Category Archives: SCCM 2012

LocationServices: Failed to retrieve Default Management Points from lookup MP(s)

I was working on a server trying to install Windows Updates from Software Center. When installing anything in Software Center the status would change to failed.

I checked CAS.log in C:\Windows\CCM\CAS.log to see if it could find a distribution point and it had an error of “Failed to send Location Request Message”

I checked Configuration Manager client in Control Panel and there was no Assigned management point under the General tab.

I went back into C:\Windows\Logs and checked Locationservices.log and noticed “Failed to retrieve Default Management Points from lookup MP(s)”. Clientlocation.log showed “Unable to retrieve AD forest + domain membership”

When checking the network settings I realised there was an old DNS server set on this server. The old DNS server had been decomissioned. Once changing it to the new DNS server, I restarted “SMS Agent Host” service and after 5 minutes I could see the logs updating and everything looked ok. I could now install updates/software from the Software Center.

In my case it was DNS issues, but take a look into your network settings.

Task Sequence Failed – Failed to get client identity (80004005)

SCCM 2012 R2:

I had an issue today where a task sequence was failing on a particular machine with the error “Failed to get client identity (80004005)”. Other machines were building today with the same task sequence and PXE point.

First thing I checked before the machine restarted during the task sequence was the SMSTS.log by pressing F8. I loaded up CMtrace.exe in the cmd window and browsed to X:\Windows\Temp\SMSTS.log and the error in interest was Failed to get client identity (80004005)

After finding out a bit more information about the machine, I had heard that a Dell technician came out to replace the motherboard. Previously to that it was working. When checking out the BIOS settings I noticed that the date and time was incorrect. The date was set to 08/08/15 (MM/DD/YY) and time was set to 09:32:48PM. It is currently 03/08/2016 and 01:58PM. After setting the correct date and time in the BIOS and clearing the PXE flag the machine imaged successfully.

Error: PXE-E53: No boot filename received

In my environment I import machines MAC address and machine name into a collection and have the task sequence advertised to that collection. I am not using unknown computer support.

I was trying to PXE boot a client and it kept failing. It would hang on:
DHCP….

Then

Error: PXE-E53: No boot filename received

I initially thought it was a network problem and checked the network configuration on the switches and it was OK. I tested a few other machines and they were able to get an IP from DHCP then contact the PXE service point. So it had to be something linked to this particular client.

On my PXE service point I opened up the SMSPXE.log and searched for the MAC address of the problem client noticed this error:
MAC_ADDRESS: device is not in the database. SMSPXE
MAC_ADDRESS: Not serviced.

I deleted the client and re-imported the client into the collection and it could now PXE boot.

SMSPXE.log:
MAC_ADDRESS: device is in the database.
MAC_ADDRESS: using advertisement ZZZZZZZZ

Task Sequence failed 0x87d00269

Task sequence failing with error code: 0x87d00269

I had a remote machine that kept failing its task sequence. I was able to get a copy of the smsts.log from and saw these errors:

Policy Evaluation failed, hr=0x87d00269
MP list missing in WMI after policy evaluation, sending message to location service to refresh client, retriev MP list and try again.
Install Dynamic application action failed to install application: ‘AppName’. Error Code 0x87d00269

When the machine was rebooted it wasn’t joined to the domain. I could login as local admin, then I checked out the C:\Windows\debug\NetSetup.log to see why it failed joining the domain.

The log was filled with these errors:
NetpGetComputerObjectDn: ldap_compare_s failed: 0x20 0x2
NetpCreateComputerObjectInDs: NetpGetComputerObjectDn failed: 0x2
NetpProvisionComputerAccount: LDAP creation failed: 0x2
NetpProvisionComputerAccount: Cannot retry downlevel, specifying OU is not supported
ldap_unbind status: 0x0
NetpJoinDomainOnDs: Function exits with status of: 0x2
NetpJoinDomainOnDs: status of disconnecting from ‘\\computername.domain.com: 0x0
NetpDoDomainJoin: status: 0x2

These errors mean that the OU the machine tried to domain is invalid. Double check your task sequence and make sure that it isn’t set to put the machine in the default Computers container in AD. In my case, someone had renamed the OU in AD so of course it was invalid!

