Secondary site clients inactive
hi
I am having issues with SCCM 2012 R2 and secondary sites going inactive. We have four secondary sites and I am having issues with two of them. Clients were rolled out succesfully on the sites but have now gone
inactive. Heartbeat shows it has not contacted them recently. The clients themselves are working as i can roll out SCEP or sftware updates and they show on the clients and deploy but they still say inactive in the console.
I have tried removing and re-adding the management point as suggested in a few forums and the SQL logins but none of them have helped.
Site and boundaries look correct and the logs show the clients successfully connecting to the local sites management point, but still show up as inactive, as does the site servers themselves. They are about 10% of clients on the site that are working but
cannot see any difference in those.
The other 2 secondary sites are working ok.
Any ideas?
sg
Hi,
>>secondary sites going inactive
Have you checked site status of the inactive secondary site in the Monitoring workspace? Any error?
You could also check Component Status to see if there is any error.
Best Regards,
Joyce
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.
Similar Messages
-
SCCM 2012 Secondary site Client Communication for SUP
Hi,
We have an SCCM 2012 Setup and here is the design CAS-->Primary-->Secondary site servers.
SUP is configured for Secondary site too. Boundaries are defined with IP Address Range and is proper.
Some clients are comminicating to Secondary site for updates. Downloading successfully and installing the software.
But some of the clients are communicating to primary site for updates and retain with the status "Downloading update"
I have checked the locationservices.log and it is fluctuating between Primary and secondary MP.
2 proxy MP errors in the last 10 minutes, threshold is 5. LocationServices 4/5/2013 11:35:59 AM 768 (0x0300)
Executing Task LSSiteRoleCycleTask LocationServices 4/5/2013 11:51:59 AM 4200 (0x1068)
1 proxy MP errors in the last 10 minutes, threshold is 5. LocationServices 4/5/2013 11:51:59 AM 4200 (0x1068)
Executing Task LSSiteRoleCycleTask LocationServices 4/5/2013 11:51:59 AM 5648 (0x1610)
2 proxy MP errors in the last 10 minutes, threshold is 5. LocationServices 4/5/2013 11:51:59 AM 5648 (0x1610)
I have also checed "DataTransferService.log" and found more errors.
Error retrieving manifest (0x800704cf). Will attempt retry 7 in 1920 seconds. DataTransferService 4/5/2013 11:51:59 AM 5576 (0x15C8)
DTSJob {141CB5AE-8EF2-464D-8D8C-68B868EE7F7B} in state 'DownloadingManifest'. DataTransferService 4/5/2013 11:51:59 AM 4200 (0x1068)
Failed to send request to /SMS_DP_SMSPKG$/1fd86ee1-ece0-41ae-a2b8-5a2b305746d4 at host xxxxxxxx.xxxxxxx.com, error 0x2efe DataTransferService 4/5/2013 11:51:59 AM 4200 (0x1068)
[CCMHTTP] ERROR: URL=https://xxxxxxxx.xxxxxxx.com:443/SMS_DP_SMSPKG$/1fd86ee1-ece0-41ae-a2b8-5a2b305746d4, Port=443, Options=192, Code=12030, Text=ERROR_WINHTTP_CONNECTION_ERROR DataTransferService 4/5/2013 11:51:59 AM 4200 (0x1068)
Raising event:
instance of CCM_CcmHttp_Status
ClientID = "GUID:0DA907D5-1709-4B10-B627-61E289FD7149";
DateTime = "20130405062159.643000+000";
HostName = "xxxxxxxx.xxxxxxx.com";
HRESULT = "0x80072efe";
ProcessID = 4260;
StatusCode = 600;
ThreadID = 4200;
DataTransferService 4/5/2013 11:51:59 AM 4200 (0x1068)
Successfully sent location services HTTPS failure message. DataTransferService 4/5/2013 11:51:59 AM 4200 (0x1068)
Error sending DAV request. HTTP code 600, status '' DataTransferService 4/5/2013 11:51:59 AM 4200 (0x1068)
GetDirectoryList_HTTP mapping original error 0x80072efe to 0x800704cf. DataTransferService 4/5/2013 11:51:59 AM 4200 (0x1068)
GetDirectoryList_HTTP('https://xxxxxxxx.xxxxxxx.com:443/SMS_DP_SMSPKG$/1fd86ee1-ece0-41ae-a2b8-5a2b305746d4') failed with code 0x800704cf. DataTransferService 4/5/2013 11:51:59 AM 4200 (0x1068)
Error retrieving manifest (0x800704cf). Will attempt retry 7 in 1920 seconds. DataTransferService 4/5/2013 11:51:59 AM 4200 (0x1068)
my query is how some of the clients are communicating primary site server for updates even though the boundary details are properly configured and Secondary site is configured with sup. Also need to know (as per the log "DataTransferService.log")how
come the clients are communicating SSL port for updates. Plz help in resolving the issue.Hi Kent,
Thanks for the reply.
Primary and secondary sites are connected over WAN and we have around 2000 clients which are reporting to Secondary site.
Considering the WAN bandwidth utiliztaion and number of clients on secondary site we have configured the SUP role.
