SCEP remediation failed
Hi,
we are using SCEP which is continuously failing the remediation of below threats. We perform the full scan but still same result. Further, it is observed that some viruses detected in outlook pst in a zip file or exe, but SCEP is unable to remediate.
Please suggest.
Joke:Win32/ScreenRoses
Moderate
Joke Program
MonitoringTool:MSIL/Limitless
Severe
Monitoring Software
PWS:Win32/Fareit.gen!C
Severe
Password Stealer
PWS:Win32/Zbot.gen!GO
Severe
Password Stealer
Virus:W97M/VMPCK1.BY
Severe
Virus
Virus:Win32/Chir.B@mm
Severe
Virus
Virus:Win32/Virut.EPO_DEBRIS
Severe
Virus
Virus:X97M/Laroux.HT
Severe
Virus
Regards, Syed Fahad Ali
Why the SCEP might doesn't have access to the location where the infection is located?
If virus is in attached email, zip file or exe then is it possible to give full access to SCEP?
Further, what are the default permissions of SCEP?
Further many SCEP client are not getting updates initially when SCEP is newly installed. That systems are showing in "no definitions found on the client. I already
see the below link and configured accordingly but still the same result.
http://support.microsoft.com/kb/2688242
I have to force latest update via software update then client is updating.
Please assist.
Regards, Syed Fahad Ali
Similar Messages
-
NDES - SCEP - Certificate Profile 0X87D1FDE8 Remediation failed - Deployment of Certificate Profiles
Hy all,
i have a problem with certificate profiles deployment via SCCM 2012 R2.
My Testlab:
Server 2012 R2 - DC
Server 2012 R2 - CA
Server 2012 R2 - SCCM 2012 R2, Intune Subscription ...
Server 2012 R2 - NDES, SCCM Site System with Certificate Registration Point, Policy Module
NDES Service Account (SPN for NDES Server)
CA:
Administrative Rights for NDES Service Account
CEP Encryption (Read&Enroll for NDES Service)
Exchange Enrollment Agent (Offline request) (Read&Enroll for NDES Service Account)
Webserver Certificate for NDES, SCCM Server (Dublicatet Webserver Template)
Client Authentication Certificate for NDES, SCCM Server (Dublicatet Template for Client Authentication)
"Custom IPSec V2" Template, (Dublicatet Template of IPSec (offline request), Read&Enroll for NDES Service Account)
Policy Module on NDES Server
In the Wizard i selected the Client Authentication Certificate
NDES Server
Installed "Network Device Enrollment Service" Role Service
SCCM Site System, SCEP Role
Location: HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
Value: MaxFieldLength
Type DWORD
Data: 65534 (decimal)
Location: HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
Value: MaxRequestBytes
Type DWORD
Data: 65534 (decimal)
SSL settings to “Require” SSL , “Ignore” client certificates.
NDES Service Account member of IIS_IUSRS
IIS - Webserver Certificate for :443 Binding
HKLM\SOFTWARE\Microsoft\Cryptography\MSCEP
EncryptionTemplate, GeneralPurposeTemplate, SignatureTemplate
i set it to "CustomIPSecV2"
SCCM:
Installed Certificate Registration Point on NDES Server
Certificate Registration Point Properties - URL for the Network Device Enrollment Service ...
I set it to: https://externalfqdn/certsrv/mscep/mscep.dll
Certificate Root CA Profile
Certificate Profile for "CustomIPSecV2" Certificate
Now i have following error for the deployment of the "CustomIPSecV2" Certificate: 0X87D1FDE8 Remediation failed
I can not find any error in the logs (SCCM, crp.log, NDESPlugin.log, crpctrl.log)
In the IIS log there are following entries:
2014-08-02 18:57:41 fe80::10b7:f62:ec3c:605d%12 POST /CMCertificateRegistration/certificate/generatechallenge - 443 - fe80::10b7:f62:ec3c:605d%12 SMS_CERTIFICATE_REGISTRATION_POINT - 201 0 0 3502
2014-08-02 14:07:40 172.16.0.8 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 144.11.115.119 - - 200 0 0 68
What can i do?
Thanks in Advance ..Hello!
I still have the same problem - Remediation failed - 0X87D1FDE8
Is this only a problem of the certificate template?
I also reinstalled NDES Server and CRP Role on Primary Site
Has anyone an idea?
CRPSetup, crpctrl, CRPMSI all ok.
IISLog:
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 13:09:35
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 13:09:35 172.16.0.6 GET /certsrv/mscep/mscep.dll - 80 - 172.16.0.5 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.3;+WOW64;+Trident/7.0;+.NET4.0E;+.NET4.0C) - 200 0 0 1179
2014-10-13 13:09:37 172.16.0.6 GET /favicon.ico - 80 - 172.16.0.5 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.3;+WOW64;+Trident/7.0;+.NET4.0E;+.NET4.0C) - 404 0 2 1384
2014-10-13 13:14:01 172.16.0.6 GET / - 80 - 172.16.0.4 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 1
2014-10-13 13:14:01 172.16.0.6 GET /iis-85.png - 80 - 172.16.0.4 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko
http://server.external.fqdn 200 0 0 6
2014-10-13 13:14:03 172.16.0.6 GET /favicon.ico - 80 - 172.16.0.4 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 404 0 2 1
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 13:15:24
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 13:15:24 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 172.16.0.4 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 2
2014-10-13 13:15:24 172.16.0.6 GET /favicon.ico - 443 - 172.16.0.4 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 404 0 2 4
2014-10-13 13:15:40 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 47
2014-10-13 13:15:40 172.16.0.6 GET /favicon.ico - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 404 0 2 47
2014-10-13 13:20:08 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 49
2014-10-13 13:20:08 172.16.0.6 GET /favicon.ico - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 404 0 2 47
2014-10-13 13:25:32 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 48
2014-10-13 13:25:32 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 50
2014-10-13 13:25:33 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 49
2014-10-13 13:35:17 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 49
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 13:43:25
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 13:43:25 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 150
2014-10-13 13:43:32 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 104.45.8.80 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 6
2014-10-13 13:43:42 172.16.0.6 GET /certsrv/mscep/mscep.dll - 443 - 172.16.0.4 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 1
2014-10-13 13:47:25 172.16.0.6 GET /certsrv/mscep operation=GetCACert&message=MyDeviceID 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 301 0 0 47
2014-10-13 13:47:25 172.16.0.6 GET /certsrv/mscep/ operation=GetCACert&message=MyDeviceID 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 50
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 13:52:22
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 13:52:22 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 233
2014-10-13 13:52:22 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 46
2014-10-13 13:57:00 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 56
2014-10-13 13:57:00 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 41
2014-10-13 14:03:26 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 62
2014-10-13 14:03:26 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 46
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 14:19:25
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 14:19:25 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 1278
2014-10-13 14:19:25 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 52
2014-10-13 14:19:31 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 104
2014-10-13 14:19:31 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 74
2014-10-13 14:21:07 172.16.0.6 GET /certsrv/mscep/ operation=GetCACert&message=MyDeviceID 443 - 193.83.183.27 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 0 62
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 14:26:01
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 14:26:01 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 294
2014-10-13 14:26:01 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 46
2014-10-13 14:26:07 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 56
2014-10-13 14:26:07 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 52
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2014-10-13 14:46:41
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2014-10-13 14:46:41 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 601
2014-10-13 14:46:41 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 47
2014-10-13 14:46:51 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 99
2014-10-13 14:46:51 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 78
2014-10-13 14:50:40 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 46
2014-10-13 14:50:40 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 66
2014-10-13 14:51:53 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACert&message=MDM 443 - 193.83.183.27 - - 200 0 0 46
2014-10-13 14:51:53 172.16.0.6 GET /certsrv/mscep/mscep.dll/pkiclient.exe operation=GetCACaps&message=MDM 443 - 193.83.183.27 - - 200 0 0 62
Christoph R 13 -
Require password settings on mobile devices remediation failed
Hello,
I'm having an issue with 2012R2 Cfg Mgr and Intune.
I have a managed Android 4.1 device.
I'm trying to enforce "Require password setting on mobile devices" with a baseline config.
Config Manager is reporting on my device "Remediation failed" 0x87D1FDE8.
Is there anything I've done incorrectly? Perhaps not supported?
Cheers.I've got password policy to apply just fine on android, verify that you actually waited long enough for the device to process policy - see
this guide explaining the steps i took. Initially you might see the Remediation Failed message but wait at least a day to see how that pans out, alternatively change your CB deployment to just monitor instead of remediate and troubleshoot it that way
Step by Step Configuration Manager Guides >
2012 Guides |
2007 Guides | I'm on Twitter > ncbrady -
Hi All
I have a problem going on here with currently 79 Windows 8.1 Clients. They are failing to run the CcmEval Task with the result of Remediation Failed - 0x00000332 - Request to run client Evaluation task has not succeeded.
