PKI SCCM Client Certificate Template not viewable by Windows 7 and Server 2008 workgroup machines.

Similar Messages

• PKI Client Certificate Template not viewable by Windows 7 and Server 2008 workgroup machines.

  Hello everyone,
  I’m having issues with workgroup computers, not domain systems when I request a certificate.
  It’s extremely weird. It has something to do with Windows 7 and Windows 2008 machines. In 2003 server I can request a certificate manually with certutil and it see the certificate template. I copy over the exact command
  on windows 7 and it can’t see the certificate template.
  I have the following configuration:
  CA Enterprise
  I have created the SCCM Client Certificate
  I have created the SCCM Web Server Certificate
  I have created the SCCM Distribution Point Certificate
  GPO is configured
  SCCM 2012 R2 CU2 configured to do HTTP and HTTPS
  Installed SCCM Client Certificate
  Installed SCCM Web Server Certificate
  Installed Distribution Point Certificate
  Deployed to a domain computer good on PKI
  Workgroup Computers:
  I’m having issues with deploying certificates
  Windows 7 –
  (ERROR) not successful
  Windows Server 2008 R2 –
  (ERROR) not successful
  Windows Server 2003 - successful
  Windows XP – successful
  How I’m getting the certs for the clients is by utilizing the following scripts from this URL.
  http://www.ithierarchy.com/ITH/node/48
  I did find a couple of errors in the code, but if it’s working on my Server 2003, then it should work on the others. Windows 7 and Windows 2008 R2 seem to have the same issue. The error I’m getting is the following:
  Command line requesting the cert ---- CertReq –new –f testcomputer.home.pvt.inf c:\client\testcomputer.home.pvt.req
  Error --- Template not found.
  SCCMClientCertificate (this is my template)

  Just to give an update on what’s happening with this. I found out this format is unsupported by MS with Windows Vista and newer OS’s.
  Instead you must utilize two other additional roles on the CA to have this work. The caviate is, I’m down to the testing and it’s not working as in the document. I have MS
  Support working with me to resolve this issue since it was written by MSFT.
  http://blogs.technet.com/b/askds/archive/2010/05/25/enabling-cep-and-ces-for-enrolling-non-domain-joined-computers-for-certificates.aspx
  and use this doc for similar workgroup computers for rolling out certs. This was written for RT devices, however, it should work once I get to that point.
  http://blogs.technet.com/b/pki/archive/2012/12/11/certificate-for-winrt-devices-and-non-domain-member-devices.aspx

• 20 GB Ipod Problem - Not viewable in Windows and wont start

  Hello all, wondering if you can help me with this Ipod problem i have.
  1) Ipod turns on and displays folder with exclamation mark.
  2) Ipod is not viewable in my computer
  1 - I have tried a reset and putting into disk mode, which goes through fine, but it still starts with the above error.
  2 - I can sometimes view the Ipod in My Computer and or disk management, but can not go into it or format it. Diskj manager reports it as un-readable.
  If i try to run Ipod update/restore application it asks me to plug in an Ipod.
  Any ideas on what else i can do? I thought i could at least get windows to see the device and format it to a standard Fat32, then use the Ipod restore to re-write the folders to use it as a ipod.
  Thanks

