none
OS Deployment - Failed to get client identity 80004005

    Question

  •  

    Hello all,

    Hopefully someone will have a solution to this issue. I've only found one site with a similar problem (http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=2352753&SiteID=17) and the solution was to rebuild the SCCM server, which I have done. Yet the issue persists. After working my way through countless issues with SCCM, this seems to be the only obstacle in my way. Here is the situation:

     

    1. I boot the bare metal client system to PXE and the boot image loads

    2. The SCCM status messages appear "Windows is starting up..." and then "Preparing Network Connections..."

    3. The client machine hangs for a minute or so, then reboots.

     

    I have enabled the command prompt shell in the boot image and can ping the SCCM server and name resolution work fine, so I know it isn't an issue with the network drivers. Below is the log information from the client. Just as an FYI, the Server is running in "Mixed Mode", so I'm not really understanding the why the identification is an issue. As best I can understand the client is requesting information from the server at a certain point and getting a blank reply.

     

    <![LOG[MP Ports: http=80, https=443, default=80]LOG]!><time="09:20:53.765+000" date="06-10-2008" component="TSPxe" context="" type="1" thread="1324" file="tsmediawizardcontrol.cpp:551">
    <![LOG[Missing root CA environment variable from variables file]LOG]!><time="09:20:53.765+000" date="06-10-2008" component="TSPxe" context="" type="1" thread="1324" file="tsmediawizardcontrol.cpp:561">
    <![LOG[Custom hook from X:\\TSConfig.INI is ]LOG]!><time="09:20:53.765+000" date="06-10-2008" component="TSPxe" context="" type="1" thread="1324" file="tsmediawizardcontrol.cpp:594">
    <![LOG[No custom hook found]LOG]!><time="09:20:53.765+000" date="06-10-2008" component="TSPxe" context="" type="1" thread="1324" file="tsmediawizardcontrol.cpp:442">
    <![LOG[No Need to create Authenticator Info]LOG]!><time="09:20:53.765+000" date="06-10-2008" component="TSPxe" context="" type="1" thread="1324" file="tsmediawizardcontrol.cpp:720">
    <![LOG[Getting MP time information]LOG]!><time="09:20:53.781+000" date="06-10-2008" component="TSPxe" context="" type="1" thread="1324" file="tsmediawizardcontrol.cpp:731">
    <![LOG[Requesting client identity]LOG]!><time="09:20:54.000+000" date="06-10-2008" component="TSPxe" context="" type="1" thread="1324" file="libsmsmessaging.cpp:4574">
    <![LOG[CLibSMSMessageWinHttpTransport:Tongue Tiedend: URL: sccm.mpmc.hos:80  CCM_POST /ccm_system/request]LOG]!><time="09:20:54.062+000" date="06-10-2008" component="TSPxe" context="" type="1" thread="1324" file="libsmsmessaging.cpp:6043">
    <![LOG[pNext != NULL, HRESULT=80004005 (e:\nts_sms_fre\sms\framework\osdmessaging\libsmsmessaging.cpp,1825)]LOG]!><time="09:20:54.109+000" date="06-10-2008" component="TSPxe" context="" type="0" thread="1324" file="libsmsmessaging.cpp:1825">
    <![LOG[reply has no message header marker]LOG]!><time="09:20:54.109+000" date="06-10-2008" component="TSPxe" context="" type="3" thread="1324" file="libsmsmessaging.cpp:1825">
    <![LOG[DoRequest (sReply, true), HRESULT=80004005 (e:\nts_sms_fre\sms\framework\osdmessaging\libsmsmessaging.cpp,4674)]LOG]!><time="09:20:54.109+000" date="06-10-2008" component="TSPxe" context="" type="0" thread="1324" file="libsmsmessaging.cpp:4674">
    <![LOG[Failed to get client identity (80004005)]LOG]!><time="09:20:54.109+000" date="06-10-2008" component="TSPxe" context="" type="3" thread="1324" file="libsmsmessaging.cpp:4795">
    <![LOG[ClientIdentity.RequestClientIdentity (), HRESULT=80004005 (e:\nts_sms_fre\sms\client\tasksequence\tsmbootstrap\tsmediawizardcontrol.cpp,793)]LOG]!><time="09:20:54.109+000" date="06-10-2008" component="TSPxe" context="" type="0" thread="1324" file="tsmediawizardcontrol.cpp:793">
    <![LOG[failed to request for client]LOG]!><time="09:20:54.109+000" date="06-10-2008" component="TSPxe" context="" type="3" thread="1324" file="tsmediawizardcontrol.cpp:793">
    <![LOG[Exiting TSMediaWizardControl::GetPolicy.]LOG]!><time="09:20:54.109+000" date="06-10-2008" component="TSPxe" context="" type="0" thread="1324" file="tsmediawizardcontrol.cpp:1083">
    <![LOG[GetPolicy(), HRESULT=80004005 (e:\nts_sms_fre\sms\client\tasksequence\tsmbootstrap\tsmediawizardcontrol.cpp,2007)]LOG]!><time="09:20:54.109+000" date="06-10-2008" component="TSPxe" context="" type="0" thread="1324" file="tsmediawizardcontrol.cpp:2007">
    <![LOG[RunWizardForPXE(), HRESULT=80004005 (e:\nts_sms_fre\sms\client\tasksequence\tsmbootstrap\tsmediawizardcontrol.cpp,2308)]LOG]!><time="09:20:54.125+000" date="06-10-2008" component="TSPxe" context="" type="0" thread="1324" file="tsmediawizardcontrol.cpp:2308">
    <![LOG[oTSMediaWizardControl.Run( sMediaRoot, true, true ), HRESULT=80004005 (e:\nts_sms_fre\sms\client\tasksequence\tsmbootstrap\tsmbootstrap.cpp,936)]LOG]!><time="09:20:54.125+000" date="06-10-2008" component="TSPxe" context="" type="0" thread="1324" file="tsmbootstrap.cpp:936">
    <![LOG[Execute( eExecutionEnv, sConfigPath, sTSXMLFile, uBootCount, &uExitCode ), HRESULT=80004005 (e:\nts_sms_fre\sms\client\tasksequence\tsmbootstrap\tsmbootstrap.cpp,1045)]LOG]!><time="09:20:54.125+000" date="06-10-2008" component="TSPxe" context="" type="0" thread="1324" file="tsmbootstrap.cpp:1045">
    <![LOG[Exiting with return code 0x80004005]LOG]!><time="09:20:54.125+000" date="06-10-2008" component="TSPxe" context="" type="1" thread="1324" file="tsmbootstrap.cpp:1057">
    <![LOG[Execution complete.]LOG]!><time="09:20:54.171+000" date="06-10-2008" component="TSBootShell" context="" type="1" thread="844" file="bootshell.cpp:620">
    <![LOG[Finalizing logging from process 824]LOG]!><time="09:20:54.171+000" date="06-10-2008" component="TSBootShell" context="" type="1" thread="844" file="tslogging.cpp:1736">
    <![LOG[Finalizing logs to root of first available drive]LOG]!><time="09:20:54.171+000" date="06-10-2008" component="TSBootShell" context="" type="1" thread="844" file="tslogging.cpp:1578">
    <![LOG[Successfully finalized logs to C:\SMSTSLog]LOG]!><time="09:20:54.250+000" date="06-10-2008" component="TSBootShell" context="" type="1" thread="844" file="tslogging.cpp:1635">
    <![LOG[Cleaning up task sequencing logging configuration.]LOG]!><time="09:20:54.250+000" date="06-10-2008" component="TSBootShell" context="" type="0" thread="844" file="tslogging.cpp:578">