Meanwhile, the other 227 Windows 8.1 computers do not have this issue, nor do the 449 Windows 7 Clients.
On a failing client, under the Task Scheduler ->Microsoft -> Configuration Manager, the Config Manager Health Evaluation shows as having ran, but in the history, it has not.
Under Config Manager Idle Detection, they task as never actually ran, its just been queued.
and again, the Config Manager Maintenance task has never ran at all.
If I run all three manually, they all run and complete ok , report back to SCCM Console as being all active and happy.
Also note, that 68 of the 79 clients with the errors are all HP laptops 6460/6760b models, and that nearly all live on laptop trolleys and are used on and off throughout the day by students (we are a school).
Does anyone have any tips or advice for me ?
Thanks!Here is a extract from the CCMEVALTASK.log on a computer with the issues:
Register evaluation CUpdateSchedTask with ExecuteTaskOnSystemIdle CcmEvalTask 7/04/2014 9:37:55 AM 4488 (0x1188)
Being called due to timeout, (6) cycles time out, do nothing. CcmEvalTask 7/04/2014 10:07:55 AM 8428 (0x20EC)
Register evaluation CUpdateSchedTask with ExecuteTaskOnSystemIdle CcmEvalTask 7/04/2014 10:37:55 AM 7284 (0x1C74)
Being called due to timeout, (7) cycles time out, do nothing. CcmEvalTask 7/04/2014 11:31:47 AM 8888 (0x22B8)
Register evaluation CUpdateSchedTask with ExecuteTaskOnSystemIdle CcmEvalTask 7/04/2014 12:01:47 PM 6828 (0x1AAC)
Begin to check client evaluation task setting status. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Task scheduler 2.0 is supported, check client evaluation task setting status with 2.0 API. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Check whether client evaluation task exists. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Client evaluation task exists. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Check whether client evaluation task is compliant. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
The task runs in maintanence window, not check trigger related info CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Client evaluation task is compliant. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Check whether evaluation is disabled. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Client evaluation task is enabled. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Client evaluation task setting status is healthy. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Begin to check client evaluation task running status. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Current time is 2014/04/07 02:31:47 (UTC), last evaluation time is 2014/02/28 05:05:23 (UTC), interval with buffer is 1500 minutes CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Current time is 2014/04/07 02:31:47 (UTC), last miss time is 2014/04/01 22:12:33 (UTC), interval with buffer is 1500 minutes CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Client evaluation task is detected to not run in recent 4 cycles and exceeds the maximum cycles (3) CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Current time is 2014/04/07 02:31:47 (UTC), last evaluation start time is 2014/02/28 05:05:23 (UTC), interval with buffer is 1500 minutes CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
CcmEval task was not kicked off CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Client evaluation task failed to run in recent cycles, try to run it manually CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Missed client evaluation task failed to run in previous request. Clear request and retry next time. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Begin to build and send client evaluation task report. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Send previous report if needed. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Fail to get time from registry CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Can't determine whether previous sent succeed, assume sent failed CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Fail to get string from registry CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
There is no previous report sent CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Fail to get time from registry CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Can't determine whether previous sent succeed, assume sent failed CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Previous send is not complete, need to send report this time. CcmEvalTask 7/04/2014 12:31:47 PM 5380 (0x1504)
Begin to send client health status report CcmEvalTask 7/04/2014 12:31:48 PM 5380 (0x1504)
Successfully sent client health status as a state message. CcmEvalTask 7/04/2014 12:31:48 PM 5380 (0x1504)
Successfully send client evaluation task report. CcmEvalTask 7/04/2014 12:31:48 PM 5380 (0x1504)
Successfully remediate missed task. CcmEvalTask 7/04/2014 12:31:48 PM 5380 (0x1504)
Register evaluation CUpdateSchedTask with ExecuteTaskOnSystemIdle CcmEvalTask 7/04/2014 2:25:00 PM 2624 (0x0A40)
Being called due to timeout, (1) cycles time out, do nothing. CcmEvalTask 7/04/2014 2:55:00 PM 9032 (0x2348) -
IOS8 OTA SCEP enrollment fails on second install
I have a profile and SCEP server that have been working fine for several years now. However on devices running IOS8 or higher the SCEP enrollment fails if it is done a second time (different certificate). The OTA Certificate enrollment process works on IOS7 devices as many times as needed.
relevant IOS7 log for a second certificate installation based on the same config/ca/signing cert etc.:
profiled[1397] <Notice>: (Note ) MC: Retrieving profile from OTA Profile service...
profiled[1397] <Notice>: (Note ) MC: Received final profile: com.myConfig.profile
profiled[1397] <Notice>: (Note ) MC: Beginning profile installation...
<Notice>: (Note ) MC: Profile “com.myConfig.profile” is replacing an existing profile having the same identifier.
securityd[1349] <Error>: SecDbItemInsertOrReplace INSERT failed: The operation couldn’t be completed. (com.apple.utilities.sqlite3 error 19 - reset: [19] columns ctyp, issr, slnr, agrp, sync are not unique sql: INSERT INTO cert(rowid,cdat,mdat,ctyp,cenc,labl,alis,subj,issr,slnr,skid,pkhh,data,agrp,pdm n,sync,tomb,sha1)VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?))
securityd[1349] <Error>: securityd_xpc_dictionary_handler profiled[1397] add The operation couldn’t be completed. (OSStatus error -25299 - duplicate item O,cert,85233947,L,dku,apple,0,ctyp,cenc,labl,subj,issr,slnr,pkhh,v_Data,2015030 3054909.447036Z,CF75A17F)
profiled[1397] <Error>: SecOSStatusWith error:[-25299] The operation couldn’t be completed. (OSStatus error -25299 - Remote error : The operation couldn‚Äôt be completed. (OSStatus error -25299 - duplicate item O,cert,85233947,L,dku,apple,0,ctyp,cenc,labl,subj,issr,slnr,pkhh,v_Data,2015030 3054909.447036Z,CF75A17F))
profiled[1397] <Notice>: (Note ) MC: Attempting to retrieve issued certificate...
securityd[1349] <Error>: CFPropertyListReadFromFile file file:///Users/Library/Developer/CoreSimulator/Devices/9B6A7852-9C11-4FCC-8327-E 1BD33EA7CF5/data/Library/Keychains/accountStatus.plist: The operation couldn’t be completed. (Cocoa error 260.)
<Notice>: (Note ) MC: Issued certificate received.
securityd[1349] <Error>: SecDbItemInsertOrReplace INSERT failed: The operation couldn’t be completed. (com.apple.utilities.sqlite3 error 19 - reset: [19] columns kcls, klbl, atag, crtr, type, bsiz, esiz, sdat, edat, agrp, sync are not unique sql: INSERT INTO keys(rowid,cdat,mdat,kcls,labl,alis,perm,priv,modi,klbl,atag,crtr,type,bsiz,esi z,sdat,edat,sens,asen,extr,next,encr,decr,drve,sign,vrfy,snrc,vyrc,wrap,unwp,dat a,agrp,pdmn,sync,tomb,sha1)VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?, ?,?,?,?,?,?,?,?,?,?,?,?,?))
securityd[1349] <Error>: securityd_xpc_dictionary_handler profiled[1397] add The operation couldn’t be completed. (OSStatus error -25299 - duplicate item O,keys,0CC69ECD,L,dku,apple,0,kcls,labl,perm,priv,modi,klbl,atag,crtr,type,bsiz ,esiz,sdat,edat,sens,asen,extr,next,encr,decr,drve,sign,vrfy,snrc,vyrc,wrap,unwp ,v_Data,20150303054921.112843Z,344A0836)
<Error>: SecOSStatusWith error:[-25299] The operation couldn’t be completed. (OSStatus error -25299 - Remote error : The operation couldn‚Äôt be completed. (OSStatus error -25299 - duplicate item O,keys,0CC69ECD,L,dku,apple,0,kcls,labl,perm,priv,modi,klbl,atag,crtr,type,bsiz ,esiz,sdat,edat,sens,asen,extr,next,encr,decr,drve,sign,vrfy,snrc,vyrc,wrap,unwp ,v_Data,20150303054921.112843Z,344A0836))
profiled[1397] <Notice>: (Note ) MC: Profile “com.myConfig.profile” installed.
profiled[1397] <Notice>: (Note ) MC: Removing certificate with persistent ID 636572740000000000000005
securityd[1349] <Error>: CFPropertyListReadFromFile file file:///Users/Library/Developer/CoreSimulator/Devices/9B6A7852-9C11-4FCC-8327-E 1BD33EA7CF5/data/Library/Keychains/accountStatus.plist: The operation couldn’t be completed. (Cocoa error 260.)
