Content replication problem to secondary site
Hi,
I have a problem with SCCM 2012 R2 replicating packages to a new secondary site.
The new secondary site server was installed a week ago.
The SSS was added to a DP group that had 713 packages assigned to it.
Throttling is configured so I was expecting it to take a few days to replicate however a week later 180 of the packages are still in progress.
All of the outstanding packages have a status of "The content files for the package xxxxxx have not yet arrived from the source site CAS. Distribution Manager will try again later to distribute the content" and the last status
time is about when the SSS was added to the DP group.
The parent primary site server is not a DP however it must have all the packages because they have successfully distributed to DP's in the primary site.
The environment looks healthy with no alerting component or site status messages.
The distmgr, sender and spooler logs on the parent primary show no signs of re-trying the packages
It looks like the package distributions have been forgotten.
I went to the properties for one of the problem packages, and selected to re-distribute to the SSS. Activity started straight away in the primary servers logs and the package was successfully deployed.
So my question is how can I kickstart the system back into life for the paused 180 package deployments just to the SSS DP without going into every package in turn and selecting re-distribute.
I guess I could write a powershell script to do this but hopefully there is an easier option
Any ideas would be appreciated.
Thanks
Hi,
How about ContentLibraryExplorer.exe? You could have a look on the following blog.
http://anoopcnair.com/2013/12/18/configmgr-sccm-2012-r2-tool-contcontentlibraryexplorerent-library-explorer/
(Note: Microsoft provides third-party contact information to help you find technical support. This contact
information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.)
Best Regards,
Joyce
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.
Similar Messages
-
Content NOT distributing to secondary sites
I've got one primary site and two secondary sites. I'm trying to push out a windows update to all my DP's and distribute them to my clients. The primary site works just fine and all clients got the update, but when I look at the deployment package
it just shows as "In Progress" for distributing the content out to the other DP's located at my secondary sites. Any idea where to look to see whats going on?
***EDIT***
When I look under the content status for it, the message says "Distribution manager instructed Scheduler and Sender to send package SP0000F to child site "Secondary Site"Yes, when I log in to a client here at my primary site and look in Start > Run > gpedit.msc and go to Computer configuration > Administrative Tools > Windows Components > Windows Updates I can see where it says "Specify intranet Microsoft
update service location" and it shows my Primary Site server. However, if I go to that same spot on my clients at my secondary site (except for one client that is actually working correctly) it doesn't show anything in that field, it just says "Not
configured." Its almost like all my clients at my secondary site have no clue where to go for anything.
As for the WUAHandler.log it literally only has 7 entries and they are all the same, here is the entire log:
CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
for bundles WUAHandler
10/28/2014 2:27:56 PM 4832 (0x12E0)
CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
for bundles WUAHandler
10/28/2014 2:31:38 PM 1352 (0x0548)
CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
for bundles WUAHandler
10/28/2014 3:47:28 PM 3648 (0x0E40)
CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
for bundles WUAHandler
10/28/2014 4:59:05 PM 2212 (0x08A4)
CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
for bundles WUAHandler
10/28/2014 7:47:38 PM 924 (0x039C)
CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
for bundles WUAHandler
10/29/2014 12:47:26 AM 3572 (0x0DF4)
CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3;
for bundles WUAHandler
10/29/2014 5:47:35 AM 3328 (0x0D00) -
Distributing the content directly to Secondary Site
We have a particular application that is being used at a only one of our sites with has Secondary site.(SS1)
Now my question is when i distribute the content do i always first need to distribute it to the Primary Site (PS1)or can i skip distributing it to Primary and directly distribute to secondary site SS1.
We have 1 Primary Site & 4 Secondary Sites along with few additional DPs.can you please help me to understand how should i distribute the content give below is the case:
Primary Site @ UK
Secondary Site (along with DP role) @ Australia
Location of content Network share in Australia.
Now the application that i want to distribute is only used in Australia.
So after creating the application in SCCM how should i distribute the content
A) Only to Secondary Site
B) To Primary Site First & then to Secondary site...
If i use "A" the status keep on showing waiting for content for days. But if i use "B" it works perfectly fine without any hiccups. -
Secondary Site Distribution Points content flow
We are implementing an environment that contains over 750 locations with distribution points. With the limitation of 250 DPs per site, we are going to have to put DPs under secondary sites.
In preparation for this configuration we would like to have a better understanding of how the content will flow to the lower level DPs (under secondary sites). We are aware that content
being sent to a dp on a secondary site server is compressed at the primary, sent to the secondary and uncompressed. Here are our questions:
1. Will the content for lower level DPs, under the secondary Site, receive its content directly from the primary site DP, or the Secondary Site DP?
2. Will the content for the lower level DPs be compressed, sent and uncompressed (from the primary or secondary)?
This information will help determine the network configuration we use to limit our WAN traffic.
I appreciate any insight into these questions you can provide.
Thanks.Sorry, but can someone explain #1 more detail?
I have Secondary Site with multiple DPs.
If I distribute the content to only 1 DP at Secondary site (not pull DPs), will the content distribute to the Secondary Site server first, then to the DP? Does the content also available at the SS Server?
Does the data flow like: Primary Site -> Secondary Site -> DP ? -
Replication from secondary site to primary site
When we want to replicate from secondary site to primary site then we can't use database replication. Why?
Not sure what you mean... The replication between primary sites and secondary sites is using both database replication and file replication. See for more information:
http://technet.microsoft.com/en-us/library/gg712701.aspx#Planning_for_Database_Replication
My Blog: http://www.petervanderwoude.nl/
Follow me on twitter: pvanderwoude -
Impacts on the DPs when deleting a secondary site
HI,
I am having problems with a secondary site and the recovery with CU2 is not working for me. I am at the point of deleting the site, rebuild the server and reinstall the Secondary Site.