     

     

    I'm at my wits end with this software, if I can't find a solution to this problem pretty soon, I will tell management here to can the whole idea and stick with the norton ghost setup.

    Tuesday, June 10, 2008 2:22 PM

Answers

  • In my Case when I got this error,  the client was able to PXE boot and run WINPE environment, once the client had initialised and it queried the SCCM server for the Task Sequence (s) the client generated the Failed to get Client Idenity error.  It turns out the client was unable to post back information to the SCCM Managment Point and the SCCM server was not listening correctly. The extract from the SMSTS log below doesnt really indicate that this is happening though:

    reply has no message header marker TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    DoRequest (sReply, true), HRESULT=80004005 (e:\nts_sms_fre\sms\framework\osdmessaging\libsmsmessaging.cpp,5010) TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    Failed to get client identity (80004005) TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    ClientIdentity.RequestClientIdentity (), HRESULT=80004005 (e:\nts_sms_fre\sms\client\tasksequence\tsmbootstrap\tsmediawizardcontrol.cpp,815) TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    failed to request for client TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    Exiting TSMediaWizardControl::GetPolicy. TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    pWelcomePage->m_pTSMediaWizardControl->GetPolicy(), HRESULT=80004005 (e:\nts_sms_fre\sms\client\tasksequence\tsmbootstrap\tsmediawelcomepage.cpp,280) TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    Setting wizard error: An error occurred while retrieving policy for this computer  (0x80004005). For more information, please contact your system administrator or helpdesk operator. TSPxe 14/03/2010 08:43:50 1180 (0x049C)


    When I then looked at the System Status for the Management Point it showed an IIS 500 error and that it wasnt able to process incoming data.  A reboot of the SCCM server cleared down the IIS error and all is functioning now as expected.

    I hope that this helps anyone with similar issues.  so look in the SMSTSlog on the client, then look in the system status on the SCCM server and check that all is well with the health of the SCCM server.

