Content replication problem to secondary site

Similar Messages

• Content NOT distributing to secondary sites

  I've got one primary site and two secondary sites.  I'm trying to push out a windows update to all my DP's and distribute them to my clients.  The primary site works just fine and all clients got the update, but when I look at the deployment package
  it just shows as "In Progress" for distributing the content out to the other DP's located at my secondary sites.  Any idea where to look to see whats going on?
  ***EDIT***
  When I look under the content status for it, the message says "Distribution manager instructed Scheduler and Sender to send package SP0000F to child site "Secondary Site"

  Yes, when I log in to a client here at my primary site and look in Start > Run > gpedit.msc and go to Computer configuration > Administrative Tools > Windows Components > Windows Updates I can see where it says "Specify intranet Microsoft
  update service location" and it shows my Primary Site server.  However, if I go to that same spot on my clients at my secondary site (except for one client that is actually working correctly) it doesn't show anything in that field, it just says "Not
  configured."  Its almost like all my clients at my secondary site have no clue where to go for anything.
  As for the WUAHandler.log it literally only has 7 entries and they are all the same, here is the entire log:
  CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
  for bundles WUAHandler
  10/28/2014 2:27:56 PM 4832 (0x12E0)
  CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
  for bundles WUAHandler
  10/28/2014 2:31:38 PM 1352 (0x0548)
  CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
  for bundles WUAHandler
  10/28/2014 3:47:28 PM 3648 (0x0E40)
  CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
  for bundles WUAHandler
  10/28/2014 4:59:05 PM 2212 (0x08A4)
  CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
  for bundles WUAHandler
  10/28/2014 7:47:38 PM 924 (0x039C)
  CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
  for bundles WUAHandler
  10/29/2014 12:47:26 AM 3572 (0x0DF4)
  CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
  for bundles WUAHandler
  10/29/2014 5:47:35 AM 3328 (0x0D00)

• Distributing the content directly to Secondary Site

  We have a particular application that is being used at a only one of our sites with has Secondary site.(SS1)
  Now my question is when i distribute the content do i always first need to distribute it to the Primary Site (PS1)or can i skip distributing it to Primary and directly distribute to secondary site SS1.
  We have 1 Primary Site & 4 Secondary Sites along with few additional  DPs.

  can you please help me to understand how should i distribute the content give below is the case:
  Primary Site  @ UK
  Secondary Site (along with DP role) @ Australia
  Location of content Network share in Australia.
  Now the application that i want to distribute is only used in Australia.
  So after creating the application in SCCM how should i distribute the content
  A) Only to Secondary Site
  B) To Primary Site First & then to Secondary site...
  If i use "A" the status keep on showing waiting for content for days. But if i use "B" it works perfectly fine without any hiccups.

• Secondary Site Distribution Points content flow

   
  We are implementing an environment that contains over 750 locations with distribution points.  With the limitation of 250 DPs per site, we are going to have to put DPs under secondary sites.
  In preparation for this configuration we would like to have a better understanding of how the content will flow to the lower level DPs (under secondary sites).  We are aware that content
  being sent to a dp on a secondary site server is compressed at the primary, sent to the secondary and uncompressed.  Here are our questions:
  1.  Will the content for lower level DPs, under the secondary Site, receive its content directly from the primary site DP, or the Secondary Site DP?
  2.  Will the content for the lower level DPs be compressed, sent and uncompressed (from the primary or secondary)?
  This information will help determine the network configuration we use to limit our WAN traffic. 
  I appreciate any insight into these questions you can provide.
  Thanks.

  Sorry, but can someone explain #1 more detail?
  I have Secondary Site with multiple DPs.
  If I distribute the content to only 1 DP at Secondary site (not pull DPs), will the content distribute to the Secondary Site server first, then to the DP? Does the content also available at the SS Server?
  Does the data flow like: Primary Site -> Secondary Site -> DP ?

• Replication from secondary site to primary site

  When we want to replicate from secondary site to primary site then we can't use database replication. Why?

  Not sure what you mean... The replication between primary sites and secondary sites is using both database replication and file replication. See for more information:
  http://technet.microsoft.com/en-us/library/gg712701.aspx#Planning_for_Database_Replication
  My Blog: http://www.petervanderwoude.nl/
  Follow me on twitter: pvanderwoude

• Impacts on the DPs when deleting a secondary site

  HI,
  I am having problems with a secondary site and the recovery with CU2 is not working for me. I am at the point of deleting the site, rebuild the server and reinstall the Secondary Site.
  My question is, What will happen to all my DPs which are assigned to the SS site code I am about to blow away? Will I need to rebuild the DPs or will they find the site if I use the same site code.
  Thx Rob

  Why delete the site?
  I would go for the following procedure:
  - Backup content library
  - Rebuild the server (same name)
  - Restore content library
  - Install SQL (same version/instance)
  - Site Administration > Recover Secondary Site
  Once the site has been recovered it should sync with the remote DP's again as before.

