DNS Client not Configured

Similar Messages

• DNS change on network, but DNS not configured on CUCM. Is a rehosted license needed???

  HI,
  I am running CUCM 8.0.3. 
  We just updated part of our network and changed the DNS server. 
  I need/want to verify if I need to rehost my license key. My belief is “NO”…
  From what I’ve read, when you change DNS, it changes the calculated value of the license  MAC, and thus you need to get it rehosted.
  http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/cli_ref/8_0_3/cli_ref_803.html#wp39980
  BUT… If DNS is not configured, and I’m not adding a new DNS into CUCM either, do I still need to get my license rehosted?
  My understanding, is that since DNS is not configured and thus not changing, the calculated value of the MAC stays the same, and there is NO need to change out, or rehost, our license.
  Attached is a image of “Show network eth0” from my CUCM showing DNS is not configured currently.
  Note: It's just the DNS on the network that has changed. The IP address/subnet/gateway/MAC address of the CUCM is staying the same.
  Thanks in advance for any insight...
  -Chris

  Hi Chris
  Adding the DNS will lead to changing in your licensing MAC since the value is changed from null to something else.
  But:
  The licensing MAC is only valid if you are using a virtual environment, such as a UCS box and Exsi host on top of that . If you are using physical environment such MCS server then Licenses are bound to physical MAC and you can change the DNS without any worry for re hosting the licenses.
  You can run
  Show hardware
  to check if you are using MCS or UCS box.
  Regards
  Aditya Gupta

• If DNS is not enabled during CUCM installation it can't be used later?

  Hi all,
  seems to me this can't be true but when attended one telepresence class they told me the following:
  "It is recommended to install CUCM with DNS enabled even if it will not be used initially. If you do not select the DNS option during installation, you would have to reinstall CUCM to enable it later."
  Any comments are appreciated.

  Aaron / Chris
  I am hoping you guys have done this before and can provde some feedback.  I currently do not have the domain name configured for my CUCM 7.1 cluster.  Performing a show network eth0 shows:
  DNS
  Domain       : Not configured  <-- Not set
  Gateway      : 10.48.116.1 on Ethernet 0
  After a recent upgrade to my companys exchange servers from 2003 to 2010 I noticed I stopped getting RTMT alerts.  I took a packet trace from the CUCM publisher and saw in the trace I was getting invalid user ID.  THe trace showed the alert from field was RTMT instead of [email protected].  I guess this worked in the 2003 exchange becasue the relay agent only looked at the IP address I was coming from.  2010 requires a domain name.
  I found this article and according to the requirements to configure alerts to be sent via e-mail, the Domain name should be configured to properly addressed this request to the SMTP server:
  http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/service/7_1_2/rtmt/rtconfal.html
  Here is were I get nerviouse. When I type the command set network domain company.com I get the WARNING:
  Adding/deleting or changing domain name on this server will break database replication. Once you have completed domain modification on all systems that you intend to modify, please reboot all the servers in the cluster. This will ensure that replication keeps working correctly. After the servers have rebooted, please confirm that there are no issues reported on the Cisco Unified Reporting report for Database Replication.
  The server will now be rebooted. Do you wish to continue.
  So I interpert this as telling me I will have to perform the set network domain command on all 8 of my subscribers and then reboot them?
  IF you guys have done this did you have to perform a drop replication and then rebuild the replication?  If you have not done this do you know if you have to.  Since I have Contact Center Enterprise and Express in my CUCM cluster and we are 24x7 I have to be cautious.  When I have had to rebuild replication before it has taken and hour and it was not a good time.
  Thanks in advance for any feedback you may be able to provide!

• Can not configure Oracle 10g form  on oracle 11g client

  Hi
  I need to install oracle 10g form in my system .
  Here is my system
  1. OS --XP
  2. 32 Bit
  4. Already oracle 11g release client installed ( I think that create the problem )
  I tried to install oracle 10g form , it installed but can cont configure net manager for it , Always it point to 11g client and hence I could not configure .
  Also I tried install Oracle Forms first then 11g client , But  I got same issue .
  I think if  I created multiplr home one for 11g client and other for forms , it may work out .
  Please  help me
  Debashis