  Try this then
  The Sad iPods icon, clicking sound or folder with an exclamation mark are the toughest problems to deal with, and must do a Restore in order to fix it. However, when your iPod is showing this icon, it is probably too late for your computer to recognize the iPod.
  1. Try these five steps (known as the five Rs) and it would conquer most iPod issues.
  http://www.apple.com/support/ipod/five_rs/
  2. Try to put the iPod into Disk Mode if it fails to appear on the desktop
  http://docs.info.apple.com/article.html?artnum=93651
  Still can't see your iPod?
  Several things could keep iPod from appearing in iTunes or in the Desktop/Finder when you connect it to your PC/Mac. The most likely causes are listed below in logical order. Check from the top of the list to see if that is what's keeping iPod from appearing.
  3. Try to wait 30 minutes while iPod is charging.
  4. Try another known-good FireWire or USB through Dock Connector cable.
  5. Try another known-good FireWire or USB port on your computer .
  6. Try to disconnect all devices from your computer's FireWire and USB ports.
  7. Windows users having trouble with their iPods should locate a Mac user. We've found that in many cases when an iPod won't show up on a PC that it will show up on the Mac. Then it can be restored. When the PC user returns to his computer the iPod will be recognized by the PC, reformatted for the PC, and usable again. By the way, it works in reverse too. A Mac user often can get his iPod back by connecting it to a PC and restoring it.
  There are also some cases being reported that some unrecognized iPod being able to be erased with Linux, then reconnect the iPod with the original computer and do a Restore there.
  8. Try to do an Erase (Disk Utility) on a Mac computer or a format with a PC (Disk Management tool) but ensure you choose the right Drive (your iPod not your Hard Disk of your computer). You may need to plug and unplug your iPod with the computer for several attempts, and switching around Format and Restore, and hope out of sudden, it will get recognized.
  9. Diagnostic mode solution – which I copied from a thread of a post from thinktwice
  “Then I cam across this special Diganostics Mode that you can get to by resetting and then while the Apple is showing pressing the Select and backwards keys simultaneously. It bring up and weird Diagnostic utility witha a abunch of tests. Here is what I did
  - I tried the 5in1 test and got and error on Firewire.
  - I did the HDD R/W and surprisingly it passed.
  - I went on to the HDD scan. This supposedly tkaes acouple of minute so I waited. I think 4-5 dots appeared then nothing. The iPod started to get hot. THe disk was spinning away. After a while the battery got very low. THis test chews up the battery. So I escaped out by resetting and went to connect it to a power source.
  My USB was dangling out of my computer and I was too lazy to get the Firewire AC adapter thing going so I connected expecting the whole lockup thing with iTunes. Surprise. IT was recognized immediately and has been working like a champ. So go figure.
  Details on Diag mode can be found at http://www.methodshop.com/mp3/ipodsupport/diagnosticmode/index.shtml
  10. Let me ask you a question, if an iPod with no iPod software with it. When your connect it with a computer, what would happen?
  Yeah, the computer will treat it as a fresh external hard disk, which will get force mounted, the computer will ask you to format the iPod. It does not really matter the format is completed or not, the key is to erase (or partly) the corrupted iPod software on the iPod, after that the computer will recognize it.
  Once it has been completed, eject your iPod, open the iPod updater and interestingly, you will able to do the Restore this time.
  Base on the above, that's why I suggest Windows users who experience trouble with their iPods should locate a Mac machine or vice versa. PC computer will not recognize a Mac formatted iPod, but it will get mounted in an attempt to format your iPod.
  11. Put your iPod in disk mode and plug with a computer, and have a boot of your computer using the Mac OS or XP startup disks, hope that your iPod will be seen on Mac's Disk utility and allow you to do a Erase there. Or, under the XP, you will be able to find your iPod there for you to do a Restore.
  But, if none of these steps address the issue, your iPod may need to be repaired. You can arrange for service at the iPod Service Website.
  I have just read an interesting solution about the Sad iPod, it does make sense but the warranty will be waived once you open the iPod, I would not do it myself as I am not good on doing this
  http://discussions.apple.com/thread.jspa?threadID=412033&tstart=0
  Pictures and instructions of how to open the iPod case for battery replacement
  http://www.kokopellimusic.us/KM_instructions.htm

• Client PRD01_PRD_00 is not known to the message server

  Hi,
  I get a lot of user disconnects (SM21) and update deactivation (SM13). From the system log I get the following error. Are they related? How can I fix this?
  Client PRD01_PRD_00 is not known to the message server     
  Client PRD02_PRD_00 is not known to the message server     
  Transaction Canceled BT 510 ( )                                   
  Perform rollback                                                  
  Operating system call recv failed (error no. 10054)               
  Connection to user 24070 (BUCHANR ), terminal 112 (MB02159PC ) lost
  Please advise