    Cheers

    Sabbs
    Sunday, March 14, 2010 6:34 AM

All replies

  • No replies? Is SCCM really this poor of a product? I was hoping that the 5 day class I took about a month ago (where almost NONE of the labs worked for all class participants, and yes it was official microsoft learning material) was just a result of poor course material. Anyways, I'll humor myself (and perhaps someone else) by adding some additional information just in case I wasn't clear in the first post:

    • The aformentioned log information is from the SMSTS.log file straight from the client X drive.
    • The OS I'm attempting to deploy, which shouldn't matter, is windows XP
    • I would be happy to provide any additional information

    I would also recommend to any microsoft employee to check out the link I put in the first post. There are two people in that thread that were very upset with SCCM's functionality in the OS deployment area, and I'm feeling much like them at the moment. I have a feeling that their pleas for help have been ignored because the thread is listed as "answered". The fact that quite a few people have viewed this thread, but none have replied tells me that we should probably look for another solution for OS depoyment. This saddens me, because SCCM looked as if it could do great things. At least the idea and concept is there, even if the functionality isn't.

    Wednesday, June 11, 2008 5:55 PM
  • Hi Glenn,

     

    I've looked to your log file in trace32 (must have tool for troubleshooting)

    The first thing i noticed is the error: reply has no message header marker after it contacts your sccm.mpmc.hos machine.

     

    I would go and look to the IIS configuration on that machine, doublecheck if everything is working ok there. Look into the System Status | Site Status in your SCCM console. Check the IIS logging etc...

     

    Hope this points you in the right direction.

     

    Good luck,

     

    Regards,

     

    Kenneth

     

     

    Thursday, June 12, 2008 6:41 AM
  •  

    There are two identical errors in the SCCM logs (that I have no idea where to look to fix) that pop up twice an hour, they are 5436 and 5480 errors:

     

    Event Type: Error
    Event Source: SMS Server
    Event Category: SMS_MP_CONTROL_MANAGER
    Event ID: 5436
    Date:  6/12/2008
    Time:  3:40:19 AM
    User:  N/A
    Computer: SCCM
    Description:
    On 06/12/08 03:40:19, component SMS_MP_CONTROL_MANAGER on computer SCCM reported:  MP Control Manager detected management point is not responding to HTTP requests.  The HTTP status code and text is 500, Internal Server Error.

    Possible cause: Management point encountered an error when connecting to SQL Server.
    Solution: Verify that the SQL server is properly configured to allow Management Point access. Verify that management point computer account or the Management Point Database Connection Account is a member of SMS Management Point Role (msdbrole_MP) in the SQL Server database.

    Possible cause:  The SQL Server Service Principal Names (SPNs) are not registered correctly in Active Directory
    Solution:  Ensure SQL server SPNs are correctly registered.  Review Q829868.

    Possible cause: Internet Information Services (IIS) isn't configured to listen on the ports over which SMS is configured to communicate.
    Solution: Verify that the designated Web Site is configured to use the same ports which SMS is configured to use.

    Possible cause: The designated Web Site is disabled in IIS.
    Solution: Verify that the designated Web Site is enabled, and functioning properly.

    Possible cause: The SMS ISAPI Application Identity does not have the requisite logon privileges.
    Solution: Verify that the account that the SMS ISAPI is configured to run under has not been denied batch logon rights through group policy.

    For more information, refer to Microsoft Knowledge Base article 838891.

     

    Event Type: Error
    Event Source: SMS Server
    Event Category: SMS_MP_CONTROL_MANAGER
    Event ID: 5480
    Date:  6/12/2008
    Time:  3:40:19 AM
    User:  N/A
    Computer: SCCM
    Description:
    On 06/12/08 03:40:19, component SMS_MP_CONTROL_MANAGER on computer SCCM reported:  MP Control Manager detected DMP is not responding to HTTP requests.  The http status code and text is 500, Internal Server Error.

    Possible cause: DMP encountered an error when connecting to SQL Server.
    Solution: Verify that the SQL server is properly configured to allow Device Management Point access.   If using a standard SQL security account, verify that the SQL Server is configured to allow standard SQL Security; or configure the Device Management Point to use an NT integrated security account, with appropriate access.   If using integrated security, verify the account used by the DMP to connect to the SQL server is a member of the SMS_SiteSystemToSQLConnection_<sitecode> group on the SQL server, that the account is not locked out, and that the account password is not expired.  (In standard security, the default account is SMS_SQL_RX_<sitecode>.)

    Possible cause:  The SQL server Service Principal Names (SPNs) are not registered correctly in Active Directory
    Solution:  Ensure SQL server SPNs are correctly registered.  Review Q829868.

    Possible cause: Internet Information Services (IIS) isn't configured to listen on the ports over which SMS is configured to communicate.
    Solution: Verify that the designated Web Site is configured to use the same ports which SMS is configured to use.

    Possible cause: The designated Web Site is disabled in IIS.
    Solution: Verify that the designated Web Site is enabled, and functioning properly.