  While deploying the example 'VacationRequest' in the oracle complete guide for 11g, i got an exception like this
  "12:08:15 PM] Deploying Application...
  [12:11:16 PM] [Deployer:149191]Operation 'deploy' on application 'VacationRequestTaskFlow' is initializing on 'soa_server1'
  [12:11:24 PM] [Deployer:149034]An exception occurred for task [Deployer:149026]deploy application VacationRequestTaskFlow on soa_server1.: [Deployer:149145]Unable to contact 'bam_server1'. Deployment is deferred until 'bam_server1' becomes available.; nested exception is:
       java.rmi.UnknownHostException: Could not discover administration URL for server 'bam_server1'.
  [12:11:24 PM] [Deployer:149193]Operation 'deploy' on application 'VacationRequestTaskFlow' has failed on 'soa_server1'
  [12:11:24 PM] [Deployer:149034]An exception occurred for task [Deployer:149026]deploy application VacationRequestTaskFlow on soa_server1.: Failed to load webapp: 'VacationRequestTaskFlow.war'.
  [12:11:24 PM] Weblogic Server Exception: weblogic.application.ModuleException: Failed to load webapp: 'VacationRequestTaskFlow.war'
  [12:11:24 PM] Caused by: java.lang.ClassNotFoundException: oracle.adf.library.webapp.ResourceServlet
  [12:11:24 PM] See server logs or server console for more details.
  [12:11:24 PM] weblogic.application.ModuleException: Failed to load webapp: 'VacationRequestTaskFlow.war'
  [12:11:24 PM] #### Deployment incomplete. ####
  [12:11:24 PM] Deployment Failed"
  Can anyone help in this.

• Ccmsping Installation: RFC client functionality not configured

  Hi there,
  I've tried to install a ccmsping on our Solution Manager (EHP 1, SP 23). First everything looks fine, but when I try to start the agent in the last step, following info appears:
  INFO: Updated saprfc.ini in agent work directory <DIR>
  INFO: Connected to <SID>, CCMS version in ABAP: ...
  INFO: handling destination CCMS_SYSTEM_PING_DEST
  INFO: successfully registered at <SID>
  INFO: RFC client functionality not configured
  INFO: Updated config file <DIR>.
  When I start "System Monitoring" in the workcenter, the status of ccms is "no ccmsping data available".
  Any idea? Can anybody explain me the info "RFC client functionality not configured"?
  Thanks and best regards,
  Max

  hi
  pls chk the below sdn experts blogs for  guidance
  [Setting Up your Central Monitoring [original link is broken]|Setting Up your Central Monitoring [original link is broken]]
  [Monitoring Availability [original link is broken]|Monitoring Availability [original link is broken]]
  Jansi

• Configure DNS client

  I new in solaris can anyone tell me how to configure dns client? thank you

  1. Edit the /etc/resolv.conf file
  vi /etc/resolv.conf
  domain example.com
  nameserver xxx.xxx.xxx.xxx # IP address of name server
  nameserver xxx.xxx.xxx.xxx # IP address of sec name server
  search test.example.com research.example.com
  2. Configure DNS as the naming service .
  cp /etc/nsswitch.dns /etc/nsswitch.conf
  3. [b]Bounce the naming service .
  svcadm restart network/dns/client
  (OR)
  Reboot the machine
  4. Testing the DNS client
  nslookup

• "Error [10151] The LCP Port on CCM Admin for Mobile Agent is not Configured or misconfigured"

  We are running into a problem which we have noticed on UCCE 8.5 and havent seen on earlier 7.5 release.
  If we setup a CTI port as agent device target and if we try to login the agent using Cisco Desktop (Not CAD, just CTI OS Client) then we get following error:
  "Error [10151] The LCP Port on CCM Admin for Mobile Agent is not Configured or misconfigured"
  But this wasnt the issue with 7.5 and we were able to do agent login with CTI Port as device target. We dont intend to use Mobile Agent feature but just login UCCE agent to CTI port as the device.
  Do we know if this is a known issue or if something has changed between 7.x and 8.x release which could be is causing this?

