locked
Secondary Site Content Boundary Communication Issue RRS feed

  • Question

  • Hi,

    I really hope someone can help me, I have been struggling with this for days.

    Infrastructure is:

    Primary site

    Remote SQL cluster with more than one instance on it, static port is configured on the SCCM instance. The SQL server browser service is running.

    The Primary site server is a local administrator on the SQL boxes.

    Several secondary sites.

    Client push works fine, machines show as connected to the primary site and are active, all the features in right click tools work.

    I have 1 boundary group for site assignment, in it is an IP range covering all the machines on the domain.

    I am pushing out applications the old way with packages and deployments.

    packages cache down on the secondary sites with no problems.

    Local machines then complain that they can not find the content (there is no content only boundary set at this point)

    So I create another boundary group containing a boundary that just has the IP range of the local machines for the relevant secondary site / client and add in the secondary site as the content location point

    As soon as I do this the CCMCACHE directory on the local machines states to fill and installations start.

    The problem is as soon as the content only boundary group is added with the secondary site server client communication stops.

    The clientauth.log folder on the secondary site starts to fill with:

    Error verifying message from client 'GUID:EECBFB95-03F2-4799-91E1-3E7B024C9294' (0x87d00238). ClientAuth 13/08/2012 12:04:52 4944 (0x1350)
    Encountered database error while verifying headers for client 'GUID:7F66AD50-15B1-48CF-BD17-71FCE530F989' (0x87d00238). ClientAuth 13/08/2012 12:04:52 4944 (0x1350)
    Error verifying message from client 'GUID:7F66AD50-15B1-48CF-BD17-71FCE530F989' (0x87d00238). ClientAuth 13/08/2012 12:04:52 4944 (0x1350)
    Encountered database error while verifying headers for client 'GUID:F64E403E-EEA8-4CBF-AEF8-043EF65A43C9' (0x87d00238). ClientAuth 13/08/2012 12:04:53 4944 (0x1350)
    Error verifying message from client 'GUID:F64E403E-EEA8-4CBF-AEF8-043EF65A43C9' (0x87d00238). ClientAuth 13/08/2012 12:04:53 4944 (0x1350)
    Encountered database error while verifying headers for client 'GUID:0F66537A-BE8C-479A-8B93-D40BE0378AB1' (0x87d00238). ClientAuth 13/08/2012 12:04:53 4944 (0x1350)

    Clientlocation.log on the local workstation shows the proxy management point as my secondary site.

    The current assigned management point is the primary site.

    ClientIDManagerstartup.log shows:

    RegTask] - Client is not registered. Sending registration request for GUID:5E70602F-806B-49F2-9518-1EE681C87323 ... ClientIDManagerStartup 13/08/2012 12:19:45 3656 (0x0E48)
    [RegTask] - Client is registered. Server assigned ClientID is GUID:5E70602F-806B-49F2-9518-1EE681C87323. Approval status 1 ClientIDManagerStartup 13/08/2012 12:19:45 3656 (0x0E48)
    'RDV' Identity store does not support backup. ClientIDManagerStartup 13/08/2012 12:19:46 3656 (0x0E48)
    [RegTask] - Client is registered. Exiting. ClientIDManagerStartup 13/08/2012 12:19:46 3656 (0x0E48)

    The locationservices.log on the client looks OK.

    On the secondary site in C:\Program Files\Microsoft Configuration Manager\CCM\Incoming there are around 280 items queued.

    If I remove the content boundary group communication returns but then I cant send applications out.

    I was using AD sites for boundaries but now have moved to IP ranges.

    any help would be really appreciated.

    Thank You.

    



    Monday, August 13, 2012 11:26 AM

All replies

  • Is the MP on the secondary site working fine? Any errors on the monitoring node (system status)? Are mplist and mpcert working?

    Torsten Meringer | http://www.mssccmfaq.de

    Monday, August 13, 2012 12:05 PM
  • Hi,

    Thanks for the reply Torsten.

    the mpcontrol.log file on each of the secondary sites shows OK 200

    MPCERT and MPLIST both resolve fine from a workstation and all servers.

    every one of the secondary sites is listed in mplist too.

    The console monitor shows no errors at all for any site.

    Monday, August 13, 2012 12:49 PM
  • I think the problem is with the secondary site management point not being able to talk to the SQL cluster.

    I have checked open connections on the cluster and can not see any of the management points connected.

    Also if I remove a secondary site and install a distribution point role on the same box everything works perfectly using the same boundary groups.

    The secondary sites seem to have public access permissions on the SQL cluster and the sql browser service is running on the cluster.

    I can use a the portqry.exe from a secondary site and client and port 1434 shows all instances on the cluster.


    Tuesday, August 14, 2012 11:44 AM