My question is, What will happen to all my DPs which are assigned to the SS site code I am about to blow away? Will I need to rebuild the DPs or will they find the site if I use the same site code.
Thx RobWhy delete the site?
I would go for the following procedure:
- Backup content library
- Rebuild the server (same name)
- Restore content library
- Install SQL (same version/instance)
- Site Administration > Recover Secondary Site
Once the site has been recovered it should sync with the remote DP's again as before. -
SCCM 2012 SP1 Secondary Site installation Fails
Hi.
I have multiple secondary sites when i am trying to install new SCCM 2012 Secondary site server remotely but installation status shows a pending from last few days.
1) SEC server have privilages on System managent container
2) Primary site Server account and computer have local admin right on SEC server
hman logs says the following error message
Cannot get SQL Certificate from site xxx
CheckParentSQLServerCertificate: Failed to get SQL certificate for site XXX
1) Deleted the secondary site and reinstalled the site with different Site code but no luck
2) Able to telnet 1433 and 4022 from both primary to secondary and vice versa
3) SQL server Configuration Manager , TCP IP port was set to 1433.
please let me know if any thing i am missing
ThanksHi Guys
Exact same problem as described above:
Been told to install SQL Express manually first, but even after that, we continued to get the same problem.
The SQL Communication between the 2 sites doesn't seem to work.
I noticed that the Primary's SQL Security Account doesn't get created on Primary DB, in the Database replication the link has not yet been created either.
The "Exec spDrsSendSubscriptionInvalid 'Secondary 3 digit site code','Primary 3 digit site code','configuration data'" worked on 1 Secondary, but fails on all the rest.
Uninstalling/Installing the Secondary doesn't work either.
HMAN.LOG:
Update site server active directory informtion into DB SMS_HIERARCHY_MANAGER 2013/07/28 09:51:12 AM 7964 (0x1F1C)
CheckSQLServiceRestart : SQL Service hasn't been restart since last time we check, skip it. SMS_HIERARCHY_MANAGER 2013/07/28 09:51:12 AM 7964 (0x1F1C)
Time to verify if the parent['PRI-SITECODE'] sql server certificate is still valid on site ['SEC-SITECODE'] sql server. SMS_HIERARCHY_MANAGER 2013/07/28 09:51:12 AM 7964 (0x1F1C)
Cannot get SQL Certificate from Site 'PRI-SITECODE'. SMS_HIERARCHY_MANAGER 2013/07/28 09:51:12 AM 7964 (0x1F1C)
CheckParentSQLServerCertificate: Failed to get SQL certificate for site PM2 SMS_HIERARCHY_MANAGER 2013/07/28 09:51:12 AM 7964 (0x1F1C)
Any ideas would be appreciated. -
Cannot Complete Secondary Site Creation status stays pending SCCM 2012
I am having problems completing the creation of secondary sites. All of the secondary sites are stuck in Pending status.
hman.log on both servers reports:
Wait for message forwarding notification timed out.
SMS_HIERARCHY_MANAGER
11/07/2013 20:49:06
4360 (0x1108)Wait for site control change notification timed out.
SMS_HIERARCHY_MANAGER
11/07/2013 20:49:45
2644 (0x0A54)Update site server active directory informtion into DB
SMS_HIERARCHY_MANAGER
11/07/2013 20:49:45
2644 (0x0A54)CheckSQLServiceRestart : SQL Service hasn't been restart since last time we check, skip it.
SMS_HIERARCHY_MANAGER
11/07/2013 20:49:45
2644 (0x0A54) Time to verify if the parent[MUC] sql server certificate is still valid on site [CAM] sql server.
SMS_HIERARCHY_MANAGER
11/07/2013 20:49:45
2644 (0x0A54)Cannot get SQL Certificate from Site MUC.
SMS_HIERARCHY_MANAGER
11/07/2013 20:49:45
2644 (0x0A54)CheckParentSQLServerCertificate: Failed to get SQL certificate for site MUC
SMS_HIERARCHY_MANAGER
11/07/2013 20:49:45
2644 (0x0A54)Wait for site control changes for maximum 3600 seconds...
SMS_HIERARCHY_MANAGER
11/07/2013 20:49:45
2644 (0x0A54)
These new secondary sites are off of a new primary site in another region. In region 1, secondary site creation had no issues. I am unsure where to go from here. I have tried deleting the secondary sites and removing all installed applications
and running through creation again. I have also tried recreating with different site codes. Installation appears to complete successfully and I can see my sites in ADSIEdit. Any help would be greatly appreciated. Thank you.SECONDARY
despool.log
SMS_EXECUTIVE started SMS_DESPOOLER as thread ID 3272 (0xCC8).
SMS_DESPOOLER 11/07/2013 21:47:08
2052 (0x0804)
Despooler is starting... SMS_DESPOOLER
11/07/2013 21:47:10 3272 (0x0CC8)
CPublicKeyLookup::Initialize("E:\Program Files\Microsoft Configuration Manager\inboxes\hman.box\pubkey")
SMS_DESPOOLER 11/07/2013 21:47:10
3272 (0x0CC8)
CPublicKeyLookup::Initialize() Initializing the Public Key Store Path to E:\Program Files\Microsoft Configuration Manager\inboxes\hman.box\pubkey
SMS_DESPOOLER 11/07/2013 21:47:10
3272 (0x0CC8)
Waiting for the next instruction.... SMS_DESPOOLER
11/07/2013 21:47:15 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 21:47:15 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 21:52:15 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 21:57:15 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 22:02:15 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 22:07:15 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 22:19:51 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 22:24:52 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 22:29:53 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 22:34:54 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 22:39:53 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 22:44:53 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 22:49:53 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 22:54:53 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 22:59:52 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 23:04:53 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 23:09:53 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 23:15:04 3272 (0x0CC8)
Waiting for ready instruction file.... SMS_DESPOOLER
11/07/2013 23:20:04 3272 (0x0CC8)
Sender.log
SMS_EXECUTIVE started SMS_LAN_SENDER as thread ID 3720 (0xE88).
