locked
Client installs fail for push or manual RRS feed

  • Question

  • This one has got me stumped, hopefully someone can give me some ideas of what to look at.

    Got two servers I'm trying to install the 2012 R2 client onto two servers, we'll call them DP01 and DP02.  This is part of the process to install the DP role onto these servers.  Doing a push or manual install fails with the below log entries:

    <![LOG[Checking the URL 'HTTPS://SCCM00.Skynet.com:443/CCM_Client/ccmsetup.cab']LOG]!><time="01:13:50.400-120" date="04-20-2014" component="ccmsetup" context="" type="1" thread="2068" file="ccmsetup.cpp:10157">
    <![LOG[PROPFIND 'HTTPS://SCCM00.Skynet.com:443/CCM_Client']LOG]!><time="01:13:50.400-120" date="04-20-2014" component="ccmsetup" context="" type="1" thread="2068" file="httphelper.cpp:807">
    <![LOG[[CCMSETUP] AsyncCallback(): -----------------------------------------------------------------]LOG]!><time="01:14:10.432-120" date="04-20-2014" component="ccmsetup" context="" type="3" thread="2068" file="httphelper.cpp:698">
    <![LOG[[CCMSETUP] AsyncCallback(): WINHTTP_CALLBACK_STATUS_SECURE_FAILURE Encountered]LOG]!><time="01:14:10.432-120" date="04-20-2014" component="ccmsetup" context="" type="3" thread="2068" file="httphelper.cpp:699">
    <![LOG[[CCMSETUP]                : dwStatusInformationLength is 4
    ]LOG]!><time="01:14:10.432-120" date="04-20-2014" component="ccmsetup" context="" type="3" thread="2068" file="httphelper.cpp:700">
    <![LOG[[CCMSETUP]                : *lpvStatusInformation is 0x1
    ]LOG]!><time="01:14:10.432-120" date="04-20-2014" component="ccmsetup" context="" type="3" thread="2068" file="httphelper.cpp:701">
    <![LOG[[CCMSETUP]            : WINHTTP_CALLBACK_STATUS_FLAG_CERT_REV_FAILED is set
    ]LOG]!><time="01:14:10.432-120" date="04-20-2014" component="ccmsetup" context="" type="3" thread="2068" file="httphelper.cpp:705">
    <![LOG[[CCMSETUP] AsyncCallback(): -----------------------------------------------------------------]LOG]!><time="01:14:10.432-120" date="04-20-2014" component="ccmsetup" context="" type="3" thread="2068" file="httphelper.cpp:731">
    <![LOG[Failed to send HTTPS request. (Error at WinHttpSendRequest: 12175)]LOG]!><time="01:14:10.432-120" date="04-20-2014" component="ccmsetup" context="" type="2" thread="2068" file="httphelper.cpp:1214">
    <![LOG[WinHttpRequestReponse failed with a non-recoverable failure, 12175]LOG]!><time="01:14:10.432-120" date="04-20-2014" component="ccmsetup" context="" type="3" thread="2068" file="httphelper.cpp:1266">
    <![LOG[Failed to check url HTTPS://SCCM00.Skynet.com:443/CCM_Client/ccmsetup.cab 2014" component="ccmsetup" context="" type="3" thread="2068" file="httphelper.cpp:1597">
    <![LOG[Accessing the URL 'HTTPS://SCCM00.Skynet.com:443/CCM_Client/ccmsetup.cab' failed with 80072F8F]LOG]!><time="01:14:10.432-120" date="04-20-2014" component="ccmsetup" context="" type="2" thread="2068" file="ccmsetup.cpp:10195">
    <![LOG[Checking the URL 'HTTPS://SCCM02.web.Skynet.com:443/CCM_Client/ccmsetup.cab']LOG]!><time="01:14:10.432-120" date="04-20-2014" component="ccmsetup" context="" type="1" thread="2068" file="ccmsetup.cpp:10157">
    <![LOG[PROPFIND 'HTTPS://SCCM02.web.Skynet.com:443/CCM_Client']LOG]!><time="01:14:10.432-120" date="04-20-2014" component="ccmsetup" context="" type="1" thread="2068" file="httphelper.cpp:807">
    <![LOG[Failed to correctly receive a WEBDAV HTTPS request.. (StatusCode at WinHttpQueryHeaders: 403)]LOG]!><time="01:14:11.430-120" date="04-20-2014" component="ccmsetup" context="" type="3" thread="2068" file="httphelper.cpp:1370">
    <![LOG[Failed to check url HTTPS://SCCM02.web.Skynet.com:443/CCM_Client/ccmsetup.cab 2014" component="ccmsetup" context="" type="3" thread="2068" file="httphelper.cpp:1597">
    <![LOG[Accessing the URL 'HTTPS://SCCM02.web.Skynet.com:443/CCM_Client/ccmsetup.cab' failed with 80004005]LOG]!><time="01:14:11.430-120" date="04-20-2014" component="ccmsetup" context="" type="2" thread="2068" file="ccmsetup.cpp:10195">
    <![LOG[Next retry in 10 minute(s)...]LOG]!><time="01:14:11.430-120" date="04-20-2014" component="ccmsetup" context="" type="0" thread="2068" file="ccmsetup.cpp:8835">

    Now, firewalls on both DP01 and DP02 servers are disabled, as are the domain firewalls on both SCCM00 and SCCM02 servers. 

    I CAN open IE and go to HTTPS://SCCM02.web.Skynet.com:443/CCM_Client and download the files, this works on both DP01 and DP02.  So the server does have access, I can also use SMB to browse to the SCCM installation path on the SCCM server from both DP01/02. 

    Certs on both SCCM servers and DP01/02 servers are valid and not expired. 

    Boundary groups are setup for the servers. 

    Other servers and Windows OS boxes have had no issues with client installs or DP role installs, its just these two. 

    I've restarted both DP and SCCM servers and still get the same error.

    Pinging SCCM servers from DP servers has the correct IP's and times less than 120ms.

    I know the HTTPS 403 error is Access is Denied, but I can browse to the site with no problems...

    Saturday, April 19, 2014 11:48 PM

Answers

All replies