Not all the clients are with the above error message around 40%-50% of the clients are with above stated error message.
Plz let me know what is the error message indicates and do we need to reffer any other logs for indepth analysis.
Locationservices.log is with fluctuating connectivity
2 proxy MP errors in the last 10 minutes, threshold is 5. LocationServices 4/5/2013 11:35:59 AM 768 (0x0300)
Executing Task LSSiteRoleCycleTask LocationServices 4/5/2013 11:51:59 AM 4200 (0x1068)
1 proxy MP errors in the last 10 minutes, threshold is 5. LocationServices 4/5/2013 11:51:59 AM 4200 (0x1068)
Executing Task LSSiteRoleCycleTask LocationServices 4/5/2013 11:51:59 AM 5648 (0x1610)
2 proxy MP errors in the last 10 minutes, threshold is 5. LocationServices 4/5/2013 11:51:59 AM 5648 (0x1610)
how come the clients are communicating SSL port for updates. Plz help in resolving the issue. -
SCCM 2012 R2 Secondary Site client assignment
I have been doing some research and discovered that you shouldn't directly assign a boundary group to a secondary site. This confuses me a little bit and I was hoping someone can clear it up a bit.
Currently my client has a primary site (PS1) and a secondary site (SS1) in their environment. The reason for the secondary site is because there is a site with around 700 clients and that exceeded the comfort level of a distribution point. This site is located
in Valley Forge and we want all clients in this boundary group to use the secondary site. Everywhere else should use primary.
With that being said and after reading what I read, should I not directly assign the boundary group for Valley Forge to the secondary site? If not, how does the client know to use it? And better yet, what is the point of having the option to directly assign
to SS1 if it shouldn't be done?
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”Jorgen, thank you for the link. This was the original post I read that rocked my world:) I just wanted to get more info on the subject and make sure it was still relevant.
MadLuka, much appreciate the explanation. Just when you think you know something somebody comes along and proves you wrong. Is there anything that I need to do for the VF clients to establish the understanding that they will need to use the SS like
assign it as a site system for content management? Even better should I include all site systems (PS and SS) within that content management so that they will use the PS when they roam outside of that boundary?
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ” -
Hi Teem;
We are having the following issue with SCCM 2012 R2: The SMS Agent Host service keeps on crashing on Client PCs with in the Secondary site! the issue isn't happening at the primary site!
We have 3 SCCM 2012 R 2 servers: CAS & Pri @ the DataCenter site and the Secondary site in the office site.
Please advise.
Thank you.The client is entering a loop, here are some lines of the ClientIDManagerStartup.log:
Persisted hardware IDs in CCM_ClientIdentificationInformation=@:
HardwareID1=2:ED42563E6365D1A53E55EE48D92A4CDF5D208373
HardwareID2=6CBB0600010000FE ClientIDManagerStartup 3/21/2014 11:11:30 AM 3760 (0x0EB0)
RegEndpoint: Spawning task to re-register in 5000 milliseconds. ClientIDManagerStartup 3/21/2014 11:11:43 AM 3760 (0x0EB0)
[----- SHUTDOWN -----] ClientIDManagerStartup 3/21/2014 11:11:52 AM 1428 (0x0594)
[----- STARTUP -----] ClientIDManagerStartup 3/21/2014 11:11:55 AM 1604 (0x0644)
Machine: SCCM-TEST02 ClientIDManagerStartup 3/21/2014 11:11:55 AM 1604 (0x0644)
OS Version: 6.1 ClientIDManagerStartup 3/21/2014 11:11:55 AM 1604 (0x0644)
SCCM Client Version: 5.00.7958.1000 ClientIDManagerStartup 3/21/2014 11:11:55 AM 1604 (0x0644)
'RDV' Identity store does not support backup. ClientIDManagerStartup 3/21/2014 11:11:55 AM 1604 (0x0644)
CCM Identity is in sync with Identity stores ClientIDManagerStartup 3/21/2014 11:11:55 AM 1604 (0x0644)
Client is set to use HTTPS when available. The current state is 224. ClientIDManagerStartup 3/21/2014 11:11:55 AM 1604 (0x0644)
[RegTask] - Executing registration task synchronously. ClientIDManagerStartup 3/21/2014 11:11:56 AM 3928 (0x0F58)
Read SMBIOS (encoded): 56004D0077006100720065002D00350036002000340064002000340034002000660065002000330064002000610064002000610066002000330066002D0064003400200065003800200033006600200031003900200034003800200064003800200065003200200037003100 ClientIDManagerStartup
3/21/2014 11:11:56 AM 3928 (0x0F58)
Evaluated SMBIOS (encoded): 56004D0077006100720065002D00350036002000340064002000340034002000660065002000330064002000610064002000610066002000330066002D0064003400200065003800200033006600200031003900200034003800200064003800200065003200200037003100
ClientIDManagerStartup 3/21/2014 11:11:56 AM 3928 (0x0F58)
No SMBIOS Changed ClientIDManagerStartup 3/21/2014 11:11:56 AM 3928 (0x0F58)
SMBIOS unchanged ClientIDManagerStartup 3/21/2014 11:11:56 AM 3928 (0x0F58)
