Server rejected registration request

All replies

• 

  

  0

  Sign in to vote

  Jonathan,

  Take a look at the following. Delete the SMSCFG.ini from the windows folder. Delete the cert and reset SMSHost service.

  http://shankarkannappa.wordpress.com/tag/server-rejected-registration-request-3-client-not-receiving-policies/

  ---

  Cheers
  
  Paul | sccmentor.wordpress.com

  Friday, March 7, 2014 4:58 PM
• 

  

  0

  Sign in to vote

  Nope.  That did not work.  Same error.  What should I try next.

  Jonathan

  Friday, March 7, 2014 5:44 PM
• 

  

  0

  Sign in to vote

  I came across a post that talked about the cert for epo interfering with the cert for sccm agent.  They did not talk about how this fixed it.  So did anyone else come across this and if so how did you fix it.

  Jonathan

  Friday, March 7, 2014 8:09 PM
• 

  

  0

  Sign in to vote

  Hi,

  How about MP_CliReg.log on the MP that records the client registration activity processed by the management point?

  Best Regards,

  Joyce Li

  ---

  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.
  

  Monday, March 10, 2014 9:20 AM
• 

  

  0

  Sign in to vote

  I looked at the MP_Clireg.log and saw:

  <![LOG[Inv: Site Server Inventory Collection maps to C:\Program Files\Microsoft Configuration Manager\inboxes\inventry.box]LOG]!><time="17:47:00.658+300" date="03-10-2014" component="MP_ClientRegistration" context="" type="1" thread="6148" file="mpconfig.cpp:347">
  <![LOG[Inv: SMS_AMT_PROXY_COMPONENT maps to C:\Program Files\Microsoft Configuration Manager\inboxes\amtproxymgr.box]LOG]!><time="17:47:00.658+300" date="03-10-2014" component="MP_ClientRegistration" context="" type="1" thread="6148" file="mpconfig.cpp:347">
  <![LOG[Could not load logging configuration for component MP_RegistrationManager. Using default values.]LOG]!><time="17:47:00.736+300" date="03-10-2014" component="MP_ClientRegistration" context="" type="2" thread="6148" file="stdlogging.cpp:480">

  This pointed me to look at to urls:

  http://sms_mp_servername/.sms_aut?mplist

  http:// sms_mp_servername /.sms_aut?mpcert

  They both returned data like they should and the same as the clients that work.  Next suggestion

  Thanks,  Jonathan

  Tuesday, March 11, 2014 8:13 PM
• 

  

  0

  Sign in to vote

  what does MP_RegistrationManager.log says ? did it talk about certificates expiry or something related ?

  is this happening on all machines or only on the problem computer ?

  ---

  
  Eswar Koneti | Configmgr blog: www.eskonr.com | Linkedin: Eswar Koneti | Twitter: Eskonr

  • Marked as answer by Joyce L Monday, March 17, 2014 10:42 AM

  Thursday, March 13, 2014 5:24 AM
• 

  