SMS_LAN_SENDER 02/07/2013 19:36:07
5056 (0x13C0)
Starting MS_LAN sender... SMS_LAN_SENDER
02/07/2013 19:36:07 3720 (0x0E88)
Registry indicates no outbox for the sender to scan.
SMS_LAN_SENDER 02/07/2013 19:36:07
3720 (0x0E88)
Registry indicates no outbox for the sender to scan.
SMS_LAN_SENDER 02/07/2013 19:36:07
3720 (0x0E88)
Waiting for new/rescheduled send requests, Maximum Sleep Time = 1 minutes
SMS_LAN_SENDER 02/07/2013 19:36:07
3720 (0x0E88)
SMS_EXECUTIVE signalled SMS_LAN_SENDER to stop.
SMS_LAN_SENDER 02/07/2013 19:36:40
5056 (0x13C0)
We have 0 active connections SMS_LAN_SENDER
02/07/2013 19:36:40 3720 (0x0E88)
rcmctrl.log
There are 0 Drs Activations sprocs running.
SMS_REPLICATION_CONFIGURATION_MONITOR 11/07/2013 23:24:33
3644 (0x0E3C)
InvokeRcmMonitor thread wait one more minute for incoming event...
SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:45 3652 (0x0E44)
InvokeRcmConfigure thread wait one more minute for incoming event...
SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:45 3648 (0x0E40)
Wait for inbox notification timed out. SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:45 3416 (0x0D58)
Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:45 3416 (0x0D58)
Initializing RCM. SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:45 3416 (0x0D58)
Processing Replication Configure SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:45 3648 (0x0E40)
Processing Replication Monitor SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:45 3652 (0x0E44)
Summarizing all replication links for monitoring UI.
SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:45 3652 (0x0E44)
Running configuration EnsureServiceBrokerEnabled.
SMS_REPLICATION_CONFIGURATION_MONITOR 11/07/2013 23:24:45
3648 (0x0E40)
Running configuration EnsureServiceBrokerQueuesAreEnabled.
SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:45 3648 (0x0E40)
The current site status: ReplicationMaintenance.
SMS_REPLICATION_CONFIGURATION_MONITOR 11/07/2013 23:24:46
3652 (0x0E44)
Processing Replication success. SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:46 3652 (0x0E44)
Processing replication pattern global_proxy.
SMS_REPLICATION_CONFIGURATION_MONITOR 11/07/2013 23:24:46
3648 (0x0E40)
Checking if initialization request is needed for replication group Secondary_Site_Replication_Configuration from site MUC.
SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:46 3648 (0x0E40)
Checking if there are bcp file to apply for replication group Secondary_Site_Replication_Configuration from site MUC.
SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:46 3648 (0x0E40)
No tracking data for bcp files SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:46 3648 (0x0E40)
ReplicationConfiguration said it is safe to continue: False
SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:46 3648 (0x0E40)
Retry for process replication is requested.
SMS_REPLICATION_CONFIGURATION_MONITOR 11/07/2013 23:24:46
3648 (0x0E40)
Rcm control is waiting for file change notification or timeout after 60 seconds.
SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:46 3416 (0x0D58)
Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:46 3416 (0x0D58)
Rcm control is waiting for file change notification or timeout after 60 seconds.
SMS_REPLICATION_CONFIGURATION_MONITOR
11/07/2013 23:24:46 3416 (0x0D58)
PRIMARY
despool.log
SMS_EXECUTIVE started SMS_DESPOOLER as thread ID 4752 (0x1290).
SMS_DESPOOLER 11.07.2013 22:55:04
3092 (0x0C14)
Despooler is starting... SMS_DESPOOLER
11.07.2013 22:55:05 4752 (0x1290)
CPublicKeyLookup::Initialize("E:\Program Files\Microsoft Configuration Manager\inboxes\hman.box\pubkey")
SMS_DESPOOLER 11.07.2013 22:55:05
4752 (0x1290)
CPublicKeyLookup::Initialize() Initializing the Public Key Store Path to E:\Program Files\Microsoft Configuration Manager\inboxes\hman.box\pubkey
SMS_DESPOOLER 11.07.2013 22:55:05
4752 (0x1290)
Waiting for the next instruction.... SMS_DESPOOLER
11.07.2013 22:55:05 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
11.07.2013 22:55:05 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
11.07.2013 23:00:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
11.07.2013 23:05:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
11.07.2013 23:10:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
11.07.2013 23:15:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
11.07.2013 23:20:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
11.07.2013 23:25:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
11.07.2013 23:30:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
11.07.2013 23:35:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
11.07.2013 23:40:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
11.07.2013 23:45:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
11.07.2013 23:50:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
11.07.2013 23:55:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
12.07.2013 00:00:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
12.07.2013 00:05:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
12.07.2013 00:10:06 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
12.07.2013 00:15:07 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
12.07.2013 00:20:07 4752 (0x1290)
Waiting for ready instruction file.... SMS_DESPOOLER
12.07.2013 00:25:07 4752 (0x1290)
sender.log
SMS_EXECUTIVE started SMS_LAN_SENDER as thread ID 4140 (0x102C).
SMS_LAN_SENDER 11.07.2013 22:55:09
3092 (0x0C14)
Starting MS_LAN sender... SMS_LAN_SENDER
11.07.2013 22:55:09 4140 (0x102C)
We have 0 active connections SMS_LAN_SENDER
11.07.2013 22:55:09 4140 (0x102C)
Checking for sending capacity. Used 0 out of 5.