<Notice>: (Note ) MC: Removing certificate with persistent ID 69646e740000000000000006
profiled[1397] <Notice>: (Note ) MC: Removing certificate with persistent ID 69646e740000000000000007
profiled[1397] <Notice>: (Note ) MC: Removing certificate with persistent ID 69646e740000000000000001
profiled[1397] <Notice>: (Note ) MC: Removing certificate with persistent ID 69646e740000000000000004
Under IOS8 the initial enrollment and profile installation works. However on any subsequent enrollments the following error is thrown:
profiled[2253]: (Note ) MC: Checking for MDM installation...
profiled[2253]: (Note ) MC: ...finished checking for MDM installation.
profiled[2253]: (Note ) MC: Enrolling in OTA Profile service...
profiled[2253]: SecTrustEvaluate [leaf AnchorTrusted]
securityd[1617]: securityd_xpc_dictionary_handler profiled[2253] add The operation couldn’t be completed. (OSStatus error -25299 - duplicate item O,cert,688B8CB6,L,dku,com.apple.certificates,0,ctyp,cenc,labl,subj,issr,slnr,pk hh,v_Data,20150303080953.465563Z,6CDCA2CB)
profiled[2253]: SecOSStatusWith error:[-25299] The operation couldn’t be completed. (OSStatus error -25299 - Remote error : The operation couldn‚Äôt be completed. (OSStatus error -25299 - duplicate item O,cert,688B8CB6,L,dku,com.apple.certificates,0,ctyp,cenc,labl,subj,issr,slnr,pk hh,v_Data,20150303080953.465563Z,6CDCA2CB))
profiled[2253]: SecTrustEvaluate [leaf AnchorTrusted]
profiled[2253]: (Note ) MC: Attempting to retrieve issued certificate...
profiled[2253]: SecTrustEvaluate [leaf AnchorTrusted ValidLeaf ValidRoot]
profiled[2253]: (Note ) MC: Issued certificate received.
securityd[1617]: securityd_xpc_dictionary_handler profiled[2253] add The operation couldn’t be completed. (OSStatus error -25299 - duplicate item O,cert,B7CCBFFA,L,dku,com.apple.identities,0,ctyp,cenc,labl,subj,issr,slnr,pkhh ,v_Data,20150303080954.973098Z,0A162218)
profiled[2253]: SecOSStatusWith error:[-25299] The operation couldn’t be completed. (OSStatus error -25299 - Remote error : The operation couldn‚Äôt be completed. (OSStatus error -25299 - duplicate item O,cert,B7CCBFFA,L,dku,com.apple.identities,0,ctyp,cenc,labl,subj,issr,slnr,pkhh ,v_Data,20150303080954.973098Z,0A162218))
profiled[2253]: *** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '*** setObjectForKey: key cannot be nil'
*** First throw call stack:
0 CoreFoundation 0x00000001057cff35 __exceptionPreprocess + 165
1 libobjc.A.dylib 0x0000000107deebb7 objc_exception_throw + 45
2 CoreFoundation 0x00000001056d6998 -[__NSDictionaryM setObject:forKey:] + 968
3 profiled 0x0000000105222227 profiled + 209447
4 profiled 0x000000010522297a profiled + 211322
5 libdispatch.dylib 0x0000000108554af4 _dispatch_client_callout + 8
6 libdispatch.dylib 0x000000010853eabb _dispatch_barrier_sync_f_invoke + 76
7 profiled 0x00000001052228f7 profiled + 211191
8 profiled 0x00000001052360e0 profiled + 291040
9 profiled 0x0000000105236a4d profiled + 293453
10 profiled 0x000000010523c60b profiled + 316939
11 profiled 0x00000001051f29ef profiled + 14831
12 libdispatch.dylib 0x000000010853aaf6 _dispatch_call_block_and_release + 12
13 libdispatch.dylib 0x0000000108554af4 _dispatch_client_callout + 8
14 libdispatch.dylib 0x000000010853f8cf _dispatch_queue_drain + 733
15 libdispatch.dylib 0x000000010853f494 _dispatch_queue_invoke + 217
16 libdispatch.dylib 0x00000001085413fa _dispatch_root_queue_drain + 479
17 libdispatch.dylib 0x00000001085422c9 _dispatch_worker_thread3 + 98
18 libsystem_pthread.dylib 0x00000001088d4637 _pthread_wqthread + 729
19 libsystem_pthread.dylib 0x00000001088d240d start_wqthread + 13
The error occurs as the SCEP server sends the IOS8 device the response to GetCaCert which is a static ca cert that doesn't change. I also tried deleting the installed profile before installing again but this doesn't change the observed behavior. Only a reset will allow the profile installation to succeed.
Does anybody have any ideas?Rebooting seemed to fix everything ;-)
-
Hi All,
Anyone encountered this issue. Recently upgraded to 4.9. Using L2 OOB wireless. Symantec endpoint protection ver 11, virus definition is out of date, when user clicked repair, takes a long time to remediate and then gave a failed error. "The remediation you are attempting had a failure. If the problem persist contact the system admin"
Traffic control is allowing update in temporary role, and there's no blocking from quarantine vlan to symantec server. Also we notice that the definition gets updated after a while.
Thanks.
Regards
JoachimHi Joachim,
In my enviroment, we have workstations with SEP ver 11 too and i would like to know where your users are searching for updates during the remediation process.
We have Symantec Endpoint Protection Manager acting as antivirus server and when the NAC Agent calls the Symantec LiveUpdate to perform the repair, users will get updates on the Internet and not on
Antivirus Server.
Could you give me more information about your environment?
regards,
Daniel Stefani -
So we had a Warning in SCCM show up today that some machines had some sort of malware on it. When I viewed the info there was an item called SoftwareBundler:Win32/SquareNet that showed as Computers Infected 6, Computers Remediated 6. The circle
at the bottom was also green.
To me, if something has been remediated, I would assume that means it had been fix up and is now good to go. However, when I double clicked on the item to view the 6 machines, under the column called Endpoint Protection Remediation Status, 1 of them
says Cleaned and the other 5 say None.
Does that mean those other 5 are still infected? If so, why does it say that all 6 have been remediated on the main screen.
On the 5 that show None, should I kick off a definition update and then a full scan in order to get rid of whatever it is? We're just getting started with getting all this setup and configured so I want to make sure I'm reading this all correctly and
taking the proper actions.
Thanks!!> I would assume that means it had been fix up and is now good to go.
That's correct - it means the detected item is no longer there.
> However, when I double clicked on the item to view the 6 machines, 1
of them says Cleaned and the other 5 say None.
As long as that column doesn't show that that device still needs remediation, they should be good.
> On the 5 that show None, should I kick off a definition update and then a full scan in order
to get rid of whatever it is?
I think it is always a good idea to follow up a detection/remediation with a full scan to ensure there
isn't anything else on there that wasn't triggering real-time protection. Furthermore, you consider spending time investigating how it got there in the first place. Are the devices patched? Do people who shouldn't have admin rights have admin rights?
etc.
I hope that helps,
Nash
Nash Pherson, Senior Systems Consultant
Now Micro -
My Blog Posts
If you found a bug or want the product to work differently,
share your feedback.
<-- If this post was helpful, please click the up arrow or propose as answer. -
SCEP Install Failing with Error Code 8004FF83
Hello,
We are having an issue with the manual install of SCEP on some devices. So far we've only noticed this on devices with Windows XP, SP3. We first allow SCCM to automatically attempt to push the client and on those that do not succeed
we have been manually running SCEPInstall.exe. This is where we are getting the error
8004FF83. It happens at the end of the install. It appears that files and folders are being written to the device and services are even created. Then everything gets deleted and the
error message is thrown.
We have tried reboots, and even running SCEPInstall.exe with the uninstall switches, reboot, and then retry. Our SCCM environment is 2012 R2 so our SCEP client should be fully patched. One thing to note is that we have also had to repair or re-install the
SCCM client on some of these devices. That is always the first troubleshooting step regardless - getting the SCCM client healthy and making sure it is properly communicating with its management point. Anybody have any thoughts?
Thanks for your help.Honestly, I would strongly recommend if you are concerned about endpoint protection that you stop troubleshooting these issues on Windows XP, and upgrade those devices to a newer operating system like Windows 8.1
Having a functioning antivirus is going to do you little good once support runs out for Windows XP, which is just a few weeks away -
How to remedy failed download latest version?
Win7 Pro 64 bit. Firefox 27.0. There had been comments from websites since many months: flash player is out of date. Again today. So, I uninstalled the older versions : It seemed clear that these (there were two) had failed to install correctly, if at all. So, right now, no FPlayer installed at all. I activated the Java plug in so that it is always 'on'. Same result: FP will NOT download so therefore will not install. Wits end! (That is not a title for a TV show!) Remedies???
Hello,
Can you please start a new thread with your issue. This one is fairly old.
BTW, you appear to be interchanging the online installer with the offline installer and it's hard to tell what you've done, or not done, with one or the other. When posting, please provide the information as per this FAQ: Please read this before you post! It will help in troubleshooting your issue.
Thank you.
