locked
SCCM 2012 Secondary site deployment failed - script file is missing parent serialized encoded certificate key RRS feed

  • Question

  • Hi,

    I am attempting a secondary SCCM 2012 CU1 site deployment from the primary SCCM server's console, but it keeps failing with the following errors when viewing the installation status:
    [FAILED]:Unable to initiate setup with secondary site server bootstrap installation service - check ConfigMgrSetup.log in the root of the secondary site server system drive.
    [FAILED]:Secondary site server bootstrap installation service timed out - check ConfigMgrSetup.log and SMS_BOOTSTRAP.log in the root of the secondary site server system drive.

    I have confirmed that the primary server is a member of the secondary server's local administrators group and that the secondary server has the required access to the system management container in AD.
    I have also installed SQL manually on the secondary site server and enabled TCP with the correct port and changed the site installation to use an existing instance, but no luck :(
    There are also no firewalls in this solution that might prevent communication problems.
    I then copied away the sms_bootstrap.ini file before setup deleted it. I'm not sure what must all form part of the content, but it would appear as though some information is missing judging by the last line....

    Please see logs below:

    ConfigMgrSetup.log
    ~~===================== << Starting Configuration Manager 2012 Setup >> =====================  $$<Configuration Manager Setup><10-15-2012 09:50:18.876-120><thread=2460 (0x99C)>
    INFO: ConfigMgr2012 Setup was started by NT AUTHORITY\SYSTEM.  $$<Configuration Manager Setup><10-15-2012 09:50:18.878-120><thread=2460 (0x99C)>
    INFO: Command line specified was:  /script E:\SMS_BOOTSTRAP.ini /nouserinput  $$<Configuration Manager Setup><10-15-2012 09:50:18.879-120><thread=2460 (0x99C)>
    ~FQDN for server SecSiteServer is SecSiteServer.domain.com  $$<Configuration Manager Setup><10-15-2012 09:50:18.881-120><thread=2460 (0x99C)>
    INFO: Target computer is a 64 bit operating system.  $$<Configuration Manager Setup><10-15-2012 09:50:18.990-120><thread=2460 (0x99C)>
    INFO: Checking for existing setup information.  $$<Configuration Manager Setup><10-15-2012 09:50:18.991-120><thread=2460 (0x99C)>
    INFO: Checking for existing SQL information.  $$<Configuration Manager Setup><10-15-2012 09:50:18.991-120><thread=2460 (0x99C)>
    INFO: Verifying the registry entry for Asset Intelligence installation  $$<Configuration Manager Setup><10-15-2012 09:50:18.992-120><thread=2460 (0x99C)>
    INFO: Setting the default CSV folder path  $$<Configuration Manager Setup><10-15-2012 09:50:18.992-120><thread=2460 (0x99C)>
    INFO: No language packs detected.  $$<Configuration Manager Setup><10-15-2012 09:50:18.996-120><thread=2460 (0x99C)>
    INFO: Configuration Manager Build Number = 7711  $$<Configuration Manager Setup><10-15-2012 09:50:19.082-120><thread=2460 (0x99C)>
    INFO: Configuration Manager Version = 5.0  $$<Configuration Manager Setup><10-15-2012 09:50:19.083-120><thread=2460 (0x99C)>
    INFO: Configuration Manager Minimum Build Number = 800  $$<Configuration Manager Setup><10-15-2012 09:50:19.083-120><thread=2460 (0x99C)>
    INFO: Verifying Configuration Manager Active Directory Schema Extensions.  $$<Configuration Manager Setup><10-15-2012 09:50:19.083-120><thread=2460 (0x99C)>
    INFO: Found DS Root:CN=Schema,CN=Configuration,DC=domain,DC=com~  $$<Configuration Manager Setup><10-15-2012 09:50:19.110-120><thread=2460 (0x99C)>
    INFO: Verifying Configuration Manager Active Directory Schema Extensions.  $$<Configuration Manager Setup><10-15-2012 09:50:19.120-120><thread=2460 (0x99C)>
    INFO: Found DS Root:CN=Schema,CN=Configuration,DC=domain,DC=com~  $$<Configuration Manager Setup><10-15-2012 09:50:19.132-120><thread=2460 (0x99C)>
    INFO: Command line options being used are /SCRIPT E:\SMS_BOOTSTRAP.INI /NOUSERINPUT   $$<Configuration Manager Setup><10-15-2012 09:50:19.145-120><thread=2460 (0x99C)>
    INFO: Checking download options...  $$<Configuration Manager Setup><10-15-2012 09:50:19.147-120><thread=2460 (0x99C)>
    INFO: Using product update files from the primary site server - secondary site push.  $$<Configuration Manager Setup><10-15-2012 09:50:19.148-120><thread=2460 (0x99C)>
    INFO: Secondary site Setup path is E:\jd11qngt.TMP\SMSSETUP\bin\x64\SetupWPF.exe.  $$<Configuration Manager Setup><10-15-2012 09:50:19.148-120><thread=2460 (0x99C)>
    INFO: Cannot find E:\jd11qngt.TMP\SMSSETUP\redist. This could be secondary site push with no local media option.  $$<Configuration Manager Setup><10-15-2012 09:50:19.149-120><thread=2460 (0x99C)>
    INFO: This is a secondary site push without local media.  $$<Configuration Manager Setup><10-15-2012 09:50:19.149-120><thread=2460 (0x99C)>
    INFO: Validating characters in path from Program Files\Microsoft Configuration Manager  $$<Configuration Manager Setup><10-15-2012 09:50:19.150-120><thread=2460 (0x99C)>
    ~The ConfigMgr setup script contains syntax errors.  $$<Configuration Manager Setup><10-15-2012 09:50:19.153-120><thread=2460 (0x99C)>
    ERROR: The script file is missing parent serialized encoded certificate key.  $$<Configuration Manager Setup><10-15-2012 09:50:19.153-120><thread=2460 (0x99C)>
    ~The ConfigMgr setup script contains syntax errors.  $$<Configuration Manager Setup><10-15-2012 09:50:19.153-120><thread=2460 (0x99C)>
    ~~===================== Failed Configuration Manager 2012 Server Setup =====================  $$<Configuration Manager Setup><10-15-2012 09:50:19.154-120><thread=2460 (0x99C)>

