time_created: '2022-04-07T17:07:12.226235+00:00'
  event_record_id: 29
  correlation:
    ActivityID: B118776B-5149-4D4B-8531-A47C40BCC8BA
  execution:
    process_id: 3948
    thread_id: 4900
  channel: Microsoft-Windows-ServerManager-DeploymentProvider/Operational
  computer: WIN-FPV0DSIC9O6
  security:
    user_id: S-1-5-18
event_data:
  ptzMessage: 'NULL'
message: ''

References

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Message

Server component's parent not found. Container Update: %1

Fields

Message

Server components require the Version property. Container Update: %1

Fields

Message

Server component's deploys section contains an update that was not found. Container Update: %1. Deploys Update: %2

Fields

Message

Mutual Exclusion conflict detected. Components "%1" are all members of group "%2"

Fields

Message

Failed to parse MUM2 Xml blob for update %1 hResult: %2

Fields

Message

Invalid MUM2 configuration status detected. Missing registry value. FeatureName: %1

Fields

Message

Internal fatal error while parsing MUM2 data. hResult: %1

Fields

Message

Internal fatal error. Op: %1 hResult: %2

Fields

Message

CBS Session %1 status. IsComplete: %2 hResult: %3

Fields

Example Event

system:
  provider: Microsoft-Windows-ServerManager-DeploymentProvider
  guid: 66AF9A38-2D94-11E0-A076-8534E0D72085
  event_source_name: ''
  event_id: 1295
  version: 0
  level: 4
  task: 8
  opcode: 0
  keywords: 9223372036854775808
  time_created: '2022-04-04T10:59:33.046918+00:00'
  event_record_id: 127
  correlation:
    ActivityID: 850A3DF4-2180-4E89-9B18-809650BA5F7E
  execution:
    process_id: 3636
    thread_id: 4928
  channel: Microsoft-Windows-ServerManager-DeploymentProvider/Operational
  computer: WIN-TKC15D7KHUR
  security:
    user_id: S-1-5-21-1958040314-2592322477-2606035944-500
event_data:
  message: '30951442_3983739500'
  message2: 'FALSE'
  ErrorCode: 0
message: ''

References

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Message

Task Start:  %1

Fields

Message

Task Stop:   %1

Fields

Message

Failed to read ConfigurationStatus from registry. Update %1 Key: %2 Value: %3

Fields

Message

Using existing component cache from memory. Count: %1

Fields

Example Event

system:
  provider: Microsoft-Windows-ServerManager-DeploymentProvider
  guid: 66AF9A38-2D94-11E0-A076-8534E0D72085
  event_source_name: ''
  event_id: 1299
  version: 0
  level: 4
  task: 2
  opcode: 0
  keywords: 9223372036854775808
  time_created: '2022-04-07T17:08:41.298079+00:00'
  event_record_id: 37
  correlation:
    ActivityID: E77D047E-EFCB-4760-A9F1-F6ABB4D0D268
  execution:
    process_id: 3948
    thread_id: 2712
  channel: Microsoft-Windows-ServerManager-DeploymentProvider/Operational
  computer: WIN-FPV0DSIC9O6
  security:
    user_id: S-1-5-18
event_data:
  value: 263
message: ''

References

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Message

Component cache read from registry. Count: %1

Fields

Example Event

system:
  provider: Microsoft-Windows-ServerManager-DeploymentProvider
  guid: 66AF9A38-2D94-11E0-A076-8534E0D72085
  event_source_name: ''
  event_id: 1300
  version: 0
  level: 4
  task: 2
  opcode: 0
  keywords: 9223372036854775808
  time_created: '2022-04-07T17:38:27.159108+00:00'
  event_record_id: 98
  correlation:
    ActivityID: 49C8BFAA-E4DA-4AEB-9E40-EA3CAAEDBA1F
  execution:
    process_id: 3364
    thread_id: 3920
  channel: Microsoft-Windows-ServerManager-DeploymentProvider/Operational
  computer: WIN-FPV0DSIC9O6.sigma.fr
  security:
    user_id: S-1-5-18
event_data:
  value: 263
message: ''