  So you can ping and nslookup from your ms to these agents and vice versa right?  I wouldn't do a manual install, I would push the agent from the management server.  You can uninstall the agent manually, or use cleanmom to get rid of them.  Then
  do an install from the console.  When you initiate the install from the console (management server), should it run into any issues it will dump out an error which will give you an idea of where the problem may be.
  From Holmans post on this:
  e MOM Server could not execute WMI Query "Select * from Win32_OperatingSystem" on 
  computer “servername.domain.com” 
  Operation: Agent Install 
  Install account: DOMAIN\account 
  Error Code: 800706BA 
  Error Description: The RPC server is unavailable.
  The MOM Server could not execute WMI Query "(null)” on 
  computer “servername.domain.com” 
  Operation: Agent Install 
  Install account: DOMAIN\account 
  Error Code: 800706BA 
  Error Description: The RPC server is unavailable.
  8004100A 
  800706BA
  1.  Ensure agent push account has local admin rights 
  2.  Firewall is blocking NetBIOS access.  If Windows 2008 firewall is enabled, ensure “Remote Administration (RPC)” rule is enabled/allowed.  We need port 135 (RPC) and the DCOM port range opened for console push through a firewall.  
  3.  Inspect WMI service, health, and rebuild repository if necessary 
  4.  Firewall is blocking ICMP  (Live OneCare) 
  5.  DNS incorrect 
  http://blogs.technet.com/b/kevinholman/archive/2009/01/27/console-based-agent-deployment-troubleshooting-table.aspx
  Regards, Blake Email: mengotto<at>hotmail.com Blog: http://discussitnow.wordpress.com/ If my response was helpful, please mark it as so, if it answered your question, then please also mark it accordingly. Thank you.

• Windows server 2012 standard second DNS server not automaticly detected by Windows 7.

  Hi!
  We have configured a second DNS server on our domain just in case.
  I have tested the second DNS by activating manually the second dns server in the IPV4 config in windows 7 pro.
  My question is: the second DNS server is not supposed to be detected automaticly by windows?
  Thanks you.

  Hi,
  There may be some misunderstanding about how DNS works.
  DNS client doesn't detect DNS servers. DNS client doesn't know which zone is hosted by the DNS server. DNS client can only send DNS query to the DNS servers which are configured in the client.
  As I mentioned above, the DNS Client service queries the DNS servers in the following order:
  The DNS Client service sends the name query to the first DNS server on the preferred adapter’s list of DNS servers and waits one second for a response.
  If the DNS Client service does not receive a response from the first DNS server within one second, it sends the name query to the first DNS servers on all adapters that are still under consideration and waits two seconds for a response.
  If the DNS Client service does not receive a response from any DNS server within two seconds, the DNS Client service sends the query to all DNS servers on all adapters that are still under consideration and waits another two seconds for a response.
  If the DNS Client service still does not receive a response from any DNS server, it sends the name query to all DNS servers on all adapters that are still under consideration and waits four seconds for a response.
  If it the DNS Client service does not receive a response from any DNS server, the DNS client sends the query to all DNS servers on all adapters that are still under consideration and waits eight seconds for a response.
  In your case, if you configure the DNS2 as the secondary DNS server on Windows 7, when the DNS1 is down, Windows 7 will send DNS query to DNS2 after 3 sceconds(Step 3).
  Best Regards.
  Steven Lee
  TechNet Community Support