    SMS_BOOTSTRAP.log
    ********************************************************************************  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.367-12><thread=6A0>
    Starting SMS_BOOTSTRAP.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.369-12><thread=6A0>
    Microsoft System Center 2012 Configuration Manager v5.00 (Build 7711)  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.369-12><thread=6A0>
    Copyright (C) 2011 Microsoft Corp.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.369-12><thread=6A0>
    Set current directory to E:\.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.369-12><thread=6A0>
    INFO:Action:<Install>.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.371-12><thread=6A0>
    Successfully read E:\SMS_BOOTSTRAP.ini.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.371-12><thread=6A0>
    Started for the first time.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.373-12><thread=6A0>
    Current time: Mon Oct 15 09:50:08 2012  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.373-12><thread=6A0>
    Looking for the .PKG file...  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.377-12><thread=6A0>
    E:\SMS_BOOTSTRAP.pkg does not exist.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.377-12><thread=6A0>
    Elapsed time since startup: 0 days, 00 hours, 00 minutes, 00 seconds.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.379-12><thread=6A0>
    Looking for the SMS CD...  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.379-12><thread=6A0>
    Checking CD Source Path [E:\jd11qngt.TMP]  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.380-12><thread=6A0>
    Successfully parsed E:\jd11qngt.TMP\SMSSETUP\install.map.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.477-12><thread=6A0>
    E:\jd11qngt.TMP\SMSSETUP\install.map build number "7711" is correct.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.478-12><thread=6A0>
    Elapsed time since startup: 0 days, 00 hours, 00 minutes, 00 seconds.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.483-12><thread=6A0>
    Running SMS Setup...  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.486-12><thread=6A0>
    Successfully parsed E:\jd11qngt.TMP\SMSSETUP\install.map.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.570-12><thread=6A0>
    E:\jd11qngt.TMP\SMSSETUP\install.map build number "7711" is correct.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.570-12><thread=6A0>
    Started "E:\jd11qngt.TMP\SMSSETUP\bin\x64\SetupWPF.exe /script E:\SMS_BOOTSTRAP.ini /nouserinput" as PID 3328.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.577-12><thread=6A0>
    Waiting for PID 3328 to terminate...  $$<SMS_BOOTSTRAP><10-15-2012 09:50:08.580-12><thread=6A0>
    PID 3328 exited with code 1.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:23.577-12><thread=6A0>
    FATAL ERROR: SMS_SITE_COMPONENT_MANAGER is not running, setup must have failed, bootstrap procedure aborted!  $$<SMS_BOOTSTRAP><10-15-2012 09:50:23.580-12><thread=6A0>
    Deinstalling myself...  $$<SMS_BOOTSTRAP><10-15-2012 09:50:23.580-12><thread=6A0>
    Deleted E:\SMS_BOOTSTRAP.ini.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:23.581-12><thread=6A0>
    Deleted E:\SMS_BOOTSTRAP.EXE.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:23.582-12><thread=6A0>
    Deinstalled the SMS_BOOTSTRAP service.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:23.584-12><thread=6A0>
    Deinstallation complete.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:23.584-12><thread=6A0>
    Bootstrap procedure unsuccessful.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:23.584-12><thread=6A0>
    Stopping SMS_BOOTSTRAP...  $$<SMS_BOOTSTRAP><10-15-2012 09:50:23.586-12><thread=6A0>
    SMS_BOOTSTRAP stopped.  $$<SMS_BOOTSTRAP><10-15-2012 09:50:23.588-12><thread=6A0>
    ********************************************************************************  $$<SMS_BOOTSTRAP><10-15-2012 09:50:23.589-12><thread=6A0>