• SCCM 2012 SP1 Secondary Site installation Fails

  Hi.
  I have multiple secondary sites when i am  trying to install  new SCCM 2012 Secondary site server remotely but installation status shows a pending from last few days.
  1) SEC server have privilages on System managent container
  2) Primary site Server account and computer have local admin right on SEC server
  hman logs says the following error message
  Cannot get SQL Certificate from site xxx
  CheckParentSQLServerCertificate: Failed to get SQL certificate for site XXX
  1) Deleted the secondary site and reinstalled the site with different Site code but no luck
  2) Able to telnet 1433 and 4022 from both primary to secondary and vice versa
  3) SQL server Configuration Manager , TCP IP port was set to 1433.
  please let me know if any thing i am missing
  Thanks

  Hi Guys
  Exact same problem as described above:
  Been told to install SQL Express manually first, but even after that, we continued to get the same problem.
  The SQL Communication between the 2 sites doesn't seem to work.
  I noticed that the Primary's SQL Security Account doesn't get created on Primary DB, in the Database replication the link has not yet been created either.
  The "Exec spDrsSendSubscriptionInvalid 'Secondary 3 digit site code','Primary 3 digit site code','configuration data'" worked on 1 Secondary, but fails on all the rest.
  Uninstalling/Installing the Secondary doesn't work either.
  HMAN.LOG:
  Update site server active directory informtion into DB SMS_HIERARCHY_MANAGER 2013/07/28 09:51:12 AM 7964 (0x1F1C)
  CheckSQLServiceRestart : SQL Service hasn't been restart since last time we check, skip it. SMS_HIERARCHY_MANAGER 2013/07/28 09:51:12 AM 7964 (0x1F1C)
     Time to verify if the parent['PRI-SITECODE'] sql server certificate is still valid on site ['SEC-SITECODE'] sql server. SMS_HIERARCHY_MANAGER 2013/07/28 09:51:12 AM 7964 (0x1F1C)
  Cannot get SQL Certificate from Site 'PRI-SITECODE'. SMS_HIERARCHY_MANAGER 2013/07/28 09:51:12 AM 7964 (0x1F1C)
  CheckParentSQLServerCertificate: Failed to get SQL certificate for site PM2 SMS_HIERARCHY_MANAGER 2013/07/28 09:51:12 AM 7964 (0x1F1C)
  Any ideas would be appreciated.

• Cannot Complete Secondary Site Creation status stays pending SCCM 2012

  I am having problems completing the creation of secondary sites.  All of the secondary sites are stuck in Pending status.  
  hman.log on both servers reports:
  Wait for message forwarding notification timed out.
  SMS_HIERARCHY_MANAGER
  11/07/2013 20:49:06
  4360 (0x1108)Wait for site control change notification timed out.
  SMS_HIERARCHY_MANAGER
  11/07/2013 20:49:45
  2644 (0x0A54)Update site server active directory informtion into DB
  SMS_HIERARCHY_MANAGER
  11/07/2013 20:49:45
  2644 (0x0A54)CheckSQLServiceRestart : SQL Service hasn't been restart since last time we check, skip it.
  SMS_HIERARCHY_MANAGER
  11/07/2013 20:49:45
  2644 (0x0A54)   Time to verify if the parent[MUC] sql server certificate is still valid on site [CAM] sql server.
  SMS_HIERARCHY_MANAGER
  11/07/2013 20:49:45
  2644 (0x0A54)Cannot get SQL Certificate from Site MUC.
  SMS_HIERARCHY_MANAGER
  11/07/2013 20:49:45
  2644 (0x0A54)CheckParentSQLServerCertificate: Failed to get SQL certificate for site MUC
  SMS_HIERARCHY_MANAGER
  11/07/2013 20:49:45
  2644 (0x0A54)Wait for site control changes for maximum 3600 seconds...
  SMS_HIERARCHY_MANAGER
  11/07/2013 20:49:45
  2644 (0x0A54)
  These new secondary sites are off of a new primary site in another region.  In region 1, secondary site creation had no issues. I am unsure where to go from here.  I have tried deleting the secondary sites and removing all installed applications
  and running through creation again.  I have also tried recreating with different site codes.  Installation appears to complete successfully and I can see my sites in ADSIEdit.  Any help would be greatly appreciated.  Thank you.