  Hi Ferrari,
  I have the same problem here.
  Can you tell me how solution do you apply?
  Best regards,
  Marcelo Moraes

• Windows 7 Client 'sees' an old version of windows 2012 server share

  Hi All,
  I have a problem which seems to be a common theme looking at other threads. Here's the overview of the problem:-
  I have multiple windows 7 clients and a windows 8.1 client within a 2008 Server in a domain.
  I also have a Windows 2012R2 Server which is not joined to the domain. There is a Share on the 2012R2 which has the Caching Option turned off. Everyone full control on Share & File permissions.
  One of the Windows 7 machines in Explorer when it looks at
  \\2012server\share sees an old version of the folder. It seems that SMB 2 chaching is working too well. Not even pressing F5 or clicking View, Refresh updates windows explorer.
  It took a reboot to get the workstation to see the up to date contents of the share on the 2012 server.
  We don't seem to have that behaviour with that client against the 2008 server.
  I have seen this behaviour on another machine un-related to us at another location which was in a workgroup with a 2012 server and no domain.
  Questions:-
  Is there some sort of problem with Windows 7 workstations working against 2012 Servers in a non-domain setting or is it just Windows 7 against 2012 servers period?
  I understand that Windows 7 utilises SMB1 & SMB2. SMB2 introduced caching. If the server has turned off the share cache option should the client cache the contents of the share or the information about the files & folders & 'file not found'
  information?
  I want to open a file handle to a file on a network share so I can read and write data to it. But I also want to know that when I look at the folder to open the file I'm actually looking at the live version of the folder and files in the folder and
  not a cached version of the folder. If it's a cached version the file might be there already but I won't see it.
  Is there an API call that tells the client to get a fresh view of the server share so I can be absolutely sure that when I look for a file on the server I'm getting the correct answer and not one from cache.
  I first posted the question with the same subject "Windows 7 Client 'sees' an old version of windows 2012 server share" in the Windows 7 Networking Fourm
  https://social.technet.microsoft.com/Forums/en-US/23bf3627-987b-4c27-8062-85a284a2cda4/windows-7-client-sees-an-old-version-of-windows-2012-server-share?forum=w7itpronetworking and it was suggested I repost in here. Please do take the time to read
  the thread which will save time with suggestions that have already been covered.
  As the computers that can be affected by this problem are not mine I cannot enforce or guarantee that any of my 'client base' will apply any hotfixes. I will also not have the ability to tweak registry settings as I can't guarantee Admin Access.
  It seems that we need to go back to SMB1 as all the tweaks to SMB since those days have introduced problems with the basic requirement of sharing files from a share on a server for Read/Write purposes. I have tried turning a network back to SMB1 and that
  has resolved a lot of the issues but then I found a post/MS blog that states not to leave the network on SMB1
  The Caching option of the share had already been turned off. Surely Windows clients should not cache any information about the share but I think that is not the case.
  Thanks is advance
  Robert

  Hi Shaon,
  Thanks for looking into this.
  If this is a known issue, why isn't the hotfix rolled into a general windows update if this is a known problem? However this doesn't just affect domain joined workstations.
  Surely it's basic functionality for a networked computer to access files and folders on a network file server. It's what networks were invented for at the end of the day.
  I am unable to apply hotfixes to these computers that are having the problem due to the fact they are not mine but my customers.
  At one of my customers sites I disabled SMB2 from the server and network clients as well as disabling the network adapter power saving option. This seemed to resolve the issues that I saw on one client that seemed to be 30 minutes behind the rest of
  the network.  The hotfix you link to states that it is for Domain joined computers. At my customer site the PC's are not in a domain at all, just a workgroup with workstations and a 2012r2 server. Will the hotfix be applicable to non-domain machines?
  Also many clients seemed to loose the file handle to an open file on the server. I'll get them to turn SMB2 back on at some point after I send out some updates but all the problems I see seem to be caused by the caching functions in SMB2. SMB1 is good and
  stable. It's SMB2 that seems to be causing the problems as it was designed from the ground up for caching.
  Has this networking issue been resolved in Windows 8, 8.1 and 10?
  As I am unable to apply a hotfix to 1000's of PC's that are not mine, is there an API call or something where I can get the windows client to stop lying and get me the current state of a folder on the server?
  Will Turning off ClientSideCaching fix the issue? HKLM\SYSTEM\CurrentControlSet\Services\MrxSmb\Parameters\
  CSCEnabled
  Or will every machine need to be tuned individually according to the following guide:-
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/7bd9978c-69b4-42bf-90cd-fc7541ccb663/forum-faq-troubleshooting-network-file-copy-slowness?forum=winserverPN ?
  Robert