• Domain Controllers that are DNS servers DNS Client settings

  [Copying verbatim from a mail by Joe ]
  So I have been pinged by a few folks recently on configuration of client DNS settings on Domain Controllers that are also functioning as DNS Servers. Lots of debate. I understand there has been long time debate within MSFT as well.
  From http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail-sack-saturday-edition.aspx there
  is the quote
  "3.When referencing a DNS server on itself, a DNS client should always use a loopback address and not a real IP address."
  From http://www.microsoft.com/en-us/download/confirmation.aspx?id=9166 (Windows
  Server 2008 R2 Core Network Guide)
  "9.        In Preferred DNS server, type the IP address of your DNS server. If you plan to use the local computer as the preferred DNS server, type the IP address of the
  local computer.
  10.       In Alternate DNS Server, type the IP address of your alternate DNS server, if any. If you plan to use the local computer as an alternate DNS server, type the IP address of
  the local computer."
  From http://technet.microsoft.com/en-us/library/dd378900(v=ws.10).aspx (DNS:
  DNS servers on <adapter name> should include their own IP addresses on their interface lists of DNS servers)
  "The inclusion of its own IP address in the list of DNS servers improves performance and increases availability of DNS servers. However, if the DNS server is also a domain controller and it points only to
  itself for name resolution, it can become an island and fail to replicate with other domain controllers. For this reason, use caution when configuring the loopback address on an adapter if the server is also a domain controller. The loopback address should
  be configured only as a secondary or tertiary DNS server on a domain controller...
  Add the loopback IP address to the list of DNS servers on all active interfaces. The loopback IP address should not be the first server in the list."
  ESPECIALLY "For this reason, use caution when configuring the loopback address on an adapter if the server is also a domain controller. The loopback address should be configured only as a secondary or tertiary
  DNS server on a domain controller." and "Add the loopback IP address to the list of DNS servers on all active interfaces. The loopback IP address should not be the first server in the list."
  Why shouldn't loopback not be first, the justification is why you shouldn't only use loopback, not why it shouldn't be first.
  From http://technet.microsoft.com/en-us/library/ff807362(v=ws.10).aspx (DNS:
  DNS servers on <adapter name> should include the loopback address, but not as the first entry)
  "If the loopback IP address is the first entry in the list of DNS servers, Active Directory might be unable to find its replication partners. 
  The inclusion of its own IP address in the list of DNS servers improves performance and increases availability of DNS servers. However, if the DNS server is also a domain controller and it points only to itself,
  or points to itself first for name resolution, this can cause a delay during startup. For this reason, use caution when configuring the loopback address on an adapter if the server is also a domain controller. The loopback address should be configured only
  as a secondary or tertiary DNS server on a domain controller."
  This also seems like justification against only using loopback versus using it first.
  Are there any actual real documented issues for using loopback first and a remote DNS server second and perhaps third? If the local DNS server service isn't working yet (or at all), I would expect the DNS Client process
  to try to connect to it, fail, and then failover to the secondary just like I would expect it to failover if the remote DNS server was secondary and it was unavailable and it failed back to the loopback. Am I making a bad assumption?
  And by documented I don't mean random responses to questions on the internet or other such items. I mean a KB article or technet article or properly researched and tested other web article from a reliable resource.
  thanks, 
  joe

  As I understand it, the scenario whereby a DC could become an 'island' if it points only to itself, or to itself first, was repaired in the Windows Server 2003 product cycle. See
  http://support.microsoft.com/kb/275278 for information about this scenario.
  However, there is still a known problem of slow boot times that can occur. See
  http://support.microsoft.com/kb/2001093 for information about this. The scenario that is discussed assumes there is a power failure and servers shut down due to overheating while on backup power. When
  multiple servers come online simultaneously after power is restored, there can be a significant delay.
  The recommended configuration is one that avoids a single point of failure, but also tries to optimize the speed of resource record registration, so that Active Directory can properly synchronize.
  -Greg

