none
MDT 2013 Credentials after relocation RRS feed

  • Question

  • I have seen and read most of the dozens of previous topics on this issue, but none have resolved my issue.

    I unfortunately had to move my Deployment share today to a new virtual server. Everything was stored on a network location, let's call it Server06\Installs\Deployment. The workbench was installed on a server named Server01. It held MDT and AIK, and managed the deployment process, using the files on Server06.

    Fast forward to now, Server06 is still good, nothing's changed, but Server01 was replaced with Server16. I opened the existing share that was residing on Server06, everything showed up as it should, nothing references Server01, so I didn't make any changes. Just in case, I completely regenerated the boot image, and tried to run it. It tells me the credentials are incorrect. That's odd since the admin account hasn't changed, and it's a Domain Admin, so it has full access to everything. Alright, so I tried this step: net use \\server\deploymentshare$\scripts\litetouch.vbs /user: Xyz\Xyz

    Credentials worked fine, but it still won't proceed. I didn't make any changes to the bootstrap file, all looks good there as well. Is it something about being a connection to a virtual server? I'm not sure what's changed.

    If I try to net use and map a Y: drive, it says System Error 67, Network name cannot be found, but yet, I can ping Server06. And if I put in the IP address instead, I get the same error.

    For the record, before the move, this worked flawlessly. And since nothing references the server I just took down, it shouldn't matter where I open the deployment share from. Any ideas? I'm needed to deploy a few images asap. (I wasn't given any input on the timing of the server swap >,<) Thanks all!

    Tuesday, August 11, 2015 9:49 PM

All replies

  • It will probably work itself out when your DNS records update.

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Wednesday, August 12, 2015 8:20 PM
    Moderator
  • I can certainly keep waiting, but it's been up and connected to the domain for 3 days. So I figured by now, it would be registered.

    In the meantime, I'm trying a set up a new share from scratch and duplicate some of the settings of the old share just in case something is corrupt.

    It's just curious I can use the credentials manually, but it doesn't like them when it's automated. Also after mapping the share manually using Net Use, it still won't proceed.

    Wednesday, August 12, 2015 8:28 PM
  • Do you have logs of this failing?

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Wednesday, August 12, 2015 11:05 PM
    Moderator
  • I won't paste all of it, but here's a little before/during/after failure.

    <![LOG[Property TaskSequenceID is now = ]LOG]!><time="08:25:57.000+000" date="08-13-2015" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[Property DeploymentType is now = NEWCOMPUTER]LOG]!><time="08:25:57.000+000" date="08-13-2015" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[Finished remapping variables.]LOG]!><time="08:25:57.000+000" date="08-13-2015" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[ZTIGather processing completed successfully.]LOG]!><time="08:25:57.000+000" date="08-13-2015" component="ZTIGather" context="" type="1" thread="" file="ZTIGather">
    <![LOG[Command completed, return code = 0]LOG]!><time="08:25:57.000+000" date="08-13-2015" component="LiteTouch" context="" type="1" thread="" file="LiteTouch">
    <![LOG[Property WizardComplete is now = Y]LOG]!><time="08:25:58.000+000" date="08-13-2015" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Validating connection to \\fsstl06\DataDir\Installs\Deployment\]LOG]!><time="08:25:58.000+000" date="08-13-2015" component="LiteTouch" context="" type="1" thread="" file="LiteTouch">
    <![LOG[Mapping server share: \\fsstl06\DataDir\Installs\Deployment\]LOG]!><time="08:25:58.000+000" date="08-13-2015" component="LiteTouch" context="" type="1" thread="" file="LiteTouch">
    <![LOG[Unable to connect to share: The network name cannot be found.
    ( 0x80070043 ) , trying to connect without username. ]LOG]!><time="08:25:58.000+000" date="08-13-2015" component="LiteTouch" context="" type="1" thread="" file="LiteTouch">
    <![LOG[The network name cannot be found.
    ]LOG]!><time="08:25:58.000+000" date="08-13-2015" component="LiteTouch" context="" type="3" thread="" file="LiteTouch">
    <![LOG[Unable to connect to \\fsstl06\DataDir\Installs\Deployment\.  Sleeping for 5 seconds.]LOG]!><time="08:25:58.000+000" date="08-13-2015" component="LiteTouch" context="" type="1" thread="" file="LiteTouch">
    <![LOG[Unable to connect to share: The network name cannot be found.
    ( 0x80070043 ) , trying to connect without username. ]LOG]!><time="08:26:03.000+000" date="08-13-2015" component="LiteTouch" context="" type="1" thread="" file="LiteTouch">
    <![LOG[The network name cannot be found.
    ]LOG]!><time="08:26:03.000+000" date="08-13-2015" component="LiteTouch" context="" type="3" thread="" file="LiteTouch">
    <![LOG[Unable to connect to \\fsstl06\DataDir\Installs\Deployment\.  Sleeping for 10 seconds.]LOG]!><time="08:26:03.000+000" date="08-13-2015" component="LiteTouch" context="" type="1" thread="" file="LiteTouch">
    <![LOG[Unable to connect to share: The network name cannot be found.
    ( 0x80070043 ) , trying to connect without username. ]LOG]!><time="08:26:13.000+000" date="08-13-2015" component="LiteTouch" context="" type="1" thread="" file="LiteTouch">
    <![LOG[The network name cannot be found.