  SECONDARY
  despool.log
  SMS_EXECUTIVE started SMS_DESPOOLER as thread ID 3272 (0xCC8).
  SMS_DESPOOLER 11/07/2013 21:47:08
  2052 (0x0804)
  Despooler is starting... SMS_DESPOOLER
  11/07/2013 21:47:10 3272 (0x0CC8)
  CPublicKeyLookup::Initialize("E:\Program Files\Microsoft Configuration Manager\inboxes\hman.box\pubkey")
  SMS_DESPOOLER 11/07/2013 21:47:10
  3272 (0x0CC8)
  CPublicKeyLookup::Initialize()  Initializing the Public Key Store Path to E:\Program Files\Microsoft Configuration Manager\inboxes\hman.box\pubkey
  SMS_DESPOOLER 11/07/2013 21:47:10
  3272 (0x0CC8)
  Waiting for the next instruction.... SMS_DESPOOLER
  11/07/2013 21:47:15 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 21:47:15 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 21:52:15 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 21:57:15 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 22:02:15 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 22:07:15 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 22:19:51 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 22:24:52 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 22:29:53 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 22:34:54 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 22:39:53 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 22:44:53 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 22:49:53 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 22:54:53 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 22:59:52 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 23:04:53 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 23:09:53 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 23:15:04 3272 (0x0CC8)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11/07/2013 23:20:04 3272 (0x0CC8)
  Sender.log
  SMS_EXECUTIVE started SMS_LAN_SENDER as thread ID 3720 (0xE88).
  SMS_LAN_SENDER 02/07/2013 19:36:07
  5056 (0x13C0)
  Starting MS_LAN sender... SMS_LAN_SENDER
  02/07/2013 19:36:07 3720 (0x0E88)
  Registry indicates no outbox for the sender to scan.
  SMS_LAN_SENDER 02/07/2013 19:36:07
  3720 (0x0E88)
  Registry indicates no outbox for the sender to scan.
  SMS_LAN_SENDER 02/07/2013 19:36:07
  3720 (0x0E88)
  Waiting for new/rescheduled send requests, Maximum Sleep Time = 1 minutes
  SMS_LAN_SENDER 02/07/2013 19:36:07
  3720 (0x0E88)
  SMS_EXECUTIVE signalled SMS_LAN_SENDER to stop.
  SMS_LAN_SENDER 02/07/2013 19:36:40
  5056 (0x13C0)
  We have 0 active connections SMS_LAN_SENDER
  02/07/2013 19:36:40 3720 (0x0E88)
  rcmctrl.log
  There are 0 Drs Activations sprocs running.
  SMS_REPLICATION_CONFIGURATION_MONITOR 11/07/2013 23:24:33
  3644 (0x0E3C)
  InvokeRcmMonitor thread wait one more minute for incoming event...
  SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:45 3652 (0x0E44)
  InvokeRcmConfigure thread wait one more minute for incoming event...
  SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:45 3648 (0x0E40)
  Wait for inbox notification timed out. SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:45 3416 (0x0D58)
  Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
  SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:45 3416 (0x0D58)
  Initializing RCM. SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:45 3416 (0x0D58)
  Processing Replication Configure SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:45 3648 (0x0E40)
  Processing Replication Monitor SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:45 3652 (0x0E44)
  Summarizing all replication links for monitoring UI.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:45 3652 (0x0E44)
  Running configuration EnsureServiceBrokerEnabled.
  SMS_REPLICATION_CONFIGURATION_MONITOR 11/07/2013 23:24:45
  3648 (0x0E40)
  Running configuration EnsureServiceBrokerQueuesAreEnabled.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:45 3648 (0x0E40)
  The current site status: ReplicationMaintenance.
  SMS_REPLICATION_CONFIGURATION_MONITOR 11/07/2013 23:24:46
  3652 (0x0E44)
  Processing Replication success. SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:46 3652 (0x0E44)
  Processing replication pattern global_proxy.
  SMS_REPLICATION_CONFIGURATION_MONITOR 11/07/2013 23:24:46
  3648 (0x0E40)
  Checking if initialization request is needed for replication group Secondary_Site_Replication_Configuration from site MUC.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:46 3648 (0x0E40)
  Checking if there are bcp file to apply for replication group Secondary_Site_Replication_Configuration from site MUC.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:46 3648 (0x0E40)
  No tracking data for bcp files SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:46 3648 (0x0E40)
  ReplicationConfiguration said it is safe to continue: False
  SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:46 3648 (0x0E40)
  Retry for process replication is requested.
  SMS_REPLICATION_CONFIGURATION_MONITOR 11/07/2013 23:24:46
  3648 (0x0E40)
  Rcm control is waiting for file change notification or timeout after 60 seconds.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:46 3416 (0x0D58)
  Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
  SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:46 3416 (0x0D58)
  Rcm control is waiting for file change notification or timeout after 60 seconds.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  11/07/2013 23:24:46 3416 (0x0D58)
  PRIMARY
  despool.log
  SMS_EXECUTIVE started SMS_DESPOOLER as thread ID 4752 (0x1290).
  SMS_DESPOOLER 11.07.2013 22:55:04
  3092 (0x0C14)
  Despooler is starting... SMS_DESPOOLER
  11.07.2013 22:55:05 4752 (0x1290)
  CPublicKeyLookup::Initialize("E:\Program Files\Microsoft Configuration Manager\inboxes\hman.box\pubkey")
  SMS_DESPOOLER 11.07.2013 22:55:05
  4752 (0x1290)
  CPublicKeyLookup::Initialize()  Initializing the Public Key Store Path to E:\Program Files\Microsoft Configuration Manager\inboxes\hman.box\pubkey
  SMS_DESPOOLER 11.07.2013 22:55:05
  4752 (0x1290)
  Waiting for the next instruction.... SMS_DESPOOLER
  11.07.2013 22:55:05 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11.07.2013 22:55:05 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11.07.2013 23:00:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11.07.2013 23:05:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11.07.2013 23:10:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11.07.2013 23:15:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11.07.2013 23:20:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11.07.2013 23:25:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11.07.2013 23:30:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11.07.2013 23:35:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11.07.2013 23:40:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11.07.2013 23:45:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11.07.2013 23:50:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  11.07.2013 23:55:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  12.07.2013 00:00:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  12.07.2013 00:05:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  12.07.2013 00:10:06 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  12.07.2013 00:15:07 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  12.07.2013 00:20:07 4752 (0x1290)
  Waiting for ready instruction file.... SMS_DESPOOLER
  12.07.2013 00:25:07 4752 (0x1290)
  sender.log
  SMS_EXECUTIVE started SMS_LAN_SENDER as thread ID 4140 (0x102C).
  SMS_LAN_SENDER 11.07.2013 22:55:09
  3092 (0x0C14)
  Starting MS_LAN sender... SMS_LAN_SENDER
  11.07.2013 22:55:09 4140 (0x102C)
  We have 0 active connections SMS_LAN_SENDER
  11.07.2013 22:55:09 4140 (0x102C)
  Checking for sending capacity.  Used 0 out of 5.
  SMS_LAN_SENDER 11.07.2013 22:55:09
  4140 (0x102C)
  Connecting to E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN.
  SMS_LAN_SENDER 11.07.2013 22:55:09
  4140 (0x102C)
  COutbox::TakeNextToSend(pszSiteCode) SMS_LAN_SENDER
  11.07.2013 22:55:09 4140 (0x102C)
  Initializing priority '0' snapshot for outbox 'E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN'.
  SMS_LAN_SENDER 11.07.2013 22:55:09
  4140 (0x102C)
  Initializing priority '1' snapshot for outbox 'E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN'.
  SMS_LAN_SENDER 11.07.2013 22:55:09
  4140 (0x102C)
  Initializing priority '2' snapshot for outbox 'E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN'.
  SMS_LAN_SENDER 11.07.2013 22:55:09
  4140 (0x102C)
  Initializing priority '3' snapshot for outbox 'E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN'.
  SMS_LAN_SENDER 11.07.2013 22:55:09
  4140 (0x102C)