SID unchanged ClientIDManagerStartup 3/21/2014 11:11:56 AM 3928 (0x0F58)
HWID unchanged ClientIDManagerStartup 3/21/2014 11:11:57 AM 3928 (0x0F58)
Windows To Go requires a minimum operating system of Windows 8 ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
GetSystemEnclosureChassisInfo: IsFixed=FALSE, IsLaptop=FALSE ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
Windows To Go requires a minimum operating system of Windows 8 ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
Computed HardwareID=2:ED42563E6365D1A53E55EE48D92A4CDF5D208373
Win32_SystemEnclosure.SerialNumber=<empty>
Win32_SystemEnclosure.SMBIOSAssetTag=<empty>
Win32_BaseBoard.SerialNumber=None
Win32_BIOS.SerialNumber=VMware-56 4d 44 fe 3d ad af 3f-d4 e8 3f 19 48 d8 e2 71
Win32_NetworkAdapterConfiguration.MACAddress=00:0C:29:D8:E2:71 ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
[RegTask] - Client is not registered. Sending registration request for GUID:1A54B9A0-E658-4F89-8D39-A47220CD5C48 ... ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
[RegTask] - Client is registered. Server assigned ClientID is GUID:1A54B9A0-E658-4F89-8D39-A47220CD5C48. Approval status 1 ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
'RDV' Identity store does not support backup. ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
[RegTask] - Client is registered. Exiting. ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
Read SMBIOS (encoded): 56004D0077006100720065002D00350036002000340064002000340034002000660065002000330064002000610064002000610066002000330066002D0064003400200065003800200033006600200031003900200034003800200064003800200065003200200037003100 ClientIDManagerStartup
3/21/2014 11:11:59 AM 3928 (0x0F58)
Evaluated SMBIOS (encoded): 56004D0077006100720065002D00350036002000340064002000340034002000660065002000330064002000610064002000610066002000330066002D0064003400200065003800200033006600200031003900200034003800200064003800200065003200200037003100
ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
No SMBIOS Changed ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
SMBIOS unchanged ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
SID unchanged ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
HWID unchanged ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
GetSystemEnclosureChassisInfo: IsFixed=FALSE, IsLaptop=FALSE ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
Windows To Go requires a minimum operating system of Windows 8 ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
Computed HardwareID=2:ED42563E6365D1A53E55EE48D92A4CDF5D208373
Win32_SystemEnclosure.SerialNumber=<empty>
Win32_SystemEnclosure.SMBIOSAssetTag=<empty>
Win32_BaseBoard.SerialNumber=None
Win32_BIOS.SerialNumber=VMware-56 4d 44 fe 3d ad af 3f-d4 e8 3f 19 48 d8 e2 71
Win32_NetworkAdapterConfiguration.MACAddress=00:0C:29:D8:E2:71 ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
Persisted hardware IDs in CCM_ClientIdentificationInformation=@:
HardwareID1=2:ED42563E6365D1A53E55EE48D92A4CDF5D208373
HardwareID2=6CBB0600010000FE ClientIDManagerStartup 3/21/2014 11:11:59 AM 3928 (0x0F58)
RegEndpoint: Spawning task to re-register in 60000 milliseconds. ClientIDManagerStartup 3/21/2014 11:12:13 AM 3232 (0x0CA0)
[----- SHUTDOWN -----] ClientIDManagerStartup 3/21/2014 11:13:16 AM 1604 (0x0644)
[----- STARTUP -----] ClientIDManagerStartup 3/21/2014 11:13:16 AM 3516 (0x0DBC)
Machine: SCCM-TEST02 ClientIDManagerStartup 3/21/2014 11:13:16 AM 3516 (0x0DBC)
OS Version: 6.1 ClientIDManagerStartup 3/21/2014 11:13:16 AM 3516 (0x0DBC)
SCCM Client Version: 5.00.7958.1000 ClientIDManagerStartup 3/21/2014 11:13:16 AM 3516 (0x0DBC)
'RDV' Identity store does not support backup. ClientIDManagerStartup 3/21/2014 11:13:16 AM 3516 (0x0DBC)
CCM Identity is in sync with Identity stores ClientIDManagerStartup 3/21/2014 11:13:16 AM 3516 (0x0DBC)
Client is set to use HTTPS when available. The current state is 224. ClientIDManagerStartup 3/21/2014 11:13:16 AM 3516 (0x0DBC)
[RegTask] - Executing registration task synchronously. ClientIDManagerStartup 3/21/2014 11:13:19 AM 3792 (0x0ED0)
Read SMBIOS (encoded): 56004D0077006100720065002D00350036002000340064002000340034002000660065002000330064002000610064002000610066002000330066002D0064003400200065003800200033006600200031003900200034003800200064003800200065003200200037003100 ClientIDManagerStartup
3/21/2014 11:13:19 AM 3792 (0x0ED0)
Evaluated SMBIOS (encoded): 56004D0077006100720065002D00350036002000340064002000340034002000660065002000330064002000610064002000610066002000330066002D0064003400200065003800200033006600200031003900200034003800200064003800200065003200200037003100
ClientIDManagerStartup 3/21/2014 11:13:19 AM 3792 (0x0ED0)
No SMBIOS Changed ClientIDManagerStartup 3/21/2014 11:13:19 AM 3792 (0x0ED0)
SMBIOS unchanged ClientIDManagerStartup 3/21/2014 11:13:19 AM 3792 (0x0ED0)
SID unchanged ClientIDManagerStartup 3/21/2014 11:13:19 AM 3792 (0x0ED0)