  0

  Sign in to vote

  <![LOG[Raising event:
  [SMS_CodePage(437), SMS_LocaleID(1033)]
  instance of MpEvent_CertInvalidChain
  {
   ClientID = "GUID:5C9D5A19-44B6-4A19-99F9-2E7B062CF2CE";
   DateTime = "20140313134915.132000+000";
   MachineName = "SCCM2012-FDQN";
   ProcessID = 2672;
   SiteCode = "SOC";
   SubjectName = "AH_SCCM201201";
   ThreadID = 328;
   Win32ErrorCode = 2148204810;
  };
  ]LOG]!><time="08:49:15.137+300" date="03-13-2014" component="MP_RegistrationManager" context="Registration" type="1" thread="328" file="event.cpp:706">
  <![LOG[MP Reg: Registration request body is invalid.]LOG]!><time="08:49:15.140+300" date="03-13-2014" component="MP_RegistrationManager" context="Registration" type="2" thread="328" file="regtask.cpp:1754">
  <![LOG[MP Reg: Registration failed.]LOG]!><time="08:49:15.140+300" date="03-13-2014" component="MP_RegistrationManager" context="Registration" type="2" thread="328" file="regtask.cpp:169">
  <![LOG[MP Reg: Processing completed. Completion state = 0]LOG]!><time="08:49:15.151+300" date="03-13-2014" component="MP_RegistrationManager" context="Registration" type="1" thread="328" file="regtask.cpp:207">
  <![LOG[Processing Registration request from Client 'GUID:8559DEF4-295C-4E37-84FF-65301F14AFEB']LOG]!><time="08:54:14.746+300" date="03-13-2014" component="MP_RegistrationManager" context="Registration" type="1" thread="6064" file="regtask.cpp:1011">
  <![LOG[Begin validation of Certificate [Thumbprint 1D58870477BC7B3C0C2BF46C59726F068CD71583] issued to 'AH_SCCM201201']LOG]!><time="08:54:14.753+300" date="03-13-2014" component="MP_RegistrationManager" context="Registration" type="1" thread="6064" file="ccmcert.cpp:1245">
  <![LOG[Completed validation of Certificate [Thumbprint 1D58870477BC7B3C0C2BF46C59726F068CD71583] issued to 'AH_SCCM201201']LOG]!><time="08:54:14.763+300" date="03-13-2014" component="MP_RegistrationManager" context="Registration" type="1" thread="6064" file="ccmcert.cpp:1386">
  <![LOG[MP Reg: Client in-band certificate is not valid due to failures in certificate chain validation, Raising status event. Failure HR = 0x800b010a, In-band Cert SubjectName = AH_SCCM201201]LOG]!><time="08:54:14.763+300" date="03-13-2014" component="MP_RegistrationManager" context="Registration" type="2" thread="6064" file="regtask.cpp:911">
  <![LOG[Raising event:
  [SMS_CodePage(437), SMS_LocaleID(1033)]
  instance of MpEvent_CertInvalidChain
  {
   ClientID = "GUID:5C9D5A19-44B6-4A19-99F9-2E7B062CF2CE";
   DateTime = "20140313135414.767000+000";
   MachineName = "SCCM2012-FDQN";
   ProcessID = 2672;
   SiteCode = "SOC";
   SubjectName = "AH_SCCM201201";
   ThreadID = 6064;
   Win32ErrorCode = 2148204810;
  };
  ]LOG]!><time="08:54:14.774+300" date="03-13-2014" component="MP_RegistrationManager" context="Registration" type="1" thread="6064" file="event.cpp:706">
  <![LOG[MP Reg: Registration request body is invalid.]LOG]!><time="08:54:14.776+300" date="03-13-2014" component="MP_RegistrationManager" context="Registration" type="2" thread="6064" file="regtask.cpp:1754">
  <![LOG[MP Reg: Registration failed.]LOG]!><time="08:54:14.776+300" date="03-13-2014" component="MP_RegistrationManager" context="Registration" type="2" thread="6064" file="regtask.cpp:169">
  <![LOG[MP Reg: Processing completed. Completion state = 0]LOG]!><time="08:54:14.786+300" date="03-13-2014" component="MP_RegistrationManager" context="Registration" type="1" thread="6064" file="regtask.cpp:207">

  I am not sure what it means by "certificate chain"?

  Any idea?

  Jonathan

  Thursday, March 13, 2014 7:53 PM
• 

  

  0

  Sign in to vote

  Certificate chain means that the chain (top cert - intermedidate cert - root cert) one of them is missing or expired.

  When you Native mode, you mean you are running in HTTPS mode?  You can also delete the client from the console, if present.  Other things to do is to reinstall the client and use the /resetkeyinformation.

  ---

  http://www.sccm-tools.com http://sms-hints-tricks.blogspot.com

  Thursday, March 13, 2014 8:24 PM
• 

  

  0

  Sign in to vote

  It looks like it is related to Mcafee epo server cert.  I uninstalled epo from one of the servers having the issue and problem went away.  The problem is I can't uninstall it from this server.  Any idea?   Yes I did what you said.

  • Proposed as answer by Paul Winstanley [MVP]MVP Friday, March 14, 2014 9:41 AM
  • Marked as answer by Joyce L Monday, March 17, 2014 10:42 AM

  Thursday, March 13, 2014 9:09 PM
• 

  

  0

  Sign in to vote

  Hi,

  I suggest you consult this question in Mcafee. They might give you a better solution.

  Best Regards,

  Joyce Li

  ---

  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.
  

  Friday, March 14, 2014 7:43 AM