    SMS_BOOTSTRAP.ini
    [Identification]
    Action=InstallSecondarySite

    [Options]
    SiteCode=SEC
    SiteNumber=65542
    SiteName=SecondarySite
    SMSInstallDir=E:\Program Files\Microsoft Configuration Manager\
    ParentSiteCode=PRI
    ParentSiteServer=PriSiteServer.domain.com
    AddressType=MS_LAN
    UseFQDN=1

    [SQLConfigOptions]
    SQLServerName=SecSiteServer.domain.com
    DatabaseName=CONFIGMGRSEC\CM_SEC
    InstallSQLExpress=1
    SQLExpressCollation=SQL_Latin1_General_CP1_CI_AS
    SQLServicePort=1433
    SQLSSBPort=4022

    [HierarchyExpansionOption]
    ParentSiteNumber=1
    ParentSQLServerName=PriSiteServer.domain.com
    ParentDatabaseName=SCCM\CM_PRI
    ParentSQLServerSerializedCertificate=308201DD30820146A00302010202105FA05FEA43D8B4B74D4037176B776207300D06092A864886F70D0101050500302D312B302906035504031322535342205472616E73706F7274205365637572697479204365727469666963617465301E170D3039303130313030303030305A170D3239303130313030303030305A302D312B302906035504031322535342205472616E73706F727420536563757269747920436572746966696361746530819F300D06092A864886F70D010101050003818D003081890281810094B39EDC45517E07630B20B713CD26802A510998C38EC8A11F0557204F27CAD2FD1BF7D8276FBB2B1E154BF5EC5738EA8F16B9B2C4FF533F7BA0958D210D73DC60BC6E449BE927C13A4989573509B04435B48D3E134415B33B9BEF0F19356E1AE9DE14CCD15217F16D7D9B7848A637F97F0ED77864C3720CDD53D345D6ABEEC10203010001300D06092A864886F70D0101050500038181005E6550329F50C86F855BE99BF1318CC2368966465C55AF1FDAC1F54647E6DCB4BD463BF86939689454E0D9C4F5D9A80F2C150809CEB164D77A05F6202F22F6B8527514543C3FD503B5B8B084848A08E5AA9C93F5395A379B470C369F783D0B279FD657FBECDFA6E420D90F3E57ED45CE55A68FD6019E1DFD29E95FFBFAA2619A
    ParentSQLServerMachineSerializedCertificate=
    ParentSiteServiceExchangeKey=0602000000A40000525341310008000001000100E3166C550E4257D18904D9D4B3304CEE893B778B5B4A8DFEE375E25317B11FBB32BC1BCFDC3976F7DF8FF018BFC714B82559091A2376FDA3A8D63019F0F21F4386AE8B173D5AC3C2456D39EC5CFFE03875457522ACA920BEC956A5DC793C075F351D9819084323F50A4FDB5798FC958544F7A1FB85CA91A7281E2F8F7B2DAF81300DA3978716C321F5039722A0F13636D67B6C26B64558A0860456EC443C21AF408115A874660A40E9BD94BA06766EB95B06098FF4EE59053DA8A281746D4D170280BB0665E72BCCB896F24D86E8C9BA960FC4AE80C429ADC0F85146EE0EEC02CE05E5E70DA5CF86EE00A4F26A6214511BD4B9D57D008BFBF49D78A15DCF3DB1
    ParentSQLServerSSBPort=5000
    [Bootstrap]
    Action=Install
    SetupPath=\SMSSETUP\bin\x64\SetupWPF.exe
    BuildNumber=7711
    InstallMapPath=\SMSSETUP\install.map
    SecurityMode=Advanced
    SetupSourcePath=E:\8ur1a36t.TMP
    State=Looking for the SMS CD...
    StartTime=1349858846
    WorkingDir=

    Has anybody ever seen something similar to this or have any idea where to scratch for a possible solution?