SMS_LAN_SENDER 11.07.2013 22:55:09
4140 (0x102C)
Connecting to E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN.
SMS_LAN_SENDER 11.07.2013 22:55:09
4140 (0x102C)
COutbox::TakeNextToSend(pszSiteCode) SMS_LAN_SENDER
11.07.2013 22:55:09 4140 (0x102C)
Initializing priority '0' snapshot for outbox 'E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN'.
SMS_LAN_SENDER 11.07.2013 22:55:09
4140 (0x102C)
Initializing priority '1' snapshot for outbox 'E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN'.
SMS_LAN_SENDER 11.07.2013 22:55:09
4140 (0x102C)
Initializing priority '2' snapshot for outbox 'E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN'.
SMS_LAN_SENDER 11.07.2013 22:55:09
4140 (0x102C)
Initializing priority '3' snapshot for outbox 'E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN'.
SMS_LAN_SENDER 11.07.2013 22:55:09
4140 (0x102C)
Initializing priority '4' snapshot for outbox 'E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN'.
SMS_LAN_SENDER 11.07.2013 22:55:09
4140 (0x102C)
No (more) send requests found to process. SMS_LAN_SENDER
11.07.2013 22:55:09 4140 (0x102C)
Waiting for new/rescheduled send requests, Maximum Sleep Time = 60 minutes
SMS_LAN_SENDER 11.07.2013 22:55:09
4140 (0x102C)
We have 0 active connections SMS_LAN_SENDER
11.07.2013 22:55:49 4140 (0x102C)
Checking for sending capacity. Used 0 out of 5.
SMS_LAN_SENDER 11.07.2013 22:55:50
4140 (0x102C)
Connecting to E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN.
SMS_LAN_SENDER 11.07.2013 22:55:50
4140 (0x102C)
COutbox::TakeNextToSend(pszSiteCode) SMS_LAN_SENDER
11.07.2013 22:55:50 4140 (0x102C)
No (more) send requests found to process. SMS_LAN_SENDER
11.07.2013 22:55:50 4140 (0x102C)
Waiting for new/rescheduled send requests, Maximum Sleep Time = 60 minutes
SMS_LAN_SENDER 11.07.2013 22:55:50
4140 (0x102C)
We have 0 active connections SMS_LAN_SENDER
11.07.2013 23:55:50 4140 (0x102C)
Checking for sending capacity. Used 0 out of 5.
SMS_LAN_SENDER 11.07.2013 23:55:50
4140 (0x102C)
Connecting to E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN.
SMS_LAN_SENDER 11.07.2013 23:55:50
4140 (0x102C)
COutbox::TakeNextToSend(pszSiteCode) SMS_LAN_SENDER
11.07.2013 23:55:50 4140 (0x102C)
No (more) send requests found to process. SMS_LAN_SENDER
11.07.2013 23:55:50 4140 (0x102C)
Waiting for new/rescheduled send requests, Maximum Sleep Time = 60 minutes
SMS_LAN_SENDER 11.07.2013 23:55:50
4140 (0x102C)
We have 0 active connections SMS_LAN_SENDER
12.07.2013 00:00:12 4140 (0x102C)
Checking for sending capacity. Used 0 out of 5.
SMS_LAN_SENDER 12.07.2013 00:00:12
4140 (0x102C)
Connecting to E:\Program Files\Microsoft Configuration Manager\inboxes\schedule.box\outboxes\LAN.
SMS_LAN_SENDER 12.07.2013 00:00:12
4140 (0x102C)
COutbox::TakeNextToSend(pszSiteCode) SMS_LAN_SENDER
12.07.2013 00:00:12 4140 (0x102C)
No (more) send requests found to process. SMS_LAN_SENDER
12.07.2013 00:00:12 4140 (0x102C)
Waiting for new/rescheduled send requests, Maximum Sleep Time = 60 minutes
SMS_LAN_SENDER 12.07.2013 00:00:12
4140 (0x102C)
rcmctrl.log
DRS sync started. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:28:55 5496 (0x1578)
InvokeRcmMonitor thread wait one more minute for incoming event...
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:29 5508 (0x1584)
DRS change application started. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:31 5500 (0x157C)
Launching 3 sprocs on queue ConfigMgrDRSQueue and 2 sprocs on queue ConfigMgrDRSSiteQueue.
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:31 5500 (0x157C)
The asynchronous command finished with return message: [spDRSActivation finished at 12.07.2013 00:28:36. End execute query finished at 12.07.2013 00:28:36.].
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:31 5500 (0x157C)
The asynchronous command finished with return message: [spDRSActivation finished at 12.07.2013 00:28:31. End execute query finished at 12.07.2013 00:28:31.].
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:31 5500 (0x157C)
There are 5 Drs Activations sprocs running.
SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:29:31
5500 (0x157C)
InvokeRcmConfigure thread wait one more minute for incoming event...
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:33 5504 (0x1580)
Wait for inbox notification timed out. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:33 5380 (0x1504)
Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:33 5380 (0x1504)
Initializing RCM. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:33 5380 (0x1504)
Processing Replication Monitor SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:33 5508 (0x1584)
Processing Replication Configure SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:33 5504 (0x1580)
Summarizing all replication links for monitoring UI.
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:33 5508 (0x1584)
Running configuration EnsureServiceBrokerEnabled.
SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:29:33
5504 (0x1580)
Running configuration EnsureServiceBrokerQueuesAreEnabled.
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:33 5504 (0x1580)
The current site status: ReplicationActive.
SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:29:33
5508 (0x1584)
Processing replication pattern global. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:33 5504 (0x1580)
Rcm control is waiting for file change notification or timeout after 60 seconds.