• Kinit: Client not found in Kerberos database while getting initial credentials

  Hi all,
  I am trying to configure application which uses Kerberos authentication.
  Error message: 
  kinit: Client not found in Kerberos database while getting initial credentials
  I use Windows Server 2003 domain controller as LDAP server, Tomcat application (on Linux) and IIS application as client, and apache load balancer.
  There is multidomain environment:  russia.domain.net, europa.domain.net, asia.domain.net;
  Tomcat and IIS servers works behind a proxy server (Apache on Linux). 
  For applications created two DNS  records type A. all DNS use IP address of Apache proxy server:
  application-sandbox.russia.domain.net
  applicationweb-sandbox.russia.domain.net
  To confiure kerberos authentication i have performed the following steps:
  1. Create user account in EUROPA domain and configure delegation for this:
  EUROPE\application_sandbox
  2. Register SPN for this account:
  setspn -A HTTP/application-sandbox.russia.domain.net EUROPE\application_sandbox
  setspn -A HTTP/application-sandbox EUROPE\application_sandbox
  3. After i verified registered SPN for this account:
  setspn.exe -L EUROPE\application_sandbox
  Registered ServicePrincipalNames for CN=kxxb999,OU=Users,DC=europe,DC=domain,DC=net:
          HTTP/application-sandbox
          HTTP/application-sandbox.russia.domain.net
  3. After i generate a keytab file:
  ktpass /princ HTTP/application-sandbox.russia.domain.net:@RUSSIA.DOMAIN.NET /ptype krb5_nt_principal /crypto rc4-hmac-nt /mapuser EUROPE\application_sandbox /out application_sandbox.keytab -kvno 0 /pass Pa$$w0rd
  4. Properties of account looks like the following:
  Get-ADUser -Identity appication_sandbox -Properties CN, ServicePrincipalNames, UserPrincipalName
  CN : kxxb999
  DistinguishedName : CN=kxxb999,OU=Users,DC=europe,DC=domain,DC=net
  Enabled : True
  GivenName :
  Name : kxxb999
  ObjectClass : user
  SamAccountName : application_sandbox
  ServicePrincipalNames : {HTTP/application-sandbox, HTTP/application-sandbox.russia.domain.net}
  Surname : application_sandbox
  UserPrincipalName : HTTP/[email protected]
  4.Note that CN and User logon name are different. SPN registered for DNS record.
  There are no computer in domain with name application-sandbox.russia.domain.net. this is a DNS record for application.
  5. Then i copy keytab file to Linux machine, configure krb5.conf file and trying to get TGT for registered principal name.
  krb5.conf file:
  [libdefaults]
  default_realm = EUROPE.DOMAIN.NET
  dns_lookup_realm = false
  dns_lookup_kdc = false
  default_tkt_enctypes = rc4-hmac
  default_tgs_enctypes = rc4-hmac
  [realms]
  RUSSIA.DOMAIN.NET = {
  kdc = dc01.russia.domain.net
  admin_server = dc01.russia.domain.net
  default_domain = russia.domain.net
  EUROPE.DOMAIN.NET = {
  kdc = dc01.europe.domain.net
  admin_server = dc01.europe.domain.net
  default_domain = europe.domain.net
  [domain_realm]
  europe.domain.net = EUROPE.DOMAIN.NET
  .europe.domain.net = EUROPE.DOMAIN.NET
  russia.domain.net = RUSSIA.DOMAIN.NET
  .russia.domain.net = RUSSIA.DOMAIN.NET
  [appdefaults]
  autologin = true
  forward = true
  forwardable = true
  encrypt = true
  Then i verified created keytab file:
  klist -e -k -t application_sandbox.keytab
  Keytab name: FILE:application_sandbox.keytab
  KVNO Timestamp Principal
  0 01/01/70 01:00:00 HTTP/[email protected] (arcfour-hmac)
  And trying to get TGT ticket:
  kinit -V -k -t application_sandbox.keytab HTTP/[email protected]
  Using default cache: /tmp/krb5cc_0
  Using principal: HTTP/[email protected]
  Using keytab: application_sandbox.keytab
  kinit: Client not found in Kerberos database while getting initial credentials
  But if i use SamAccountName name with kinit commant then i can aquire TGT ticket:
  [root@localhost security]# kinit application_sandbox
  Password for [email protected]:
  [root@localhost security]# klist
  Ticket cache: FILE:/tmp/krb5cc_0
  Default principal: [email protected]
  Valid starting Expires Service principal
  06/30/14 16:37:41 07/01/14 02:37:38 krbtgt/[email protected]
  renew until 07/01/14 16:37:41
  I'm in trouble. can anyone faced this problem?
  Thank you

  Hi all,
  according to Amy answer I thought, how user principal could  not be found in Kerberos database, e.g AD domain.
  My HTTP service works in RUSSIA domain, but user principal created in EUROPE domain.
  Next, i have checked my ktpass command:
  ktpass /princ HTTP/[email protected] /ptype krb5_nt_principal /crypto rc4-hmac-nt /mapuser EUROPE\application_sandbox /out application_sandbox.keytab -kvno 0 /pass
  Pa$$w0rd
  especially  the following parameters:
  /princ HTTP/[email protected]
  /mapuser EUROPE\application_sandbox
  When generating keytab it changes userlogon name to HTTP/application-sandbox.russia.domain.net and set domain domain to RUSSIA.DOMAIN.NET
  But no user principal with name application_sandbox in RUSSIA.DOMAIN.NET domain (e.g. Kerberos realm)
  So solution is change RUSSIA.DOMAIN.NET to EUROPE.DOMAIN.NAME in ktpass command.
  After that i am able to get TGT and authenticate in domain.

