none
Windows Deployment Services error.

    Question

  • I assume and hope this is the appropriate forum for this, even though it's for using WDS to deploy Windows XP SP2.  I installed WDS on one of our W2K3 R2 SP1 servers via the Windows Components window of Add / Remove Programs (I didn't use the downloaded Windows AIK package).  For the most part it seems I got everything setup and working fine.  I used the boot.wim image from the Windows Vista DVD to make my Capture boot image as well as Windows PE PXE boot environment image.  I successfully made my own custom install image and was even able to re-deploy it to the laptop which I made it from.

    Now enters my problem.  I have another laptop that's a similar model, but not the exact same.  When I go to image it I get this error after it gets into Windows PE:


    WdsClient: An error occurred while communicating with the Windows Deployment Services server. Please check to ensure that the server is operational and that the necessary ports are open on the server's firewall.  Server name [wdsserver.domain.com], Server IP address [192.168.1.2].


    I fired up the command prompt with shift+F10 and can ping the server just fine.  Also, ipconfig /all shows everything is functioning as it should, so http://support.microsoft.com/kb/923834/en-us doesn't seem relevant to my problem.  I couldn't find any other articles on this issue.  I also have the WDS server setup to accept any client... no client restrictions.

    I'm stumped as to what to do next.  I thought I had this thing all ironed out and working, but this laptop threw me a curveball.
    Wednesday, April 4, 2007 5:05 PM

Answers

  • I had the same problem and it has since been resolved, see this post for full details:

    http://social.technet.microsoft.com/Forums/en/itprovistadeployment/thread/7f04fcb1-a9d8-49a0-92eb-96ad64a53122

     

    PROBLEM RESOLVED::

    This was caused by the following group policy setting (Default domain policy) Computer Configuration | Administrative Templates | System | Remote Procedure Call | Restrictions for Unauthenticated RPC Clients. We had this setting enabled and set to 'authenticate'. I had to set this policy setting to 'not configured' or disabled to resolve the error message when WDS client was failing to connect to the WDS server.

     

    This is because the WDS client will attempt to make an un-authenticated RPC connection to the WDS server, probably to query a list of WDS images, and then fails since we were telling the WDS server via group policy to reject un-authenticated RPC connections.

     

    I hope this is helpful to others out there that have had my same problem. Ive spent enough time on this problem for all of us...
    Tuesday, June 22, 2010 6:31 PM

All replies

  • I gather I am probably not going to get an answer on this one, especially because it's more specific than general regarding equipment. With that said, how can I convert / reinstall from native mode to mixed mode so I can use RIS images again? Right now we're in Native mode and I can't find any way to get it changed at this point. RIS works just fine with all of our equipment, unlike WDS native (which is suprising to me). We need to get RIS back in action so we can start imaging our machines again as WDS isn't going to do it for a lack of support for our machines as well as a lack of documentation to fix some issues.

    EDIT: I was able to get it back to mixed by uninitializing the server, running risetup, then re-initializing the server.  I also had to restart the WDS service itself for it to quit saying native and it change to mixed mode.  I'm still curious about my first question, though, and would love to find an answer to move forward with more WDS testing.
    • Proposed as answer by Steven Fallas Thursday, June 2, 2016 9:00 PM
    Friday, April 6, 2007 2:02 PM
  • Hi there,

    in my case this error message was generated by an error in the unattend.xml.

    When i removed the unattend.xml the image was deployed just fine!

    Check ur WDSserverlogfile in %windir%/tracing for error messages.. When the tracing folder does not excist you will have to change the hkey_localmachine/software/MS/tracing/wdsserver/enablefiletracing key from 0 to 1.

     

    Good luck with this problem.

     

    Monday, April 16, 2007 8:04 AM
  • The high-level conversation between the client and the server for image deployment is:
    1. The client PXE boots.

    2. PXE uses DHCP ports and TFTP for the binary downloads. You need to allow the following ports for the User Datagram Protocol (UDP):

      • 67 and 4011 for DHCP

      • 69 and random UDP endpoints that the PXE BIOS chooses to use for TFTP

    3. Per the RFC, the client chooses random UDP ports to establish the session with the server. Use an application exception for TFTP if you have the Windows firewall enabled on the Windows Deployment Services server.

