ISE - client always noncompliant

Similar Messages

• N97 Software update client always says "all applic...

  Could any one tell me why, since I updated to v 20, my Software update client always says “all applications are up-to-dated”?
  It was not important until now with Maps 3.3.
  I ma running v20.0.19, RM-505 Language set: Spain (05), unbranded
  Thanks

  Because all software ARE up to date on your phone. The n97 is not given the map 3.03 update. It will be available for the n97 via a firmware update which has just recently been released. If it is not available for your phone, then your product code must not yet be available for updating.
  @chanchan05 - Not sure regarding the map update... I have an N97 (not mini) and when I was checking for latest software updates, I received the map update on 28 Jan.... No official news from Nokia on FW 2.1...

• In 2 Node RAC clients always connect to Node 2...

  Dear all,
  I have installed RAC 10gR2 on Oracle Enterprise Linux Version 4 Update 5. ASM as storage option on iscsi shared storage.
  In Enterprise Manager I can see 2 instance are UP! i can connect to oracle from any one of the node. All services are running fine on both nodes.
  But when i connect to RAC database from any client machine it always connect to the second node where database instance BSS2 is running and never connects to BSS1.
  I use this query to check which instance:
  SELECT
  instance_name
  , host_name
  , NULL AS failover_type
  , NULL AS failover_method
  , NULL AS failed_over
  FROM v$instance
  UNION
  SELECT
  NULL
  , NULL
  , failove_type
  , failover_method
  , failed_over
  FROM v$session
  WHERE username = 'SYSTEM';
  My tnsnames.ora contains the following entry:
  ORA_DEVP, ora_devp.world =
  (DESCRIPTION =
  (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.0.63)(PORT = 1521))
  (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.0.64)(PORT = 1521))
  (LOAD_BALANCE = yes)
  (CONNECT_DATA =
  (SERVER = DEDICATED)
  (SERVICE_NAME = ora_devp.idevelopment.info)
  (FAILOVER_MODE =
  (TYPE = SELECT)
  (METHOD = BASIC)
  (RETRIES = 180)
  (DELAY = 5)
  I dont know why id do not connect to Node 1. RAC is running but the very basic feature is missing in my configuration. Kindly help.
  Regards, Imran