• Q on Solaris 11.2 DNS Client

  Hi All,
  Pls note that the mailq command is found hangup whenever the DNS Client is being enabled in our Solaris 11.2 server.  So, do anyone have any clue on this behavior?
  Thanks & Regards

  Hi Carlos,
  Solaris 10 and Solaris 11 are "apples and oranges", to use the popular comparitive expression. In this case, it's more like "grapes and watermelons", or "strawberries and raisins" . .you get the idea : )
  This doc talks about it:
  http://www.oracle.com/technetwork/server-storage/solaris11/documentation/solaris11-whatsnew-201111-392603.pdf
  "System Configuration in the SMF repository
  Some basic system configuration has been migrated into the SMF system configuration
  repository with Oracle Solaris 11, as part of a wider move to reduce the number of
  configuration files that are located in /etc and to improve the management of configuration
  during system upgrade. . . . . ."
  and specifically on S11 name services:
  http://docs.oracle.com/cd/E23824_01/html/E24456/gliyc.html#gllcu
  It's a whole new world.

• Workgroup Client Installation & configuration in SCCM 2012

  Hi,
  i have an internal domain named ECC-OCT.local which has internal IP 10.0.8.45 and SCCM server IP 10.0.8.47.
  i have been installed SCCM Client Agent on a workgroup server manually but the site code not approved
  (why ?).
  Keep in mind that the DNS for the workgroup server was my public DNS Server which configured to hold secondary zone
  for internal domain ECC-OCT.local.
  If i assigned the 3rd dns server (on network card configuration) to ip 10.0.8.45 , the site code retrieved successfully.  
  what can i do to solve this issue?

  Hi,
  Based on your description, I recommend you check the MP record in DNS:
  The SRV record must has been registered in DNS.
  SRV record is published in DNS
  Also, you can edit the LMHOSTS and HOSTS files on each client for the site code retrieve.
  Managing System Center Configuration Manager clients in a workgroup
  http://blogs.technet.com/b/configurationmgr/archive/2010/03/01/managing-system-center-configuration-manager-clients-in-a-workgroup.aspx
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Internet Client Not talking to DMZ MP