    Possible cause: The SMS ISAPI Application Identity does not have the requisite logon privileges.
    Solution: Verify that the account that the SMS ISAPI is configured to run under has not been denied batch logon rights through group policy.

    For more information, refer to Microsoft Knowledge Base article 838891.

     

    I've done some research on these two particular error messages, and I'm not sure that this is causing the issue, I think I read somewhere that these errors should only be of concern if you have mobile clients. Anyways, any suggestions as to where to look or what I could do to remediate the situation (other than re-install IIS, which I've done 3 times, all ended up with this same recurring message) would be greatly appreciated.

    Thursday, June 12, 2008 12:37 PM
  • Hi,

     

     

    Just some steps you can check to see if the problem is related to that:

     

    Your site server should be made member of the administrators group of all machines which have an SCCM role, the services on the site server run under the system account. Please check this..

     

    Does the computer account of the site server have enough rights in the SCCM DB?

    Did you extend the AD schema? (ExtAdSch.exe?)

    Did you create the System Management container in AD and set the security permissions on that?

     

    Also check: http://technet.microsoft.com/en-us/library/bb694113(TechNet.10).aspx which details the prerequisites for installing SCCM2007. Do a check if you meet all the prerequisites.

     

    I think your problem is related to the fact that your site server doesn't have sufficient rights. But that's just a guess.

     

    Good luck

     

    Kenneth

    Thursday, June 12, 2008 1:14 PM
    • I've checked the rights of the SCCM server to the DB, and it has the sysadmin role assigned to it
    • The AD schema has not been extended as we are testing the server at the moment. Keep in mind that all I'm trying to do at the moment is bare metal OS deployment.
    • Again, since we are testing at the moment and I'm only working with one machine at a time, no global permissions have been set in AD. Also, the permissions need to be given to the System container that is created with AD, not one that you have to create, or so I thought.
    • As for the prereqs, I'm very well informed about those . I've installed SCCM about three or four times in my home lab for testing purposes, and have done it about three times here at work on the server we are testing it with.

    Thanks for the help, hopefully we will get there eventually...

    Thursday, June 12, 2008 1:30 PM
  •  

    Hi,

     

    You are correct concerning the System Container, i was referring to the System Mangement container which must be available beneath it. But your computer account should have full control acces to the system container indeed.

     

    I guess you have to start with all the possible causes from the errors you posted earlier. Check all of them.

     

    Did i understand correctly that you have AD,SCCM and the SQL installed on one machine?

     

    Nice problem you have there b.t.w.

     

     

     

    Thursday, June 12, 2008 2:01 PM
  • AD is not installed on the SCCM server, but SQL is. I've done tons of research regarding the error messages mentioned above, which led me to post here, since there is little to no information out there regarding these errors. The only solutions I've seen simply refer to re-installing or re-building (which I've done numerous times, checking prereqs and making sure that everything was done properly each time) and I think that I've done that enough to know that I'm setting it up right according to MS requirements. But every time I re-install or redo anything these same errors come back. Go figure.

    Thursday, June 12, 2008 2:12 PM
  • First, excuse my english, but I'm from Argentina.

    I has the same issue, and the solution was really simple.

    The problem was in the client computer, that has wrong Time and Date in BIOS.
    Simply adjust date and time to actual time, and the deployment works perfectly.

    Lo escribo en español, por si le sirve a alguien, o por si lo que escribi en inglés está demasiado mal.

    Yo tuve el mismo problema, y la solución fue bastante simple.
    El problema era que la fecha y la hora del cliente estaban mal, adelantadas respecto la hora del servidor.
    Entre al BIOS Setup de la PC, corregí la fecha y la hora, y asunto solucionado, el deployment funcionó de maravillas.


    Saludos

    Franco
    • Proposed as answer by Darin S Thursday, April 05, 2012 9:23 PM
    Thursday, October 02, 2008 11:35 PM
  •  

    i had this problem today on a virtual lab ive got setup here (windows 2008 server, with sccm 2007sp1 deploying windows server..)

     

    i had to rewrite my task sequence as it was giving me problems - (configuring ADDS) and after going through all the steps I tried yet another pxe boot and it failed, this time with the pxe error Failed to get client identity 80004005 in the SMSTSlog

     

    I checked this log against a know good one from earlier on the same server and indeed the time/date are processed shortly after words, however i pxe booted again and verified time/date on the virtual pc and they were absolutely correct

     

    I tried this and that for 2 hours with no positive result, lastly i rebooted the server and lo and behold the pxe error was gone.

     

    I agree that we need a decent troubleshooting option from Microsoft about this as the documentation appears to be whatever is here or on other forums and in a lot of cases there are no solutions

     

    does changing a task sequence somehow reprogram the PXE setup for WDS/sccm ? I have another server (real) beside me that now wont process PXE boot requests anymore even though it was working fine !