  Well, looking at this query more connections are on node 2 while very few are on node 1. Maybe this is because of instance load balancing BUT clinets are connecting to both nodes.
  Thanks Jonathan.
  Another thing is that i can not establish Transfer Application Failover (TAF) between the node, like if i am connected to node 2 from a client machine and when i stop instance running on node 2 and again try to run query from client it lost connection. Infact it should have transfered to node 1 instance.
  Following is the entry on my tnsnames.ora file on both node (same on both nodes)
  # tnsnames.ora.oraclecl2 Network Configuration File: /u01/app/oracle/product/10.2.0/db_1/network/admin/tnsnames.ora.oraclecl2
  # Generated by Oracle configuration tools.
  BSS2 =
  (DESCRIPTION =
  (ADDRESS = (PROTOCOL = TCP)(HOST = oraclecl2-vip.beaconhouse.edu.pk)(PORT = 1521))
  (CONNECT_DATA =
  (SERVER = DEDICATED)
  (SERVICE_NAME = bss.beaconhouse.edu.pk)
  (INSTANCE_NAME = bss2)
  BSS1 =
  (DESCRIPTION =
  (ADDRESS = (PROTOCOL = TCP)(HOST = oraclecl1-vip.beaconhouse.edu.pk)(PORT = 1521))
  (CONNECT_DATA =
  (SERVER = DEDICATED)
  (SERVICE_NAME = bss.beaconhouse.edu.pk)
  (INSTANCE_NAME = bss1)
  ORCL_TAF =
  (DESCRIPTION =
  (ADDRESS = (PROTOCOL = TCP)(HOST = oraclecl1-vip.beaconhouse.edu.pk)(PORT = 1521))
  (ADDRESS = (PROTOCOL = TCP)(HOST = oraclecl2-vip.beaconhouse.edu.pk)(PORT = 1521))
  (LOAD_BALANCE = yes)
  (CONNECT_DATA =
  (SERVER = DEDICATED)
  (SERVICE_NAME = orcl_taf.beaconhouse.edu.pk)
  (FAILOVER_MODE =
  (TYPE = SELECT)
  (METHOD = BASIC)
  (RETRIES = 180)
  (DELAY = 5)
  BSS =
  (DESCRIPTION =
  (ADDRESS = (PROTOCOL = TCP)(HOST = oraclecl1-vip.beaconhouse.edu.pk)(PORT = 1521))
  (ADDRESS = (PROTOCOL = TCP)(HOST = oraclecl2-vip.beaconhouse.edu.pk)(PORT = 1521))
  (LOAD_BALANCE = yes)
  (CONNECT_DATA =
  (SERVER = DEDICATED)
  (SERVICE_NAME = bss.beaconhouse.edu.pk)
  EXTPROC_CONNECTION_DATA =
  (DESCRIPTION =
  (ADDRESS_LIST =
  (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))
  (CONNECT_DATA =
  (SID = PLSExtProc)
  (PRESENTATION = RO)
  LISTENERS_BSS =
  (ADDRESS_LIST =
  (ADDRESS = (PROTOCOL = TCP)(HOST = oraclecl1-vip.beaconhouse.edu.pk)(PORT = 1521))
  (ADDRESS = (PROTOCOL = TCP)(HOST = oraclecl2-vip.beaconhouse.edu.pk)(PORT = 1521))
  #Edited by Imran
  ORA_DEVP =
  (DESCRIPTION =
  (ADDRESS = (PROTOCOL = TCP)(HOST = oraclecl1-vip.beaconhouse.edu.pk)(PORT = 1521))
  (ADDRESS = (PROTOCOL = TCP)(HOST = oraclecl2-vip.beaconhouse.edu.pk)(PORT = 1521))
  (LOAD_BALANCE = yes)
  (CONNECT_DATA =
  (SERVER = DEDICATED)
  (SERVICE_NAME = ora_devp.beaconhouse.edu.pk)
  (FAILOVER_MODE =
  (TYPE = SELECT)
  (METHOD = BASIC)
  (RETRIES = 180)
  (DELAY = 5)
  also show service parameter commands show
  ora_devp.beaconhouse.edu.pk as a service...
  but it do not automatically tranfer the instance.
  Thanks.

• ISE client provisioning with wlc 7.3

  Hi Experts,
  i have the following challenge. I will try to be synthetic.
  ISE 1.1.2.145
  WLC 7.3
  Wireless clients, dot1x eap peap, posture required.
  Clients should download the nac agent through redirection.
  So, i have an authorization policy that, for posture status= unknown, apply a redirect av, in the form:
  "https://ip:port:8443/.....action=cpp
  the access list is correctly applied on wlc.
  The challenge is, it works for http traffic, but dont work for https traffic or if the browser is using a proxy (port 3128, 8080 etc).
  In case you wonder, the access-list on wlc:
  permit icmp, dns
  permit traffic to the PDPs
  deny all else.
  Thanks
  Andrea

  You may want to consider, explicity denying the proxy traffic in the WLC ACL and see if that resolves your issue. You may need to get clarification from Cisco TAC to see when the client is in the WEBAUTH state that it only listens for http traffic.
  You may want to consider using this option (however I do not if this will work for radius webauth redirection) -
  http://www.cisco.com/en/US/docs/wireless/controller/7.4/configuration/guides/consolidated/b_cg74_CONSOLIDATED_chapter_01000100.html
  Thanks,
  Tarik Admani
  *Please rate helpful posts*

• ISE Client Provisioning of Certifcates

  I am trying to setup an ISE deployment to allow me to connect to an SSID for client provisioing only. The provisioing should install a certificate from the CA server and setup the new SSID eap-tls authentication settings. I have two questions in regards to this.
  First can I provision a device without going through the device registration process?
  Second is that on my iPad I don't ever get to the provisioing piece. It pops up the device registration page and skips right to me installing the Root CA certifcate and then never allows me to actually register the device. On my windows 8 laptop I register the device and it starts provisioing the client but fails while provisioning. Any ideas on what to look for on why that happens?
  My ISE nodes all have good certificates and the SCEP CA is setup along with the CAP for my identity source sequence.
  At a loss could use some help.