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:34 5380 (0x1504)
Processing replication pattern site. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:34 5504 (0x1580)
Processing Replication success. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:35 5508 (0x1584)
Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:35 5380 (0x1504)
Rcm control is waiting for file change notification or timeout after 60 seconds.
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:35 5380 (0x1504)
Processing Replication success. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:39 5504 (0x1580)
Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:39 5380 (0x1504)
Rcm control is waiting for file change notification or timeout after 60 seconds.
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:39 5380 (0x1504)
DRS sync started. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:29:55 5496 (0x1578)
No connector role installed SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:17 5512 (0x1588)
DRS change application started. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:31 5500 (0x157C)
Launching 3 sprocs on queue ConfigMgrDRSQueue and 2 sprocs on queue ConfigMgrDRSSiteQueue.
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:31 5500 (0x157C)
The asynchronous command finished with return message: [spDRSActivation finished at 12.07.2013 00:29:33. End execute query finished at 12.07.2013 00:29:33.].
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:31 5500 (0x157C)
There are 5 Drs Activations sprocs running.
SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:30:31
5500 (0x157C)
InvokeRcmMonitor thread wait one more minute for incoming event...
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:35 5508 (0x1584)
InvokeRcmConfigure thread wait one more minute for incoming event...
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:39 5504 (0x1580)
Wait for inbox notification timed out. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:39 5380 (0x1504)
Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:39 5380 (0x1504)
Initializing RCM. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:39 5380 (0x1504)
Processing Replication Monitor SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:39 5508 (0x1584)
Summarizing all replication links for monitoring UI.
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:39 5508 (0x1584)
Processing Replication Configure SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:39 5504 (0x1580)
The current site status: ReplicationActive.
SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:30:39
5508 (0x1584)
Running configuration EnsureServiceBrokerEnabled.
SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:30:39
5504 (0x1580)
Running configuration EnsureServiceBrokerQueuesAreEnabled.
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:39 5504 (0x1580)
Running configuration RemoveDuplicateSSBServices.
SMS_REPLICATION_CONFIGURATION_MONITOR 12.07.2013 00:30:39
5504 (0x1580)
Processing replication pattern global. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:39 5504 (0x1580)
Rcm control is waiting for file change notification or timeout after 60 seconds.
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:40 5380 (0x1504)
Processing replication pattern site. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:40 5504 (0x1580)
Processing Replication success. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:43 5508 (0x1584)
Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:43 5380 (0x1504)
Rcm control is waiting for file change notification or timeout after 60 seconds.
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:43 5380 (0x1504)
Processing Replication success. SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:43 5504 (0x1580)
Cleaning the RCM inbox if there are any *.RCM files for further change notifications....
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:43 5380 (0x1504)
Rcm control is waiting for file change notification or timeout after 60 seconds.
SMS_REPLICATION_CONFIGURATION_MONITOR
12.07.2013 00:30:43 5380 (0x1504) -
Secondary Site Pull DP option??
I am currently looking into Pull DPs and have the below environment setup
1 PR1
2 secondary sites
Remote DP under each secondary site.
Can I setup one my secondaries to pull from another secondary site? For example Primary sits in Houston and 1 Secondary site in Leatherhead (main network hub). We have another big site that will require a secondary site for example Sweden. Can I setup Sweden
Secondary to pull content from Leatherhead secondary site instead of going back to Houston?
I dont see the Pull DP option on my secondary site colocated DP. The tab is not there.
Also whats the difference between Pull DPs and content routing with File Replication?
Hope I am making sense and not blabbing on:)
ThanksI concur with Torsten. Ultimately, you are confusing yourself.
A pull DP absolutely can be set up to Pull content from any other DP within it own site; however, a DP on a site *server* cannot be a pull DP -- that would make no sense whatsoever since normal DPs get their content from the site *server*. Thus, the DP on
the site *server* already has direct access to the site's content.
So, you have two options, the one pointed out by Torsten (secondary site chaining) or not making the Swedish site a secondary and just using a PullDP there.
Is there a specific reason you are making it a secondary site in the first place? I know you said "big", but what does that mean? Also, it's not just about the number of clients at the site, it's about the network topology and the available bandwidth.
Jason | http://blog.configmgrftw.com -
Internet connexion problem for remote site in Site to site VPN asa 5505
Hi all
I'm configuring a site to site Ipsec VPN in 2 sites using ASA 5505 V 8.2, The VPN is working fine i can ping machine in the 2 sides but the problem is the remote site dont' have internet.
The architecture is, we 2 site Site1 is the main site and Site2 is secondary site there will be Site3, ...
The internet connection is based in Site1 and site2 and site 3 will have internet connection through Site1. Site1, Site2 and Site 3 is interconnected by Ipsec VPN.