     

    PXE-E51: no DHCP or proxyDHCP offeres were received....

     

    no switch just a crossover network cable between server and client, client was  successfully deployed hours before with windows server 2008 via sccm via pxe boot.....

     

    tried all the usual, not much hair left now....

     

    found this site http://susanaguedes.spaces.live.com/Blog/cns!830A1768E1B27E94!350.entry

     

    PXE-E51: No DHCP or proxyDHCP offers were received
    The PC cannot contact the DHCP server. Possible causes (see ref [19]):
    • There is a problem with the DHCP server
    • The network card or PXE boot portion of the network card is faulty
    • The network cable is faulty

    tested the client PXE boot to another server, worked fine using same network card and cable

    the DHCP server on the server reports no problems and has worked fine since I set it up some months ago, indeed if i boot the client into windows server it will get an ip no problem from the dhcp server

     

    so what is wrong here ? how can WDS/ SCCM pxe boot functionality turn itself on or off at will with no user intervention ???

     

    restarted the server 3 times, no difference, restarted WDS many times, no difference, restarted DHCP server service and now I get

     

    PXE-E55: proxyDHCP service did not reply to the request on port 4011
    As slightly less common one, with various causes (see ref [19]). Usually the PC has successfully contacted the DHCP server and the PC will even report its DHCP assigned IP address along with the error, but the RIS process could not continue for some reason.
     
    restarted the WDS service and it booted in Windows PE via pxe finally after hours of repetive tasks, only to bring me back to square one with the Windows PE rebooting itself immediatly after loading network support,
     
    ok, back to troubleshooting....
    Tuesday, October 14, 2008 12:56 PM
    Moderator
  • It looks to me like this is more a problem with the MP or IIS, and not with OS deployment.

     

    I suggest that you first have a working MP before you try OS deployment. You need a working MP anyway for client management. See if you can have a functioning SCCM client that can talk to the MP, get client policies and run advertisements. If you can get that to work, you would have to post your questions to the SCCM client deployment forum.

     

    Once you get yourself a working MP, look at the MP_ClientID.log file on the MP. That should tell you the reason why it could not find the identity of the client in the database.

    Wednesday, November 26, 2008 10:45 PM
  • I get this error when I change the web server certificate the MP is using. I went from a cert that featured the internal FQDN as the subject, and then internal&external as SANs to a cert that featured the external FQDN as the subject, and then external&internal as the SANs. This was becuase we're trying to use ISA tunneling to publish SCCM to the outside world.

    I've even regenerated my boot images, just in case the boot image contains public keys or something. I'm using WDS separate from SCCM - no PXE service point. Basically, everything works great until I change the cert, and then it's all over.

    Every log I have and every status summarizer is completely clean - the new (suspected cause of problem) certificate has been in place for a full day now, and still no errors logged anywhere. So I'm thinking the cert is valid, trusted, and the MP is working fine. Is there something I need to refresh when the cert changes?

    Thanks,
    Andrew
    Tuesday, March 03, 2009 3:48 PM
  • IS it just your WDS server that is not working or OSD in ConfigMgr?  Can you deploy a task sequence and build from boot media?
    John | Program Manager | System Center Configuration Manager
    Friday, April 17, 2009 10:16 PM
    Moderator
  • We're also getting 0x80004005 / failed to get client identity, but only under certain conditions:

    Mixed Mode SCCM 2007 SP1 with SQL 2005 SP2 running on the Primary Site Server, all sites are Windows 2003 x86 SP2 (Enterprise or Standard) unpatched.

    OSD works perfectly at the Central Site, as well as at child (2nd-tier) Primary Sites, and third-tier Secondary Sites running either on Domain Controllers or Member Servers.

    OSD also works perfectly at direct Secondary Sites of the Central Site, where the Secondary Site is installed on a member server rather than on a Domain Controller.

    But we're getting the client identity error on all bare metal deployment attempts at all direct Secondary Child Sites of the Central Site, where SCCM is running on the Domain Controller. (We have tried 3 different sites so far, and we have identified this as a pattern). This particular scenario describes the majority of our secondary sites.

    Normal Software Distribution at each of these sites works perfectly, so I doubt that there is a Management Point or IIS problem. We have triple-checked our configuration.