  The provisioning works just fine if I am only trying to provision it for PEAP authentication and not EAP-TLS.

• Running Composite with test client always throws ContentTypeException

  When I run the HelloWorldApp or SOAHelloApp from the test client in SOAConsole it always returns the following:
  oracle.j2ee.ws.saaj.ContentTypeException: Not a valid SOAP Content-Type: text/html
  Cause: oracle.j2ee.ws.saaj.ContentTypeException: Not a valid SOAP Content-Type: text/html
  I can't seem to see what I've done wrong. Any ideas?
  Thanks,
  -Richard Eichenlaub-
  Message was edited by:
  user613822

  Even after changing from "loacalhost" to "127.0.0.1" in the url, I am getting the same error when I do the invoke on the SOAHelloApp or HelloWorldApp:
  oracle.j2ee.ws.saaj.ContentTypeException: Not a valid SOAP Content-Type: text/html
  Cause: oracle.j2ee.ws.saaj.ContentTypeException: Not a valid SOAP Content-Type: text/html
  and sometimes I get the following error instead:
  javax.xml.soap.SOAPException: Bad response: 301 Moved Permanently
  Cause: javax.xml.soap.SOAPException: Bad response: 301 Moved Permanently
  Also, if you don't mind the newbie question, where is this HelloWorldApp coming from and how can I delete it? I followed the Installation Guide exactly to create and deploy the SOAHelloApp and SOAHelloProcess but then I end up with the following exceptions because there is some sort of duplication/overlap with the HelloWorldApp:
  08/01/15 00:59:39 Compiled class(es) "/root/jdevinstance/system11.1.1.0.22.47.96/o.j2ee/embedded-oc4j/deployed-composites/HelloWorldApp/sca_HelloWorld_rev1.0/SCA-INF/bpel/HelloWorld/src/bpel/helloworld/BPEL_BIN.java"
  08/01/15 00:59:39
  08/01/15 00:59:40 -------> CompositeDeployerTimer triggered
  08/01/15 00:59:40 -------> CompositeDeployerTimer trying http connection to http://cgbu-oel:8988
  08/01/15 00:59:41 -------> CompositeDeployerTimer: deploying composites ...
  08/01/15 00:59:41 --------->deploying composite model: HelloWorldApp/HelloWorld!1.0*2007-10-22_14-33-04_195
  Jan 15, 2008 12:59:41 AM oracle.webservices.service
  WARNING: Could not register service! Service with key 'soa-infra/HelloWorldApp/HelloWorld!1.0*2007-10-22_14-33-04_195/client' already exists in Local Service Registry
  Jan 15, 2008 12:59:41 AM oracle.webservices.service
  WARNING: Could not register service! Service with key 'soa-infra/HelloWorldApp/HelloWorld/client' already exists in Local Service Registry
  08/01/15 00:59:41 BPELServiceEngine=> loading component HelloWorldApp/HelloWorld
  08/01/15 00:59:41 BPELServiceEngine=> unloading component HelloWorldApp/HelloWorld
  Jan 15, 2008 12:59:42 AM oracle.integration.platform.PlatformMessages severeUnableDeployComposite
  SEVERE: Deployment of composite "HelloWorld" failed: An active composite for "HelloWorldApp/HelloWorld" has already been registered. Only one active composite is allowed..
  08/01/15 00:59:42 --------->deploying composite model: SOAHelloApp/SOAHelloComposite!1.0*2008-01-14_23-33-55_471
  08/01/15 00:59:42 BPELServiceEngine=> loading component SOAHelloApp/SOAHelloProcess
  08/01/15 00:59:42 BPELServiceEngine=> initing HelloWorldApp/HelloWorld