• Windows Storage Server 2008 - unzip with drag & drop from Windows 7 client fails

  Hello.
  As i asked this question in German and got no answer so i try it in English now.
  I have the following problem:
  We have a Windows SBS 2008, where we store our files. If somebody opens a ZIP-file on a network share from a Windows 7 Client (64 Bit) it is possible to drag & drop the content (multiple files) to a directory. So far everything works as expected.
  We now have an additional Windows Storage Server 2008 integrated in our domain (Buffalo Tera Station WS-QV8/R5), where we also store files. If somebody opens the same ZIP-file on a network share of this server from a Windows 7 Client and tries to drag &
  drop the content the following happens:
  1. only one file is extracted and to display the file a refresh of the explorer view is needed.
  2. when the drag & drop action is repeated a second file is extracted
  Not alle files are extracted and there is no error message or indication why this happens.
  The behaviour is reproducible from another Windows 7 Client (32 Bit).
  If we try to drag & drop the files from the ZIP-file on the Windows Storage Server network sahre to a directory on the SBS network share all files are extracted correctly.
  On the Windows Storage Server itself all files are extracted without problmems. Therefore it must be a problem with the combination of Windows Storage Server und Windows 7 Client accessing the files via network shares.
  Are there any ideas where this problem could be located? Has anybody the same phenomenon and maybe a solution for it?
  Thanks in advance
  Michael Pruss

  Hi Michael,
  Thank you for clarifying the issue for us.
  I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.
  Thank you for your understanding and support.
  Regards
  Kevin
  TechNet Subscriber Support
  If you are
  TechNet Subscription user and have any feedback
  on our support quality, please send your feedback here.
   

• TS3648 great, but my MBA did not come with an installion disc, only a tiny jump drive that is not recognized by windows; and I can't get the contents of that burned to a DVD either. So how the heck do I get the drivers into Windows 7? My MBA has bootcamp

  great, but my MBA did not come with an installion disc, only a tiny jump drive that is not recognized by windows; and I can't get the contents of that burned to a DVD either. So how the heck do I get the drivers into Windows 7? My MBA has bootcamp 3.0.4.

  Here's what I get:
  lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
  inet 127.0.0.1 netmask 0xff000000
  inet6 ::1 prefixlen 128
  inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
  gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
  stf0: flags=0 mtu 1280
  en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
  ether 00:11:24:7d:e7:1e
  media: autoselect (none) status: inactive
  supported media: none autoselect 10baseT/UTP <half-duplex> 10baseT/UTP <full-duplex> 10baseT/UTP <full-duplex,hw-loopback> 100baseTX <half-duplex> 100baseTX <full-duplex> 100baseTX <full-duplex,hw-loopback>
  en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
  inet6 fe80::211:24ff:fe28:2e71%en1 prefixlen 64 scopeid 0x5
  inet 169.254.115.141 netmask 0xffff0000 broadcast 169.254.255.255
  ether 00:11:24:28:2e:71
  media: autoselect status: active
  supported media: autoselect
  fw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 2030
  lladdr 00:11:24:ff:fe:7d:e7:1e
  media: autoselect <full-duplex> status: inactive
  supported media: autoselect <full-duplex>

• The Update is Not Applicable To Your Computer when installing patch on Windows Server 2008 R2 machine

  When I try to install security patch KB2525694 and KB978542 on my Windows Server 2008 R2 machine, I get the message "The Update is Not Applicable To Your Computer".  I am using the following files:
  Windows6.1-KB978542-x64 (KB978542)
  Windows6.1-KB2525694-x64 (KB2525694)
  I believe these are the correct files but no luck installing it.  Any help would be greatly appreciated!