HWID unchanged ClientIDManagerStartup 3/21/2014 11:13:20 AM 3792 (0x0ED0)
Windows To Go requires a minimum operating system of Windows 8 ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
GetSystemEnclosureChassisInfo: IsFixed=FALSE, IsLaptop=FALSE ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
Windows To Go requires a minimum operating system of Windows 8 ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
Computed HardwareID=2:ED42563E6365D1A53E55EE48D92A4CDF5D208373
Win32_SystemEnclosure.SerialNumber=<empty>
Win32_SystemEnclosure.SMBIOSAssetTag=<empty>
Win32_BaseBoard.SerialNumber=None
Win32_BIOS.SerialNumber=VMware-56 4d 44 fe 3d ad af 3f-d4 e8 3f 19 48 d8 e2 71
Win32_NetworkAdapterConfiguration.MACAddress=00:0C:29:D8:E2:71 ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
[RegTask] - Client is not registered. Sending registration request for GUID:1A54B9A0-E658-4F89-8D39-A47220CD5C48 ... ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
[RegTask] - Client is registered. Server assigned ClientID is GUID:1A54B9A0-E658-4F89-8D39-A47220CD5C48. Approval status 1 ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
'RDV' Identity store does not support backup. ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
[RegTask] - Client is registered. Exiting. ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
Read SMBIOS (encoded): 56004D0077006100720065002D00350036002000340064002000340034002000660065002000330064002000610064002000610066002000330066002D0064003400200065003800200033006600200031003900200034003800200064003800200065003200200037003100 ClientIDManagerStartup
3/21/2014 11:13:22 AM 3792 (0x0ED0)
Evaluated SMBIOS (encoded): 56004D0077006100720065002D00350036002000340064002000340034002000660065002000330064002000610064002000610066002000330066002D0064003400200065003800200033006600200031003900200034003800200064003800200065003200200037003100
ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
No SMBIOS Changed ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
SMBIOS unchanged ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
SID unchanged ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
HWID unchanged ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
GetSystemEnclosureChassisInfo: IsFixed=FALSE, IsLaptop=FALSE ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
Windows To Go requires a minimum operating system of Windows 8 ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
Computed HardwareID=2:ED42563E6365D1A53E55EE48D92A4CDF5D208373
Win32_SystemEnclosure.SerialNumber=<empty>
Win32_SystemEnclosure.SMBIOSAssetTag=<empty>
Win32_BaseBoard.SerialNumber=None
Win32_BIOS.SerialNumber=VMware-56 4d 44 fe 3d ad af 3f-d4 e8 3f 19 48 d8 e2 71
Win32_NetworkAdapterConfiguration.MACAddress=00:0C:29:D8:E2:71 ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
Persisted hardware IDs in CCM_ClientIdentificationInformation=@:
HardwareID1=2:ED42563E6365D1A53E55EE48D92A4CDF5D208373
HardwareID2=6CBB0600010000FE ClientIDManagerStartup 3/21/2014 11:13:22 AM 3792 (0x0ED0)
RegEndpoint: Spawning task to re-register in 5000 milliseconds. ClientIDManagerStartup 3/21/2014 11:13:36 AM 3672 (0x0E58) -
SCCM 2012 Secondary site client's are not doing hardware scan for more than 30 days
Hi,
On our SCCM environment around 2500 active clients mapped for particular secondary site not performed hardware scan for more than 30 days. Can anyone provide suggestion how to fix this.
Regards,
MadhanYes i confirmed it is listing correct MP and software scan is working fine. we have around 8500 machines connected to that site buy only 3000 machines are having this issue. anyone has faced this issue ?
Only 5000 Computers are supported by a secondary site.
http://technet.microsoft.com/en-us/library/gg682077.aspx#BKMK_SupConfigClientNumbers
Garth Jones | My blogs: Enhansoft and
Old Blog site | Twitter:
@GarthMJ -
SCCM 2012 Clients at Secondary Site don't update and shows status as INACTIVE
I have 1 Primary site and 1 Secondary sites. I have setup Secondary site Boundaries using IP subnet. I see that the systems from secondary
site show in the console and they all have clients installed but however 60% of the system shows client activity as INACTIVE and not receiving any heartbeat DDR none of the system showing hardware inventory. I am not positive
where to look as far as logs are concerned. I think the clients aren't receiving policy like they should.
Just to give a brief idea, Secondary Site server crashed and we had to rebuild the server and re install secondary site after rebuilding all the
problem. Everything is working fine in Primary site.
Secondary site is communicating with primary site MP and DP
I have checked MPcontrol.log it shows status as OK
I am able to install client through console but yes when I check the configuration manager properties it shows CCM Notification Agent as DISSABLED
and in the Action Tab Machine and User policy are the only cycles showing.
