none
Beremetal deployment fails at step "Registering this physical Machine to Server" with Error 803d000a RRS feed

  • Question

  • We are in the process of provisioning new Hyper-V hosts in our SCVMM 2019 environment. WDS is in place. The boot image is created with this script:

    $mountdir = "c:\mount"
    $winpeimage = "\\wdsserver\c$\RemoteInstall\DCMgr\Boot\Windows\Images\boot.wim"
    $winpeimagetemp = $winpeimage + ".tmp"
    $path = "\\fileserver\vmm-library\HPE\ProLiant\Drivers\storage\"
     
    mkdir "c:\mount"
    copy $winpeimage $winpeimagetemp
    dism /mount-wim /wimfile:$winpeimagetemp /index:1 /mountdir:$mountdir
     
    dism /image:$mountdir /add-driver /driver:$path /Recurse
     
    Dism /Unmount-Wim /MountDir:$mountdir /Commit
    publish-scwindowspe -path $winpeimagetemp -verbose
    del $winpeimagetemp

    De baremetal deployment starts the deep discovery, the machine starts via PXE the WinPE boot image. When the step to register the host to VMM is initiated, the installation halts with this error:

    803s000a

    In the vmmAgentPE.exe.log we see:

    0B00.0B40::11/26-13:42:01.936#00:DeepDiscoveryDataReader.cpp(888): <--CDeepDiscoveryDataReader::GetDeepDiscoveryData
    0B00.0B40::11/26-13:42:01.936#00:RegUtils.cpp(272): RegGetVariantValue [Software\Microsoft\Microsoft System Center Virtual Machine Manager Agent\Settings]\[BareMetalRegistrationService]
    0B00.0B40::11/26-13:42:01.936#00:NativeWSChannel.cpp(20): ==>WSUtility::NativeWebServiceChannel::NativeWebServiceChannel
    0B00.0B40::11/26-13:42:01.936#00:NativeWSChannel.cpp(20): <--WSUtility::NativeWebServiceChannel::NativeWebServiceChannel
    0B00.0B40::11/26-13:42:01.936#00:NativeWSChannel.cpp(133): ==>WSUtility::NativeWebServiceChannel::RegisterClient
    0B00.0B40::11/26-13:42:01.936#00:NativeWSChannel.cpp(376): ==>WSUtility::NativeWebServiceChannel::CreateCertTokenMessageSecurityBinding
    0B00.0B40::11/26-13:42:01.983#00:NativeWSChannel.cpp(376): <--WSUtility::NativeWebServiceChannel::CreateCertTokenMessageSecurityBinding
    0B00.0B40::11/26-13:42:01.983#00:NativeWSChannel.cpp(543): ==>WSUtility::NativeWebServiceChannel::CreateSSLTransportSecurityBinding
    0B00.0B40::11/26-13:42:01.983#00:NativeWSChannel.cpp(543): <--WSUtility::NativeWebServiceChannel::CreateSSLTransportSecurityBinding
    0B00.0B40::11/26-13:42:17.073#00:NativeWSChannel.cpp(207)[000000433447EE: ThrowOnFailure : 803d000a. Operation attempted WSHttpBinding_IPhysicalMachineRegistrationService_RegisterPhysicalMachine( get(m_wsProxy), identifier, data, get(m_wsHeap), 0, 0, 0, get(m_wsError))
    0B00.0B40::11/26-13:42:17.073#00:exceptions.cpp(97)[000000433447EE: CarmineException::CarmineException: CarmineError: 1051488,  hr: 0x803d000a 
    0B00.0B40::11/26-13:42:17.073#00:NativeWSChannel.cpp(580): Failure: errorCode=0x803d000a
    0B00.0B40::11/26-13:42:17.073#00:NativeWSChannel.cpp(601): An unsecured fault was received on a secure channel.
    0B00.0B40::11/26-13:42:17.073#00:NativeWSChannel.cpp(601): A security header with local name 'Security' and namespace 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' was required, but was not present in the message.  The sender may not have been configured with message security.
    0B00.0B40::11/26-13:42:17.073#00:NativeWSChannel.cpp(133): <--WSUtility::NativeWebServiceChannel::RegisterClient