Hyper-V Gen 2 Machine – Deploying Windows 10 test

I have a Hyper-V lab set up with a VM running a DC with DHCP, a VM with SCCM Technical Preview 4 and SQL 2012 SP1, and will be testing deploying Windows 10 eval to a Hyper-V Generation 2 VM

Getting Started…

I have made sure that my DP can respond to PXE requests. In my case, I am not using unknown computer support as I will import the MAC address of my hyper-v machine into a collection where I have deployed my task sequence to as required.

ts1

I have gone to the Software Library node and made a copy of the install.wim to my machine. (install.wim is from the sources directory on the iso for Windows 10)

ts2ts3

After I added my Windows 10 .wim I distributed it to my DP.Now I will be creating my very basic task sequence.

ts4

I will be using an existing image package that I created before.

ts5

ts6

ts7

Make note here I haven’t selected a Domain OU. This will put the computer in the default Computers container. If you specify the default Computers container, the Task Sequence will fail.

ts8

I left all other options as default. I then right clicked on my Task Sequence and clicked edit, I added the variable below so my installation of Windows 10 will use C:\ rather than X:\ for the drive letter where the OS will be installed.

ts10

I then deployed my Task Sequence as required

ts9

Creating the Hyper-V Gen 2 machine:

Right click on your Hyper-V host and select New Virtual Machine

hyperv1

Click next at Before you begin screen
Enter the name of your Virtual Machine
hyperv2

I am going to deploy a Windows 10 machine so I selected Generation 2
hyperv3

I am using 2GB for dynamic memory
hyperv4

I have made a Private virtual switch so only my VM’s can communicate (Domain controller, SCCM server and this)
hyperv5

I have left these settings as default
hyperv6

I will be installing the image via PXE so I have ticked the last checkbox
Then click Finish
hyperv7

I then turned on my virtual machine and turned it off. This is because I have a Dynamic MAC Address. If you check the Networking tab you can see it has created the MAC address. We will import this MAC address into SCCM to deploy the image
hyperv8

In the SCCM 2012/Technical Preview console, Select “Import Computer Information” to import the MAC address of the VM created
hyperv9

Select Import single computer
hyperv10

Type in the name of the computer and MAC address and click Next then Next again.

hyperv11

Select to add new computers only to the All Systems collection and keep clicking next until the end of the wizard

In the All Systems collection, I will add the new computer into my collection where I have deployed the task sequence to as Required (Win10Deployment)
hyperv12

Once my collection where I have the task sequence to has updated, I will power on my VM to download the image.
hyperv13

hyperv14

hyperv15

Software updates not synchronizing – Sync failed: WSUS update source not found on site

I installed a trial of Configuration Manager 2016 Technical Preview 4 and set up and configured the Software Update point. I wasn’t able to synchronize any updates.

I checked wsyncmgr.log and saw Sync failed: WSUS update source not found on site
wsussource1

The workaround was to configure the Software Update Point and disable/remove all Classifications and Products and then to schedule another sync.

wsussource2
wsussource3
wsussource4

After this, I scheduled another sync, and the sync completed.

wsussource5

I then went back and re-configued the Software Update Point for the Classifications and Products I wanted, then scheduled another sync and it worked fine.

wsussource6

Software Update Compliance Issues – SCCM 2012

I had quite a few servers that were reporting incorrect compliance for Software Updates to our SCCM 2012 server. After doing Software Updates Scan Cycle on the client, the WUAHandler.log would always say successful. When doing a Software Updates Deployment Evaluation Cycle the log UpdatesDeployment.log said:

EnumerateUpdates for action (UpdateActionInstall) – Total actionable updates = 0

So if there were no updates available to be installed, why were my Software Update compliance reports showing the client as non-compliant and the Deployments in the Monitoring node in the console saying the client In Progress for a Software Update group deployment?

This blog post saved me http://blogs.technet.com/b/scotts-it-blog/archive/2015/02/23/refreshing-state-messages-in-system-center-configuration-manager-2012.aspx

This PowerShell script in the blog above forced my client to re-send its compliance to the SCCM 2012 server:

$SCCMUpdatesStore = New-Object -ComObject Microsoft.CCM.UpdatesStore
$SCCMUpdatesStore.RefreshServerComplianceState()

Then when checking UpdatesStore.log on the client:
Successfully raised Resync state message.
Resend status completed successfully.

