none
Having problem deploying a standby SCCM server RRS feed

  • Question

  • I am having problem deploying a standby SCCM server, it failed when it tried to check DB connectivity.

    Here is what I have:

    Primary SCCM server's OS is server 2016.

    Secondary to be server's OS is also server 2016.

    SQL server is SQL 2016 + SP2 +CU4, SQL server's OS is also Windows 2016.

    Content library is moved to a shared location.

    I have had enabled TLS 1.2 by following this instuction https://support.microsoft.com/en-us/help/4040243/how-to-enable-tls-1-2-for-configuration-manager  and disabled SSL 3.0, TLS 1.0, and TLS 1.1.

    when I tried to install standby (HA) server, it failed.

    failoverMgr.log shows: CheckAdminOnSQL has failed.

    Standby SCCM server's smstsvc.log shows: Error: Failed to connect SQL Server xxxxxxx, Database master.

    I have checked that

    System/Computer account of the Passive Site Server is added to the following locations –

    • Content Library Share permission
    • Administrators Group of Active/Current Primary Site Server.
    • Administrators Group of SQL Server OS
    • SMS Admins group on all SMS Providers.
    • System Management Container permission in AD.
    • SysAdmin on SQL Server
    • FIPS security policy is enabled.

    I ran Procmon and it showed Primary sccm ran smstsvc_passive_1.exe from the passive to be server, and it tried to connect to SCCM DB using OLEDB and ODBC32. I suspect that OLEDB (which does not support TLS 1.2) is too old, and it tried to connect to DB by using ODBC32 but it is also old and failed??

    Does anybody faced this problem? OS of SCCM server and SQL server is all windows 2016 there is not much to do, not sure if I have to install SQL serer native client? I don't see it as a pre-req for SCCM site server.

    Something really bothering me is that SCCM primary site server is working just fine, it is the passive server pre-req test is failing because the process can't connect to SQL server.

    Any help is appreciated.

    Thank you.

    Tuesday, December 11, 2018 10:35 PM

Answers

All replies