    We also see the HTTP Status 503 from the Management Point described here: http://social.technet.microsoft.com/Forums/en-US/configmgrosd/thread/c255018a-3017-4cd1-a99d-2dc02c0d4bba

    I agree there needs to be a step-by-step guide to troubleshooting this problem.
    Thursday, June 25, 2009 12:25 PM
  • Niall C Brady,
    Have you checked to make sure you have DHCP option 66 set?  It needs your PXE Service Point server as it's value (i.e. servername.domain.com or whatever your case is).  I'm not sure if this is exactly your problem, but to me (after skimming your poste) that your Bare Metal Machine is not actually receiving a PXE advert.  Which might be caused by your DHCP not knowing where to direct that advert from (metaphor: Person A is asks the mailman if person B sent him a letter, mailman says "no" because mailman doesn't know who person B is, sorry , that is a terrible metaphor, but I tried).  On my setup, I think I also have option 67 set to "\smsboot\x64\pxeboot.com" which is the path to the boot image on the PXE Service Point. 
    Friday, June 26, 2009 5:13 PM
  • hi IlikeMinis,

    the problem was resolved but to be honest it's so long ago (last October) that I cannot recall the fix, however the PXE problems prompted me to create the following post which I update occaisonally with info when I see it

    Troubleshooting WinPE/PXE problems > http://www.windows-noob.com/forums/index.php?showtopic=546

    cheers


    My SCCM Guides http://www.windows-noob.com/forums/index.php?showforum=44
    Sunday, June 28, 2009 10:31 AM
    Moderator
  • Ok we resolved the problem, although I still can't understand why it worked in some instances and not in others.

    The http 503 and the 0x8004005 errors in the smsts.log suggested that there was possibly a permissions problem between the management point and the site database. We also found that we were unable to do an iisreset, indicating that there might be a problem with our IIS installation. The IIS logs were clean and all other SCCM functions (Software Distribution and Hardware and Software Inventory) continued to work.

    Our solution to this problem was to reinstall the management point on a clean installation of IIS. OSD is now working at all of our sites.
    Thursday, July 09, 2009 3:26 PM
  • Hallo!

    I work with SCCM SP1 R2 ICP1, SQL 2005 SP2, W2k3 SP2 in a three PC-Lab prepareing for upgrade from SMS 2003 to SCCM.

    Back to Glenn West's problem:
    "Hopefully someone will have a solution to this issue. I've only found one site with a similar problem (http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=2352753&SiteID=17) and the solution was to rebuild the SCCM server, which I have done. Yet the issue persists. After working my way through countless issues with SCCM, this seems to be the only obstacle in my way. Here is the situation:
    1. I boot the bare metal client system to PXE and the boot image loads
    2. The SCCM status messages appear "Windows is starting up..." and then "Preparing Network Connections..."
    3. The client machine hangs for a minute or so, then reboots."

    Yesterday I got the same issue. However, two days ago I deployed a few bare metal machines with this infrastructure. One day next all is broken over night.
    I really searched the internet for a solution. Now I found this thread and here is no solution, too. I had to rebuild the SCCM Server.
    Now it´s running fine but I am still waiting until it's broken again. All logs was clean.

    Is anyone from Microsoft out there who can write a step-by-step solution? Now we are not sure to upgrade from SMS because SMS works fine.

    Once more: Is it normal that WDS Service has to be restarted very often that the PXE-Boot works? WDS fails to start every server reboot?
    Any idea? 


    Dietmar
    Friday, July 10, 2009 9:18 AM
  • regarding your WDS problem, have you tried to set the WDS service startup type to Automatic (Delayed Start) , perhaps your server is too busy to be able to start the service and on an overloaded server this can help

    check your Site Status logs for any components that are reporting errors, if there are errors you'll need to investigate them to determine what is failing and why
    My SCCM Guides http://www.windows-noob.com/forums/index.php?showforum=44
    Friday, July 10, 2009 9:31 AM
    Moderator
  • Hi! First of all: The guides on windows-noob.com are perfect. I love them! Thank you very much. I am really a fan of your site!

    How do I start a service with delay on W2k3 Server? I really checked my logs but nothing special. I am supporting SMS 2003 for
    5 years now but I never had so much troubles like with SCCM. A 90 seconds delay (KB955955) here, a not starting WDS Service there,
    my Office 2003 installation with mst-file confioguration do not work because of the computer account used during installation, a very complicated
    solution with unknown computers support, a large but not really a documentation with solutions and many more ....

    However, the Software Update solution is much better than ITMU in SMS 2003! I love it!

    What is to do if we use SCCM in production and the OSD feature gets broken like in lab yesterday? We deploy four hundred software packages so
    we are not able to recreate SCCM because of this failure. We support 8000 workstation with OSD. This has to work fine but it doesn't.
    Dietmar
    Friday, July 10, 2009 10:12 AM
  • Hi! First of all: The guides on windows-noob.com are perfect. I love them! Thank you very much. I am really a fan of your site!

    thanks for the kind words above :)

    ah you are running server 2003, sorry this option is in server 2008, however you can force the service to only start after another service (or services) have started (dependancies)

    it's not hard to do, open regedit, browse to hklm/system/currentcontrolset/services/servicename and add a key called DependOnService

    then add the service name as a value that it depends on......... this would probably achieve the same effect if you know which service its waiting for, to find out why your WDS service is not starting you must refer to Windows Event Viewer,