    I'm not sure why it doesn't have a username, I have the account specified in the customsettings, and bootstrap. It's also not changed since the move between servers, so having worked before, and no changes, I'm not seeing the hangup. 

    UserID= 
    UserDomain=
    UserPassword=

    (Info purposely left out, but those are the lines)

    Thanks for your help so far!!

    *Also, a new deployment share from scratch gave me the same issue, so what I have should be okay. This should help narrow it down, but I'm not seeing it yet.
    • Edited by Jeremy_IT_12 Thursday, August 13, 2015 1:44 PM Add't info
    Thursday, August 13, 2015 1:39 PM
  • Two things get the Configmgr 2012 R2 Toolkit so you can read the logs easier.

    You could change the deployroot to be the IP of the server instead of the servername.  If that works then it is probably a DNS issue (although you already know that from your troubleshooting).


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.



    Thursday, August 13, 2015 6:13 PM
    Moderator
  • Thanks for the link to that tool, that's far easier to read.

    Changing the deployroot to the IP address of the server also did not help. Nor did trying a different domain admin account.

    In case it's any more help:

    Property LogPath is now = X:\MININT\SMSOSD\OSDLOGS	LiteTouch
    Microsoft Deployment Toolkit version: 6.2.5019.0	LiteTouch
    Property Debug is now = FALSE	LiteTouch
    ZTIUtility!GetAllFixedDrives (False)	LiteTouch
    ZTIUtility!GetAllFixedDrives = 	LiteTouch
    No task sequence is in progress.	LiteTouch
    New ZTIDisk : \\MININT-HTBT0F0\root\cimv2:Win32_DiskDrive.DeviceID="\\\\.\\PHYSICALDRIVE0"	LiteTouch
    Found Possible OS TargetDisk: \\MININT-HTBT0F0\root\cimv2:Win32_DiskDrive.DeviceID="\\\\.\\PHYSICALDRIVE0"	LiteTouch
    GetPartitions: 0	LiteTouch
    Did not find disk.	LiteTouch
    Property SMSTSLocalDataDrive is now = 	LiteTouch
    Unable to connect to BCDStore.	LiteTouch
    Not running within WinPE or WinRE.	LiteTouch
    Property DeploymentMethod is now = UNC	LiteTouch
    DeploymentMethod = UNC	LiteTouch
    Property DeployRoot is now = X:\Deploy	LiteTouch
    Using a local or mapped drive, no connection is required.	LiteTouch
    DeployRoot = X:\Deploy	LiteTouch
    Property DeployDrive is now = X:	LiteTouch
    DeployDrive = X:	LiteTouch
    Property PHASE is now = PREINSTALL	LiteTouch
    Property DeploymentType is now = NEWCOMPUTER	LiteTouch
    Phase = PREINSTALL	LiteTouch
    About to run command: wscript.exe "X:\Deploy\Scripts\ZTIGather.wsf" /inifile:Bootstrap.ini	LiteTouch
    Property inifile is now = Bootstrap.ini	ZTIGather
    Microsoft Deployment Toolkit version: 6.2.5019.0	ZTIGather
    ------------------------- Object Initialization -------------------------	ZTIGather
    ------------------------- Initialization -------------------------	ZTIGather
    Synchronizing the environments.	ZTIGather
    Property DeployRoot is now = X:\Deploy	ZTIGather
    Property DeployDrive is now = X:	ZTIGather
    Finished synchronizing the environments.	ZTIGather
    Getting OS info	ZTIGather
    Property OSCurrentVersion is now = 6.3.9600	ZTIGather
    Property OSCurrentBuild is now = 9600	ZTIGather
    Property OSVersion is now = WinPE	ZTIGather
    Property IsServerOS is now = False	ZTIGather
    Property IsServerCoreOS is now = False	ZTIGather
    Finished getting OS info	ZTIGather