References

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Message

Component cache loaded from Dism. Count: %1

Fields

Example Event

system:
  provider: Microsoft-Windows-ServerManager-DeploymentProvider
  guid: 66AF9A38-2D94-11E0-A076-8534E0D72085
  event_source_name: ''
  event_id: 1301
  version: 0
  level: 4
  task: 2
  opcode: 0
  keywords: 9223372036854775808
  time_created: '2022-04-07T17:07:12.229769+00:00'
  event_record_id: 31
  correlation:
    ActivityID: B118776B-5149-4D4B-8531-A47C40BCC8BA
  execution:
    process_id: 3948
    thread_id: 4900
  channel: Microsoft-Windows-ServerManager-DeploymentProvider/Operational
  computer: WIN-FPV0DSIC9O6
  security:
    user_id: S-1-5-18
event_data:
  value: 263
message: ''

References

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Message

Unknown MUM2 value detected. FeatureName: %1 Attribute: %2 UnknownValue: %3

Fields

Message

Failed to parse MUM2 for feature %1

Fields

Message

Found unknown update. FeatureName %1

Fields

Message

Unable to find component %1 referenced by component %2

Fields

Message

Component %1 has invalid ServerComponentType %2. This type is only valid if the component has a parent.

Fields

Message

Failed to unmount image - %1.

Fields

Message

Internal fatal error. Op: %1 hResult: %2

Fields

Message

Partial install detected. Component %1 depends on uninstalled component %2

Fields

Example Event

system:
  provider: Microsoft-Windows-ServerManager-DeploymentProvider
  guid: 66AF9A38-2D94-11E0-A076-8534E0D72085
  event_source_name: ''
  event_id: 1309
  version: 0
  level: 3
  task: 2
  opcode: 0
  keywords: 9223372036854775808
  time_created: '2022-04-07T17:07:12.229250+00:00'
  event_record_id: 30
  correlation:
    ActivityID: B118776B-5149-4D4B-8531-A47C40BCC8BA
  execution:
    process_id: 3948
    thread_id: 4900
  channel: Microsoft-Windows-ServerManager-DeploymentProvider/Operational
  computer: WIN-FPV0DSIC9O6
  security:
    user_id: S-1-5-18
event_data:
  ptzMessage1: PowerShell-V2
  ptzMessage2: NET-Framework-Core
message: ''

References

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Message

Invalid Mum2 detected for component %1.

Fields

Message

Invalid OptionalCompanionFor detected in registry.

Message

Failure loading OptionalCompanionFor from registry. Error: %1.

Fields

Message

Failed to load cache from registry. Error: %1 Attempting to load components from system.

Fields

Message

Update %1 is not present. ServerComponent %2 will be removed from the Role and Feature list.

Fields

Message

Exception Detected: %1 ErrorID: %2

Fields

Message

Unknown Parent %1 required by %2. Removing %2 from feature list.

Fields

Message

Unknown dependency %1 required by %2. Removing %2 from feature list.

Fields

Message

Unknown optional tool %1 for feature %2.

Fields

Message

Component: %1 removed from Repository (Index: %2).

Fields

Message

Unable to open installer session. Error Code: %1

Fields

Message

Unable to initialize installer. Error Code: %1

Fields

Message

Failed to obtain status information from mounted images. hResult: %1

Fields

Message

Failed to mount image. ImageFile: %1 MountPath: %2 hResult: %3

Fields

Message

Failed read features from system. hResult: %1

Fields

Message

Failed read feature info. Feature: %1 hResult: %2

Fields

Message

Failed get the last CBS session ID. hResult: %1

Fields

Message

Failed get the state from CBS session ID %1. hResult: %2

Fields

Message

Failed to unmount image. ImageFile: %1 MountPath: %2 hResult: %3

Fields

Message

Failed to remount image. ImageFile: %1 MountPath: %2 hResult: %3

Fields

Message

Unable to install updates %1. hResult: %2

Fields

Message

Unable to uninstall updates %1. hResult: %2

Fields

Message

Dism session busy. Retry: %1

Fields

Message

Attempting to enable updates via Dism: %1

Fields

Message

Attempting to disable updates via Dism: %1

Fields

Message

CBS session busy. Retry: %1

Fields

Message

Internal fatal error. Op: %1 Message: %2

Fields

Message

Error reading configuration status for %1. Error: %2

Fields

Message

Failed to load module %1. Error: %2

Fields

Message

Failed to resource ID %2 from module %1.

Fields