Client Push Installation Methods
There are various methods to deploy SCCM Clients. You can check below link for more details. http://technet.microsoft.com/en-us/library/bb633063.aspx
Whichever method is used for client push installation, the logic remains the same i.e. ccmsetup.exe is downloaded and executed on the client System.
It extracts manifest file (ccmsetup.xml) from ccmsetup.cab, reads it and fetches the remaining installation files from SCCM server. It uses ‘MobileClient.tcf’ to communicate with Management Point (MP) as the MP information is embedded into ‘MobileClient.tcf’ file.
A sample MobileClient.tcf file can be found at below Link ( My Drona Acharya & Guru Don Hite )
http://myitforum.com/cs2/blogs/dhite/archive/2008/05/11/inside-the-configmgr-2007-mobileclient-tcf-file.aspx
After client installation, it registers itself and sends Heartbeat to the SCCM server.
You can find this information in clientidmanagerstartup.log located in ccm\logs folder.
This is the first log you may have to check as soon as client is installed.
Below are few Client Push errors and solutions:
Problem: “Unable to connect to wmi on remote machine "Machine name” error = 0x800706ba"
If firewall is enabled then we might not be able to do Client Push Installation. We might see below error in CCM.log:
“Unable to connect to wmi on remote machine "Machine name” error = 0x800706ba"
Steps to Check at first Level for a Solution:
It is recommended to enable the below firewall polices:
· Allow file and printer sharing exception.
· Allow remote administration exception.
Check this link for how to set a GPO for
http://www.experts-exchange.com/Security/Operating_Systems_Security/Q_25202208.html
CCM.log file have entries to Failed to connect to the \\computername\admin$ share
Client Push account or Site System Account might not have permissions to open remote computer admin dollar share, We should to ensure that at least one account is defined in the ‘Accounts’ tab of ‘Client Push Installation Properties. This account must be a member of the local Administrators group on Target SCCM Client Systems.
The logic is that this account needs to have local admin privileges on the target SCCM client machine so that it can connect to admin$ share (in Some Companies admin$ shares are disabled from GPO, you may request to enable them..But this is not the case in 99% Organisations) of the client machine and copy the files. We can see the below errors in CCM.log if there is any problem with this account or if the account is Empty.
---> Attempting to connect to administrative share '\\computername\admin$' using machine account.
---> Failed to connect to \\computername\admin$ using machine account (1203)
---> ERROR: Failed to connect to the \\computername\admin$ share using account 'Machine Account'
---> ERROR: Unable to access target machine for request: "computername", machine name: "computername", access denied or invalid network path.
check below screen have configured with Push account
if the Client Push Account is configured we can see in the Ccm.log as below.....
---> Attempting to connect to administrative share '\\ ClientMachineName \admin$' using account 'domain\username' SMS_CLIENT_CONFIG_MANAGER
---> Connected to administrative share on machine ‘ClientMachineName’ using account 'domain\username' SMS_CLIENT_CONFIG_MANAGER
---> Mobile client on the target machine has the same version, and 'forced' flag is turned on. SMS_CLIENT_CONFIG_MANAGER
---> Creating \ VerifyingCopying exsistance of destination directory \\ ClientMachineName \admin$\system32\ccmsetup.
---> Copying client files to \\ ClientMachineName \admin$\system32\ccmsetup. SMS_CLIENT_CONFIG_MANAGER
---> Copying file "D:\SCCM\bin\I386\MobileClient.tcf" to "\\ClientMachineName\admin$\system32\ccmsetup\MobileClient.tcf" SMS_CLIENT_CONFIG_MANAGER
---> Created service "ccmsetup" on machine “ClientMachineName ". SMS_CLIENT_CONFIG_MANAGER 25372 (0x631C)
---> Started service "ccmsetup" on machine “ClientMachineName ". SMS_CLIENT_CONFIG_MANAGER 25372 (0x631C)
Once we see in the CCM.log that a service named ‘ccmsetup’ has been created and started on the target machine (Client), now check ‘ccmsetup.log ‘ on the client side (C:\Windows\System32\Ccmsetup\ccmsetup.log)
in SCCM Client system, we can see Ccmsetup.log shows client is installed successfully.
============================
Installation succeeded.
Successfully deleted the ccmsetup service
=============================
Once SCCM clinet is installed a new Service will be installed with a exe file called CCMEXEC.EXE
In Services.Msc console we can see a service name with SMS Agent Host.
The Next step...As above mentioned the next step to check is ClientIDManagerStartup.log
A Sample of ClientIDManagerStartup.log on a successful client installation and registered system
=========================
Reg Task: Client is registered, exiting. ClientIDManagerStartup 5624 (0x15F8)
Persisted hardware IDs in CCM_ClientIdentificationInformation=@:
HardwareID1=2:C88F11B7C7FF930FEEEF3396963B254FF28B8379
HardwareID2=42FCD8070196607D ClientIDManagerStartup 4348 (0x10FC)
Once, Client gets registered successfully, it sends the inventory report to MP.
If Errors in ClientIDManagerStartup.log / SCCM Client failed to register with SCCM Server:
We may see log entries....