  08/01/15 00:59:42 BPELServiceEngine=> initing SOAHelloApp/SOAHelloProcess
  08/01/15 00:59:42 -------> CompositeDeployerTimer: done deploying composites. took 1 seconds.
  Jan 15, 2008 12:59:42 AM oracle.fabric.FabricMessages warningMBeanAlreadyExists
  WARNING: An MBean of name "soa-infra:J2EEApplication=HelloWorldApp,J2EEServer=standalone,name="HelloWorld",revision=1.0,type=SCAComposite" already exists. Unable to create MBean for this composite.
  Jan 15, 2008 12:59:43 AM oracle.webservices.service
  WARNING: Could not register service! Service with key 'soa-infra/SOAHelloApp/SOAHelloComposite!1.0*2008-01-14_23-33-55_471/client' already exists in Local Service Registry
  Jan 15, 2008 12:59:43 AM oracle.webservices.service
  WARNING: Could not register service! Service with key 'soa-infra/SOAHelloApp/SOAHelloComposite/client' already exists in Local Service Registry
  08/01/15 00:59:43 BPELServiceEngine=> loading component SOAHelloApp/SOAHelloProcess
  08/01/15 00:59:43 BPELServiceEngine=> unloading component SOAHelloApp/SOAHelloProcess
  Jan 15, 2008 12:59:43 AM oracle.as.config.notification.filesystem.WatchingDocumentChangeNotifier checkUsingListeners
  WARNING: Exception during change of a document.
  oracle.fabric.common.FabricDeploymentException {rootCauses=[oracle.fabric.common.FabricException: An active composite for "SOAHelloApp/SOAHelloComposite" has already been registered. Only one active composite is allowed.]}
       at oracle.integration.platform.blocks.deploy.DeployedCompositesManagerImpl.makeDeploymentChanges(DeployedCompositesManagerImpl.java:412)
       at oracle.integration.platform.blocks.deploy.DeployedCompositesManagerImpl.processDeployedCompositesModel(DeployedCompositesManagerImpl.java:218)
       at oracle.integration.platform.blocks.deploy.DeployedCompositesManagerImpl.processDeployedCompositesModel(DeployedCompositesManagerImpl.java:224)
       at oracle.integration.platform.blocks.deploy.OC4JApplicationListener.documentChanged(OC4JApplicationListener.java:135)
       at oracle.as.config.notification.oc4j.OC4JWatchingDocumentChangeNotifier$OC4JChangeListener.documentChanged(OC4JWatchingDocumentChangeNotifier.java:172)
       at oracle.as.config.notification.filesystem.WatchingDocumentChangeNotifier.checkUsingListeners(WatchingDocumentChangeNotifier.java:182)
       at oracle.as.config.notification.filesystem.WatchingDocumentChangeNotifier.checkFiles(WatchingDocumentChangeNotifier.java:125)
       at oracle.as.config.notification.filesystem.WatchingDocumentChangeNotifier.run(WatchingDocumentChangeNotifier.java:114)
       at java.lang.Thread.run(Thread.java:595)
  I assume this should not be ignored. Is that correct?
  Robin

• Modify SyncBO on client - Always get a conflict

  Hi all
  I developed a SmartSync application using a S01 SyncBO Type. If I change data in the backend, the delta is succesfully synchronized to the client. But if I modify the SyncBO on the client and execute the syncronisation I always get a conflict "Conflict: R/3 = Change, Device = Change".
  I get the conflict at every sync, even if I didn't change the data in the backend.
  Does someone have an idea, what the problem is?
  Thanks, Marcel