Maria -
Alert for SCEP Clients at risk
Hi there
I've got some SCEP Clients in my Environment which are listed in the Endpoint Protection Dashboard with Status "At risk". These are Clients which were offline for an amount of time and now report an old Update Definition. Normally these
Clients get's updated and disappear from the Dashboard.
However in some case, the Clients Fails to get the newest update, and there are in our Network without being compliant. Is it possible to create an alert for Clients which doesn't have an up-to-date endpoint protection definitions (Those with Status "At
risk").
Now, i Need to manually check the Dashboard every morning if there are some new Clients with the Status at risk.
Thank you in advance!
Best regards, SimonI haven't done anything with alerts and SCEP, what I have done is create Device Collections with a membership rule based upon certain states of the SCEP client. I have a collection for Virus Definitions 3-7 days old, and 7+ days old, SCEP installation
failed and SCEP Policy Application failed.
On my collections with old definitions I deploy the full definition update package. I update the package source once a day with powershell, and have the package set to redistribute once a day. Alerts for deployment thresholds are pretty easy to create, so
if the extra remediation of definitions doesn't fix non compliant computers, you can get alerts on those that fail...
I know the above isn't quite the solution you was looking for, but perhaps it can help. -
NDES Certificate Enrollment on Surface fails
Hi all
I implemented a NDES infra based on Pietrs Blog in my Sandpit Lab (Infra runs on ConfigMgr 2012 R2 CU4), OS 2012 R2
http://blogs.technet.com/b/tune_in_to_windows_intune/archive/2014/04/25/part-2-scep-certificate-enrolling-using-configmgr-2012-crp-ndes-and-windows-intune.aspx I repeated each step sure 2 or 3 times.
If I try to assign a Client Cert/user Cert (both of them) it always fails 0X87D1FDE8 Remediation failed as posted here
https://social.technet.microsoft.com/Forums/en-US/15aebec7-4870-49af-8c0c-17d3d376783a/ndes-scep-certificate-profile-0x87d1fde8-remediation-failed-deployment-of-certificate-profiles?forum=configmanagermdm&prof=required
(All Certs are new re-created. NDES, CRP new installed). If there are no enrollments of certs possible I can understand it but Android 4.2 Devices are enrolling like a charme. A Detail the NDES Server is reachable via WAP Proxy but this works (If I enter
the Test URL I'm able to open the cert file). Finally on the Surface the Regkey in the MDM Hive is created and the NDES URi is available. All Log Files are looking fine.
Any ideas/help or tips will be very appreciated.
Cheers,
+MatAll
It is running know. It was a heavy war in My lab ... ;-) - and raised from several missconfigured components and Settings. For an easier overview enclosed by component:
CA
I have an Enterprise Root CA with subordinated Issueing CA in the lab. Failure 1: The life time of the Issueing CA Cert is only configured for 2 years. So I changed this using certutil to 10 years (Root CA 20 years, Issueing 10 years). Failure 2: The NDES
Template had a longer life time than the issueing CA. This raised in the failed cert request the issue "Life time incorrect"
WAP Proxy
On the WAP Proxy the required Settings
Location: HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
Value: MaxFieldLength
Type DWORD
Data: 65534 (decimal)
Location: HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
Value: MaxRequestBytes
Type DWORD
Data: 65534 (decimal)
were applied but the required December Update 2014 Hotfix
http://blogs.technet.com/b/ems/archive/2014/12/11/hotfix-large-uri-request-in-web-application-proxy-on-windows-server-2012-r2.aspx was not properly installed (the WAP Proxy is a Workgroup Server)
NDES
The listed http Settings above I made a mistake (Dec and Hex) so typically copy/past error.
CRP
At least one Server is properly configured
Some Remarks
Within the Policies both certs Root and Iuessing CA has to be deployed to the Root Store. Later on in the configuration for the SECP Cert enrollment the template of the issueing CA has to be choosen.
Very happy that this is rolling. Next step is to configure the WIFI Network (NPAS) that only devices with a valid Client certificate can use them.
The biggest pain Overall is that the logging process is not really helpful and confusing e.g. the MCSEP.log reports
2905.902.0:<2015/4/14, 19:31:3>: 0x80090349 (-2146892983 SEC_E_CERT_WRONG_USAGE): 44D6EDAE C3C7C52F DE1B2CE4 9C102C22 5DF4CC54 but the enrolling is working fine. Here Microsoft should investigate for a better overview.
Cheers,
+mat -
ISE Posture Remediation issue with AV client installation
Problem: If user start AV client installation in pc via AV link remediation after some time (while AV client installation not completed yet) trend micro Update windows gets pop up but not start automatic AV or AS def remediation and Cisco NAC agent shows the message AV definition is not up to date.
Also some time NAC agent give message automatic remediation failed or required user intervention to press ok so NAC can complete remediation process.
I am facing this issues when users don’t have Antivirus client in pc and performing client installation.
We have the following posture policies,
1 AV installation check: if AV is not installed in PC then perform link remediation and let user to download the Antivirus client from provided link.
2 AV definition & AS definition version check (both remediation requirement I putted in one policy): if AV or AS definition version found old then perform automatic remediation.
3. WSUS check
4 SP check
Actually I want, first user install AV client via link remediation once installation complete then move to AV & AS def remediation if required (because in first time AV client installation it automatically download all update from the AV server) otherwise def remediate policy wait for AV client installation completion.
Please can anybody let me know how remediation work internally ? like if "AV inst" remediation start so nac agent wait for it completion and don't start other remediation process e.g AS & AV def?
Second question:what is remediation process sequence ?
Third question: is there anyway we can configure timer in remediation process e.g 5 min for AV inst then 3 min for AV & AS def remediation and then go to other posture remediations ?Please check the below guide for Posture Configuration:
http://www.cisco.com/en/US/products/ps11640/products_tech_note09186a0080c15540.shtml -
ISE SCEP connection to Win2003 server unsuccessful
I'm trying to get SCEP enrollment for BYOD on-boarding to work with a Win2k3 server, so far it keeps failing. On the ISE (1.1.1), when I enter the path to the SCEP server ('https://<W2k3_srv_name>/certsrv/mscep/mscep.dll') the connectivity test fails when hitting the "Test Connectivity" button; the error message is "Connection to SCEP server failed. Remotely Closed [id: 0x00313434]". Strangely, the settings can be saved and ISE won't complain, although the ISE user guide says that the ISE will check the connectivity anyway when saving the settings.
In the end, the on-boarding process doesn't work and stops at the stage where the cert enrollment should take place (on various platforms).
See the Win2k3 event log error attached.
Any ideas or experiences?
Thanks
ToniHi Tarik
Thanks for your support - we've also tried with HTTP, yet without success. Meanwhile we've set up a 2008 server with SCEP running on it, with this one it seems to work fine now. I deliberately say *seems to work*, since I still can't get the on-borading process to finish successfully (see attached picture).
It works if you use an internal client on the LAN and request a cert directly from the SCEP server via IE. But for the BYOD devices, no cretificates are being rolled out, and no error or logs neither on ISE, nor on the SCEP server nor on the client indicate what's going wrong. I can't open a TAC case since this is a PoC with an Eval license and the customer will only buy the Advanced license if they like what they see... -
Fails to run Task Sequence (error 0x80008014)
Hello,
I am facing a strange problem.
The environment is a SCCM 2007 SP2 system.
I am using Task sequences for many years now. For OS deployment and deploying multi application updates.
packages / programs are configured with admin rights and whether or "no user is logged on"
I integrated these packages /programs in a os deployment task. This was successful.
When using the same packages / programs in a task sequence for deploying these software packages the ts faisl.
Checking exexmgr.log I can see the following message "TS Step required to run in user context, targeted to user or requiring user input. Rejecting." Which I don't understand at all.
I stripped down the ts to only one application to install. The error is the same.
In other logs I found these error messages:
Failed to delete registry value HKLM\Software\Microsoft\SMS\Task Sequence\System Health Agent. Error code 0x80070002
failed to invoke execution manager to install software for package id
Í checked the SCCM client on the SCCM server and the one which is installed. Both are version 4.00.6487.2000.