    4. The client downloads Windows PE and boots to the Windows Deployment Services client. This download also happens through TFTP using the same TFTP ports as mentioned previously.

    5. The Windows Deployment Services client communicates with the Windows Deployment Services server to authenticate and obtain the list of available images. This conversation occurs over RPC because RPC has built-in authentication (it is one of the few fully available protocols in Windows PE). You need to allow the port for the End Point Mapper (TCP 135) and the port for the RPC listener for the Windows Deployment Services server (which by default is TCP 5040). You can configure this port using WDSUTIL or by modifying the registry.

    6. Windows Deployment Services client installs the selected image. Image transfer occurs through Server Message Block. (You need all the file and print sharing ports—for example, TCP 137 through 139.)

      Note

      In addition, if DHCP authorization is required on the server (you have to manually turn this on—it is not required by default), then you need the DHCP client port 68 open on the server.

    Monday, April 16, 2007 9:59 AM
  • We were getting the same error as ErikS using the same setup as him (boot.wim from Vista DVD). WdsClient: An error occurred while communicating with the Windows Deployment Services server. Please check to ensure that the server is operational and that the necessary ports are open on the server's firewall. Server name [wdsserver.domain.com], Server IP address [192.168.1.2].
    Our solution: Clients need at least 512mb of RAM. We would get the error on clients with 256mb or less. Get the client up to 512mb and the stars align. Hope this helps!
    Thursday, May 3, 2007 4:43 PM
  • Can you check if you have configured a specific Client Unattend file for the device or on the server?

     

    If you have configured a WDS Client unattend file and the unattend file is not available on the server, then the client throws this error as well. It is misleading I agree.

    you can check the log files on the client after doing shift+f10 from X:\Windows\panther\Setupact.log to confirm if this is the problem.

     

    Thanks

     

    Thursday, May 3, 2007 9:51 PM
  •  Sudha Thirumoolan[MS] wrote:

    Can you check if you have configured a specific Client Unattend file for the device or on the server?

     

    If you have configured a WDS Client unattend file and the unattend file is not available on the server, then the client throws this error as well. It is misleading I agree.

    you can check the log files on the client after doing shift+f10 from X:\Windows\panther\Setupact.log to confirm if this is the problem.

     

    Thanks

     

     

    when i try X:\Windows\panther\Setupact.log i get access denided

     

    Wednesday, July 23, 2008 5:22 PM
  • I had the same problem and it has since been resolved, see this post for full details:

    http://social.technet.microsoft.com/Forums/en/itprovistadeployment/thread/7f04fcb1-a9d8-49a0-92eb-96ad64a53122

     

    PROBLEM RESOLVED::

    This was caused by the following group policy setting (Default domain policy) Computer Configuration | Administrative Templates | System | Remote Procedure Call | Restrictions for Unauthenticated RPC Clients. We had this setting enabled and set to 'authenticate'. I had to set this policy setting to 'not configured' or disabled to resolve the error message when WDS client was failing to connect to the WDS server.

     

    This is because the WDS client will attempt to make an un-authenticated RPC connection to the WDS server, probably to query a list of WDS images, and then fails since we were telling the WDS server via group policy to reject un-authenticated RPC connections.

     

    I hope this is helpful to others out there that have had my same problem. Ive spent enough time on this problem for all of us...
    Tuesday, June 22, 2010 6:31 PM
  • This fixed it for me after being stuck doing packet captures for 4 days. On one of the captures yesterday we say an access denied after the boot file had already loaded and was trying to communicate with the WDS server.  Thanks so much for your help!
    Sunday, June 16, 2013 5:17 AM
  • Solution:

    Go to windows Firewall and ON with Inbound connections that do not have an exception are blocked.

    Sunday, November 24, 2013 4:40 PM
  • Please be sure the remote install folder is correctly shared as "reminst" with correct permissions.
    Friday, March 14, 2014 12:30 PM
  • This actually resolved the issue I was having. Thanks!
    Tuesday, May 31, 2016 5:21 PM