  Hi Marcel,
  just check ur GETDETAIL Bapi Wrapper .
  Here what u have to do is , in the in the EXPORT parameter , u will have to populate the HEADER Structure exactly corresponding to the import param of ur getdetail function module.
  GETDETAIL is  using for Conflict detection also.
  what i mean is...
  we have one table parameter in our GETLIST Bapi WRAPPER.
  one of the field in this structure is the key field of the GETDETIL.
  here we have to include the same Structure , that we have given as TABLE in getLIST , in the EXPORT param of GETDETIL.
  at the same time, frame work call the GETDETAIL for each GETLIST instances.(at a time one GETDETAIL).
  this GETDETAIL execution is for one particular GETLIST instance at a time . So we have to populate the same data got from the GETLIST for this particular key every time and give this as EXPORT param.
  Regards
  Kishor Gopinathan

• Must the client always be up before the master for WAN replication to work?

  From our testing, we have noticed that the client must always be up before the master in order for WAN replication to work. Is this the case? If so, is there some kind of flag in Tangosol to allow the master to reconnect to client?

  Try the following changes to the JS file
  Lines 103 and 104 change the values
  this.showDelay = 100; // was 250
  this.hideDelay = 200; // was 600
  Comment out line 286
  Spry.Widget.MenuBar.prototype.bubbledTextEvent = function()
  //    return Spry.is.safari && (event.target == event.relatedTarget.parentNode || (event.eventPhase == 3 && event.target.parentNode == event.relatedTarget));
  Comment out line 366 and add new lines 366 and 367
  var self = this;
  this.addEventListener(listitem, 'click', function(e){self.Click(listitem, e);}, false);
  this.addEventListener(listitem, 'click', function(e){self.mouseOver(listitem, e);}, false);
  //   this.addEventListener(listitem, 'mouseover', function(e){self.mouseOver(listitem, e);}, false);
  this.addEventListener(listitem, 'mouseout', function(e){if (self.enableKeyboardNavigation) self.clearSelection(); self.mouseOut(listitem, e);}, false);
  I have not tested the above changes ontouch screens; they do seem to work Ok on desktops.
  NOTE: Line numbers could be different because of the difference in our versions.

• Are admin and office clients always updated for each service pack.

  Hi,
  I am investigating upgrading our BPC version from 7.0 SP3.   The question I have been asked by my business clients is "do the admin and office clients of BPC always get updated with each service pack?"  I assume they do because the install guide indicates that you must update them to the same version as the server.  Upgrading the client versions is always a concern here because since we don't allow the automatic update our plans have to include packaging an SMS deployment to over 500 workstations of several different configurations and locations.

  Hi,
  Yes, there are changes in the clients in every service pack. This is why it's important that the version of the client matches the version on the server. We've seen issues where there was a mismatch and no one could log in because of the changes in the client.
  I would advise always updating the clients when adding a new service pack.
  Regards,
  Jason

• Ard task server issue: clients always "idle"

  Like others I've seen on this list, we're having issues using Task Servers with ARD. I've looked for answers here and elsewhere and tried a number of possible solutions, but nothing I've found yet has solved our continuing, recurring issues.
  No matter -how- I configure ARD with Task Servers, jobs always "hang" infinitely with status, "Install Packages: In progress"; "The remaining X computers are currently idle."
  Task servers "used" to work for us-- but never quite reliably-- and I can't exactly pin down at what point they've stopped working for us.
  It doesn't matter whether I use the "task server on this computer" or any of the network task servers I've set up on our network. I've erased/renamed ARD config files and databases (from the obvious plists to the not-obvious /var/db folders); I've wiped all traces of ARD from my machine and reinstalled; I've reimaged my machine and reinstalled ARD; I've set up ARD on other machines to test-- but consistently, using a Task Server fails to perform. The task doesn't "fail" per se; rather-- it just never gets performed.
  Logs on the Task Server -sometimes- have messages like this: "ARDAgent[42915] BUG ALERT!! Client in task list has no entry in Server's client database."
  Am glad to share any logs, other things I've tried, or bang around ideas with anyone else who is dealing with or has dealt with this.
  Thanks!
  Mike Pullen
  Computer Tech
  School District of Baraboo, WI