Thanks for your feedback on this,
Thanks,
Andy==========[ TsProgressUI started in process 15076 ]========== TsProgressUI 16.09.2014 11:01:37 18136 (0x46D8)
Registering COM classes TsProgressUI 16.09.2014 11:01:37 18136 (0x46D8)
sbModulePath = C:\WINDOWS\SysWOW64\CCM\TsProgressUI.exe TsProgressUI 16.09.2014 11:01:37 18136 (0x46D8)
Shutdown complete. TsProgressUI 16.09.2014 11:01:37 18136 (0x46D8)
Process completed with exit code 0 TSLauncher 16.09.2014 11:01:37 17496 (0x4458)
Successfully registered TS Progress UI. TSLauncher 16.09.2014 11:01:37 17496 (0x4458)
C:\_SMSTaskSequence does not exist TSLauncher 16.09.2014 11:01:37 17496 (0x4458)
Updated security on object C:\_SMSTaskSequence. TSLauncher 16.09.2014 11:01:37 17496 (0x4458)
Starting Task Sequence Manager Service. TSLauncher 16.09.2014 11:01:37 17496 (0x4458)
Modifying TS Manager Service to auto start. TSLauncher 16.09.2014 11:01:37 17496 (0x4458)
Starting the TS Manager Service. TSLauncher 16.09.2014 11:01:37 17496 (0x4458)
Successfully intialized Logging for TS Manager. TSManager 16.09.2014 11:01:37 18688 (0x4900)
Commandline: C:\WINDOWS\SysWOW64\CCM\TSManager.exe /service TSManager 16.09.2014 11:01:37 18688 (0x4900)
Successfully registered Task Sequencing COM Interface. TSManager 16.09.2014 11:01:37 18688 (0x4900)
Executing as a service TSManager 16.09.2014 11:01:37 18688 (0x4900)
Waiting for the TS Manager Service to start. TSLauncher 16.09.2014 11:01:37 17496 (0x4458)
Started ServiceMain TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Task Sequence Manager executing as service main thread TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Waiting for CcmExec service to be fully operational TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
CcmExec service is up and fully operational TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Pause request for Software Distribution TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Checking if CCM component SoftwareDistribution is paused TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Component is not currently paused... TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Pausing CCM component SoftwareDistribution TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Task Sequencing Manager Service successfully started. TSLauncher 16.09.2014 11:01:37 17496 (0x4458)
Task Sequence Launcher finished execution successfully! TSLauncher 16.09.2014 11:01:37 17496 (0x4458)
Paused notification received for Software Updates/Distribution TSManager 16.09.2014 11:01:37 14984 (0x3A88)
Software Distribution is now paused. TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Saving SoftwareDistribution pause cookie: 22591 TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Pause request for Software Updates TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Checking if CCM component SoftwareUpdates is paused TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Component is not currently paused... TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Pausing CCM component SoftwareUpdates TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Paused notification received for Software Updates/Distribution TSManager 16.09.2014 11:01:37 14984 (0x3A88)
Software Updates is now paused. TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Saving SoftwareUpdates pause cookie: 22591 TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Attempting to pause System Health Agent TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Checking if CCM component System Health Agent is paused TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Failed to pause component System Health Agent (80040200) TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Remediating TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Error getting system isolation info. Code 8027000C TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Remediation failed. Code 8027000C TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Remediation failed with error code 8027000C TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Parsing task sequence . . . TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Task sequence schema version is 3.00 TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Current supported schema version is 3.10 and 3.00 TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Starting Task Sequence Engine . . . TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
**************************************************************************** TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Set a global environment variable _SMSTSNextInstructionPointer=0 TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Set a global environment variable _SMSTSInstructionTableSize=1 TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Set a global environment variable SMSTSRebootRequested= TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Set a global environment variable SMSTSRebootDelay= TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Set a global environment variable SMSTSRebootMessage= TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Set a global environment variable SMSTSRebootReason= TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Set a global environment variable SMSTSRetryRequested= TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
The task execution engine started execution TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Sending status message . . . TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Send a task execution status message SMS_TSExecution_TaskSequenceStartInfo TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Registry entry 'Certificate Store' is either missing or empty. TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
The 'Certificate Store' is empty in the registry, using default store name 'MY'. TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Registry entry 'Certificate Selection Criteria' is either missing or empty. TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Registry entry 'Select First Certificate' value is 1. TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
The 'Certificate Selection Criteria' was not specified, counting number of certificates present in 'MY' store of 'Local Computer'. TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
1 certificate(s) found in the 'MY' certificate store. TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Only one certificate present in the certificate store. TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Client SSL is enabled. The current state is 0x95. TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
The certificate issued to 'clientname' has 'Client Authentication' capability. TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Using the certificate issued to 'clientname'. TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Formatted header: TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
<Msg SchemaVersion="1.1" ReplyCompression="zlib"><ID/><SourceID>GUID:eb79550c-aad9-4ed7-879e-74886b7b5aca</SourceID><SourceHost/><TargetAddress>mp:[http]MP_StatusManager</TargetAddress><ReplyTo>direct:OSD</ReplyTo><Priority>3</Priority><Timeout>3600</Timeout><SentTime>2014-09-16T09:01:37Z</SentTime><Protocol>http</Protocol><Body
Type="ByteRange" Offset="0" Length="2140"/><Hooks><Hook2 Name="clientauth"><Property Name="PublicKey">0602000000A40000525341310008000001000100AD1FCB191AF20B63A8DB91BE3968E2225100EA1EAFDD751120923C4A4332AFFE3916CDE1AE13AC891FBB7DF1BBBBCC236AD4F5689F7A03DB79379838FD043DFA8AEC3DFB5FAA24984292CDFB9A8794F4C104CF2A6B0C9DDAF86D453B25BC246E8273922C66D885F3A8BF5C08B05E90200A970A2371B77161CACBA2843BC6A973CED2ED61E84DAE2F78491D44F6B88D69C72BC815E6B31FC3C8B2D095537920F3A44893D396CAD6CBA5700416F39067A138B26155B1A3621F0619C272CEC54EDFF3EE978A3A824D8EA0053ABB1E2FC296D8FF862B47414BDCEED687B8303B0EBDD4D25A4E591AB530CBD5D5C1045A8A535F3BC467C99237B46CA2C0E2E948709A</Property><Property
Name="ClientIDSignature">A262419FE563595B69872C1E76F91359EF41789818D1377769F25576C873871FE3E97CD4D3D2425054D969F8735CA0BBF71070F98E97E7171DA2D2B4C8352C863E368409CEF0AB6096A2E92F9E123B5866710B28572886FCC4B1F36F0D80420AAE1DE013CE62A687B2226A464889376EF9FA7B835E2003A77881F3D527669765D587B45BE9C01103C919BE355FF56787D280AE3A72F4DB976757191FAC4E391BEF1AAD9BD3FE46A83C8E6167EB1D6FAF6109682566A27D1097B27143A50522B4A9FD9514565901A2BDCE437BD097E23710904DA839456519E2A2F264072633831AB37C509CF43312A1ECEACF6C82914D7F40BC6645EEED57C3ABE41C23E03B39</Property><Property
Name="PayloadSignature">5D6D17BC683415752B8CD07753CE0EC1D81FB69D4E78002B17D8C9B9C7A821AC255729C79F4B3E3AE1F70E7ECBDD09EC813B5A6A393FC67B742A1F4BF9EE6CB9C8A67F21B6521092F0E48E37686C5ACE66E62AB77204A9396F46E72CB03C2DB5A516BAF62AB1FA6B33D5E365DBBF23485856872BD185D62E9BF4995523BBC892B32141A0345A0A47FC2666B9129B09359854E9C5AEB617359B6C52DD7197D29FF152AD36FF05607E4008D9569AE9F51C2181C32B217C52AFFD036F855AEA43F44871B1CD919D6E04A5CD02DB1DCD4E7D422E4DE066BD1135C176031022D74F56E3AD688DDFCEEC8BF1DDCF8F10FD0BA39529539D69B61DD682817D528F25D358</Property></Hook2></Hooks><Payload
Type="inline"/><TargetHost/><TargetEndpoint>StatusReceiver</TargetEndpoint><ReplyMode>Sync</ReplyMode><CorrelationID/></Msg>
TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Start executing an instruciton. Instruction name: Install 7-Zip 9.20 x64. Instruction pointer: 0 TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Set a global environment variable _SMSTSCurrentActionName=Install 7-Zip 9.20 x64 TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Set a global environment variable _SMSTSNextInstructionPointer=0 TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Set a local default variable _SMSSWDProgramName TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Set a global environment variable _SMSTSLogPath=C:\WINDOWS\SysWOW64\CCM\Logs\SMSTSLog TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Expand a string: smsswd.exe /pkg:D010015A /install /basevar: /continueOnError: TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Expand a string: TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Start executing the command line: smsswd.exe /pkg:D010015A /install /basevar: /continueOnError: TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
!--------------------------------------------------------------------------------------------! TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Expand a string: FullOS TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
Executing command line: smsswd.exe /pkg:D010015A /install /basevar: /continueOnError: TSManager 16.09.2014 11:01:37 7740 (0x1E3C)
=======================[ smsswd.exe ] ======================= InstallSoftware 16.09.2014 11:01:38 23284 (0x5AF4)
PackageID = 'D010015A' InstallSoftware 16.09.2014 11:01:38 23284 (0x5AF4)
BaseVar = '', ContinueOnError='' InstallSoftware 16.09.2014 11:01:38 23284 (0x5AF4)
SwdAction = '0002' InstallSoftware 16.09.2014 11:01:38 23284 (0x5AF4)
SoftDist paused cookie = 22591 InstallSoftware 16.09.2014 11:01:38 23284 (0x5AF4)
Successfully connected to "\\DistributionServer\SMSPKGD$\D010015A" InstallSoftware 16.09.2014 11:01:38 23284 (0x5AF4)
SMS PkgID 'D010015A' resolved to location '\\DistributionServer\SMSPKGD$\D010015A\' InstallSoftware 16.09.2014 11:01:38 23284 (0x5AF4)
Start to compile TS policy InstallSoftware 16.09.2014 11:01:38 23284 (0x5AF4)
Policy complied successfully in WMI 'root\ccm\policy\defaultmachine\requestedconfig' namespace InstallSoftware 16.09.2014 11:01:38 23284 (0x5AF4)
End TS policy compilation InstallSoftware 16.09.2014 11:01:38 23284 (0x5AF4)
Start to evaluate TS policy with lock InstallSoftware 16.09.2014 11:01:38 23284 (0x5AF4)
Updating settings in
\\clientname\root\ccm\policy\machine\actualconfig InstallSoftware 16.09.2014 11:01:38 23284 (0x5AF4)
Machine RequestedConfig policy instance(s) : 1978 InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Added/updated setting 'ccm_softwaredistribution:adv_advertisementid=d012054b:pkg_packageid=d010015a:prg_programid=ts_install'. InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Added/updated setting 'inventorydataitem:dataitemid={0fc01f3e-7e62-46fd-ab98-926a2c724684}:itemclass=filesystemfile:namespace=\\.\root\ccm\invagt'. InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Added/updated setting 'inventorydataitem:dataitemid={33d85ab7-9913-4ba2-b887-0c7427bc0a2d}:itemclass=filesystemfile:namespace=\\.\root\ccm\invagt'. InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Added/updated setting 'inventorydataitem:dataitemid={3a27449d-1b79-40b5-970e-54655fc8dc67}:itemclass=filesystemfile:namespace=\\.\root\ccm\invagt'. InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Added/updated setting 'inventorydataitem:dataitemid={516688f4-d6b8-488f-8461-208e0847da93}:itemclass=win32reg_addremoveprograms:namespace=\\localhost\root\cimv2'. InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Added/updated setting 'inventorydataitem:dataitemid={73719729-c4e9-4132-a3d6-b07a322c41c1}:itemclass=win32reg_addremoveprograms64:namespace=\\localhost\root\cimv2'. InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Added/updated setting 'inventorydataitem:dataitemid={94d99a25-e6aa-4cc2-9a73-dc678f47810a}:itemclass=win32reg_smsguestvirtualmachine:namespace=\\.\root\cimv2'. InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Added/updated setting 'inventorydataitem:dataitemid={ac92faf2-88c1-4cd1-b30d-9a1ccf2fe562}:itemclass=win32reg_smsguestvirtualmachine64:namespace=\\.\root\cimv2'. InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Added/updated setting 'inventorydataitem:dataitemid={d0babbf8-42d3-4a6d-a905-0679ed466add}:itemclass=filesystemfile:namespace=\\.\root\ccm\invagt'. InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Added/updated setting 'inventorydataitem:dataitemid={fe169e66-dfbd-432a-8880-8300fd5854cd}:itemclass=filesystemfile:namespace=\\.\root\ccm\invagt'. InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Raising event:
instance of CCM_PolicyAgent_SettingsEvaluationComplete
ClientID = "GUID:eb79550c-aad9-4ed7-879e-74886b7b5aca";
DateTime = "20140916090139.887000+000";
PolicyNamespace = "\\\\clientname\\root\\ccm\\policy\\machine\\actualconfig";
ProcessID = 17988;
ThreadID = 23284;
InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Successfully submitted event to the Status Agent. InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
End TS policy evaluation InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Policy evaluation initiated InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Waiting for policy to be compiled in 'root\ccm\policy\machine' namespace InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Verified policy is compiled in 'root\ccm\policy\machine' namespace InstallSoftware 16.09.2014 11:01:39 23284 (0x5AF4)
Failed to invoke Execution Manager to Install Software for PackageID='D010015A' ProgramID='ts_install' AdvertID='D012054B' hr=0x80008014 InstallSoftware 16.09.2014 11:01:48 23284 (0x5AF4)
InstallSoftware failed, hr=0x80008014 InstallSoftware 16.09.2014 11:01:48 23284 (0x5AF4)
Install Software failed, hr=0x80008014 InstallSoftware 16.09.2014 11:01:48 23284 (0x5AF4)
Process completed with exit code 2147516436 TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
!--------------------------------------------------------------------------------------------! TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Failed to run the action: Install 7-Zip 9.20 x64.
Unknown error (Error: 80008014; Source: Unknown) TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Sending status message . . . TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Send a task execution status message SMS_TSExecution_ActionFailError TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Registry entry 'Certificate Store' is either missing or empty. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
The 'Certificate Store' is empty in the registry, using default store name 'MY'. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Registry entry 'Certificate Selection Criteria' is either missing or empty. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Registry entry 'Select First Certificate' value is 1. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
The 'Certificate Selection Criteria' was not specified, counting number of certificates present in 'MY' store of 'Local Computer'. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
1 certificate(s) found in the 'MY' certificate store. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Only one certificate present in the certificate store. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
The certificate issued to 'clientname' has 'Client Authentication' capability. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Using the certificate issued to 'clientname'. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Formatted header: TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
<Msg SchemaVersion="1.1" ReplyCompression="zlib"><ID/><SourceID>GUID:eb79550c-aad9-4ed7-879e-74886b7b5aca</SourceID><SourceHost/><TargetAddress>mp:[http]MP_StatusManager</TargetAddress><ReplyTo>direct:OSD</ReplyTo><Priority>3</Priority><Timeout>3600</Timeout><SentTime>2014-09-16T09:01:48Z</SentTime><Protocol>http</Protocol><Body
Type="ByteRange" Offset="0" Length="4248"/><Hooks><Hook2 Name="clientauth"><Property Name="PublicKey">0602000000A40000525341310008000001000100AD1FCB191AF20B63A8DB91BE3968E2225100EA1EAFDD751120923C4A4332AFFE3916CDE1AE13AC891FBB7DF1BBBBCC236AD4F5689F7A03DB79379838FD043DFA8AEC3DFB5FAA24984292CDFB9A8794F4C104CF2A6B0C9DDAF86D453B25BC246E8273922C66D885F3A8BF5C08B05E90200A970A2371B77161CACBA2843BC6A973CED2ED61E84DAE2F78491D44F6B88D69C72BC815E6B31FC3C8B2D095537920F3A44893D396CAD6CBA5700416F39067A138B26155B1A3621F0619C272CEC54EDFF3EE978A3A824D8EA0053ABB1E2FC296D8FF862B47414BDCEED687B8303B0EBDD4D25A4E591AB530CBD5D5C1045A8A535F3BC467C99237B46CA2C0E2E948709A</Property><Property
Name="ClientIDSignature">A262419FE563595B69872C1E76F91359EF41789818D1377769F25576C873871FE3E97CD4D3D2425054D969F8735CA0BBF71070F98E97E7171DA2D2B4C8352C863E368409CEF0AB6096A2E92F9E123B5866710B28572886FCC4B1F36F0D80420AAE1DE013CE62A687B2226A464889376EF9FA7B835E2003A77881F3D527669765D587B45BE9C01103C919BE355FF56787D280AE3A72F4DB976757191FAC4E391BEF1AAD9BD3FE46A83C8E6167EB1D6FAF6109682566A27D1097B27143A50522B4A9FD9514565901A2BDCE437BD097E23710904DA839456519E2A2F264072633831AB37C509CF43312A1ECEACF6C82914D7F40BC6645EEED57C3ABE41C23E03B39</Property><Property
