none
2012 SP1 CU3 Win7 Build & Capture: Install Application

    Question

  • I’ve got a situation here, where I’ve got a ConfigMgr 2012 SP1 CU3 stand-alone Primary Site (no MDT integration) running atop Windows Server 2012 R2 and SQL Server Standard Edition 2012 Service Pack 1, and I’m trying to run a Windows 7 Enterprise SP1 Build & Capture task sequence on a VMware Workstation Guest.

    The Management Point is hosted on the Primary Site server, and the PXE-enabled Distribution Point (Server 2008 R2 SP1) is sitting in the local office, where the client is (but on a different subnet). An IP helper is being used to point the client subnet to the PXE server, which also hosts DHCP (requires DHCP option 60 to be configured to “PXEClient”).

     

    Here’s what the Build & Capture task sequence looks like (based on the template):

     

    •          Set a couple TS Variables
    •          Format Disk
    •          Apply OS Image (imported install.wim, not using OS installer)
    •          Apply Windows Settings
    •          Apply Network Settings
    •          Apply Drivers (used Driver category to limit only wired NIC and SATA driver)
    •          Setup Windows & ConfigMgr (includes CU3 patch via PATCH MSI property)
    •          Install Application
    •    <ERROR>

     

    At the <ERROR> point, I’m seeing that the client is not getting assigned to a Primary Site correctly, however the SMSSLP registry value is being set correctly. The client is most certainly inside an IP range Boundary that is a member of two different Boundary Groups: one for site assignment and one for content location.

     

    Check out the relevant log snippets below. Any thoughts on what’s causing this?

     

    CertificateMaintenance.log

    Failed to verify signature of message received from MP using name <MP’s FQDN>

     

    ClientAuth.log

    Error signing client message (0x80004005).

     

    LocationServices.log

    Sending Fallback Status Point message, STATEID='500'.

    Processing pending site assignment.

    Assigning to site 'abc'

    LSIsSiteCompatible : Verifying Site Compatibility for <abc>

    Retrieved lookup MP [sccm01.domain.COM] from Registry

    Attempting to retrieve lookup MP(s) from DNS

    DNS Suffix not specified

    No lookup MP(s) from DNS

    Retrieved lookup MP [sccm01.domain.COM] from Registry

    Attempting to retrieve lookup MP(s) from DNS

    DNS Suffix not specified

    No lookup MP(s) from DNS

    Attempting to retrieve site information from lookup MP(s) via HTTP

    Refreshing the Management Point List for site abc

    Policy disallows failing over to WINS.

    Refreshing trusted key information

    Persisting the management point authentication information in WMI

    Persisted Management Point Authentication Information locally

    Failed to verify message. Sending MP [sccm01.domain.com] not in cached MPLIST.

    MPLIST requests are throttled for 00:59:59

    Failed to verify message. Sending MP [sccm01] not in cached MPLIST.

    MPLIST requests are throttled for 00:59:59

    Failed to send site information Location Request Message to sccm01.domain.COM

    LSIsSiteCompatible : Failed to get Site Version from all directories

    Sending Fallback Status Point message, STATEID='608'.

    Client is not assigned to a site. Cannot get security settings.

    No security settings update detected.

    Client is not assigned to a site. Cannot get site signing cert.

    Client is not assigned to a site. Cannot refresh Local MP.

    Client is not assigned to a site. Cannot get portal info.




    If this post was helpful, please click the little "Vote as Helpful" button :)

    Trevor Sullivan
    Trevor Sullivan's Tech Room
    Twitter Profile


    Monday, November 04, 2013 7:28 PM

All replies

  • In a single primary site why not hard code the site code into the client install command?

    John Marcum | http://myitforum.com/myitforumwp/author/johnmarcum/

    Monday, November 04, 2013 9:17 PM
  • Hi,

    This situation was caused by a change to the Systems Management container.  The MP was no longer able to publish to AD.  As a result, clients were no longer able to get their site code.  The lack of site code resulted in a failure to communicate with the MP; which caused the clients to have a problem validating the messages it would receive from the MP.

    Once publishing capability was restored, the clients began to come back online.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

    Wednesday, November 06, 2013 2:49 AM
    Moderator
  • Xin,

    This is for a Build & Capture task sequence. Active Directory has little to do with the process at this point, with the exception of the Network Access Account user account, which is used within WinPE. I'm using IP range Boundaries (not Active Directory Site Boundaries), and the client is a workgroup client, not a domain member.

    Your post sounds more like it's geared towards fully functional clients, not related to Operating System Deployment (OSD).


    If this post was helpful, please click the little "Vote as Helpful" button :)

    Trevor Sullivan
    Trevor Sullivan's Tech Room
    Twitter Profile

    Wednesday, November 06, 2013 3:48 PM
  • John,

    You cannot specify the SMSSITECODE client installation property during a task sequence in the Setup Windows and ConfigMgr task sequence step.


    If this post was helpful, please click the little "Vote as Helpful" button :)

    Trevor Sullivan
    Trevor Sullivan's Tech Room
    Twitter Profile

    Wednesday, November 06, 2013 3:49 PM
  • John,

    You cannot specify the SMSSITECODE client installation property during a task sequence in the Setup Windows and ConfigMgr task sequence step.


    I don't know what I was thinking when I wrote that.... Sorry.

    I do tend to skim over long posts rather than read the entire post. I assume I missed the B&C part and keyed in on "client is not getting assigned to a Primary Site correctly, however the SMSSLP registry value is being set correctly. The client is most certainly inside an IP range Boundary that is a member of two different Boundary Groups: one for site assignment and one for content location."


    John Marcum | http://myitforum.com/myitforumwp/author/johnmarcum/

    Wednesday, November 06, 2013 9:52 PM