  Initializing priority '4' snapshot for outbox 'E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN'.
  SMS_LAN_SENDER 11.07.2013 22:55:09
  4140 (0x102C)
  No (more) send requests found to process. SMS_LAN_SENDER
  11.07.2013 22:55:09 4140 (0x102C)
  Waiting for new/rescheduled send requests, Maximum Sleep Time = 60 minutes
  SMS_LAN_SENDER 11.07.2013 22:55:09
  4140 (0x102C)
  We have 0 active connections SMS_LAN_SENDER
  11.07.2013 22:55:49 4140 (0x102C)
  Checking for sending capacity.  Used 0 out of 5.
  SMS_LAN_SENDER 11.07.2013 22:55:50
  4140 (0x102C)
  Connecting to E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN.
  SMS_LAN_SENDER 11.07.2013 22:55:50
  4140 (0x102C)
  COutbox::TakeNextToSend(pszSiteCode) SMS_LAN_SENDER
  11.07.2013 22:55:50 4140 (0x102C)
  No (more) send requests found to process. SMS_LAN_SENDER
  11.07.2013 22:55:50 4140 (0x102C)
  Waiting for new/rescheduled send requests, Maximum Sleep Time = 60 minutes
  SMS_LAN_SENDER 11.07.2013 22:55:50
  4140 (0x102C)
  We have 0 active connections SMS_LAN_SENDER
  11.07.2013 23:55:50 4140 (0x102C)
  Checking for sending capacity.  Used 0 out of 5.
  SMS_LAN_SENDER 11.07.2013 23:55:50
  4140 (0x102C)
  Connecting to E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN.
  SMS_LAN_SENDER 11.07.2013 23:55:50
  4140 (0x102C)
  COutbox::TakeNextToSend(pszSiteCode) SMS_LAN_SENDER
  11.07.2013 23:55:50 4140 (0x102C)
  No (more) send requests found to process. SMS_LAN_SENDER
  11.07.2013 23:55:50 4140 (0x102C)
  Waiting for new/rescheduled send requests, Maximum Sleep Time = 60 minutes
  SMS_LAN_SENDER 11.07.2013 23:55:50
  4140 (0x102C)
  We have 0 active connections SMS_LAN_SENDER
  12.07.2013 00:00:12 4140 (0x102C)
  Checking for sending capacity.  Used 0 out of 5.
  SMS_LAN_SENDER 12.07.2013 00:00:12
  4140 (0x102C)
  Connecting to E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN.
  SMS_LAN_SENDER 12.07.2013 00:00:12
  4140 (0x102C)
  COutbox::TakeNextToSend(pszSiteCode) SMS_LAN_SENDER
  12.07.2013 00:00:12 4140 (0x102C)
  No (more) send requests found to process. SMS_LAN_SENDER
  12.07.2013 00:00:12 4140 (0x102C)
  Waiting for new/rescheduled send requests, Maximum Sleep Time = 60 minutes
  SMS_LAN_SENDER 12.07.2013 00:00:12
  4140 (0x102C)
  rcmctrl.log
  DRS sync started. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:28:55 5496 (0x1578)
  InvokeRcmMonitor thread wait one more minute for incoming event...
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:29 5508 (0x1584)
  DRS change application started. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:31 5500 (0x157C)
  Launching 3 sprocs on queue ConfigMgrDRSQueue and 2 sprocs on queue ConfigMgrDRSSiteQueue.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:31 5500 (0x157C)
  The asynchronous command finished with return message: [spDRSActivation finished at 12.07.2013 00:28:36. End execute query finished at 12.07.2013 00:28:36.].
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:31 5500 (0x157C)
  The asynchronous command finished with return message: [spDRSActivation finished at 12.07.2013 00:28:31. End execute query finished at 12.07.2013 00:28:31.].
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:31 5500 (0x157C)
  There are 5 Drs Activations sprocs running.
  SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:29:31
  5500 (0x157C)
  InvokeRcmConfigure thread wait one more minute for incoming event...
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:33 5504 (0x1580)
  Wait for inbox notification timed out. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:33 5380 (0x1504)
  Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:33 5380 (0x1504)
  Initializing RCM. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:33 5380 (0x1504)
  Processing Replication Monitor SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:33 5508 (0x1584)
  Processing Replication Configure SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:33 5504 (0x1580)
  Summarizing all replication links for monitoring UI.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:33 5508 (0x1584)
  Running configuration EnsureServiceBrokerEnabled.
  SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:29:33
  5504 (0x1580)
  Running configuration EnsureServiceBrokerQueuesAreEnabled.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:33 5504 (0x1580)
  The current site status: ReplicationActive.
  SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:29:33
  5508 (0x1584)
  Processing replication pattern global. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:33 5504 (0x1580)
  Rcm control is waiting for file change notification or timeout after 60 seconds.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:34 5380 (0x1504)
  Processing replication pattern site. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:34 5504 (0x1580)
  Processing Replication success. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:35 5508 (0x1584)
  Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:35 5380 (0x1504)
  Rcm control is waiting for file change notification or timeout after 60 seconds.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:35 5380 (0x1504)
  Processing Replication success. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:39 5504 (0x1580)
  Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:39 5380 (0x1504)
  Rcm control is waiting for file change notification or timeout after 60 seconds.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:39 5380 (0x1504)
  DRS sync started. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:29:55 5496 (0x1578)
  No connector role installed SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:17 5512 (0x1588)
  DRS change application started. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:31 5500 (0x157C)
  Launching 3 sprocs on queue ConfigMgrDRSQueue and 2 sprocs on queue ConfigMgrDRSSiteQueue.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:31 5500 (0x157C)
  The asynchronous command finished with return message: [spDRSActivation finished at 12.07.2013 00:29:33. End execute query finished at 12.07.2013 00:29:33.].
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:31 5500 (0x157C)
  There are 5 Drs Activations sprocs running.
  SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:30:31
  5500 (0x157C)
  InvokeRcmMonitor thread wait one more minute for incoming event...
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:35 5508 (0x1584)
  InvokeRcmConfigure thread wait one more minute for incoming event...
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:39 5504 (0x1580)
  Wait for inbox notification timed out. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:39 5380 (0x1504)
  Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:39 5380 (0x1504)
  Initializing RCM. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:39 5380 (0x1504)
  Processing Replication Monitor SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:39 5508 (0x1584)
  Summarizing all replication links for monitoring UI.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:39 5508 (0x1584)
  Processing Replication Configure SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:39 5504 (0x1580)
  The current site status: ReplicationActive.
  SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:30:39
  5508 (0x1584)
  Running configuration EnsureServiceBrokerEnabled.
  SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:30:39
  5504 (0x1580)
  Running configuration EnsureServiceBrokerQueuesAreEnabled.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:39 5504 (0x1580)
  Running configuration RemoveDuplicateSSBServices.
  SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:30:39
  5504 (0x1580)
  Processing replication pattern global. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:39 5504 (0x1580)
  Rcm control is waiting for file change notification or timeout after 60 seconds.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:40 5380 (0x1504)
  Processing replication pattern site. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:40 5504 (0x1580)
  Processing Replication success. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:43 5508 (0x1584)
  Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:43 5380 (0x1504)
  Rcm control is waiting for file change notification or timeout after 60 seconds.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:43 5380 (0x1504)
  Processing Replication success. SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:43 5504 (0x1580)
  Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:43 5380 (0x1504)
  Rcm control is waiting for file change notification or timeout after 60 seconds.
  SMS_REPLICATION_CONFIGURATION_MONITOR
  12.07.2013 00:30:43 5380 (0x1504)