  When I try to install security patch KB2525694 on my Windows Server 2008 R2 machine, I get the message "The Update is Not Applicable To Your Computer".  I am using the following files:
  Windows6.1-KB2525694-x64 (KB2525694)
  This update has been superseded many times.
  If you already have installed one of the superseding updates below, KB2525694 will not be applicable.
  For the list of superseding updates, check this list:
  http://catalog.update.microsoft.com/v7/site/Search.aspx?q=2525694%20r2%20x64
  (click on the result, then click on the "Package Details" tab to get the list below..
  This update has been replaced by the following updates:
  Security Update for Windows Server 2008 R2 x64 Edition (KB2555917)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2567053)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2639417)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2641653)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2660465)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2676562)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2709162)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2718523)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2731847)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2761226)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2778344)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2778930)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2779030)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2808735)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2829361)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2850851)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2876315)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2883150)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2893984)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2913602)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2930275)
  Security Update for Windows Server 2008 R2 x64 Edition (KB2973201)
  Don
  (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
  This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

• Server 2012 Kms Host and Server 2008 r2 client.

  I have deployed a Server 2012 Kms host.
  Windows 7, and 8 are activating just fine, and Office 2010 is working.
  The issue I'm having is activating Server 2008 and Server 2008 r2.
  It seems I have missed a step that would allow me to activate those clients.
  Can someone please guide me as to what possibly needs to be done to allow these clients to activate?

  Hi,
  The following steps are needed to set up Volume Activation Services in a Windows Server 2012 test lab:
  1. Step 1: Set up the base test lab configuration
  2. Step 2: Install the Volume Activation Services server role
  3. Step 3: Configure Active Directory-based Activation
  4. Step 4: Verify that Active Directory-based Activation works
  5. Step 5: Configure Key Management Services (KMS)
  6. Step 6: Verify that KMS volume activation works
  At same time KMS volume activation requires
  a minimum threshold of 25 computers before activation quests will be processed. The verification process described here will increment the activation count each time a client computer contacts the KMS host. However, unless the activation threshold
  is reached, the verification will take the form of an error message rather than a confirmation message.
  The related KB:
  Test Lab Guide: Demonstrate Volume Activation Services
  http://technet.microsoft.com/en-us/library/hh831794.aspx
  Hope this helps.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Imaged Windows 8.1 computers do not have a functional ConfigMgr Client- Certificates are not being installed

  Using ConfigMgr 2012 R2 (no CU). OSD was working fine prior to the recent black tuesday patch problems. Domain Contoller (and also CA) as well as all clients got all the recent August patches. Just built 2 machines, one physical (inspiron 15, other hyper
  V) Both imaged computers went fine, OS added all security patches, and left me at ctrl alt delete. Logging on i noticed that software never got deployed, configmgr client was single tiered. ran ccmrepair, no affect, group policy repair, wmi reset, etc. Client
  never fully installed. SCEP patches for DEFs worked but that was through WSUS. uninstalled client completely, cleaned smscfg.ini, regedit to remove entries for install and then re ran \\server\share\ccmsetup /usepkicert SMSSITECODE=XXX
  same problem
  opened MMC computer account logged in as local admin, and there are NO certs under personal
  this is what i should have below(based on an old image that worked) There are some errors on the Domain Controller, CA (same one box) 
  Certificate enrollment for Local system is successfully authenticated by policy server ldap: using authentication mechanism windows integrated (Credential: credential is private). Policy Id: {6AF312CA-551D-477C-8931-C2217574F832}
  Certificate enrollment for Local system successfully load policy from policy server 
  Certificate enrollment for Local system for the template DomainController was not performed because this template has been superseded.
  The "Microsoft Platform Crypto Provider" provider was not loaded because initialization failed.
  Certificate enrollment for Local system could not enroll for a Machine certificate.  Read or enrollment access is not allowed for this template.
  Certificate enrollment for Local system could not enroll for a MachineEnrollmentAgent certificate.  Read or enrollment access is not allowed for this template.
  Certificate enrollment for Local system could not enroll for a IPSECIntermediateOnline certificate.  A valid certification authority cannot be found to issue this template.
  Certificate enrollment for ANER\Administrator is successfully authenticated by policy server ldap: using authentication mechanism windows integrated (Credential: credential is private). Policy Id: {6AF312CA-551D-477C-8931-C2217574F832}
  these repeat over and over periodically. 
  Certificate enrollment for ANER\Administrator successfully load policy from policy server 
  Not sure what could have happened here. The errors appear to go back until several months so i dont know if they are the cause of this. I know group policy is responsible for getting the certs installed. I have configured autoenrollment in the user and computer
  areas of GP for both default policy and domain controller policy.
  I am deeply perplexed. Any assistance greatly appreciated. 