    On the VMM server, we see (via wireshark) that traffic is initiated from the WinPE on the to-be-HyperV server to the VMM server over tcp 8103 (time sync) :

    POST /DataCenter/BareMetalDeployment HTTP/1.1

    Cache-Control: no-cache

    Connection: Keep-Alive

    Pragma: no-cache

    Content-Type: text/xml; charset=utf-8

    User-Agent: MS-WebServices/1.0

    SOAPAction: "http://Microsoft.EnterpriseManagement.DataCenterManager/IPhysicalMachineTimeSyncService/GetServerUTCFileTime"

    Content-Length: 181

    Host: vmmserver.domain.local:8103

    <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetServerUTCFileTime xmlns="http://Microsoft.EnterpriseManagement.DataCenterManager"/></s:Body></s:Envelope>HTTP/1.1 200 OK

    Content-Length: 294

    Content-Type: text/xml; charset=utf-8

    Server: Microsoft-HTTPAPI/2.0

    Date: Tue, 26 Nov 2019 13:41:57 GMT

    <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetServerUTCFileTimeResponse xmlns="http://Microsoft.EnterpriseManagement.DataCenterManager"><GetServerUTCFileTimeResult>132192493178480559</GetServerUTCFileTimeResult></GetServerUTCFileTimeResponse></s:Body></s:Envelope>

    and then some traffic over TCP 8101 (SSL scrambled, 10 client pkts, 3 server pkts, 5 turns, 12kb data in total).

    What can be the cause of this issue? After troubleshooting already for some days, the only thing I can think of that is not correct is the time within the WinPE boot session (exact 7 hours offset). I already tried injecting the correct timezone in the image but it doesn't help.

    What can I do to further troubleshoot this? Thanks for your replies!


    You know you're an engineer when you have no life and can prove it mathematically


    Tuesday, November 26, 2019 2:08 PM

All replies

  • Hello Stephan,

    As far as I know, if network communication at TCP port 8101 between the host and VMM server is blocked, the issue may occur.

    Could you please check the network connectivity, and make sure there is no block by the firewall?

    Best regards,

    Andy Liu


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, November 27, 2019 3:06 AM
  • Hi Andy,

    Thanks for your reply. I have double checked this and, as stated before, the wireshark trace shows traffic over port 8101 in both directions, 10 client pkts, 3 server pkts, 5 turns, 12kb data in total every time I try to deploy a host.


    You know you're an engineer when you have no life and can prove it mathematically

    Wednesday, November 27, 2019 3:44 PM
  • Hello,

    Please check if the SPN value existed on the VMM server:

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft System Center Virtual Machine Manager Server\Setup]

    "VmmServicePrincipalNames"=""

    Best regards,

    Andy Liu


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, December 2, 2019 6:05 AM
  • Checked. It does exist with String Value = "SCVMM/ vmmserver,SCVMM/ vmmserver.domain.local


    You know you're an engineer when you have no life and can prove it mathematically

    Monday, December 2, 2019 1:32 PM
  • Hello Stephan,

    I would recommend to review the prerequisites for provisioning the bare-mental host by clicking the following link. Especially, please make sure the PXE server was deployed correctly, and has been added into the VMM fabric.

    https://docs.microsoft.com/en-us/system-center/vmm/hyper-v-bare-metal?view=sc-vmm-2019

    Best regards,

    Andy Liu


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, December 4, 2019 8:53 AM
  • Hello Andy,

    Thank you for your reply. The PXE server works, as the deployment starts and the boot image is loaded to and started on the to-be-host. It stops at step  "Registering this physical Machine to Server". So the PXE server does work, but the boot image seems not to be accepted by the VMM server.


    You know you're an engineer when you have no life and can prove it mathematically

    Wednesday, December 4, 2019 2:25 PM