Here is my ASA 5505 Configuration :
SITE 1:
ASA Version 8.2(5)
hostname test-malabo
domain-name test.mg
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd ta.qizy4R//ChqQH encrypted
names
interface Ethernet0/0
description "Sortie Internet"
switchport access vlan 2
interface Ethernet0/1
description "Interconnexion"
switchport access vlan 171
interface Ethernet0/2
description "management"
switchport access vlan 10
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 41.79.49.42 255.255.255.192
interface Vlan10
nameif mgmt
security-level 0
ip address 10.12.1.100 255.255.0.0
interface Vlan171
nameif interco
security-level 0
ip address 10.22.19.254 255.255.255.0
ftp mode passive
dns server-group DefaultDNS
domain-name test.mg
object-group network LAN-MALABO
description LAN DE MALABO
network-object 192.168.1.0 255.255.255.0
object-group network LAN-BATA
description LAN DE BATA
network-object 192.168.2.0 255.255.255.0
object-group network LAN-LUBA
description LAN DE LUBA
network-object 192.168.3.0 255.255.255.0
access-list interco_1_cryptomap extended permit ip 192.168.1.0 255.255.255.0 192.168.3.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 192.168.3.0 255.255.255.0
pager lines 24
mtu inside 1500
mtu outside 1500
mtu mgmt 1500
mtu interco 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit any outside
icmp permit any interco
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
nat (interco) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 41.79.49.1 1
route interco 192.168.3.0 255.255.255.0 10.22.19.5 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto map interco_map0 1 match address interco_1_cryptomap
crypto map interco_map0 1 set pfs group1
crypto map interco_map0 1 set peer 10.22.19.5
crypto map interco_map0 1 set transform-set ESP-3DES-SHA
crypto map interco_map0 interface interco
crypto ca trustpoint _SmartCallHome_ServerCA
crl configure
crypto isakmp enable interco
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet 192.168.1.0 255.255.255.0 inside
telnet 10.12.0.0 255.255.0.0 mgmt
telnet timeout 30
ssh 192.168.1.0 255.255.255.0 inside
ssh 10.12.0.0 255.255.0.0 mgmt
ssh timeout 30
console timeout 0
management-access interco
dhcpd option 3 ip 192.168.1.1
dhcpd address 192.168.1.100-192.168.1.254 inside
dhcpd dns 41.79.48.66 8.8.8.8 interface inside
dhcpd enable inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
username admin password eY/fQXw7Ure8Qrz7 encrypted privilege 15
tunnel-group 10.22.19.5 type ipsec-l2l
tunnel-group 10.22.19.5 ipsec-attributes
pre-shared-key *****
isakmp keepalive threshold 60 retry 5
class-map inspection_default
match default-inspection-traffic
policy-map global_policy
class inspection_default
inspect dns
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect snmp
inspect icmp
prompt hostname context
call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:5aa0d27f15e49ea597c8097cfdb755b8
: end
SITE2:
ASA Version 8.2(5)
hostname test-luba
domain-name test.eg
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Ethernet0/0
description "Sortie Interco-Internet"
switchport access vlan 2
interface Ethernet0/1
description "management"
switchport access vlan 10
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 192.168.3.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 10.22.19.5 255.255.255.0
interface Vlan10
nameif mgmt
security-level 0
ip address 10.12.1.101 255.255.0.0
ftp mode passive
dns server-group DefaultDNS
domain-name test.eg
object-group network LAN-MALABO
description LAN DE MALABO
network-object 192.168.1.0 255.255.255.0
object-group network LAN-BATA
description LAN DE BATA
network-object 192.168.2.0 255.255.255.0
object-group network LAN-LUBA
description LAN DE LUBA
network-object 192.168.3.0 255.255.255.0
access-list outside_1_cryptomap extended permit ip 192.168.3.0 255.255.255.0 192.168.1.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 192.168.1.0 255.255.255.0
pager lines 24
mtu inside 1500
mtu outside 1500
mtu mgmt 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
nat (inside) 0 access-list inside_nat0_outbound
route outside 0.0.0.0 0.0.0.0 10.22.19.254 1
route outside 192.168.1.0 255.255.255.0 10.22.19.254 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto map outside_map0 1 match address outside_1_cryptomap
crypto map outside_map0 1 set pfs group1
crypto map outside_map0 1 set peer 10.22.19.254
crypto map outside_map0 1 set transform-set ESP-3DES-SHA
crypto map outside_map0 interface outside
crypto ca trustpoint _SmartCallHome_ServerCA
crl configure
crypto ca certificate chain _SmartCallHome_ServerCA
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet 10.12.0.0 255.255.0.0 mgmt
telnet timeout 30
ssh 192.168.3.0 255.255.255.0 inside
ssh 10.12.0.0 255.255.0.0 mgmt
ssh timeout 30
console timeout 0
management-access outside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
username admin password eY/fQXw7Ure8Qrz7 encrypted privilege 15
tunnel-group 10.22.19.254 type ipsec-l2l
tunnel-group 10.22.19.254 ipsec-attributes
pre-shared-key *****
isakmp keepalive threshold 60 retry 5
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
prompt hostname context
call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:185bd689118ba24f9a0ef2f7e80494f6
Can anybody help why my remote site can't connect to Internet.
REgards,
RaitsarevoHi Carv,
Thanks for your reply. i have done finally
i used no crypto ipsec nat-transparency udp-encapsulation in my end router only.
and in remote access VPN i have enabled UDP for client configuration. the most imprtant is i have given IP add of same LAN pool to VPN user,
Regards,
Satya.M -
SCCM 2012 Clients at Secondary Site don't update and shows status as INACTIVE
I have 1 Primary site and 1 Secondary sites. I have setup Secondary site Boundaries using IP subnet. I see that the systems from secondary
site show in the console and they all have clients installed but however 60% of the system shows client activity as INACTIVE and not receiving any heartbeat DDR none of the system showing hardware inventory. I am not positive
where to look as far as logs are concerned. I think the clients aren't receiving policy like they should.
Just to give a brief idea, Secondary Site server crashed and we had to rebuild the server and re install secondary site after rebuilding all the
problem. Everything is working fine in Primary site.
Secondary site is communicating with primary site MP and DP
I have checked MPcontrol.log it shows status as OK
I am able to install client through console but yes when I check the configuration manager properties it shows CCM Notification Agent as DISSABLED
and in the Action Tab Machine and User policy are the only cycles showing.