  I am facing issues in communication of Internet Client to my MP sitting in DMZ.
  Scenario:
  Primary Site 2012
  MP, DP role installed Site system in DMZ domain joined.
  DMZ talking to DC, and site server, bidirectional.
  Installed MP and DP role, with Internet only client, created FQDN, and published FQDN to public DNS
  created certs following steps in http://www.systemcenterdudes.com/internet-based-client-management/.
  Tried installing client manually in domain, using switches ccmsetup.exe /usePKICert /NoCRLCheck CCMHOSTNAME="MP public FQDN" DNSSUFFIX="public DNS" SMSSITECODE=XXX 
  When moved the client to open internet, I see below error in locations services.log
  Attempting to retrieve site information from lookup MP(s) via HTTPS
  LocationServices 3/18/2015 4:28:41 PM
  2424 (0x0978)
  Failed to send site information Location Request Message to XXXXXXX
  LocationServices 3/18/2015 4:29:01 PM
  2424 (0x0978)
  Attempting to retrieve site information from lookup MP(s) via HTTP
  LocationServices 3/18/2015 4:29:01 PM
  2424 (0x0978)
  Failed to refresh security settings over MP with error 0x80004005.
  LocationServices 3/18/2015 4:29:01 PM
  2424 (0x0978)
  No security settings update detected. LocationServices
  3/18/2015 4:29:01 PM 2424 (0x0978)
  Using INF MP XXXXXXXXXXX as lookup MP. LocationServices
  3/18/2015 4:29:01 PM 2424 (0x0978)
  Attempting to retrieve site information from lookup MP(s) via HTTPS
  LocationServices 3/18/2015 4:29:01 PM
  2424 (0x0978)
  Failed to send site information Location Request Message to XXX
  LocationServices 3/18/2015 4:29:08 PM
  2424 (0x0978)
  Attempting to retrieve site information from lookup MP(s) via HTTP
  LocationServices 3/18/2015 4:29:08 PM
  2424 (0x0978)
  Failed to refresh Site Signing Certificate over MP with error 0x80004005.
  LocationServices 3/18/2015 4:29:08 PM
  2424 (0x0978)
  Refreshing Site Signing Certificate over HTTP
  LocationServices 3/18/2015 4:29:08 PM
  2424 (0x0978)
  [CCMHTTP] AsyncCallback(): -----------------------------------------------------------------
  LocationServices 3/18/2015 4:29:26 PM
  2424 (0x0978)
  [CCMHTTP] AsyncCallback(): WINHTTP_CALLBACK_STATUS_SECURE_FAILURE Encountered
  LocationServices 3/18/2015 4:29:26 PM
  2424 (0x0978)
  [CCMHTTP]                : dwStatusInformationLength is 4
  LocationServices
  3/18/2015 4:29:26 PM 2424 (0x0978)
  [CCMHTTP]                : *lpvStatusInformation is 0x10
  LocationServices
  3/18/2015 4:29:26 PM 2424 (0x0978)
  [CCMHTTP]            : WINHTTP_CALLBACK_STATUS_FLAG_CERT_CN_INVALID is set
  LocationServices
  3/18/2015 4:29:26 PM 2424 (0x0978)
  [CCMHTTP] AsyncCallback(): -----------------------------------------------------------------
  LocationServices 3/18/2015 4:29:26 PM
  2424 (0x0978)
  Raising event:
  instance of CCM_CcmHttp_Status
  ClientID = "GUID:8BD27970-C69F-483D-A7E5-0DC76DC7A836";
  DateTime = "20150318105926.499000+000";
  HostName = "XXXXXXXX";
  HRESULT = "0x80072f8f";
  ProcessID = 5868;
  StatusCode = 16;
  ThreadID = 2424;
  LocationServices
  3/18/2015 4:29:26 PM 2424 (0x0978)
  Failed to send request to /SMS_MP/.sms_aut?SITESIGNCERT at host XXX, error 0x2f8f
  LocationServices 3/18/2015 4:29:26 PM
  2424 (0x0978)
  [CCMHTTP] ERROR: URL=https://XXXXXXXX/SMS_MP/.sms_aut?SITESIGNCERT, Port=443, Options=480, Code=12175, Text=ERROR_WINHTTP_SECURE_FAILURE
  LocationServices 3/18/2015 4:29:26 PM
  2424 (0x0978)
  Successfully sent location services HTTPS failure message.
  LocationServices 3/18/2015 4:29:27 PM
  2424 (0x0978)
  Failed to refresh Site Signing Certificate over HTTP with error 0x80072f8f.
  LocationServices 3/18/2015 4:29:27 PM
  2424 (0x0978)
  Using INF MP XXXXXXXX as lookup MP. LocationServices
  3/18/2015 4:29:27 PM 2424 (0x0978)
  Attempting to retrieve default management points from lookup MP(s) via HTTPS
  LocationServices 3/18/2015 4:29:27 PM
  2424 (0x0978)
  LSGetManagementPointsForSiteFromManagementPoint: Client is on Internet, skipping Intranet MP list request.
  LocationServices 3/18/2015 4:29:27 PM
  2424 (0x0978)
  Unable to retrieve compatible MP(s) from AD
  LocationServices 3/18/2015 4:29:27 PM
  2424 (0x0978)
  LSGetManagementPointsForSite: Domain joined client is in Internet - INF MP will be used to get other INF MPs.
  LocationServices 3/18/2015 4:29:27 PM
  2424 (0x0978)
  LSUpdateInternetManagementPoints LocationServices
  3/18/2015 4:29:27 PM 2424 (0x0978)
  Current AD site of machine is XXXXX LocationServices
  3/18/2015 4:29:27 PM 2424 (0x0978)
  Failed to send management point list Location Request Message to XXXXX
  LocationServices 3/18/2015 4:29:34 PM
  2424 (0x0978)
  LSUpdateInternetManagementPoints: Failed to retrieve internet MPs from MP XXX with error 0x87d00231, retaining previous list.
  LocationServices 3/18/2015 4:29:34 PM
  2424 (0x0978)
  There is no AMP for site code XXXX Nulling existing entry in WMI
  LocationServices 3/18/2015 4:29:34 PM
  2424 (0x0978)
  Assigned MP changed from XXXXXXXX to <>.
  LocationServices 3/18/2015 4:29:34 PM
  2424 (0x0978)
  Persisted Default Management Point Locations locally
  LocationServices 3/18/2015 4:29:34 PM
  2424 (0x0978)
  [CCMHTTP] AsyncCallback(): -----------------------------------------------------------------
  LocationServices 3/18/2015 4:29:37 PM
  2432 (0x0980)
  [CCMHTTP] AsyncCallback(): WINHTTP_CALLBACK_STATUS_SECURE_FAILURE Encountered
  LocationServices 3/18/2015 4:29:41 PM
  2432 (0x0980)
  [CCMHTTP]                : dwStatusInformationLength is 4
  LocationServices
  3/18/2015 4:29:41 PM 2432 (0x0980)
  [CCMHTTP]                : *lpvStatusInformation is 0x10
  LocationServices
  3/18/2015 4:29:41 PM 2432 (0x0980)
  [CCMHTTP]            : WINHTTP_CALLBACK_STATUS_FLAG_CERT_CN_INVALID is set
  LocationServices
  3/18/2015 4:29:41 PM 2432 (0x0980)
  [CCMHTTP] AsyncCallback(): -----------------------------------------------------------------
  LocationServices 3/18/2015 4:29:41 PM
  2432 (0x0980)
  Raising event:
  instance of CCM_CcmHttp_Status
  ClientID = "GUID:8BD27970-C69F-483D-A7E5-0DC76DC7A836";
  DateTime = "20150318105941.428000+000";
  HostName = "XXXXXXXX";
  HRESULT = "0x80072f8f";
  ProcessID = 5868;
  StatusCode = 16;
  ThreadID = 2432;
  LocationServices
  3/18/2015 4:29:41 PM 2432 (0x0980)
  Failed to send request to /SMS_MP/.sms_aut?MPLIST2&XXXXX at host XXXXXXX, error 0x2f8f
  LocationServices 3/18/2015 4:29:41 PM
  2432 (0x0980)
  [CCMHTTP] ERROR: URL=https://XXXXXXXX/SMS_MP/.sms_aut?MPLIST2&XXXXX, Port=443, Options=480, Code=12175, Text=ERROR_WINHTTP_SECURE_FAILURE
  LocationServices 3/18/2015 4:29:41 PM
  2432 (0x0980)
  Successfully sent location services HTTPS failure message.
  LocationServices 3/18/2015 4:29:41 PM
  2432 (0x0980)
  Failed to send web service info Location Request Message
  LocationServices 3/18/2015 4:29:41 PM
  2424 (0x0978)
  Modassir Khan