    SCCM is different to SMS 2003, in many ways, and yes it get's some 'getting used to' but once you have made the change you'll not want to go back

    cheers


    My SCCM Guides http://www.windows-noob.com/forums/index.php?showforum=44
    Friday, July 10, 2009 11:01 AM
    Moderator
  • Thanks for your answer! However, the initial problem of Glenn (and mine, too) is still not solved! Let's take a look to the noteable changes in SP2.

    cheers
    Dietmar
    Friday, July 10, 2009 11:38 AM
  • A 90 seconds delay (KB955955) here, a not starting WDS Service there, my Office 2003 installation with mst-file confioguration do not work because of the computer account used during installation, a very complicated solution with unknown computers support, a large but not really a documentation with solutions and many more ....
    - There's a fix for that 90s delay and you even mentioned the corresponding kb article. So that's not a big deal.
    - WDS: that's external to ConfigMgr. So you have to blame the underlying OS / service. Niall mentioned a workaround.
    - Unknown computer support? That's one of the easier parts of OSD: see http://blogs.msdn.com/steverac/archive/2008/09/21/unknown-computers-in-sccm-2007-r2-overview.aspx and http://blogs.msdn.com/steverac/archive/2008/09/21/unknown-computers-in-sccm-2007-r2-how-it-works.aspx
    - the ConfigMgr docs are great in my eyes. It's a very complex product and when it comes to OSD it even gets more complicated because of many techniques involved: PXE, DHCP, OS deployment (unattended or wim stuff), WinPE, drivers and so on. Niall's step by step guides are something to start with, but I wouldn't call them "documentation". They show one possibility to get a problem solved in a step by step manner (Niall, don't get me wrong here. You really did a great job putting all those things together. That really helps the community to get started). Those procedures are not a one fits all solution. Each environment is unique and ConfigMgr is flexible enough to handle those different requirements.

    Didihai: what problem are you talking about? WinPe restarting after it just booted?
    Friday, July 10, 2009 12:09 PM
    Moderator
  • Hallo,

    kindly excuse my unprofessional posting. Very emotional. I am sorry.

    The initial problem of Glenn and me is that

    1. I boot the bare metal client system to PXE and the boot image loads
    2. The SCCM status messages appear "Windows is starting up..." and then "Preparing Network Connections..."
    3. The client machine hangs for a minute or so, then reboots."

    The Task Sequences do not start and the log files are clean. So I had to rebuild the SCCM Server to get this working.
    Now this is not so fatally because its only lab but if this happens in production?

    Do you know this problem?
    Dietmar
    Thursday, July 16, 2009 7:08 AM
  • you must look at the SMSTS.log file in order to understand why WinPE is rebooting here,

    sometimes it will reboot because of no network drivers loaded
    sometimes it will reboot because of missing dependancies
    sometimes it will reboot because the boot.wim file is the wrong architecture (x64 instead of x86)

    but without looking at the log file you will never know

    to learn how to get, read and interpret the log file see this post

    you can always post the failure message from SMSTS.LOG here and we can assist
    my SCCM step by step Guides > http://www.windows-noob.com/forums/index.php?showtopic=1064
    Thursday, July 16, 2009 7:19 AM
    Moderator
  • I really read the SMSTS.LOG file before I recreated SCCM from scratch but this log file was very short without errors.
    I recreated the task sequence imported from MDT, recreated the computer association, recreated the drivers and recreated all the deployment packages and WinPE boot environment ... without success.

    Now it works but if the problem returns I will post the SMSTS.log.

    Thanks to have patience with me.


    Dietmar
    Thursday, July 16, 2009 7:57 AM
  • Greetings:

    I know this message is a few months old, but I recently solved this problem.  I found that the CCMEXEC service wasn't running on my SCCM box.  Once I started it manually, everything worked fine.  While the service wasn't running I experienced the exact same symptoms as well as the error messages that were mentioned in the first post.

    I hope this helps someone who is searching.
    Thursday, February 04, 2010 3:08 PM
  • In my Case when I got this error,  the client was able to PXE boot and run WINPE environment, once the client had initialised and it queried the SCCM server for the Task Sequence (s) the client generated the Failed to get Client Idenity error.  It turns out the client was unable to post back information to the SCCM Managment Point and the SCCM server was not listening correctly. The extract from the SMSTS log below doesnt really indicate that this is happening though:

    reply has no message header marker TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    DoRequest (sReply, true), HRESULT=80004005 (e:\nts_sms_fre\sms\framework\osdmessaging\libsmsmessaging.cpp,5010) TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    Failed to get client identity (80004005) TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    ClientIdentity.RequestClientIdentity (), HRESULT=80004005 (e:\nts_sms_fre\sms\client\tasksequence\tsmbootstrap\tsmediawizardcontrol.cpp,815) TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    failed to request for client TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    Exiting TSMediaWizardControl::GetPolicy. TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    pWelcomePage->m_pTSMediaWizardControl->GetPolicy(), HRESULT=80004005 (e:\nts_sms_fre\sms\client\tasksequence\tsmbootstrap\tsmediawelcomepage.cpp,280) TSPxe 14/03/2010 08:43:50 1220 (0x04C4)
    Setting wizard error: An error occurred while retrieving policy for this computer  (0x80004005). For more information, please contact your system administrator or helpdesk operator. TSPxe 14/03/2010 08:43:50 1180 (0x049C)


    When I then looked at the System Status for the Management Point it showed an IIS 500 error and that it wasnt able to process incoming data.  A reboot of the SCCM server cleared down the IIS error and all is functioning now as expected.