Checked replmgr.log and rclctrl.log but it’s not showing any error
Only log file which shows error is bgdserver.log ( pasting log errors )
ERROR: SQL exception when retrieve client certificate from DB. Exception: The EXECUTE permission was denied on the object 'sp_GetPublicKeyForSMSID', database 'CM_PRI',
schema 'dbo'. -2146232060 SMS_NOTIFICATION_SERVER 05-07-2014 12:09:01 3968 (0x0F80)
ERROR: Can't do post authentication without client certificate stored in regsitration. SMS_NOTIFICATION_SERVER
05-07-2014 12:09:01 3968 (0x0F80)
ERROR: Failed to authenticate with client [::ffff:10.5.55.88]:49623. SMS_NOTIFICATION_SERVER 05-07-2014
12:09:01 3968 (0x0F80)
ERROR: SQL exception when retrieve client certificate from DB. Exception: The EXECUTE permission was denied on the object 'sp_GetPublicKeyForSMSID', database 'CM_PRI',
schema 'dbo'. -2146232060 SMS_NOTIFICATION_SERVER 05-07-2014 12:09:01 3968 (0x0F80)
ERROR: Can't do post authentication without client certificate stored in regsitration. SMS_NOTIFICATION_SERVER
05-07-2014 12:09:01 3968 (0x0F80)
ERROR: Failed to authenticate with client [::ffff:10.5.62.68]:49923. SMS_NOTIFICATION_SERVER 05-07-2014
12:09:01 3968 (0x0F80)
ERROR: SQL exception when retrieve client certificate from DB. Exception: The EXECUTE permission was denied on the object 'sp_GetPublicKeyForSMSID', database 'CM_PRI',
schema 'dbo'. -2146232060 SMS_NOTIFICATION_SERVER 05-07-2014 12:09:06 3968 (0x0F80)
ERROR: Can't verify signature in message without client certificate for client SCCM GUID:B47059B1-D4E4-41A2-BC88-486A597FE399
SMS_NOTIFICATION_SERVER 05-07-2014 12:09:06 3968 (0x0F80)
ERROR: Invalid hook to be decoded. Authentication SMS_NOTIFICATION_SERVER
05-07-2014 12:09:06 3968 (0x0F80)
ERROR: Failed to decode message body (<BgbSignInMessage TimeStamp="2014-07-05T06:39:01Z"><ClientType>SCCM</ClientType><ClientVersion>5.00.7804.1000</ClientVersion><ClientID>GUID:B47059B1-D4E4-41A2-BC88-486A597FE399</ClientID></BgbSignInMessage>)
with message header
Help me resolve this issue as I am struggling to resolve this for almost 2 weeks.
Please let me know which logs are helpful and I'll try to add it to replies.Hi,
Quote:"see that the systems from secondary site show in the console and they all have clients installed but however 60% of the system shows client activity as INACTIVE and not receiving any heartbeat DDR none of the system showing hardware inventory. "
So not all the clients show inactive? Have you checked the logs in an inactive client? Such as ClientIDManagerStartup.log.
Have you checked Secondary Site server's computer name from SQL logins? You could try to remove this account, wait a while, recreate the same computeraccount login with sysadmin access. (http://social.technet.microsoft.com/Forums/en-US/d5383c23-6b71-47cc-9fad-fda82a44a3aa/secondary-site-showing-inactive-clients?forum=configmanagerdeployment)
You could use Configuration Analyzer for System Center 2012 R2 to troubleshoot issues.
http://technet.microsoft.com/en-us/library/dn469435.aspx
Best Regards,
Joyce
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
How can i solve this replication problem between TT and ORACLE
Hi
I have an application that using AWT cashgroup implement the replication between TT (7.0.6.7) and ORACLE(10g);
but i encounter this problem:
16:16:50.01 Err : REP: 2302682: ABM_BAL_WH:meta.c(4588): TT5259: Failed to store Awt runtime information for datastore /abm_wh/abm_bal_ttdata/abm_bal_wh on Oracle.
16:16:50.02 Err : REP: 2302682: ABM_BAL_WH:meta.c(4588): TT5107: TT5107: Oracle(OCI) error in OCIStmtExecute(): ORA-08177: can't serialize access for this transaction rc = -1 -- file "bdbStmt.c", lineno 3726, procedure "ttBDbStmtExecute()"
16:16:50.02 Err : REP: 2302682: ABM_BAL_WH:receiver.c(5612): TT16187: Transaction 1316077016/357692526; Error: transient 0, permanent 1
the isolation level of my date store is read-committed ,and the sys.ODBC.INI file is also set Isolation=1(readcommitted mode)
so ,I still wonder how the error ORA-08177!
how can i solve this replication problem?
thank you.I suspect this is failing on an UPDATE to the tt_03_reppeers table on Oracle. I would guess the TT repagent has to temporarily use serializable isolation when updating this table. Do you have any other datastores with AWT cachegroups propagating into the same Oracle database? Or can you identify if some other process is preventing the repagent from using serializable isolation? If you google ORA-08177 there seem to be ways out there to narrow down what's causing the contention.
-
Uninstall and Reinstall Secondary Site Management Point Role
Dear Brothers,
I have an issue with one of my SCCM 2012 Sp1 with CU3 Secondary Site Server which the client failed to install on the actual server due to a client issue observed in the CCMSetup.log.
Observation Regarding the issue:
Issue Detail No1.
SCCM Client is not installing to my Secondary Site Server with site code (XYZ), after all the site server are also clients in SCCM hierarchy so it self needs SCCM Client as well.
CCMSetup.log:
"Error 25150. Setup was unable to register the CCM_Service_HostingConfiguration endpoint" when you try to install the client agent in Configuration Manager"
According to http://support.microsoft.com/kb/2905359
the solution is to :
1. Uninstall the management point role.
2. Reinstall the client agent on the management point computer.
3. Reinstall the management point role.
Issue Detail No 2.
