locked
SCCM Client not working properly on new imaged pc's in certain locations RRS feed

  • Question

  • We have several sites where on new imaged Windows 7 machines the sccm client is not working properly. Here are some details. At first we noticed that two entries were created in the sccm database. One during AD system discovery and another when the system was imaged during OSD. We have seen this issue before in 2007 when we have Delta Discovery enabled in AD system discovery. For now I disabled delta discovery. We reimaged the pc again and the whole imaging process completes and the sccm client installs successfully. But when you look in the console by computer name there is not record there but if you search for the SMS GUID I found the below:(Found the GUID in the client log files on the pc)

    When looking at the client log files I am seeing this:

    Software Distribution site settings (CCM_SoftwareDistributionClientConfig) policy does not yet exist on the client.
    If the client is not yet registered, this is expected behavior.

    When looking at the log files on the MP I am seeing this in the ClientAuth.log file:

    Message from GUID:56512ab9-f4c8-4e19-ae57-ccd9ff36603b client failed signature validation    ClientAuth    7/15/2015 10:04:22 AM    9080 (0x2378)
    Raising event:
    [SMS_CodePage(850), SMS_LocaleID(3081)]
    instance of MpEvent_ClientAuth_SignatureFailure
    {
        ClientID = "GUID:355C6036-E33D-41E8-A1A7-D5FDF081BE93";
        DateTime = "20150715020422.285000+000";
        MachineName = "MPServerName";
        ProcessID = 3188;
        ProcessingType = "Framework";
        SiteCode = "T03";
        SMSID = "GUID:56512ab9-f4c8-4e19-ae57-ccd9ff36603b";
        ThreadID = 9080;
    };
        ClientAuth    7/15/2015 10:04:22 AM    9080 (0x2378)
    Could not verify message signature for client 'GUID:56512ab9-f4c8-4e19-ae57-ccd9ff36603b'.    ClientAuth    7/15/2015 10:04:22 AM    9080 (0x2378)
    Error verifying message from client 'GUID:56512ab9-f4c8-4e19-ae57-ccd9ff36603b' (0x80090006).    ClientAuth    7/15/2015 10:04:22 AM    9080 (0x2378)
    Media SMSID 'e9b31215-432c-46c3-bdb3-f26d9fba3420' is being used for client SMSID 'e9b31215-432c-46c3-bdb3-f26d9fba3420'.    ClientAuth    7/15/2015 10:05:35 AM    7736 (0x1E38)

    Users arent able to install software on the computer. When looking at the inventoryagent.log file inventory is running and sending it back to the MP but looks like MP cant process it.

    Any thoughts on what may be going on? Clients that we have migrated from 2007 are working fine its just re-imaged systems at that site. 


    • Edited by Yamini56 Wednesday, July 15, 2015 8:55 PM
    Wednesday, July 15, 2015 8:45 PM

All replies

  • I am also seeing the below in LocationServices.log file after several hours of the sccm client installation has completed during imaging. But once I scroll further down the log file it is able to contact the MP and I do not see any errors.

    Wednesday, July 15, 2015 9:00 PM
  • Are you trying to use auto-site assignment? Or are you specify a site when you install the client during OSD? From the logs it looks like you are trying to use auto.

    -Tony

    Thursday, July 16, 2015 1:38 PM
  • Hi I dont have it in my Installation paramenters during the client installation. I only have one primary site should i force it there? 
    Thursday, July 16, 2015 1:46 PM
  • This is what I have in OSD:

    I have 1 primary site, one MP, a bunch of DPs and several secondary sites

    what parameters would i use to force it to go to a site and an MP?

    Thursday, July 16, 2015 1:51 PM
  • I would try to force it for a test. If it works, I believe that would tells us to investigate 'stuff' related to auto-site assignment. Also, have you extended the AD Schema? 

    -Tony

    Thursday, July 16, 2015 1:58 PM
  • Hi

    Yes AD schema extended.

    Thursday, July 16, 2015 1:59 PM
  • I tried adding SMSSiteCode=*** in the TS but states you cant set this parameter.
    Thursday, July 16, 2015 2:36 PM
  • What happens when you manually try to install the client on one of those machines? Try using ccmsetup.exe wit the CLI and specify the site to see if it can actually connect to the site? -Tony
    Thursday, July 16, 2015 2:51 PM
  • If i manually reinstall the client it works just fine and client communicates back to the mp just fine. Issue only happens when client is installed during OSD.

    I added /mp with the smscachsize parameter in the OSD parameters. Not sure if this will work but will kick off a reimage right now.

    Thursday, July 16, 2015 2:59 PM
  • I added /mp with the smscachsize parameter in the OSD parameters. Not sure if this will work but will kick off a reimage right now.

    I am interested to hear these results. Using /MP directs to a specific management point instead of relying on the install to automatically find the MP by looking in AD. If that works there looks to be an issue with discovering the MP from AD, or DNS for that matter.

    Thursday, July 16, 2015 3:52 PM
  • Please read what /mp really does: https://technet.microsoft.com/en-us/gg699356.aspx

    Torsten Meringer | http://www.mssccmfaq.de

    Thursday, July 16, 2015 5:35 PM
  • Are you sure your task sequences are even finishing successfully? How?

    Jason | http://blog.configmgrftw.com | @jasonsandys

    Thursday, July 16, 2015 10:20 PM
  • Hi yes the TS completes just fine. As the last step in the TS we get a completion email. After adding /MP in the parameters it didnt like it and states in the ccmsetup.log file bad command will ignore it.
    Monday, July 20, 2015 2:14 PM
  • What was the complete syntax you used? Will you post it? -Tony
    Monday, July 20, 2015 2:18 PM
  • It was the below. I didnt put the exact name of my MP server in the post below but just put sccmserver in its place

    OSD Parameters:

    /MP:sccmserver smscachesize=25600

    Monday, July 20, 2015 6:27 PM
  • Hi I am still having this issue. We have a case open with Microsoft but still no luck finding a solution.

    So after the image has completed if we remotely kick a data discovery cycle on the system the client starts working and the user can install software. So we added a script in the TS with the below code and for some reason the step completes but it doesn't really do anything. I cant find the inventoryagent.log or smscliui.log file to see if the discovery actually initiated.  These logs have not been created yet.

    CODE:

    On Error Resume Next
    ForceDDR()
    Function ForceDDR()
    Set sho = CreateObject("WScript.Shell")
    strSystemRoot = sho.expandenvironmentstrings("%SystemRoot%")
    strCurrentDir = Left(Wscript.ScriptFullName, (InstrRev(Wscript.ScriptFullName, "\") -1))

    'Run a discovery data cycle action
    Set cpApplet = CreateObject("CPAPPLET.CPAppletMgr")
    Set actions = cpApplet.GetClientActions
    For Each action In actions
         If Instr(action.Name,"Discovery Data Collection Cycle") > 0 Then
             action.PerformAction  
     '        WScript.Echo action.name
    End If
    Next
    End Function

    Tuesday, July 28, 2015 3:12 PM