Checked replmgr.log and rclctrl.log but it’s not showing any error
Only log file which shows error is bgdserver.log ( pasting log errors )
ERROR: SQL exception when retrieve client certificate from DB. Exception: The EXECUTE permission was denied on the object 'sp_GetPublicKeyForSMSID', database 'CM_PRI',
schema 'dbo'. -2146232060 SMS_NOTIFICATION_SERVER 05-07-2014 12:09:01 3968 (0x0F80)
ERROR: Can't do post authentication without client certificate stored in regsitration. SMS_NOTIFICATION_SERVER
05-07-2014 12:09:01 3968 (0x0F80)
ERROR: Failed to authenticate with client [::ffff:10.5.55.88]:49623. SMS_NOTIFICATION_SERVER 05-07-2014
12:09:01 3968 (0x0F80)
ERROR: SQL exception when retrieve client certificate from DB. Exception: The EXECUTE permission was denied on the object 'sp_GetPublicKeyForSMSID', database 'CM_PRI',
schema 'dbo'. -2146232060 SMS_NOTIFICATION_SERVER 05-07-2014 12:09:01 3968 (0x0F80)
ERROR: Can't do post authentication without client certificate stored in regsitration. SMS_NOTIFICATION_SERVER
05-07-2014 12:09:01 3968 (0x0F80)
ERROR: Failed to authenticate with client [::ffff:10.5.62.68]:49923. SMS_NOTIFICATION_SERVER 05-07-2014
12:09:01 3968 (0x0F80)
ERROR: SQL exception when retrieve client certificate from DB. Exception: The EXECUTE permission was denied on the object 'sp_GetPublicKeyForSMSID', database 'CM_PRI',
schema 'dbo'. -2146232060 SMS_NOTIFICATION_SERVER 05-07-2014 12:09:06 3968 (0x0F80)
ERROR: Can't verify signature in message without client certificate for client SCCM GUID:B47059B1-D4E4-41A2-BC88-486A597FE399
SMS_NOTIFICATION_SERVER 05-07-2014 12:09:06 3968 (0x0F80)
ERROR: Invalid hook to be decoded. Authentication SMS_NOTIFICATION_SERVER
05-07-2014 12:09:06 3968 (0x0F80)
ERROR: Failed to decode message body (<BgbSignInMessage TimeStamp="2014-07-05T06:39:01Z"><ClientType>SCCM</ClientType><ClientVersion>5.00.7804.1000</ClientVersion><ClientID>GUID:B47059B1-D4E4-41A2-BC88-486A597FE399</ClientID></BgbSignInMessage>)
with message header
Help me resolve this issue as I am struggling to resolve this for almost 2 weeks.
Please let me know which logs are helpful and I'll try to add it to replies.Hi,
Quote:"see that the systems from secondary site show in the console and they all have clients installed but however 60% of the system shows client activity as INACTIVE and not receiving any heartbeat DDR none of the system showing hardware inventory. "
So not all the clients show inactive? Have you checked the logs in an inactive client? Such as ClientIDManagerStartup.log.
Have you checked Secondary Site server's computer name from SQL logins? You could try to remove this account, wait a while, recreate the same computeraccount login with sysadmin access. (http://social.technet.microsoft.com/Forums/en-US/d5383c23-6b71-47cc-9fad-fda82a44a3aa/secondary-site-showing-inactive-clients?forum=configmanagerdeployment)
You could use Configuration Analyzer for System Center 2012 R2 to troubleshoot issues.
http://technet.microsoft.com/en-us/library/dn469435.aspx
Best Regards,
Joyce
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Client Inactive--SCCM 2012 R2-ERROR
Hi all, I've been troubled days .. please help.
see the following link
http://www.windows-noob.com/forums/index.php?/topic/9131-help-please-do-not-install-secondary-site-clients-i-reinstalled-the-site-and-nothing/?p=34889Hi,
For client with no site information, you need to make sure your boundary group match client IP or AD site.
Some more troubleshooting links:
http://deployos.com/blog/2012/10/01/using-and-troubleshooting-client-push-in-sccm
http://eskonr.com/2010/11/sccm-client-installation-troubleshooting-steps-check-list/
http://blogs.technet.com/b/configurationmgr/archive/2009/08/10/troubleshooting-issues-where-clients-are-not-reporting.aspx
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Huge Sized download taking place at port 8530 between clients and WSUS\SUP of secondary site
Hi Guy's
Need a solution to the issue, the SCCM 2012 clients under a secondary site { Secondary site with SUP\WSUS } are downloading 200Mb + data at port 8530. This seems quite abnormal.
Need to know answer of below
1- Actual size of catalog what clients should download or path where on WSUS is stored
2- How to restrict a huge sized download between WSUS and CM 2012 client
This is not the case where clients are directly reporting to Primary size.
Regards
Sushain Kapoor
Regards Sushain KApoorHi Jason
Just a little clarity, will the client download information for a particular product or all the products selected in wsus.