• Secondary Site Pull DP option??

  I am currently looking into Pull DPs and have the below environment setup
  1 PR1
  2 secondary sites
  Remote DP under each secondary site.
  Can I setup one my secondaries to pull from another secondary site? For example Primary sits in Houston and 1 Secondary site in Leatherhead (main network hub). We have another big site that will require a secondary site for example Sweden. Can I setup Sweden
  Secondary to pull content from Leatherhead secondary site instead of going back to Houston?
  I dont see the Pull DP option on my secondary site colocated DP. The tab is not there.
  Also whats the difference between Pull DPs and content routing with File Replication?
  Hope I am making sense and not blabbing on:)
  Thanks

  I concur with Torsten. Ultimately, you are confusing yourself.
  A pull DP absolutely can be set up to Pull content from any other DP within it own site; however, a DP on a site *server* cannot be a pull DP -- that would make no sense whatsoever since normal DPs get their content from the site *server*. Thus, the DP on
  the site *server* already has direct access to the site's content.
  So, you have two options, the one pointed out by Torsten (secondary site chaining) or not making the Swedish site a secondary and just using a PullDP there.
  Is there a specific reason you are making it a secondary site in the first place? I know you said "big", but what does that mean? Also, it's not just about the number of clients at the site, it's about the network topology and the available bandwidth.
  Jason | http://blog.configmgrftw.com