  In ARD, have you checked to see what time/date your targets are set to report to?
  if so, are the targets set to report at a time/day they would be on, awake, and connected to the same network as the ARD computer? On the same line of thought, will the ARD computer be on, awake, and connect to the same network at that time/date? Have you tried forcing an ARD report to run? (you would do this much like how you would test an alarm clock by setting the alarm clock time to be a few minutes ahead of the current time) (remember the client runs the report based on the time on the client)
  After forcing a report an auto report, dose sending the task to a few local targets fail?

• IPV6 DHCP : Active Clients always zero 0

  Hello All,
  I have configure IPV6 DHCP by using below mentioned configuration, all my LAN PCs are getting IPV6 correctly and internet is also running well.
  But if run this command on Router, so it shows Active Clients are always zero 0.
  R1# sh ipv6 dhcp pool
  DHCPv6 pool: DHCP_POOL
    DNS server: 2001:470:ab::cd
    Domain name: abc.com
    Active clients: 0
  R1# sh ipv6 dhcp binding --> also show empty result.
  Can anyone please tell me the reason .
  MY CONFIGURATION:
  ipv6 unicast-routing
  ipv6 dhcp pool DHCP_POOL
  dns-server 2001:470:ab::cd
  domain-name abc.com
  interface FastEthernet0/0
  no ip address
  speed 100
  full-duplex
  ipv6 address 2400:FC00:ab::/64 eui-64
  ipv6 nd prefix 2400:FC00:ab::/64
  ipv6 nd other-config-flag
  ipv6 dhcp server DHCP_POOL
  ipv6 route ::/0 2400:FC00:ab::1
  int fa0/0 is directly connected to my LAN Switch.
  Regards,

  Ok , the problem solved by changing the configuration in this way. Now it is showing Active clients and Bindings.
  I will try your method too, to just add ipv6 nd managed-config-flag in my previous config.
  But i am still confused which configuratrion is better and which technique to use ?? 
  My previous config was stateless , is my new config is stateful ??
  My NEW Configuration:
  ipv6 unicast-routing
  ipv6 cef
  ipv6 dhcp pool DHCP_POOL
  address prefix 2400:FC00:ab::/64 lifetime infinite infinite
  link-address 2400:FC00:ab::2/64
  dns-server 2001:470:ab::cd
  domain-name abc.com
  interface FastEthernet1/0
  no ip address
  duplex full
  speed 100
  ipv6 address 2400:FC00:ab::2/64
  ipv6 enable
  ipv6 nd managed-config-flag
  ipv6 dhcp server DHCP_POOL
  ipv6 route ::/0 2400:FC00:ab::1

• Axis client: Always creating null-element even if I dont set it

  I am using Axis client to integrate with Webmethods.
  They have a type specified with:
  <element name="x" type="string" minOccurs="0"/>
  I do not want to set the value in the field because the value is unknown for me. So I choose not to set it at all and everything would be fine if not Axis sets it for me as a null-element.
  How do I get around this? I have to do it on the client side, because the webmethods system is not changeable.

  I am using Axis client to integrate with Webmethods.
  They have a type specified with:
  <element name="x" type="string" minOccurs="0"/>
  I do not want to set the value in the field because the value is unknown for me. So I choose not to set it at all and everything would be fine if not Axis sets it for me as a null-element.
  How do I get around this? I have to do it on the client side, because the webmethods system is not changeable.