  Hi,
  Here is a blog has a similar problem that a Certificate Revocation List was not configured. You could have a look to check if you missed anything.
  Certificate Revocation Lists and Your Config Manager Client
  Note:
  Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
  Best Regards,
  Joyce
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• I have configure remote access feature web application proxy but not configure give the error. The remote name could not be resolved.

  I have configure remote access feature web application proxy but not configure give the error. The remote name could not be resolved in server 2012 R2.
  I have configure Ad and ADFS different server and try to configure web application proxy different server. what setting are required for connect web application proxy to Ad and ADFS.

  Hi,
  In addition, please make sure that the port 443 is not blocked by the firewall.
  Web Application Proxy requires internal name resolution to resolve the names of backend servers, and AD FS servers. When publishing web applications via Web Application Proxy, every web application you publish requires an external URL. For clients to reach
  these web applications, a public DNS server must be able to resolve each external URL that you configure. Note that the external URL must resolve to the same IP address as the Web Application Proxy server, or the external IP address of a firewall or load-balancer
  placed in front of the Web Application Proxy server.
  Best regards,
  Susie
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• Reverse DNS does not match SMTP Banner

  Hello,
  We have a client with an SLS who is configured to send mail using the ISP as relay. With this situation, the server-side mail rules (vacation notices) are not working.
  So, I need to configure the server to use DNS to send mail. The client has one public static IP, in the form of client.static.isp.gr. ISP refuses to change the PTR for a single IP, so when I check the server using mxtoolbox.com, I get +Reverse DNS does not match SMTP Banner+.
  In MS Exchange, you can set the "Internet e-mail name" and change the default SMTP banner.
  How can I change the SMTP banner in Postfix? (in order to put the ISPs PTR for the static IP).
  Regards
  Kostas

  Kostas B. has been tussling with other issues ("ISP refuses to change the PTR for a single IP") and this is unrelated to the configuration of Mail itself, from what I can tell of it. He's really trying to do something that the ISP involved isn't supporting, and that's more of an administrative or ISP issue and less of a technical issue.
  As for your question (and presuming your public-facing DNS forward and reverse translations are correct and your MX record is correct, details which are not yet in evidence), launch Server Admin and set your mail server host name in the mail configuration. Server Admin > select server > Mail > general > fill in your internet-facing host name. This name should matche your public DNS MX record, and your public forward and reverse DNS translations should (also) match.
  And as a general rule, please don't thread-jack. That largely serves to confound and confuse the discussions.