    Getting HAL information	ZTIGather
    Property HALName is now = acpiapic	ZTIGather
    Finished getting HAL information	ZTIGather
    Getting network info	ZTIGather
    Checking network adapter: [00000001] Intel(R) 82579LM Gigabit Network Connection	ZTIGather
    MAC address = D4:BE:D9:99:AD:77	ZTIGather
    Property definition is now = BDD_Welcome_ENU.xml	Wizard
    Microsoft Deployment Toolkit version: 6.2.5019.0	Wizard
    IP Address = 10.0.74.187	ZTIGather
    IP Address = fe80::c886:4cf8:f449:9314	ZTIGather
    Default Gateway = 10.0.74.1	ZTIGather
    Property IPAddress001 is now = 10.0.74.187	ZTIGather
    Property IPAddress002 is now = fe80::c886:4cf8:f449:9314	ZTIGather
    Property MacAddress001 is now = D4:BE:D9:99:AD:77	ZTIGather
    Property DefaultGateway001 is now = 10.0.74.1	ZTIGather
    Finished getting network info	ZTIGather
    Getting DP info	ZTIGather
    Unable to determine ConfigMgr distribution point	ZTIGather
    Finished getting DP info	ZTIGather
    Getting WDS server info	ZTIGather
    Unable to determine WDS server name, probably not booted from WDS.	ZTIGather
    Finished getting WDS server info	ZTIGather
    Property HostName is now = MININT-HTBT0F0	ZTIGather
    Getting asset info	ZTIGather
    Unable to determine asset tag via WMI.	ZTIGather
    Not Wizard = False	Wizard
    Property WizardComplete is now = N	Wizard
    FindFile: The file x86\Microsoft.BDD.Utility.dll could not be found in any standard locations.	ZTIGather
    FindFile(...\Microsoft.BDD.Utility.dll)  Result : 1	ZTIGather
    RUN: regsvr32.exe /s ""	ZTIGather
    FindFile(...\Microsoft.BDD.Utility.dll)  Result : 0	ZTIGather
    RUN: regsvr32.exe /s "X:\Deploy\Tools\x64\Microsoft.BDD.Utility.dll"	ZTIGather
    Property AssetTag is now = 	ZTIGather
    Property SerialNumber is now = JYB0KS1	ZTIGather
    Property Make is now = Dell Inc.	ZTIGather
    Property Model is now = OptiPlex 790	ZTIGather
    Property Product is now = 0HY9JP	ZTIGather
    Property UUID is now = 4C4C4544-0059-4210-8030-CAC04F4B5331	ZTIGather
    Property Memory is now = 3977	ZTIGather
    Property Architecture is now = X64	ZTIGather
    Property ProcessorSpeed is now = 3300	ZTIGather
    Property CapableArchitecture is now = AMD64 X64 X86	ZTIGather
    Property IsLaptop is now = False	ZTIGather
    Property IsDesktop is now = True	ZTIGather
    Property IsServer is now = False	ZTIGather
    Property IsUEFI is now = False	ZTIGather
    Property IsOnBattery is now = False	ZTIGather
    Property SupportsX86 is now = True	ZTIGather
    Property SupportsX64 is now = True	ZTIGather
    Property SupportsSLAT is now = True	ZTIGather
    Finished getting asset info	ZTIGather
    Getting OS SKU info	ZTIGather
    Unable to determine Windows SKU while in Windows PE.	ZTIGather
    Determining the Disk and Partition Number from the Logical Drive X:\windows	ZTIGather
    Property OriginalArchitecture is now = 	ZTIGather
    Getting virtualization info	ZTIGather
    Property IsHypervisorRunning is now = False	ZTIGather
    Property SupportsVT is now = True	ZTIGather
    Property SupportsNX is now = True	ZTIGather
    Property Supports64Bit is now = True	ZTIGather
    Property SupportsHyperVRole is now = True	ZTIGather
    This computer does not appear to be a virtual machine (BIOS is 'DELL   - 6222004').	ZTIGather
    Property IsVM is now = False	ZTIGather
    Finished getting virtualization info	ZTIGather