• Internet connexion problem for remote site in Site to site VPN asa 5505

  Hi all
  I'm configuring a site to site Ipsec VPN in 2 sites using ASA 5505 V 8.2, The VPN is working fine i can ping machine in the 2 sides but the problem is the remote site dont' have internet.
  The architecture is, we 2 site Site1 is the main site and Site2 is secondary site there will be Site3, ...
  The internet connection is based in Site1 and site2 and site 3 will have internet connection through Site1. Site1, Site2 and Site 3 is interconnected by Ipsec VPN.
  Here is my ASA 5505 Configuration :
  SITE 1:
  ASA Version 8.2(5)
  hostname test-malabo
  domain-name test.mg
  enable password 8Ry2YjIyt7RRXU24 encrypted
  passwd ta.qizy4R//ChqQH encrypted
  names
  interface Ethernet0/0
   description "Sortie Internet"
   switchport access vlan 2
  interface Ethernet0/1
   description "Interconnexion"
   switchport access vlan 171
  interface Ethernet0/2
   description "management"
   switchport access vlan 10
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  interface Vlan1
   nameif inside
   security-level 100
   ip address 192.168.1.1 255.255.255.0
  interface Vlan2
   nameif outside
   security-level 0
   ip address 41.79.49.42 255.255.255.192
  interface Vlan10
   nameif mgmt
   security-level 0
   ip address 10.12.1.100 255.255.0.0
  interface Vlan171
   nameif interco
   security-level 0
   ip address 10.22.19.254 255.255.255.0
  ftp mode passive
  dns server-group DefaultDNS
   domain-name test.mg
  object-group network LAN-MALABO
   description LAN DE MALABO
   network-object 192.168.1.0 255.255.255.0
  object-group network LAN-BATA
   description LAN DE BATA
   network-object 192.168.2.0 255.255.255.0
  object-group network LAN-LUBA
   description LAN DE LUBA
   network-object 192.168.3.0 255.255.255.0
  access-list interco_1_cryptomap extended permit ip 192.168.1.0 255.255.255.0 192.168.3.0 255.255.255.0
  access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 192.168.3.0 255.255.255.0
  pager lines 24
  mtu inside 1500
  mtu outside 1500
  mtu mgmt 1500
  mtu interco 1500
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  icmp permit any inside
  icmp permit any outside
  icmp permit any interco
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 0 access-list inside_nat0_outbound
  nat (inside) 1 0.0.0.0 0.0.0.0
  nat (interco) 1 0.0.0.0 0.0.0.0
  route outside 0.0.0.0 0.0.0.0 41.79.49.1 1
  route interco 192.168.3.0 255.255.255.0 10.22.19.5 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  aaa authentication ssh console LOCAL
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto map interco_map0 1 match address interco_1_cryptomap
  crypto map interco_map0 1 set pfs group1
  crypto map interco_map0 1 set peer 10.22.19.5
  crypto map interco_map0 1 set transform-set ESP-3DES-SHA
  crypto map interco_map0 interface interco
  crypto ca trustpoint _SmartCallHome_ServerCA
   crl configure
  crypto isakmp enable interco
  crypto isakmp policy 10
   authentication pre-share
   encryption 3des
   hash sha
   group 2
   lifetime 86400
  telnet 192.168.1.0 255.255.255.0 inside
  telnet 10.12.0.0 255.255.0.0 mgmt
  telnet timeout 30
  ssh 192.168.1.0 255.255.255.0 inside
  ssh 10.12.0.0 255.255.0.0 mgmt
  ssh timeout 30
  console timeout 0
  management-access interco
  dhcpd option 3 ip 192.168.1.1
  dhcpd address 192.168.1.100-192.168.1.254 inside
  dhcpd dns 41.79.48.66 8.8.8.8 interface inside
  dhcpd enable inside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  username admin password eY/fQXw7Ure8Qrz7 encrypted privilege 15
  tunnel-group 10.22.19.5 type ipsec-l2l
  tunnel-group 10.22.19.5 ipsec-attributes
   pre-shared-key *****
   isakmp keepalive threshold 60 retry 5
  class-map inspection_default
   match default-inspection-traffic
  policy-map global_policy
   class inspection_default
    inspect dns
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect snmp
    inspect icmp
  prompt hostname context
  call-home reporting anonymous
  call-home
   profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:5aa0d27f15e49ea597c8097cfdb755b8
  : end
  SITE2:
  ASA Version 8.2(5)
  hostname test-luba
  domain-name test.eg
  enable password 8Ry2YjIyt7RRXU24 encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  interface Ethernet0/0
   description "Sortie Interco-Internet"
   switchport access vlan 2
  interface Ethernet0/1
   description "management"
   switchport access vlan 10
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  interface Vlan1
   nameif inside
   security-level 100
   ip address 192.168.3.1 255.255.255.0
  interface Vlan2
   nameif outside
   security-level 0
   ip address 10.22.19.5 255.255.255.0
  interface Vlan10
   nameif mgmt
   security-level 0
   ip address 10.12.1.101 255.255.0.0
  ftp mode passive
  dns server-group DefaultDNS
   domain-name test.eg
  object-group network LAN-MALABO
   description LAN DE MALABO
   network-object 192.168.1.0 255.255.255.0
  object-group network LAN-BATA
   description LAN DE BATA
   network-object 192.168.2.0 255.255.255.0
  object-group network LAN-LUBA
   description LAN DE LUBA
   network-object 192.168.3.0 255.255.255.0
  access-list outside_1_cryptomap extended permit ip 192.168.3.0 255.255.255.0 192.168.1.0 255.255.255.0
  access-list inside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 192.168.1.0 255.255.255.0
  pager lines 24
  mtu inside 1500
  mtu outside 1500
  mtu mgmt 1500
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  nat (inside) 0 access-list inside_nat0_outbound
  route outside 0.0.0.0 0.0.0.0 10.22.19.254 1
  route outside 192.168.1.0 255.255.255.0 10.22.19.254 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  aaa authentication ssh console LOCAL
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto map outside_map0 1 match address outside_1_cryptomap
  crypto map outside_map0 1 set pfs group1
  crypto map outside_map0 1 set peer 10.22.19.254
  crypto map outside_map0 1 set transform-set ESP-3DES-SHA
  crypto map outside_map0 interface outside
  crypto ca trustpoint _SmartCallHome_ServerCA
   crl configure
  crypto ca certificate chain _SmartCallHome_ServerCA
  crypto isakmp enable outside
  crypto isakmp policy 10
   authentication pre-share
   encryption 3des
   hash sha
   group 2
   lifetime 86400
  telnet 10.12.0.0 255.255.0.0 mgmt
  telnet timeout 30
  ssh 192.168.3.0 255.255.255.0 inside
  ssh 10.12.0.0 255.255.0.0 mgmt
  ssh timeout 30
  console timeout 0
  management-access outside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  username admin password eY/fQXw7Ure8Qrz7 encrypted privilege 15
  tunnel-group 10.22.19.254 type ipsec-l2l
  tunnel-group 10.22.19.254 ipsec-attributes
   pre-shared-key *****
   isakmp keepalive threshold 60 retry 5
  class-map inspection_default
   match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
   parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
   class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect ip-options
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect skinny
    inspect esmtp
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect sip
    inspect xdmcp
  service-policy global_policy global
  prompt hostname context
  call-home reporting anonymous
  call-home
   profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:185bd689118ba24f9a0ef2f7e80494f6
  Can anybody help why my remote site can't connect to Internet.
  REgards,
  Raitsarevo

  Hi Carv,
  Thanks for your reply. i have done finally
  i used no crypto ipsec nat-transparency udp-encapsulation in my end router only.
  and in remote access VPN i have enabled UDP for client configuration. the most imprtant is i have given IP add of same LAN pool to VPN user,
  Regards,
  Satya.M