Name="PayloadSignature">1705FB90096C88A5F7D23FF3D8A29A1431E0E4D8F2485051440489CCC67ABF99D1F4D88E387A8142238037318798E37CE8BC77D5F15F362031823E48A4E3AF22E2475C8C1E13E72B188183265E3214954E7CF69E4D4972B308358621DEC778AA63D3C40E5A4C020F78FA89391F0E6A75D59DDF8AADD7AAA509FBAE61EEF239FEA55066E739301C7BDB80C3562239F099CFA3B74427627323132419E77170182F50DDF2021CC14D62BD05EA32D38FEEEA665088F79334A980886364ED8901A8BD703C5C9DD529723DDE8516CF14ED1785E3173F6A8D08E1CBB444191155D7115CC0CB8398A9D21CDA95513F19448F24212E179503F0F35BAB6DBE868DA7BE6132</Property></Hook2></Hooks><Payload
Type="inline"/><TargetHost/><TargetEndpoint>StatusReceiver</TargetEndpoint><ReplyMode>Sync</ReplyMode><CorrelationID/></Msg>
TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Set a global environment variable _SMSTSLastActionRetCode=-2147450860 TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Set a global environment variable _SMSTSLastActionSucceeded=false TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Clear local default environment TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Failed to run the action: Install 7-Zip 9.20 x64. Execution has been aborted TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Sending status message . . . TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Send a task execution status message SMS_TSExecution_ActionAbortExecutionError TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Registry entry 'Certificate Store' is either missing or empty. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
The 'Certificate Store' is empty in the registry, using default store name 'MY'. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Registry entry 'Certificate Selection Criteria' is either missing or empty. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Registry entry 'Select First Certificate' value is 1. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
The 'Certificate Selection Criteria' was not specified, counting number of certificates present in 'MY' store of 'Local Computer'. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
1 certificate(s) found in the 'MY' certificate store. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Only one certificate present in the certificate store. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
The certificate issued to 'clientname' has 'Client Authentication' capability. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Using the certificate issued to 'clientname'. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Formatted header: TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
<Msg SchemaVersion="1.1" ReplyCompression="zlib"><ID/><SourceID>GUID:eb79550c-aad9-4ed7-879e-74886b7b5aca</SourceID><SourceHost/><TargetAddress>mp:[http]MP_StatusManager</TargetAddress><ReplyTo>direct:OSD</ReplyTo><Priority>3</Priority><Timeout>3600</Timeout><SentTime>2014-09-16T09:01:48Z</SentTime><Protocol>http</Protocol><Body
Type="ByteRange" Offset="0" Length="2208"/><Hooks><Hook2 Name="clientauth"><Property Name="PublicKey">0602000000A40000525341310008000001000100AD1FCB191AF20B63A8DB91BE3968E2225100EA1EAFDD751120923C4A4332AFFE3916CDE1AE13AC891FBB7DF1BBBBCC236AD4F5689F7A03DB79379838FD043DFA8AEC3DFB5FAA24984292CDFB9A8794F4C104CF2A6B0C9DDAF86D453B25BC246E8273922C66D885F3A8BF5C08B05E90200A970A2371B77161CACBA2843BC6A973CED2ED61E84DAE2F78491D44F6B88D69C72BC815E6B31FC3C8B2D095537920F3A44893D396CAD6CBA5700416F39067A138B26155B1A3621F0619C272CEC54EDFF3EE978A3A824D8EA0053ABB1E2FC296D8FF862B47414BDCEED687B8303B0EBDD4D25A4E591AB530CBD5D5C1045A8A535F3BC467C99237B46CA2C0E2E948709A</Property><Property
Name="ClientIDSignature">A262419FE563595B69872C1E76F91359EF41789818D1377769F25576C873871FE3E97CD4D3D2425054D969F8735CA0BBF71070F98E97E7171DA2D2B4C8352C863E368409CEF0AB6096A2E92F9E123B5866710B28572886FCC4B1F36F0D80420AAE1DE013CE62A687B2226A464889376EF9FA7B835E2003A77881F3D527669765D587B45BE9C01103C919BE355FF56787D280AE3A72F4DB976757191FAC4E391BEF1AAD9BD3FE46A83C8E6167EB1D6FAF6109682566A27D1097B27143A50522B4A9FD9514565901A2BDCE437BD097E23710904DA839456519E2A2F264072633831AB37C509CF43312A1ECEACF6C82914D7F40BC6645EEED57C3ABE41C23E03B39</Property><Property
Name="PayloadSignature">47B0130E722BA570201F17D23C59E8E8A1161BE57C5D606CDC1892392BA3A1040E851C6F82C19D39D1414A3E5D954AE8B99A171FC695D9815BA9C3B1A3BD1F3FE9F19F45C434D2BE86177548347D1647E75432FE452369E93CEF88C2F20FF7AE14F006EA24AC3BECAF5F5C81CC2F9D0BB088F3F2D50F7C6AA7ED6B131514F25A0B285D7A47C0535EF78AD85A2E054D8801B6950B6866FF63F08BD77EDF42137830EA5518B9C3865715366FD86ED5F17C27D0A2C19632E1EE1822C5C3DCF5F473D26548FD5980A79831441EF4E625DFA9FE96CBF887847346845620BBED5E5F7455ECB6738855A7AFAF40ECB1271C089EB40825FA10EE03F4F4A71F632C6BFE41</Property></Hook2></Hooks><Payload
Type="inline"/><TargetHost/><TargetEndpoint>StatusReceiver</TargetEndpoint><ReplyMode>Sync</ReplyMode><CorrelationID/></Msg>
TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Failed to run the last action: Install 7-Zip 9.20 x64. Execution of task sequence failed.
Unknown error (Error: 80008014; Source: Unknown) TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Sending status message . . . TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Send a task execution status message SMS_TSExecution_TaskSequenceFailError TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Registry entry 'Certificate Store' is either missing or empty. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
The 'Certificate Store' is empty in the registry, using default store name 'MY'. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Registry entry 'Certificate Selection Criteria' is either missing or empty. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Registry entry 'Select First Certificate' value is 1. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
The 'Certificate Selection Criteria' was not specified, counting number of certificates present in 'MY' store of 'Local Computer'. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
1 certificate(s) found in the 'MY' certificate store. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Only one certificate present in the certificate store. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
The certificate issued to 'clientname' has 'Client Authentication' capability. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Using the certificate issued to 'clientname'. TSManager 16.09.2014 11:01:48 7740 (0x1E3C)
Formatted header: TSManager 16.09.2014 11:01:49 7740 (0x1E3C)
<Msg SchemaVersion="1.1" ReplyCompression="zlib"><ID/><SourceID>GUID:eb79550c-aad9-4ed7-879e-74886b7b5aca</SourceID><SourceHost/><TargetAddress>mp:[http]MP_StatusManager</TargetAddress><ReplyTo>direct:OSD</ReplyTo><Priority>3</Priority><Timeout>3600</Timeout><SentTime>2014-09-16T09:01:49Z</SentTime><Protocol>http</Protocol><Body
Type="ByteRange" Offset="0" Length="2176"/><Hooks><Hook2 Name="clientauth"><Property Name="PublicKey">0602000000A40000525341310008000001000100AD1FCB191AF20B63A8DB91BE3968E2225100EA1EAFDD751120923C4A4332AFFE3916CDE1AE13AC891FBB7DF1BBBBCC236AD4F5689F7A03DB79379838FD043DFA8AEC3DFB5FAA24984292CDFB9A8794F4C104CF2A6B0C9DDAF86D453B25BC246E8273922C66D885F3A8BF5C08B05E90200A970A2371B77161CACBA2843BC6A973CED2ED61E84DAE2F78491D44F6B88D69C72BC815E6B31FC3C8B2D095537920F3A44893D396CAD6CBA5700416F39067A138B26155B1A3621F0619C272CEC54EDFF3EE978A3A824D8EA0053ABB1E2FC296D8FF862B47414BDCEED687B8303B0EBDD4D25A4E591AB530CBD5D5C1045A8A535F3BC467C99237B46CA2C0E2E948709A</Property><Property
Name="ClientIDSignature">A262419FE563595B69872C1E76F91359EF41789818D1377769F25576C873871FE3E97CD4D3D2425054D969F8735CA0BBF71070F98E97E7171DA2D2B4C8352C863E368409CEF0AB6096A2E92F9E123B5866710B28572886FCC4B1F36F0D80420AAE1DE013CE62A687B2226A464889376EF9FA7B835E2003A77881F3D527669765D587B45BE9C01103C919BE355FF56787D280AE3A72F4DB976757191FAC4E391BEF1AAD9BD3FE46A83C8E6167EB1D6FAF6109682566A27D1097B27143A50522B4A9FD9514565901A2BDCE437BD097E23710904DA839456519E2A2F264072633831AB37C509CF43312A1ECEACF6C82914D7F40BC6645EEED57C3ABE41C23E03B39</Property><Property
Name="PayloadSignature">607C65C61B54F43AEEF5C245F9A34E3E7E4989F4B070E37DD6A1FBF5482C940A22298E8075140D660E6F4C4387C2E04F381D2415DC9E4DA98C4C09832B54114570C68F93C88E3C52B095066F216943865A1B4F2D8A0C5AE21872E307E1C199167827A67EFE5DE5916E3AB62A1CA812906C7F408E84AE9BCEAF475408B46FB52315C7EB6C202E5B027F89746D9F306997273D5FD0311EFF82C0AC22608565555EBA20BEC0D0BFF661F14829AD9C59367AE0042DCDD1828C571BDAB5383A86AFF26C3D93481B982967DEF4B25D51E9A2F91A9E037C4D413399D26CFC5EB6B2D31CC3CF10DFF5AF82A7E2E4F52B597CBC96C2666199EE37ABD027F74D7BC26F6D36</Property></Hook2></Hooks><Payload
Type="inline"/><TargetHost/><TargetEndpoint>StatusReceiver</TargetEndpoint><ReplyMode>Sync</ReplyMode><CorrelationID/></Msg>
TSManager 16.09.2014 11:01:49 7740 (0x1E3C)
Task Sequence Engine failed! Code: enExecutionFail TSManager 16.09.2014 11:01:50 7740 (0x1E3C)