  SMSTS log on the client without certs: (did you want one on the configmgr box?)
  <![LOG[Successfully finalized logs to SMS client log directory from C:\WINDOWS\CCM\Logs]LOG]!><time="22:43:38.652+240" date="08-27-2014" component="OSDSetupHook" context="" type="1" thread="1088" file="tslogging.cpp:1542">
   older one is:
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{BD8504DF-10E1-47C9-A665-50465C05B865}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{4E0944BD-6A6C-48A7-A1D2-A44A5823CC82}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{1F1BF36C-1820-4E5C-823E-34B2E487B999}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{709E184A-A599-469E-A762-CDD8D0044767}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{CFD388C6-CD22-42CC-952B-5483FAB6167E}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{E6E6BF22-C95E-4E02-9DFF-5FF8F75FE49D}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{2125003B-3160-45CF-8AC2-68338C4ED5E3}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{E4C65A44-063E-4827-B2FD-A3518F25412A}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{FC16DBD9-DD66-4D33-AC8D-E43D7E450AEE}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{CB649F95-764C-4491-B4E2-7C068A9B8F3E}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{ED903082-D523-4FE0-BB7C-28561D2ACC5B}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{4861265B-07DE-44A8-8E8C-D6BDBD684C5A}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{52E66067-0AD4-4891-BD3C-732643F73620}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{AF4A5641-682B-4FB0-B9CF-3B4B1DF2CA05}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{159E0E6B-ED60-4590-B557-2BAB3DBFA104}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{2A739F20-7F05-49D6-81D3-0A8E1037CFE3}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{E33411BF-F0A2-4EEA-8005-45C0EE368BC2}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{192CE59E-6FC9-4040-8F05-635F8E9590C3}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{A7647304-7727-4520-A23F-348EF65875D4}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{948AD2DF-7F0E-4A77-A5FE-08C65D0EE773}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{39252788-DB6A-4174-844A-67DE576CD949}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{3A84557B-3A3D-42F7-B237-6907CE532806}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{4D9D6559-49FA-4915-BF26-EDB2578A1824}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{95388B41-5F4C-4A95-9CE6-434936222B9A}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{2641E7BE-0735-42A6-B907-1ABC47ECBA37}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{BED5199D-D876-440F-883D-CE401F48C3A5}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{B11D84B9-F4DB-45A8-9062-6070F22DE215}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{3BCD2242-E9C5-4390-BC57-F80146F6E705}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{2FC619AC-AE77-4BB6-ABCF-EAE96CA2DE6B}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{D4A05D7E-E3F4-430A-A25D-B842FA642536}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{F1076D6A-BD02-4129-87AC-AF501567E234}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{A903BC88-4107-4EB5-93ED-409D403042C9}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{60AF64AC-93CC-42E7-BDB5-B35DD3C6F8F9}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{3AAECA7C-F5C9-4554-AED8-AA2167847F3C}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/RequiredApplication_bfee10b7-e1f5-4b6a-b109-0b83206accd4/VI/VS",PolicyInstanceID="{44A0199C-7CAD-40D7-AD13-B63FBE9320DE}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/RequiredApplication_bfee10b7-e1f5-4b6a-b109-0b83206accd4/VI/VS}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{C44E24BB-B4BF-4AAE-9132-1F7B04130190}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{AE60CBAC-E351-4AE5-B1B5-B03B868C7184}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{E1221271-5D5A-4D91-8F5E-99D1D82C6276}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{A28A290A-5F48-4000-BA74-1A406DEB396E}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI",PolicyInstanceID="{0D00F671-7FFA-4793-B0EC-DCAAC083A9C8}",PolicyRuleID="{Rule_ScopeId_122C12A8-8BB6-4207-99F0-FE10D9094C9D/AuthList_991E71F0-2232-4F83-AE72-F1813BE613DF/VI}",PolicySource="CcmTaskSequence",PolicyVersion=""'.
  TSManager 8/27/2014 10:43:14 PM
  2140 (0x085C)
  TS deleting 'CCM_CIVersionInfo.PolicyID="ScopeId_122C12A8-8BB6-4207-99F0-FE
  There doesnt seem to be a smoking gun since the image is completely built and works except its missing certs and the sccm client is broken