    Connection succeeded to MicrosoftVolumeEncryption	ZTIGather
    There are no encrypted drives	ZTIGather
    Property IsBDE is now = False	ZTIGather
    Processing the PREINSTALL phase.	ZTIGather
    Determining the INI file to use.	ZTIGather
    Finished determining the INI file to use.	ZTIGather
    Using from [Settings]: Rule Priority = DEFAULT	ZTIGather
    ------ Processing the [DEFAULT] section ------	ZTIGather
    Property DEPLOYROOT is now = \\fsstl06\DataDir\Installs\Deployment\	ZTIGather
    Using from [DEFAULT]: DEPLOYROOT = \\fsstl06\DataDir\Installs\Deployment\	ZTIGather
    Property USERID is now = mdtadmin	ZTIGather
    Using from [DEFAULT]: USERID = mdtadmin	ZTIGather
    Property USERDOMAIN is now = iagn1142.mds	ZTIGather
    Using from [DEFAULT]: USERDOMAIN = iagn1142.mds	ZTIGather
    <Message containing password has been suppressed>	ZTIGather
    <Message containing password has been suppressed>	ZTIGather
    Property KEYBOARDLOCALE is now = en-US	ZTIGather
    Using from [DEFAULT]: KEYBOARDLOCALE = en-US	ZTIGather
    Property SKIPBDDWELCOME is now = YES	ZTIGather
    Using from [DEFAULT]: SKIPBDDWELCOME = YES	ZTIGather
    ------ Done processing X:\Deploy\Scripts\Bootstrap.ini ------	ZTIGather
    Remapping variables.	ZTIGather
    Property TaskSequenceID is now = 	ZTIGather
    Property DeploymentType is now = NEWCOMPUTER	ZTIGather
    Finished remapping variables.	ZTIGather
    ZTIGather processing completed successfully.	ZTIGather
    Command completed, return code = 0	LiteTouch
    Property WizardComplete is now = Y	Wizard
    Validating connection to \\fsstl06\DataDir\Installs\Deployment\	LiteTouch
    Mapping server share: \\fsstl06\DataDir\Installs\Deployment\	LiteTouch
    Unable to connect to share: The network name cannot be found.	
    ( 0x80070043 ) , trying to connect without username. 	LiteTouch
    The network name cannot be found.	
    	LiteTouch
    Unable to connect to \\fsstl06\DataDir\Installs\Deployment\.  Sleeping for 5 seconds.	LiteTouch
    Unable to connect to share: The network name cannot be found.	
    ( 0x80070043 ) , trying to connect without username. 	LiteTouch
    The network name cannot be found.	
    	LiteTouch
    Unable to connect to \\fsstl06\DataDir\Installs\Deployment\.  Sleeping for 10 seconds.	LiteTouch
    Unable to connect to share: The network name cannot be found.	
    ( 0x80070043 ) , trying to connect without username. 	LiteTouch
    The network name cannot be found.	
    	LiteTouch
    Unable to connect to \\fsstl06\DataDir\Installs\Deployment\.  Sleeping for 15 seconds.	LiteTouch
    Unable to connect to share: The network name cannot be found.	
    ( 0x80070043 ) , trying to connect without username. 	LiteTouch
    The network name cannot be found.	
    	LiteTouch
    Unable to connect to \\fsstl06\DataDir\Installs\Deployment\.  Sleeping for 20 seconds.	LiteTouch
    Unable to connect to share: The network name cannot be found.	
    ( 0x80070043 ) , trying to connect without username. 	LiteTouch
    The network name cannot be found.	
    	LiteTouch
    Unable to connect to \\fsstl06\DataDir\Installs\Deployment\.  Sleeping for 25 seconds.	LiteTouch
    ERROR - Unable to map a network drive to \\fsstl06\DataDir\Installs\Deployment\.	LiteTouch
    Unable to connect to the deployment share \\fsstl06\DataDir\Installs\Deployment\.	
    Connection OK. Possible cause: invalid credentials.	LiteTouch
    