**************************************************************************** TSManager 16.09.2014 11:01:51 7740 (0x1E3C)
Task sequence execution failed with error code 80004005 TSManager 16.09.2014 11:01:51 7740 (0x1E3C)
Cleaning Up. Removing Authenticator TSManager 16.09.2014 11:01:51 7740 (0x1E3C)
Cleaning up task sequence folder TSManager 16.09.2014 11:01:51 7740 (0x1E3C)
File "C:\_SMSTaskSequence\TSEnv.dat" does not exist. (Code 0x80070002) TSManager 16.09.2014 11:01:51 7740 (0x1E3C)
Successfully unregistered Task Sequencing Environment COM Interface. TSManager 16.09.2014 11:01:51 7740 (0x1E3C)
Executing command line: "C:\WINDOWS\SysWOW64\CCM\TsProgressUI.exe" /Unregister TSManager 16.09.2014 11:01:51 7740 (0x1E3C)
==========[ TsProgressUI started in process 3064 ]========== TsProgressUI 16.09.2014 11:01:51 10880 (0x2A80)
Unregistering COM classes TsProgressUI 16.09.2014 11:01:51 10880 (0x2A80)
Shutdown complete. TsProgressUI 16.09.2014 11:01:51 10880 (0x2A80)
Process completed with exit code 0 TSManager 16.09.2014 11:01:51 7740 (0x1E3C)
Successfully unregistered TS Progress UI. TSManager 16.09.2014 11:01:51 7740 (0x1E3C)
Start to cleanup TS policy TSManager 16.09.2014 11:01:51 7740 (0x1E3C)
End TS policy cleanup TSManager 16.09.2014 11:01:51 7740 (0x1E3C)
Start to evaluate TS policy with lock TSManager 16.09.2014 11:01:51 7740 (0x1E3C)
Updating settings in
\\clientname\root\ccm\policy\machine\actualconfig TSManager 16.09.2014 11:01:51 7740 (0x1E3C)
Machine RequestedConfig policy instance(s) : 1978 TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Added/updated setting 'ccm_softwaredistribution:adv_advertisementid=d012054b:pkg_packageid=d010015a:prg_programid=ts_install'. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Added/updated setting 'inventorydataitem:dataitemid={0fc01f3e-7e62-46fd-ab98-926a2c724684}:itemclass=filesystemfile:namespace=\\.\root\ccm\invagt'. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Added/updated setting 'inventorydataitem:dataitemid={33d85ab7-9913-4ba2-b887-0c7427bc0a2d}:itemclass=filesystemfile:namespace=\\.\root\ccm\invagt'. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Added/updated setting 'inventorydataitem:dataitemid={3a27449d-1b79-40b5-970e-54655fc8dc67}:itemclass=filesystemfile:namespace=\\.\root\ccm\invagt'. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Added/updated setting 'inventorydataitem:dataitemid={516688f4-d6b8-488f-8461-208e0847da93}:itemclass=win32reg_addremoveprograms:namespace=\\localhost\root\cimv2'. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Added/updated setting 'inventorydataitem:dataitemid={73719729-c4e9-4132-a3d6-b07a322c41c1}:itemclass=win32reg_addremoveprograms64:namespace=\\localhost\root\cimv2'. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Added/updated setting 'inventorydataitem:dataitemid={94d99a25-e6aa-4cc2-9a73-dc678f47810a}:itemclass=win32reg_smsguestvirtualmachine:namespace=\\.\root\cimv2'. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Added/updated setting 'inventorydataitem:dataitemid={ac92faf2-88c1-4cd1-b30d-9a1ccf2fe562}:itemclass=win32reg_smsguestvirtualmachine64:namespace=\\.\root\cimv2'. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Added/updated setting 'inventorydataitem:dataitemid={d0babbf8-42d3-4a6d-a905-0679ed466add}:itemclass=filesystemfile:namespace=\\.\root\ccm\invagt'. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Added/updated setting 'inventorydataitem:dataitemid={fe169e66-dfbd-432a-8880-8300fd5854cd}:itemclass=filesystemfile:namespace=\\.\root\ccm\invagt'. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Raising event:
instance of CCM_PolicyAgent_SettingsEvaluationComplete
ClientID = "GUID:eb79550c-aad9-4ed7-879e-74886b7b5aca";
DateTime = "20140916090152.640000+000";
PolicyNamespace = "\\\\clientname\\root\\ccm\\policy\\machine\\actualconfig";
ProcessID = 20444;
ThreadID = 7740;
TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Successfully submitted event to the Status Agent. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
End TS policy evaluation TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Policy evaluation initiated TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Error executing Task Sequence Manager service. Code 0x80004005 TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Sending error status message TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Registry entry 'Certificate Store' is either missing or empty. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
The 'Certificate Store' is empty in the registry, using default store name 'MY'. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Registry entry 'Certificate Selection Criteria' is either missing or empty. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Registry entry 'Select First Certificate' value is 1. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
The 'Certificate Selection Criteria' was not specified, counting number of certificates present in 'MY' store of 'Local Computer'. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
1 certificate(s) found in the 'MY' certificate store. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Only one certificate present in the certificate store. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
The certificate issued to 'clientname' has 'Client Authentication' capability. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Using the certificate issued to 'clientname'. TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
Formatted header: TSManager 16.09.2014 11:01:52 7740 (0x1E3C)
<Msg SchemaVersion="1.1" ReplyCompression="zlib"><ID/><SourceID>GUID:eb79550c-aad9-4ed7-879e-74886b7b5aca</SourceID><SourceHost/><TargetAddress>mp:[http]MP_StatusManager</TargetAddress><ReplyTo>direct:OSD</ReplyTo><Priority>3</Priority><Timeout>3600</Timeout><SentTime>2014-09-16T09:01:52Z</SentTime><Protocol>http</Protocol><Body
Type="ByteRange" Offset="0" Length="1178"/><Hooks><Hook2 Name="clientauth -
Client failing to install Applications in OSD
This is the first OSD in SCCM 2012 R2 that I am testing and I cannot get any application (not package) deployed finding several different errors (see below). Also I am confused as to whether the client is properly registering on the server
(and if this is the cause of my problems)
The SMSTS log is showing the following errors during SMS client install:
Unable to read SMS client cert from environment. Not restoring SMS client cert.
Active request handle is empty, registering with new active request handle. This is expected if the TS was started from a media/PXE.
Failed to create instance for IMTCTokenHandler interface, hr=0x80070005
Failed to find property 'AutoApplyDeployment' in 'CCM_ApplicationManagementClientConfig' class defintion. Error 0x80041002. Default value will be used for this property
Error getting system isolation info. Code 8027000C
Remediation failed with error code 8027000C
Then during the application deployment phase I am seeing:
NotifyProgress received: 16 (Application failed to evaluate )
Policy Evaluation failed, hr=0x80004005
Install application action failed: 'Microsoft Visio Viewer 2013'. Error Code 0x80004005
Install application action cannot continue. ContinueOnErrorFlag is set to false.
The SMS client is installed at the end of the failed task sequence but seems to have a few things not available.
Can I get any guidance on how to isolate what might be the cause of this?
Thanks, StephenIs this the same behavior you're experiencing?:
http://www.vansurksum.com/configmgr-2012-caveat-with-application-revisions-when-used-in-a-task-sequence/
This issue should have been fixed with R2 so the version of ConfigMgr being used would be good to know.
Also upload smsts.log (or even better all ConfigMgr logs) to OneDrive, because just providing single lines are meaninless (they are taken out of context). Thanks
Torsten Meringer | http://www.mssccmfaq.de
Maybe you are looking for
-
i damaged my iphone 5 and have been sent a new one, but i do not have enough storage to back up my phone and do not want to pay for more storage. can i get all of my contacts, photos, etc. on my new phone just by logging into my icloud account?
-
Clarification regarding Service Desk
Dear Experts, We are currently setting up Service Desk functionality for our landscape using Solution Manager 7.0 EhP1. Following the material available on the SMP, we are now able to create messages within the Solution Managers(internal support desk
-
10.6.7 won't let Chrome display images
I installed Mac OS X 10.6.7 today (along with the security update) on my iMac and now my Chrome browser (10.0.648.151) will no longer display images.
-
Can i use backup of music library on external hd as original
Had my iTunes music folder located on an external hd 1 that recently failed. Had recently made a copy of that music folder on a separate external hd 2. My question is can i plug in my external hd 2 with that music folder copy, open iTunes, and when i
-
Query on Nokia N9 usage in India
I currently live in India and will be traveling to USA in a few days, as we all know the Nokia N9 phone is not available in India and who knows Nokia will ever release it here. Therefore, I plan to purchase a Nokia N9 from an online shopping website