Eg: Windows 7 systems will download the catalog information of Windows 7 only against selections made in WSUS. Or it will download the windows XP and windows vista and other product information also. This particular question i am asking as i see only 300
updates as found in windowsupdate.log and not the thousands synced in WSUS
Is the update metadata exported using the wsusutil.exe the actual catalog size what clients are downloading
Regards Sushain KApoor -
Hi dears
i have installed secondary site and create boundary based on IP range on secondary site. secondary and its parent join on the same domain.
when i see LocationService.log and client agent on control panel show MP of Primary site.
what shall i do?Clients will reflect the site code and MP of their primary site so this should be OK. They will also show a resident MP (if I remember correctly) of the MP in the secondary site. Note that in 2007 you must add the MP to secondary site as it's not there
automatically.
Jason | http://blog.configmgrftw.com -
Clients on secondary site cannot find the right site to connect
Hi, I have a primary site of SCCM 2012 R2, and a secondary site.
The Site code for the primary site is 'LPZ' and for the secondary site is 'SCZ', when I trying to install an SCCM client at the secondary site (in windows client or server) it is assigned only to the primary Site, and if you try to change the site
manually to correct the site assignment we receive this error message "Failed to update site assignment".
We have updated the AD and both the primary and secondary site are published into my AD, and the SCCM servers has the proper rights over the container.
Reviewing the installation logs I cant find any clue to help me to resolve this behaviour.
RaulitoResident site is where the Client physically exists and this is determined by the boundary groups.
Assigned site is the Site to which client is assigned and this is LPZ in your case for all machines as you have just one Primary.
Following TechNet link explains this in detail:
https://technet.microsoft.com/en-us/library/gg682060.aspx
-RG -
Endpoint Protection clients no getting updates from SCCM 2012 in new Secondary Site
I recently stood up a secondary site behind a PCI firewall to manage PCI in-scope systems. All of my boundaries are properly configured and there are no overlaps. I am able to push packages to these clients and the clients are reporting as healthy however
I am not able to get updates to the SCEP clients. There is no internet access from these systems so I have to rely on updates from SCCM. From what I can see in the WindowsUpdate log it is only trying to go to Microsoft for the definitions. Here is the Log:
2014-04-30 11:05:09:739
828 da8
Misc WARNING: Send failed with hr = 80072ee2.
2014-04-30 11:05:09:739
828 da8
Misc WARNING: Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <None>
2014-04-30 11:05:09:739
828 da8
Misc WARNING: Send request failed, hr:0x80072ee2
2014-04-30 11:05:09:739
828 da8
Misc WARNING: WinHttp: SendRequestUsingProxy failed for <HTTPS://sls.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/6.3.9600.0/0?CH=41&L=en-US&P=&PT=0x7&WUA=7.9.9600.16422>.
error 0x80072ee2
2014-04-30 11:05:09:739
828 da8
Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
2014-04-30 11:05:09:739
828 da8
Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
2014-04-30 11:05:09:739
828 da8
Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
2014-04-30 11:05:09:739
828 da8
SLS FATAL: GetResponse failed with hresult 0x80072ee2...
2014-04-30 11:05:09:739
828 da8
EP FATAL: EP: CSLSEndpointProvider::GetWUClientDataAndInitParser - failed to get SLS data, error = 0x80072EE2
2014-04-30 11:05:09:739
828 da8
EP FATAL: EP: CSLSEndpointProvider::GetEndpointFromSLS - Failed to get client data and init parser, error = 0x80072EE2
2014-04-30 11:05:09:739
828 da8
EP FATAL: Failed to obtain 9482F4B4-E343-43B6-B170-9A65BC822C77 redir SecondaryServiceAuth URL, error = 0x80072EE2
2014-04-30 11:05:09:739
828 da8
Agent WARNING: Failed to obtain the authorization cab URL for service 7971f918-a847-4430-9279-4a52d1efe18d, hr=0
2014-04-30 11:05:09:739
828 da8
Agent FATAL: Caller <NULL> failed to opt in to service 7971f918-a847-4430-9279-4a52d1efe18d, hr=0X80072EE2
2014-04-30 11:05:09:739
828 da8
SLS Retrieving SLS response from server...
2014-04-30 11:05:09:739
828 da8
SLS Making request with URL HTTPS://sls.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/6.3.9600.0/0?CH=41&L=en-US&P=&PT=0x7&WUA=7.9.9600.16422
2014-04-30 11:05:30:742
828 da8
Misc WARNING: Send failed with hr = 80072ee2.
2014-04-30 11:05:30:742
828 da8
Misc WARNING: Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <None>
2014-04-30 11:05:30:742
828 da8
Misc WARNING: Send request failed, hr:0x80072ee2
2014-04-30 11:05:30:742
828 da8
Misc WARNING: WinHttp: SendRequestUsingProxy failed for <HTTPS://sls.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/6.3.9600.0/0?CH=41&L=en-US&P=&PT=0x7&WUA=7.9.9600.16422>.
error 0x80072ee2
2014-04-30 11:05:30:742
828 da8
Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
2014-04-30 11:05:30:742
828 da8
Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
2014-04-30 11:05:30:742
828 da8
Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
2014-04-30 11:05:30:742
828 da8
SLS FATAL: GetResponse failed with hresult 0x80072ee2...