• When starting SAP client always ask about license server

  Dear Users,
  from few days every user who is loggin into SAP 8.8 PL16 is asking about license server address.
  After typing license server address everything works fine until next start of the SAP client - prompt for license server shows again and again.
  Regards
  GN

  >
  RAHUL MOUNDEKAR wrote:
  > Hi GN........
  >
  > Instead of giving server name in the License Server just input IP Address and just check it.......
  >
  > Regards,
  > Rahul
  The same situation - names are resolved propertly. This issue occurs only on that customer installtion from few days.
  I have even upgraded 8.8 from PL14 to PL16 believed that it helps, but helped not...
  Regards
  GN

• Do app-clients always need a user specified.

  I have a app client that I start manually. It receives a message (MQSeries/non JMS), calls some ejb's, processes the transaction and is done.
  I also have a web tier that provides a gui front end to the same process mentioned above.
  Here is the situation: If someone uses the web tier first after OC4J starts up, everything works fine.
  If after OC4J starts up, a transaction hits the app-client first (a MQSeries message/non JMS) and uses the ebj, when a user attempts to use the web tier (and same ejb's), I get a "guest is not allowed to call this EJB method, check your security settings (method-permission in ejb-jar.xml and security-role."
  Is there something I am missing? Should I be at least specifying a user for my client in my application.xml even though I am not setting auto-start="true"? We never had a problem like above until I started using app-clients, so I tend to belive that we had it all set up correctly for the web-tier. I could be wrong though.
  There is another thread sort of related to this. How Are Application Clients Run By OC4J? in orion-application.xml)" error.

  When looking up the EJB are you have to specify the
  java.naming.security.principal=SCOTT     
  java.naming.security.credentials=TIGER
  when looking up the EJB. This user specified while looking should have permission to execute the ejb method.
  anyway what version are you using ?
  regards
  Debu

• Why the SCCM client always corrupts the WMI repository?

  Hi All,
  I have a Configuration Manager 2012 R2 CU2 installation with hundred of client/servers.
  From the initial deploy of the SCCM client, we seen that many machines had a Windows slow logon process.
  We searched online for a fix and many people had this problem, suggesting to enable a registry key called
  HKLM\Software\Microsoft\CCM\Ccmeval\NotifyOnly.
  From that date, we fixed the slow logon process problem, but still have problems with operating system's updates installed with SCCM.
  In the most cases, when SCCM install updates, it corrupt the WMI database and at the OS reboot, the updates are rolled back.
  On the same machines, if we install updates from Windows Updates, we have no problems.
  Also, with SCCM installation, we see a lot of "DCOM" or "PerfLib" errors.
  Usually, the remote management of a client with SCCM doesn't works because the WMI repository is corrupted, so each time we need to do uninstall the SCCM client and do this:
  1. Disable and stop the WMI service.
       sc config winmgmt start= disabled
       net stop winmgmt
  2. Run the following commands.
       Winmgmt /salvagerepository %windir%\System32\wbem      (I noticed that you have run this command, but I would suggest that you try it again)
       Winmgmt /resetrepository %windir%\System32\wbem
  4. Re-enable the WMI service and then reboot the server to see how it goes.
       sc config winmgmt start= auto
  This is very frustrating.
  Why the SCCM client create all these problems and how to fix this?
  Thanks for your support.

  I think that my case is not isolate.
  There are a lot of posts like this:
  http://www.windows-noob.com/forums/index.php?/topic/8989-wmi-corruption-sccm-2012-win7-sp1/
  http://trevorsullivan.net/2012/11/21/configmgr-2012-ccmeval-exe-causing-client-corruption/
  The strange thing is that the WMI corruptions only happens on machine where the SCCM client is installed, even if the machines is without any additional software (fresh windows installation).
  In the same time, I need to fix a ProfSvc bug (KB2617858) because the PC become unusable.
  Also, why it starts a WMI rebuild if I deploy the client with the "NotifyOnly" option (the registry key is fine)?
  So, basically, on a fresh windows machine, as it joins to the domain:
  1) the SCCM client install itselfs
  2) it starts to install several windows updates
  3) at the first restart, it try to rebuild the WMI and the ProfSvc bug appears
  May be that the problem is not the SCCM client itself, but a windows update deployed via SCCM client?