I then checked the SCCM 2012 console in 15 minutes and the Deployments section in the Monitoring node showed the client as Successful instead of In Progress, and the SCCM 2012 update compliance reports showed the client as Compliant.

Hardware Inventory not updating – SCCM 2012

I had a client where the hardware inventory had not updated in 3 months.

On the client in C:\Windows\CCM\logs\InventoryAgent.log I could see that the client sent the inventory to the management point “Inventory: Successfully sent report. Destination:mp:MP_HinvEndpoint”

I checked MP_Hinv.log on the management point (located in C:\Program Files\SMS_CCM\Logs\MP_Hinv.log) and could see that it received the file from the client
hwinv1

Then I checked dataldr.log on the site server to see if it was processed. Searching for the client name in this log, you can see at the bottom there was a Delta Mismatch.
hwinv2

Now I had to do a full hardware inventory resync on the client. I used the steps from this post to do a full hardware inventory cycle on the client https://brotechcm2012.wordpress.com/2015/11/14/forcing-client-to-do-a-full-hardware-inventory-sync-sccm-2012/

I confirmed that the client was listed in the log MP_Hinv.log but could still not see it in Dataldr.log

I then opened up the SCCM 2012 console and checked \Monitoring\Overview\System Status\Component Status\SMS_INVENTORY_DATA_LOADER
Then it pointed me in the right direction. I saw “Inventory Data Loader failed to process the file C:\Program Files\Microsoft Configuration Manager\inboxes\auth\dataldr.box\Process\HJWO0QKN.MIF because it is larger than the defined maximum allowable size of 5000000.
Solution: Increase the maximum allowable size, which is defined in the registry key HKLM\Software\Microsoft\SMS\Components\SMS_INVENTORY_DATA_LOADER\Max MIF Size (the default is 5 MB), and wait for Inventory Data Loader to retry the operation.”

I checked C:\Program Files\Microsoft Configuration Manager\inboxes\auth\dataldr.box\Process\ file size and saw it was over 5mb but under 7mb. I increased the registry to 7mb from the key above.

In about 10 minutes I tried the Hardware Inventory Cycle again and this time it was successfully processed in the dataldr.log.

The hardware inventory had successfully updated.

Forcing client to do a full hardware inventory sync – SCCM 2012

https://msdn.microsoft.com/en-us/library/cc144592.aspx

On the client run Wbemtest.exe as admin and click Connect
hwinv3

Connect to “root\ccm\invagt”
hwinv4

Click Enum Classes
hwinv6

Click Recursive then OK
hwinv7

Double click on InventoryActionStatus
hwinv8

Click on Instances
hwinv9

Delete the inventory action status instance for hardware inventory ({00000000-0000-0000-0000-000000000001}).
hwinv10

Initiate a hardware inventory cycle. This will now do a full scan.
hwinv11

OnSearchComplete – Failed to end search job. Error = 0x80244019. Scan failed with error = 0x80244019.

Another day another scan issue on a Windows Server 2008 R2 with SCCM 2012 client installed.

When checking report of which clients had scan issues, I investigated a particular client which had the following error in WUAHandler.log “OnSearchComplete – Failed to end search job. Error = 0x80244019. Scan failed with error = 0x80244019.”

To get more information, I looked into C:\Windows\WindowsUpdate.log and found:

WARNING: GetAuthorizationCookie failure, error = 0x80244019, soap client error = 10, soap error code = 0, HTTP status code = 404
WARNING: Failed to initialize Simple Targeting Cookie: 0x80244019
WARNING: PopulateAuthCookies failed: 0x80244019
WARNING: RefreshCookie failed: 0x80244019
WARNING: RefreshPTState failed: 0x80244019
WARNING: PTError: 0x80244019
WARNING: Reporter failed to upload events with hr = 80244019.

Is this instance, it was a proxy issue. To view the proxy set from CMD:

netsh winhttp show proxy

My particular server did not need to use a proxy so I reset it by:

netsh winhttp reset proxy

However in some cases, some users have had to add a bypass-list using the <local> parameter for their WSUS server so the proxy is bypassed for the WSUS server. A reboot is needed after this. For more information read “set proxy” https://technet.microsoft.com/en-us/library/cc731131(v=ws.10).aspx#BKMK_5