2014-04-30 11:05:30:742
828 da8
EP FATAL: EP: CSLSEndpointProvider::GetWUClientDataAndInitParser - failed to get SLS data, error = 0x80072EE2
2014-04-30 11:05:30:742
828 da8
EP FATAL: EP: CSLSEndpointProvider::GetSecondaryServicesEnabledState - Failed to get client data and init parser, error = 0x80072EE2
2014-04-30 11:05:30:742
828 da8
Agent * WARNING: Online service registration/service ID resolution failed, hr=0x80248014
2014-04-30 11:05:30:742
828 da8
Agent * WARNING: Exit code = 0x80248014
2014-04-30 11:05:30:742
828 da8
Agent *********
2014-04-30 11:05:30:742
828 da8
Agent ** END ** Agent: Finding updates [CallerId = System Center Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB) Id = 9]
2014-04-30 11:05:30:742
828 da8
Agent *************
2014-04-30 11:05:30:742
828 da8
Agent WARNING: WU client failed Searching for update with error 0x80248014
2014-04-30 11:05:30:742
828 da8
IdleTmr WU operation (CSearchCall::Init ID 9, operation # 99) stopped; does use network; is not at background priority
2014-04-30 11:05:30:742
828 da8
IdleTmr Decremented PDC RefCount for Network to 0
2014-04-30 11:05:30:742
828 da8
IdleTmr Decremented idle timer priority operation counter to 0
2014-04-30 11:05:30:743
576 12c0
COMAPI >>-- RESUMED -- COMAPI: Search [ClientId = System Center Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
2014-04-30 11:05:30:743
576 12c0
COMAPI - Updates found = 0
2014-04-30 11:05:30:743
576 12c0
COMAPI - WARNING: Exit code = 0x00000000, Result code = 0x80248014
2014-04-30 11:05:30:743
576 12c0
COMAPI ---------
2014-04-30 11:05:30:743
576 12c0
COMAPI -- END -- COMAPI: Search [ClientId = System Center Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
2014-04-30 11:05:30:743
576 12c0
COMAPI -------------
2014-04-30 11:05:30:743
576 1254
COMAPI WARNING: Operation failed due to earlier error, hr=80248014
2014-04-30 11:05:30:743
576 1254
COMAPI FATAL: Unable to complete asynchronous search. (hr=80248014)
The log is from a Server 2012 R2 Client. The only thing I was able to find was this Article which did not resolve my issue. Anyone else encounter anything similar? Any help would be appreciated.
Regards, Evan Mills - Systems AdministratorEvery two hours is too aggressive for the ADR. Definitions are only released 2-3 times a day so every 8 hours is what most consider best practice. Is your WSUS sync occurring every two hours as well? If not, then the ADR wouldn't have anything new to pick
up anyway. It's best to set the WSUS sync for every 8 hours and then set the ADR to run after any successful WSUS sync.
So the EP definitions are caching but not installing? What does the WUAHandler.log show? One of my machines shows the following which indicates a successful installation from the ConfigMgr delivered update:
1. Update (Missing): Definition Update for Microsoft Endpoint Protection - KB2461484 (Definition 1.173.933.0) (0a156122-d4f8-4215-9e63-8f0f1e32c9c6, 200) WUAHandler 4/30/2014 6:49:33 AM 11080 (0x2B48)
Async installation of updates started. WUAHandler 4/30/2014 6:49:34 AM 11080 (0x2B48)
Update 1 (0a156122-d4f8-4215-9e63-8f0f1e32c9c6) finished installing (0x00000000), Reboot Required? No WUAHandler 4/30/2014 6:50:23 AM 8664 (0x21D8)
Async install completed. WUAHandler 4/30/2014 6:50:23 AM 8664 (0x21D8)
Installation of updates completed. WUAHandler 4/30/2014 6:50:23 AM 11032 (0x2B18)
It sounds like if you set "Check for Endpoint Protection definitions at a specific interval" to 0 then it would prevent the WindowsUpdate.log activity you're seeing when the EP client tries to reach out for updates. -
SCCM 2012 Secondary site some client's are scan hardware inventory for more than 30 days
Hi,
In our SCCM 2012 environment we have secondary site configured which connected with 8500 computers, on those 5500 machines scanning hardware inventory and send latest inventory details to Secondary Site Management Point, but remaing 3000 machines are not
sending latest hardware inventory for more than 30 days. I verified clients log found it is generating report on inventory agent.log however it is not available with secondary site Management Point.
Are anyone experienced this issue, please share your thought how to fix this issue.
Thanks in advance.
MadhanYes i did verify but the client isn't listed on both log files. Also i couldn't open IIS log because of it size has more than 800MB. currently this site has connected with 8500 machines do you think these many clients are supported by secondary site server.
If you can't open the IIS log then how do you know that the Client's IP is not listed within them?
5000 is the max for a secondary site. You will need to secondary sites at this location.
http://technet.microsoft.com/en-us/library/gg682077.aspx#BKMK_SupConfigClientNumbers
Garth Jones | My blogs: Enhansoft and
Old Blog site | Twitter:
@GarthMJ -
Assign the exsiting clients to Secondary site
Hi Guys,
I need some directions to following issues.