• Client certificate is not send

  Hi
  I have not much experience in Java, so thank you in advance for your help.
  I have some piece of client code which setup the secure connection. Everything works fine until I use server authentication (in my certificate store I have trusted CA certificate and client certificate signed by this trusted CA). In mutual authentication handshake fails, because the cliend doesn't send any certificate (i checked it using network sniffer). I was looking for the way of enumerate the local certificates which are going to be send from client, but I can't understand how should I do it. There is my code below :
       System.setProperty("-Djavax.net.ssl.trustStore","G:/Program Files/Java/jre1.5.0_07/lib/security/cacerts".replace('/', File.separatorChar));
       System.setProperty("-Djavax.net.ssl.trustStorePassword","changeit");
       System.setProperty("-Djavax.net.debug","all");
       int port = 16993;
     String hostname = "10.10.1.11";
      SSLSocketFactory factory = null;
      SSLSocket socket = null;
      SSLSession session = null;
      String[] proto = new String[1];
      String[] ciphe = new String[1];
      String[] all_ciphe_supp = new String[33];
      System.out.println("Cipher Suite and Protocols test");
    try {
          factory = HttpsURLConnection.getDefaultSSLSocketFactory();
                } catch (Exception e) {
                     System.out.println( e.toString());
                if (factory != null) {
               // Connect to the server
                     try {
                          socket = (SSLSocket)factory.createSocket(hostname,port);
                          all_ciphe_supp = socket.getSupportedCipherSuites();
                          System.out.println("All ciphersuites and protocol supported");
                          socket.startHandshake();
                          session = socket.getSession();
                          System.out.println("Connection established using " + session.getProtocol() + " and " + session.getCipherSuite());
                          socket.close();
                     } catch (SSLPeerUnverifiedException e) {
                          System.out.println("Connection not established : " + e.toString());
                     } catch (IOException e) {
                          System.out.println("Connection not established : " + e.toString());
  }

  Thanks a lot, it is a little bit better, I can see debug messages at the output :)
  However the main problem still exists. In debug window I can see that client and CA certificates are added as trusted certificates, but no certificate is sent to server. Is it something wrong with certificate?
  I have the certificate in following formats: .der .p12 .pem
  I could only import .der using keytool (trying to import .p12 or .pem got Input not an X.509 certificate error), but using web browser I can use this certificate and mutual authentication goes ok.