ClientIDManagerStartup.log
==========================
<! [LOG [RegTask: Client is not registered. Sending registration request...] LOG]!><time="" date="" component="ClientIDManagerStartup" context="" type="1" thread="2700" file="regtask.cpp:1434">
<! [LOG [RegTask: Failed to send registration request message. Error: 0x80040231] LOG]!><time="" date “” component="ClientIDManagerStartup" context="" type="3" thread="2700" file="regtask.cpp:1139">
<! [LOG [RegTask: Failed to send registration request. Error: 0x80040231] LOG]!><time date=component="ClientIDManagerStartup" context="" type="3" thread="2700" file="regtask.cpp:1314">
Troubleshooting steps for this kind of issue's:
This can happens if the client is not in correct Boundaries or not assigned to a proper Site or MP information is wrong or the Same boundaries are conflicting with other SCCM Sites.
Few More steps to troubleshoot :
Open MMC and add “Certificates” snap-in for the local machine on a client system. and point tot drill down to SMS > Certificates and delete both SMS certificates.
Also it is recommended to delete c:\windows\smscfg.ini file.
More about SMSCFG.ini file in a nutshell this file stores SMS Unique Identifier by deleting it, it will recreate a new one and makes easy to re-register with SCCM Server.
Note it is recommended when you delete Certificates from above steps, reinstall sccm client. If you have deleted just the SMSCFG.INI file then restart the SMS Agent Host service would start create a new file and register with SCCM Server.
If you have Boundaries overlaping or missing then should check Below log for the content and site servers that are available for the SCCM Client.
LocationServices.log
==================
Attempting to retrieve local MP from AD LocationServices
Current AD site of machine is Westminster LocationServices
Retrieved local Management Point from AD: LocationServices
Refreshing the Management Point List for site CO1 LocationServices
Retrieved management point encryption info from AD. LocationServices
Some times DNS Server IP's or Suffixes will be missed out to resolve from client system to SCCM server with FQDN that might cause the issues to get contacted to server.
Once the Client is registered it should communicate with MP and get download the required policy's if not we should check the MP Communication by trriggering the Hardware inventory, and running MP URL's to check the MP Functionalities.
in Inventory log
InventoryAgent.log
==================
Inventory: Successfully sent report. Destination:mp:MP_HinvEndpoint, ID: {A85678-WWW-4AAA-YYYY-XXXXXXXXXXXXX}, Timeout: 80640 minutes MsgMode: Signed, Not Encrypted InventoryAgent 5300 (0x14B4)
for checking MP functionality
https://SCCMMPname/sms_mp/.sms_aut?mplist
https://SCCMMPname/sms_mp/.sms_aut?mpCert
If SCCM Client not receiving policy
Error in CAS.log:
CacheConfig::InitializeFromWmi - GetSWDistSiteSettings failed with 0x80004005. Default site settings will be used
A proposed troubleshooting step's for a Solution:
Error 0x80004005 is Access denied error and you may try to repair the WMI, once repaired reinstall the SCCM Client and check the status.
Steps....
1) Uninstall the SCCM Client.
To uninstall the client...
a) Find the ccmsetup.exe in the client, it is usually in the folder : %windir%\system32\ccmsetup
b) Open a cmd, and go to the ccmsetup folder.
c) Type ccmsetup.exe /uninstall
2) Re-register all WMI modules with the following commands (can be executed as a batch file or individually from the command prompt):
cd %windir%\system32\wbem
for /f %s in ('dir /b *.mof *.mfl') do mofcomp %s
for /f %%s in ('dir /b *.dll') do regsvr32 /s %%s
wmiprvse /regserver
winmgmt /regserver
5) ReStart WMI service and reinstall the SCCM Client.
SCCM Client in Provisioning Mode:
After OS deployment Phase completes, or Just Some Times Clients may not download policy after OSD Task Sequence completes or on a TS Failed systems we may see this kind of issues....
What is Provisioning Mode in SCCM Client ?
During Task Sequence (TS), the client goes into Provisioning Modewherein the client does not download any policies from MP, so that if there are any advertised programs or software updates or any tasks targeted to the sccm client and if they gets downloaded and try to run then it will conflict with the Task Sequence and will result to fail, Hence SCCM client will be in out of Provisioning Mode after the Task Sequence completes.
May be because of TS failed or TS hung situations or Power Failure situations or unexpected Reboot of client system during the TS execution... systems will be in Provisioning Mode.
To Check the Provisioning Mode, on a target system machine registry key to be checked for TRUR/False case:
On a 32bit Windows OS:
HKLM\SOFTWARE\Microsoft\CCM\CcmExec!ProvisioningMode
On a 64bit client Windows OS:a
HKLM\SOFTWARE\Wow6432Node\Microsoft\CCM\CcmExec!ProvisioningMode
Additionally, check the registry key:
32bit Windows OS:
HKLM\SOFTWARE\Microsoft\CCM\CcmExec!SystemTaskExclude
64bit Windows OS:
HKLM\SOFTWARE\Wow6432Node\Microsoft\CCM\CcmExec!SystemTaskExcludes
If reg key has the following value:
SchedulerStartup;SchedulerShutdown;SchedulerLogon;SchedulerLogoff;ClientRegistrationStartup
If any of above is true then the SCCM Client / ConfigMgr is stuck in provisioning mode.
Setting the first registry value to False and blanking out the second registry value will resolve the issue on that particular client.
No comments:
Post a Comment