    Thursday, August 13, 2015 7:02 PM
  • I am not seeing an IP address being used:

    Property DEPLOYROOT is now = \\fsstl06\DataDir\Installs\Deployment\

    Did you update your boot images and use the updated boot image?


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Thursday, August 13, 2015 9:35 PM
    Moderator
  • I did update the image, but you're right, I don't know what happened. I let it regenerate once more, and it looks right this time, but it still didn't get any further. And to get this log, I had to map to almost that same location, a temp folder I made just before \installs. 

    Friday, August 14, 2015 2:17 PM
  • What are your share permissions?  What are your NTFS permissions for stuff in the share?

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Friday, August 14, 2015 6:28 PM
    Moderator
  • Everyone, SYSTEM, & Administrators (local account for the fsstl06 server) all have Full Control. There's an entry for Virtual Machines, that has Special permissions for read/create. Everything inside the share shares those permissions.
    Friday, August 14, 2015 6:45 PM
  • I follow Johan Arwidmark's suggestion of doing this for the share permissions (use advanced sharing). This isn't as scary as it looks.

    Then go to the Security tab and set your permissions there. You should have CREATOR OWNER, SYSTEM and the local Administrators group. If the users group or everyone is in there then if possible remove those groups from the hard drive permissions or disable inheritance. Add the domain users you want to give access to this share. If you did disable inheritance don't forget to replace all child object permissions.


    If this post is helpful please vote it as Helpful or click Mark for answer.

    Friday, August 14, 2015 8:39 PM
  • The permission for the deployment share folder was listed above. Everyone has full control to the folder. For now it would seem best to leave Everyone, as that includes literally every account on the domain, which would eliminate any chance of permissions being the issue. Although since two full Domain Admin accounts aren't working, I think we've already ruled out permissions?

    Friday, August 14, 2015 8:55 PM
  • The 2 most likely issues are:

    1. DNS (would have been that if the IP address had worked)

    2. Permissions

    Other possibilities...

    Path is wrong for some reason

    If you UNC browse to the share you can access it perfectly? Verify what you have browsed to vs what your deployroot is?


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Friday, August 14, 2015 9:22 PM
    Moderator
  • You're a brave soul, I have mine locked down just to the techs I allow to deploy Windows. Besides I don't want just anyone one on the network to be able to read or write to it. That's perfectly fine for a lab environment.

    That said with everyone in there that should work.