• Client Certificate Authentication not working in OSB 11g

  Hi All,
  I am currently having an issue with getting a 2 way SSL handshake to work in a production environment.
  We have the set up working and fully functional in a Test environment, however when we have deployed the code and made the same config changes in the Production environment, it does nto work when calling the API (the result being as if we were not presenting the client cert to the API).
  All relevant configuration on Weblogic and OSB was performed (Keystore creation / Security Realm - Service Key Provider / Service Key Providers etc) and I believe to be right.
  We can test the keystore using SOAPUI and we get a valid response from the live API.
  We can see the relevant aliases in OSB Service Key Provider so I know that the Security Realm / Identity settings are correct on the Weblogic Server.
  The Test and Production Weblogic properties all look the same for Keystores / Secuirty Realms / SSL etc (expect with live keystores etc).
  As we can see the aliases in OSB when setting up the Service Key Provider, it should just be a matter of setting the 'Authentication' of the business service making the call to 'Client Certificate' and this has also been done.
  Though we always get an authentication error and code, that matched what we would get if we turn off the client cert authentication on the business service in the test environment (i.e not sending the certificate with the request).
  What I really want to know is how can I find out for sure whether we are sending this certificate with our request or not? As I am struggling to find a way to log these details.
  Any input appreciated.
  Jamie

  This is issue has now been resolved.
  It was an environment specific issue rather than anything wrong with the actual code.

• SCCM 2012 Software Updates not installing (bothh Windows patches & 3rd party updates)

  Using SCCM 2012 R2, I am having a problem getting Windows updates to install.  Applications published to people work, and basic software installations published to machines for a straight install work.  However, both Windows patches and Adobe patches
  fail to install on clients. I have imported the Adobe catalog into SCUP, and publish through WSUS. I can see the Adobe patches and Windows patches in SCCM, and can publish them. However, in deployment status out of 4 machines in my test group the Windows patches
  installed on 1 and the other 3 are still in Unknown status with category of "Client check passed/Active". However, none of them are installing the patch - they don't even seem to try.  All of those are Windows 7 PCs, incidentally. On Adobe patches,
  one PC fails and the other 3 machines still sit in Unknown status.  Certificates are distributed,
  Any ideas what might cause the deployment to not push some targets, even when it's past the deadline?
  Thanks,
  Andy Maslin

  An unknown status means that the clients are not reporting back to ConfigMgr correctly. This is often due to the WUA not pointing at the correct WSUS instance. You can verify this by examining the WUAHandler.log on one of those clients and it will clearly
  indicate an issue with this which in turn is often due to a group policy overriding the ConfigMgr behavior.
  Jason | http://blog.configmgrftw.com

• Group Policy Administrative Templates not applying on Windows XP SP3 - Windows Server 2008 R2

  I have a Windows 2008 R2 domain with windows 7, and Windows XP SP3 client workstations.
  I have a group policy to deny all access to removable storage in policies/administrative templates/system in user configuration (actually its in the computer configuration as well)
  The problem is the policy is having no effect on the Windows XP machines. It works perfectly on Windows 7 machines.
  Group policy in general is working on the Windows XP machines, as I can successfully map drives, push out scheduled tasks, and push out printers. (All preferences I know and I have GP Preferences client side extensions installed).
  Its almost like the windows XP machines can't "understand" the admin templates from Windows Server 2008 R2.
  Do I need to install something on the windows XP machines? What could be the problem?

  > Its almost like the windows XP machines can't "understand" the admin
  > templates from Windows Server 2008 R2.
  Simply read the "supported on" of these settings... Vista and above
  required.
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))

• How to install IPSec Client Certificate for Apple products (iPad,iPhoe and Mac)

  We need  Ipsec vpn client authentication with certificate (instead of pre-shared key). We tested the same with Windows client and its works fine. However when we used the same certificates with Apple products (iPad, iPhoe and Mac) it doesnt work.
  We have two types of certificates installed on the client from the CA server.
  One is the root certificate with the extenstion .cer
  and the other one is client certificate with the extension of .pfx (personal informaiton exchange)
  We can not find a proper document to install certificates and client configuration for iPad,iPhoe and Mac. We need to know what type of certificates needed, what are the certificate formats and how to install etc.
  Appreciate if someone has implemented this and share any documents.
  thanks

  This will be helpful for you :-
  http://images.apple.com/iphone/business/docs/iOS_Certificates_Mar12.pdf
  Manish