    Thanks people :)


    • Edited by 007Johan Monday, October 15, 2012 2:31 PM
    Monday, October 15, 2012 2:15 PM

All replies

  • I have started setupdl.exe from the installation media and saved the newly downloaded files in a "redist" folder on the secondary server's "smssetup" folder. Unfortunately it resolved nothing and the problem still persists :(

    Anybody has any idea where else to look for the possible cause? It would seem as though the smsbootstrap.ini file does not get compiled correctly and I'm not sure if there is a way of manually compiling the file and have it readily available in the destination location on the secondary server....

    Thursday, October 18, 2012 6:15 AM
  • Hey 007 can you tell me are you going to let SQL be installed by SCCM or is it pre-installed?

    Then just the basics

    Is the PS server a local admin on the SS server

    Is it a direct add or in a group

    Any firewalls?

    What version is the SS server ?

    Paul


    Paul Keely

    Friday, October 19, 2012 12:19 PM
  • Hi Paul,

    Thanks for the reply! I have initially just followed basics and chose sccm to deploy sql express. After multiple failed attempts and troubleshooting, i have installed sql express 2008r2 myself on the secondary site server and patched it to sp1, cu6.
    The primary server is a member of the secondary server's local admins group. I have not pre-created the address and it is not part of a group. There is no firewalls in place either.
    Both servers run windows 2008 r2 sp1.

    Monday, October 22, 2012 6:58 AM
  • Hey 007

    Just had another read of that error log, seems to be an issue with where it place the temp file on the e:

    Would you be able to copy the SCCM source files to the secondary and then rerun the install with the option to use a local copy of SCCM and see how that works?

    Paul


    Paul Keely

    Monday, October 22, 2012 2:43 PM
  • Hi,

    The setup source path on the 'E' drive is a local copy on the secondary server.
    I have first tried the option of setup to automatically copy the required source files to the destination server. After some repeated install failures, i have directed setup to use a source file location on the secindary server and pointed it to the e-drive on the destination server. I have noticed in the log file that it was looking for a 'redist' folder when checking local media option. I don't think that is the cause, but never the less decided to run setupdl.exe to pull new files down from the internet and saved it in the 'redist' folder that i have created in the smssetup folder. This had no change in the outcome.

    My mind tells me there must be something wrong with the sms_bootstrap.ini file when it gets compiled on the primary server for distribution to the secondary site, but unfortunately i dont have a ini file to compare it with.

    Thanks for your interest in this!

    Monday, October 22, 2012 3:50 PM
  • Just so ething else that i have noticed, but did not pay much attention to...
    In the sms_bootstrap.ini file,there is a ParentSqlServerMachineSerializedCertificate= section refering also to no data...
    This pointed me to look at SPN's for thevarious computer accounts in the hierarchy.
    On the secondary servers where i havepre-installed sql, there is the following SPNs listed:
    1. MSSQLSvc/SecSiteServer.domain.com:1433
    2. MSSQLSvc/SecSiteServer.domain.com:CONFIGMGRSEC

    Looking at the SPNs for the primary site server, primary site sql server and all service accounts used at the primary site, there are no MSSQLSvc SPNs configured, yet the primary site functions normal...

    I then proceded to add SPNs on a one-at-a-time basis to the servers and service accounts, but this seems to cause the console not to connect to the site.

    Any clarity on where or how the SPNs must be configured for the primary site, if any?

    Tuesday, October 23, 2012 6:43 AM
  • I am having the same issues.  Was this ever resolved?
    Wednesday, March 20, 2013 9:56 PM
  • Hi Markfa,

    I have noticed some SQL certificate errors for some reason as well and decided to backup/export what I could and re-install the whole environment.
    It took some time to get all the packages/apps restored and configurations re-entered, but everything worked fine second time around.

    Not sure what went wrong..

    Hope you get your environment fixed!

    Tuesday, April 9, 2013 11:45 AM
  • It has been fixed.  The target for my secondary site had previous been a CAS for a test environment and still had remnants of SQL.  The machine was re-imaged, patched, and ADK installed (with more patching after).  After all of that was done I had zero issues deploying as a secondary site.  
    Tuesday, April 9, 2013 3:50 PM