    Are you connected to the same server using a different username on the machine you are trying to connect to the deployment share from? I think can give the error 67.


    If this post is helpful please vote it as Helpful or click Mark for answer.

    Friday, August 14, 2015 9:23 PM
  • If I test it from my workstation, \\fsstl06\datadir\Installs\Deployment works fine.

    The Deployroot is currently set to an IP address (from earlier testing), but it's the same path (\\10.0.74.37\DataDir\Installs\Deployment\).

    I can also see \\10.0.74.37\datadir\Installs\Deployment from my workstation.

    Both of these paths also work from the new virtual server where the MDT workbench is.

    Dan, I have a single Domain Admin account which is used for nothing else but MDT deployment. That's what I've been using. I also tried subbing in my Domain Admin credentials just to make sure there's nothing wrong with that MDT account. Both accounts can manually map a drive to the Share from F8 within the failed deployment. It successfully maps, but it still won't continue after that. It just appears that when it should do it automatically, it doesn't, but doing it manually seems to "work" without going any further.

    And, if I sign in to the server using the MDT admin account, it too can open both paths above just fine.

    Friday, August 14, 2015 9:56 PM
  • Do you still have the old share? Id so, clean up the new share, recreate it and eithe rlink the two and transfer or copy past each node, It was a hard learned lesson for me.
    Saturday, August 15, 2015 11:13 PM
  • Do you still have the old share? Id so, clean up the new share, recreate it and eithe rlink the two and transfer or copy past each node, It was a hard learned lesson for me.
    The share never changed. I did create a brand new one, and it had the same issue. I dreaded re-doing it all, but sadly, after all that work, it still failed for the same reason.
    Monday, August 17, 2015 12:58 PM
  • Do you guys have any security policies that your servers can only do Kerberos or SMB 1.0 blocked or anything?

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Monday, August 17, 2015 5:47 PM
    Moderator
  • No policies limiting either of those.
    Monday, August 17, 2015 6:23 PM
  • I am at a loss.  If you are able to see this stuff from your workstations but, not from WinPE (even using net use etc) I don't know what is missing.

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Monday, August 17, 2015 6:40 PM
    Moderator
  • I am at a loss.  If you are able to see this stuff from your workstations but, not from WinPE (even using net use etc) I don't know what is missing.

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    I can Net Use and Map a drive to the Share, using my credentials and the MDT set. But it doesn't do anything after that. I can't get the WinPE to use that new mapped share. It's as if I can do it manually, but it won't make the connection automatically.

    Since I've got new computers arriving, I'll try to toss this on a different server for the time being and see if I get the same thing. 

    Monday, August 17, 2015 6:49 PM
  • Alright, so I scrapped everything so to speak and started new.

    On the FSSTL16 server, I made a new local share, C:\Deploymentshare$ (instead of using the mapped share to the fsstl06 server)

    Set up all the drivers/tasks/etc, it works (kind of - lots of failed items on the summary screen for some reason). Oddly though, when it's installing my software, and I look in Explorer, it has a mapped drive to the old \\fsstl06\datadir\Installs\Deployment. As well as the mapped drive to the new \\fsstl16\deploymentshare. I plan on deleting the \\fsstl06\ share since it doesn't work, so here's to hoping it doesn't further mess anything else up!

    For the life of us, we're not seeing any reason the mapped drive wouldn't work, but I have a backlog of computers needing to be wiped/setup, so I'm going to run with this for now while it works. Thank you everyone for your help, it's not ideal, but it's working.

    Tuesday, August 18, 2015 3:01 PM
  • Look at your application paths.  If you imported your applications without source and populated the source directory later then that won't migrate to the new infrastructure. It will stay what it was instead of being in your new deployroot.

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Tuesday, August 18, 2015 8:12 PM
    Moderator
  • Nice catch, I forgot about that when I copied the application entries. That will clear up a couple things, I'll tackle the rest of the issues.
    Tuesday, August 18, 2015 8:28 PM