When I am trying to uninstall the Management Point Role via SCCM Console as part of the solution posted on the above KB Article, unfortunately the delete or uninstall option is been greyed out.
Now a lot of discussion on the topic "Can not remove management point role is greyed out "under this thread
http://social.technet.microsoft.com/Forums/en-US/1a039893-4a65-4dc9-9feb-e6f09ea1fc0b/can-not-remove-management-point-remove-role-is-greyd-out?forum=configmanagerdeployment
However on the last comment of the above thread from"Trana010"
stated a tool or a command
C:\program files\Microsoft Configuration Manager\bin\x64\rolesetup.exe /deinstall /siteserver:(sec server name) SMSMP
0
Which I never tried yet, and also cannot find a reliable KB supporting the command "rolesetup.exe".
Questions:
1. What is the best way to uninstall/Reinstall the management point on secondary site considering the above issue details?
2. Should I installed CU4 directly instead? Maybe it will resolved the issue even though it is not related to the current case
Regards,Well, it's by design that you can't remove a management point on a secondary site, so I can imagine that that's why there is nothing "official" written on that subject. I think there are three things you can do:
Try to run the command line (which is probably unsupported)
Submit a CSS call
Upgrade to CU4 and assume the problem is gone.
My Blog: http://www.petervanderwoude.nl/
Follow me on twitter: pvanderwoude
Dear Peter,
I end up shooting a case with CSS, he guided me and share that this issue is very common.
The reason is that it requires CU3 upgrade (Configmgr2012ac-sp1-kb2882125-x64.msp) to be installed with the SCCM Client installation (The same time) via command line in an elevated permission.
Follow the solution provided by Microsoft Support:
CCMSetup.exe /forceinstall SMSSITECODE=XYZ CCMENABLELOGGING=TRUE CCMLOGLEVEL=0 PATCH=C:\Configmgr2012ac-sp1-kb2882125-x64.msp
It seems the Client Push provided by SCCM 2012 Sp1 Infra, that includes your Hotfix under the "Hotfix" folder under the client source folder somehow doesn't work with this issue, that's why the work around is to help the ccmsetup to grab the Hotfix with
by providing the path for the hotfix instead of relying to take the hotfix for the hotfix folder.
Overall peter thanks for your suggestion. And also to Mr. Jason Sandys opening the option for an R2 upgrade, I will look into the KB for this to plan for implementation.
Regards, -
Adding Secondary Site SCCM2012
I have a Primary Site Setup with general roles and Distribution Point roles, Reporting services, Software Update point.
Now we have added an another site and need to set up one more site server at site-2.
I need to distribute the software updates of site-2 clients using the new sccm-2 server located in Site-2 by having an Distribution in site-2.
what all the additional roles needs to be setup in site-2.
do I need to install WSUS in site-2 sccm server to push software updates?
And prior installing the secondary Site, do I need to install an SQL server Instance at Sccm2 server?
or the default mssql express edition is enough at site-2 which will be taken care during addition of secondary site wizard?
Pls clarify
RajAssuming you actually want/need a secondary site:
- No there is no advantage of using a full SQL instance over SQL Express. Overhead of a full SQL instance would be a disadvantage as its simply not necessary.
- Correct, clients at the remote site would connect to the WSUS instance at the main location to download/access update metadata. The download of this metadata is (depending upon what you have selected in the catalog) generally around 10MB but after that
it's purely deltas which generally are 500KB per month (the catalog is only updated twice a month by Microsoft).
- You cannot install reporting services on a secondary site -- is there a specific reason you are wanting to?
Going back to my first statement above, without knowing the details we can't make a definite recommendation, but using a remote distribution point is the preferred method of handling remote locations in ConfigMgr 2012. The primary generator of traffic in
ConfigMgr is content transfer (accounting for at least 90% of traffic typically) thus the only traffic you truly need to worry about (once again typically, there are many factors that can potentially influence this) is content from DPs.
Jason | http://blog.configmgrftw.com -
Problem uploading iWeb site to Hostgator
I just created a site with iWeb, and got a host account with HostGator. My domain name came from NameCheap.com, so I changed the DNS as instructed. I then tried to publish my site. I entered the IP address that HostGator provided to me in iWeb's Server Settings box titled "Server address," then entered my username and password. I clicked Test Connection, but I keep getting a message telling me that I am offline. I am definitely online, and I tested the IP address with Cyberduck successfully, so it's a problem with iWeb. Does it work to enter the IP address in "Server Address," or am I supposed to wait until the DNS change takes effect and enter a different server address?
Publish your site to a folder on your HD and use Cyberduck to upload the contents of that folder, the site folder and an index.html file, to your host server. Cyberduck is reported to be much more reliable that the built in ftp client of iWeb.
Happy New Year
Maybe you are looking for
-
I want to format my C drive. If I run recovery from the partitioned D drive will this be accomplished. Thanks
-
My Macbook will not go beyond the grey screen after I downloaded an App from Mac-forums called disc doctor. Now obviously unable to get my documents. Can I access iCloud to retrieve these docs which are in pages or is this a stupid question ?
-
The Menu Start and Notification doesn't work and other modern apps too.
Hi guys! I have a big problem of my Windows 10. I can't use my Start Menu, Apps and Notifications it doesn't work. I don't know what is happened. Everthing was good and on the last time I have strange problems. (The Start menu logo looks like disacti
-
Blank pdf contact sheet using Image Capture
I have tried using image capture to create a .pdf contact sheet of 12 jpgs but when I open the file it is blank. Any ideas as to what I am doing wrong please?
-
Creating follow-up activity automatically .
Hi Experts, Can i create a follow-up activity automatically as a follow-up document(using code or configuration) as soon as i create an activity. Can anyone help me on how to achieve this? Regards, Rahul