• SCCM 2012 Clients at Secondary Site don't update and shows status as INACTIVE

  I have 1 Primary site and 1 Secondary sites. I have setup Secondary site Boundaries using IP subnet.  I see that the systems from secondary
  site show in the console and they all have clients installed but however 60% of the system shows client activity as INACTIVE and not receiving any heartbeat DDR none of the system showing hardware inventory.   I am not positive
  where to look as far as logs are concerned.  I think the clients aren't receiving policy like they should.
  Just to give a brief idea, Secondary Site server crashed and we had to rebuild the server and re install secondary site after rebuilding all the
  problem. Everything is working fine in Primary site.
  Secondary site is communicating with primary site MP and DP
  I have checked MPcontrol.log it shows status as OK
  I am able to install client through console but yes when I check the configuration manager properties it shows CCM Notification Agent as DISSABLED
  and in the Action Tab Machine and User policy are the only cycles showing.
  Checked replmgr.log and rclctrl.log but it’s not showing any error
  Only log file which shows error is bgdserver.log  ( pasting log errors )
  ERROR: SQL exception when retrieve client certificate from DB. Exception: The EXECUTE permission was denied on the object 'sp_GetPublicKeyForSMSID', database 'CM_PRI',
  schema 'dbo'. -2146232060           SMS_NOTIFICATION_SERVER     05-07-2014 12:09:01               3968 (0x0F80)
  ERROR: Can't do post authentication without client certificate stored in regsitration.            SMS_NOTIFICATION_SERVER    
  05-07-2014 12:09:01                3968 (0x0F80)
  ERROR: Failed to authenticate with client [::ffff:10.5.55.88]:49623.        SMS_NOTIFICATION_SERVER     05-07-2014
  12:09:01               3968 (0x0F80)
  ERROR: SQL exception when retrieve client certificate from DB. Exception: The EXECUTE permission was denied on the object 'sp_GetPublicKeyForSMSID', database 'CM_PRI',
  schema 'dbo'. -2146232060           SMS_NOTIFICATION_SERVER     05-07-2014 12:09:01               3968 (0x0F80)
  ERROR: Can't do post authentication without client certificate stored in regsitration.            SMS_NOTIFICATION_SERVER    
  05-07-2014 12:09:01                3968 (0x0F80)
  ERROR: Failed to authenticate with client [::ffff:10.5.62.68]:49923.        SMS_NOTIFICATION_SERVER     05-07-2014
  12:09:01               3968 (0x0F80)
  ERROR: SQL exception when retrieve client certificate from DB. Exception: The EXECUTE permission was denied on the object 'sp_GetPublicKeyForSMSID', database 'CM_PRI',
  schema 'dbo'. -2146232060           SMS_NOTIFICATION_SERVER     05-07-2014 12:09:06               3968 (0x0F80)
  ERROR: Can't verify signature in message without client certificate for client SCCM GUID:B47059B1-D4E4-41A2-BC88-486A597FE399               
  SMS_NOTIFICATION_SERVER     05-07-2014 12:09:06               3968 (0x0F80)
  ERROR: Invalid hook to be decoded. Authentication                SMS_NOTIFICATION_SERVER    
  05-07-2014 12:09:06               3968 (0x0F80)
  ERROR: Failed to decode message body (<BgbSignInMessage TimeStamp="2014-07-05T06:39:01Z"><ClientType>SCCM</ClientType><ClientVersion>5.00.7804.1000</ClientVersion><ClientID>GUID:B47059B1-D4E4-41A2-BC88-486A597FE399</ClientID></BgbSignInMessage>)
  with message header
  Help me resolve this issue as I am struggling to resolve this for almost 2 weeks.
  Please let me know which logs are helpful and I'll try to add it to replies.

  Hi,
  Quote:"see that the systems from secondary site show in the console and they all have clients installed but however 60% of the system shows client activity as INACTIVE and not receiving any heartbeat DDR none of the system showing hardware inventory. "
  So not all the clients show inactive? Have you checked the logs in an inactive client? Such as ClientIDManagerStartup.log.
  Have you checked Secondary Site server's computer name from SQL logins? You could try to remove this account, wait a while, recreate the same computeraccount login with sysadmin access. (http://social.technet.microsoft.com/Forums/en-US/d5383c23-6b71-47cc-9fad-fda82a44a3aa/secondary-site-showing-inactive-clients?forum=configmanagerdeployment)
  You could use Configuration Analyzer for System Center 2012 R2 to troubleshoot issues.
  http://technet.microsoft.com/en-us/library/dn469435.aspx
  Best Regards,
  Joyce
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• How can i solve this replication problem between TT and ORACLE

  Hi
  I have an application that using AWT cashgroup implement the replication between TT (7.0.6.7) and ORACLE(10g);
  but i encounter this problem:
  16:16:50.01 Err : REP: 2302682: ABM_BAL_WH:meta.c(4588): TT5259: Failed to store Awt runtime information for datastore /abm_wh/abm_bal_ttdata/abm_bal_wh on Oracle.
  16:16:50.02 Err : REP: 2302682: ABM_BAL_WH:meta.c(4588): TT5107: TT5107: Oracle(OCI) error in OCIStmtExecute(): ORA-08177: can't serialize access for this transaction rc = -1 -- file "bdbStmt.c", lineno 3726, procedure "ttBDbStmtExecute()"
  16:16:50.02 Err : REP: 2302682: ABM_BAL_WH:receiver.c(5612): TT16187: Transaction 1316077016/357692526; Error: transient 0, permanent 1
  the isolation level of my date store is read-committed ,and the sys.ODBC.INI file is also set Isolation=1(readcommitted mode)
  so ,I still wonder how the error ORA-08177!
  how can i solve this replication problem?
  thank you.

  I suspect this is failing on an UPDATE to the tt_03_reppeers table on Oracle. I would guess the TT repagent has to temporarily use serializable isolation when updating this table. Do you have any other datastores with AWT cachegroups propagating into the same Oracle database? Or can you identify if some other process is preventing the repagent from using serializable isolation? If you google ORA-08177 there seem to be ways out there to narrow down what's causing the contention.