We have SCCM 2012 SP1, managing clients in 2 different countries.
We have primary site in country A and secondary site in country B.
Under country A we have 2000 clients in various locations and in country B we have 5000 clients across various locations.
The link between country A and B is very limited (8MB) link. So recently the link getting smashed because of most of the clients from country B are assigned to Primary site in country A. Also we have SUP installed only on the primary server, which means all
the clients were getting the updates Catalog through WAN.
So we have installed secondary SUP in country B, however most of the clients from country B still getting the updates from primary SUP.
Now, what we are trying to achieve is;
First, assign all the clients in country B to secondary site.
Second, switch the country B clients from primary SUP to secondary SUP.
So to switch the clients to secondary site, under the boundary groups -> references ->Site Assignment we have chosen to assigned site to Secondary site.
Now,
1, how can we assign the clients to a secondary site? How long will it take to show up in the location log? It has been 24 hours and still the client machines location log showing the primary site MP details. Is there any way we can force
this process to speed up?
2, when we assign the existing clients from Primary site to secondary site, will it reassign SUP to secondary site as well? If No, how can we force the existing clients to communicate with secondary SUP?
I know, the SUP switch will only be possible when the primary SUP is not available and after x times of re-tries the client will fall back to the secondary SUP. In our scenario we cannot make our primary SUP offline, if we do this then all the clients from
country A will get the Catalog from secondary site, which will cause the network issues. So Apart from this, is there any other way (Resetting ANY client policies, uninstalling and re-instilling client, any other settings we can do to re-check the SUP) to
switch to secondary SUP?
Any help/ideas will be much appreciated.Is the management point at the secondary site published to active directory? The clients will try to query AD to find their local Management Point.
Clients search for a Management Point by using the below options in the order specified:
Management point
Active Directory
Domain Services
DNS
WINS
http://systemcenter.learnmsexchange.com/system-center/system-center-2012/sccm-2012/8-management-points-in-sccm-2012
If you haven't published the MP to AD for the secondary site there is a chance the clients just don't see it. The MP is installed on the same server as the secondary site, correct? What hardware are you running this secondary site on (cpu and ram)? -
SCCM 2012 client bring the packge from sccm2007 secondary site?
Hi Team,
We are middle of Cm12 migration.
We have 1 primary server and 5 DP's in HQ. Also HQ client successfully migrated to CM12.
Problem is: When we are doing the migration one of the country office machines also migrated and it bring the package to HQ server. So netwotk slowness happen. In the country office we have sccm2007 secondary server available. It is possible can we do this
CM12 client communicate with local SCCM2007 secondary DP?
ThanksMore info:
Planning to Upgrade Configuration Manager 2007 Secondary Sites
http://technet.microsoft.com/en-us/library/gg712275.aspx
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Site Code for SCCM Clients installed from Secondary Site Server
Hello,
We have started the implementation of SCCM 2012 R2 at our network. We have setup a Primary site (JFO) server & pushed out the installation of SCCM clients to the local subnet. Things went fine.
We have installed a Secondary site (ATC) at a remote network. We have tested client installation in the installation wizard we specify to install the client from the Secondary server. When SCCM client installed from the Secondary server, the site
code that appears on the client in the control panel->Configuration Manager client settings is the site code of the primary site and not the secondary site.
Is this behavior is normalUltimately, secondary sites do *not* manage clients and so will never be assigned to the secondary site. However, do note that resources in the console that represent systems that do not have the client agent may show the site code of the secondary site
if they fall within a boundary group associated with that secondary site. This is done so that client push can be initiated from the correct site. More gory details at http://blog.configmgrftw.com/secondary-sites-and-boundary-groups/
Jason | http://blog.configmgrftw.com | @jasonsandys
Maybe you are looking for
-
All of a sudden my ipad will not connect to our home wireless. I have reset the wireless settings, turned my ipad off and back on, turned off wireless and back on, basically have done all of the fixes suggested and still I cannot connect. My daught
-
Error in invoking target install of makefile Oracle 9.0.1
Error in invoking target install of makefile Oracle 9.0.1 Hi, I am installing Oracle 9i on Sun Sparc Solaris and I get the following errors. (this happens for about 6 files) The memory is 4G and swap space more than 2G. I'm not sure what the problem
-
Use the LabView time delay in a while loop instead of using the instrument inherent time loop.
I have a zes lmg500 that I use. It has the option of continues measuring data, with a user control cycle loop (still using a while loop but the delay is coming from the instrument). The problem is that the loop time is not constant. Can I use a very
-
Safari unified search bar problem
When I type in a search term in Safari's new unified space bar, the website I'm currently viewing is appended to the search. This results in a bogus search. For example, if I'm viewing the macdailynews.com website and type in a search, the search t
-
Toshiba 40RL933 - can not program recording of TV programs
I have just bought an external drive and I have plug it to my 40RL933. The TV is able to see the HD but I can not program recording of TV programs. I have updated the software but no new version is availble. The setting for USB auto start is set to o