• Uninstall and Reinstall Secondary Site Management Point Role

  Dear Brothers,
  I have an issue with one of my SCCM 2012 Sp1 with CU3 Secondary Site Server which the client failed to install on the actual server due to a client issue observed in the CCMSetup.log.
  Observation Regarding the issue:
  Issue Detail No1.
  SCCM Client is not installing to my Secondary Site Server with site code (XYZ), after all the site server are also clients in SCCM hierarchy so it self needs SCCM Client as well. 
  CCMSetup.log:
  "Error 25150. Setup was unable to register the CCM_Service_HostingConfiguration endpoint" when you try to install the client agent in Configuration Manager"
  According to http://support.microsoft.com/kb/2905359
  the solution is to :
  1. Uninstall the management point role. 
  2. Reinstall the client agent on the management point computer. 
  3. Reinstall the management point role.
  Issue Detail No 2.
  When I am trying to uninstall the Management Point Role via SCCM Console as part of the solution posted on the above KB Article, unfortunately the delete or uninstall option is been greyed out.
  Now a lot of discussion on the topic "Can not remove management point role is greyed out "under this thread
  http://social.technet.microsoft.com/Forums/en-US/1a039893-4a65-4dc9-9feb-e6f09ea1fc0b/can-not-remove-management-point-remove-role-is-greyd-out?forum=configmanagerdeployment
  However on the last comment of the above thread from"Trana010"
  stated a tool or a command
  C:\program files\Microsoft Configuration Manager\bin\x64\rolesetup.exe /deinstall /siteserver:(sec server name) SMSMP
  0
  Which I never tried yet, and also cannot find a reliable KB supporting the command "rolesetup.exe".
  Questions:
  1. What is the best way to uninstall/Reinstall the management point on secondary site considering the above issue details?
  2. Should I installed CU4 directly instead? Maybe it will resolved the issue even though it is not related to the current case
  Regards,

  Well, it's by design that you can't remove a management point on a secondary site, so I can imagine that that's why there is nothing "official" written on that subject. I think there are three things you can do:
  Try to run the command line (which is probably unsupported)
  Submit a CSS call
  Upgrade to CU4 and assume the problem is gone.
  My Blog: http://www.petervanderwoude.nl/
  Follow me on twitter: pvanderwoude
  Dear Peter,
  I end up shooting a case with CSS, he guided me and share that this issue is very common.
  The reason is that it requires CU3 upgrade (Configmgr2012ac-sp1-kb2882125-x64.msp) to be installed with the SCCM Client installation (The same time) via command line in an elevated permission.
  Follow the solution provided by Microsoft Support:
  CCMSetup.exe /forceinstall SMSSITECODE=XYZ CCMENABLELOGGING=TRUE CCMLOGLEVEL=0 PATCH=C:\Configmgr2012ac-sp1-kb2882125-x64.msp
  It seems the Client Push provided by SCCM 2012 Sp1 Infra, that includes your Hotfix under the "Hotfix" folder under the client source folder somehow doesn't work with this issue, that's why the work around is to help the ccmsetup to grab the Hotfix with
  by providing the path for the hotfix instead of relying to take the hotfix for the hotfix folder.
  Overall peter thanks for your suggestion. And also to Mr. Jason Sandys opening the option for an R2 upgrade, I will look into the KB for this to plan for implementation. 
  Regards,

• Adding Secondary Site SCCM2012

  I have a Primary Site Setup with general roles and  Distribution Point roles, Reporting services, Software Update point.
  Now we have added an another site and need to set up one more site server at site-2.
  I need to distribute the software updates of site-2 clients using the new sccm-2 server located in Site-2 by having an Distribution in site-2.
  what all the additional roles needs to be setup in site-2.
  do I need to install WSUS in site-2 sccm server to push software updates?
  And prior installing the secondary Site, do I need to install an SQL server Instance at Sccm2 server?
  or the default mssql express edition is enough at site-2 which will be taken care during addition of secondary site wizard?
  Pls clarify
  Raj

  Assuming you actually want/need a secondary site:
  - No there is no advantage of using a full SQL instance over SQL Express. Overhead of a full SQL instance would be a disadvantage as its simply not necessary.
  - Correct, clients at the remote site would connect to the WSUS instance at the main location to download/access update metadata. The download of this metadata is (depending upon what you have selected in the catalog) generally around 10MB but after that
  it's purely deltas which generally are 500KB per month (the catalog is only updated twice a month by Microsoft).
  - You cannot install reporting services on a secondary site -- is there a specific reason you are wanting to?
  Going back to my first statement above, without knowing the details we can't make a definite recommendation, but using a remote distribution point is the preferred method of handling remote locations in ConfigMgr 2012. The primary generator of traffic in
  ConfigMgr is content transfer (accounting for at least 90% of traffic typically) thus the only traffic you truly need to worry about (once again typically, there are many factors that can potentially influence this) is content from DPs.
  Jason | http://blog.configmgrftw.com

• Problem uploading iWeb site to Hostgator

  I just created a site with iWeb, and got a host account with HostGator. My domain name came from NameCheap.com, so I changed the DNS as instructed. I then tried to publish my site. I entered the IP address that HostGator provided to me in iWeb's Server Settings box titled "Server address," then entered my username and password. I clicked Test Connection, but I keep getting a message telling me that I am offline. I am definitely online, and I tested the IP address with Cyberduck successfully, so it's a problem with iWeb. Does it work to enter the IP address in "Server Address," or am I supposed to wait until the DNS change takes effect and enter a different server address?

  Publish your site to a folder on your HD and use Cyberduck to upload the contents of that folder, the site folder and an index.html file, to your host server. Cyberduck is reported to be much more reliable that the built in ftp client of iWeb.
  Happy New Year