    I hope that this helps anyone with similar issues.  so look in the SMSTSlog on the client, then look in the system status on the SCCM server and check that all is well with the health of the SCCM server.

    Cheers

    Sabbs
    Sunday, March 14, 2010 6:34 AM
  • It appears to be a DNS issue in my home system lab setup.  I removed specifying the FQDN for the ConfigMgr site system properties and imaging took off.  I know specifying an FQDN is necessary for native mode, but evidently it isn't in my mixed mode environment.  I haven't figured out what the issue is with my DNS not delivering the FQDN to the pxe client, but removing the FQDN setting for the site system properties fixed my issue.
    Tuesday, June 21, 2011 9:14 PM
  • Hey,

    this has worked for me, i had many error 500 for ccmhttp traffic from all clients (not just OSD clients)

    performed iisreset and after that i began seeing response 200 from IIS and everything is back to normal,

    coincidently it happened after applying kb 976073 to PXE service point which followed by a restart to the server .

    Tuesday, December 20, 2011 5:55 PM
  • Thanks for the tip Franco,  I was following all of the other suggestions, and then I saw yours.  Since I was working from a virtual machine that had been moved around and off for a long time, the clock was a year behind.  This was exactly my symptom with the following two errors listed in the log first:

    Reply has no message header marker

    Failed to get client identity (80004005)

    Fixing the time on the client solved the problem for me.

    • Proposed as answer by Imthephil Friday, July 20, 2012 12:41 PM
    Thursday, April 05, 2012 9:29 PM
  • I was also seeing the following error in my SMSTS.log files:

    reply has no message header marker

    Failed to get client identity (80004005)

    failed to request for client

    It ending up being the client date was a month behind, therefore the certificate was invalid as the client date was a month before the certificate valid date range even started! Just needed to update the client date to be correct.


    My Microsoft Core Infrastructure & Systems Management blog - blog.danovich.com.au

    Wednesday, June 06, 2012 6:34 AM
  • Indeed fixing the time on the client solve the issue ! 
    • Proposed as answer by Imthephil Friday, July 20, 2012 12:41 PM
    Friday, July 20, 2012 12:41 PM
  • You Da Man Franco. Worked for me.
    Thursday, September 06, 2012 8:25 PM
  • I had the same error, when using an old and probably incorrect boot medium.

    I'd created a bootable ISO from the Tasksequence before, and mounted it in my Hyper-V client to have a quicker boot than using PXE.
    Due to some initial errors I reinstalled the SCCM server, but did not recreate this boot media.  The error happened when I booted using the old and not yet updated ISO files. When I boot the client from PXE it uses the newly created bootmedia, that worked.  Root cause would then have been the newly created self-signed certificate on the MP, that differs from the one in the old boot files..

    Ben


    BvZanten

    Thursday, February 21, 2013 10:46 PM
  • Thanks Franco Gutierrez worked a treat.
    Friday, May 10, 2013 11:03 AM
  • You saved my life.  Indeed the problem was with time and date.  I have changed and it actually resolved the issue.  Few small issues but,  the major error gone.  I will consider this as a slolution.   Thanks again.

    • Proposed as answer by karekal Thursday, May 30, 2013 8:45 AM
    Thursday, May 30, 2013 8:45 AM
  • Muchos Gracias Amigo.. absolutely right...
    Friday, July 05, 2013 12:21 AM
  • My issue with similar events was also related to the boot media cert. Basically we used a self-signed cert that had expired. Built new boot media with an updated cert and that fixed it.
    Thursday, August 08, 2013 12:25 PM
  • Thanks Franco,

    Resetting the system time in BIOS worked for me..

    Tomson

    • Proposed as answer by Thyag333 Wednesday, November 27, 2013 8:47 PM
    Thursday, November 07, 2013 5:27 AM
  • Thanks I too reset the date and time. The problem resolved for Failed to get Client Identity.

    Wednesday, November 27, 2013 8:48 PM
  • Hello Franco,

    I realize your post was from a long time ago… but your solution worked for me.  Thank you!

    Marlon

    Monday, January 13, 2014 10:15 PM
  • Fixing date and time was indeed the solution. Thanks!
    Wednesday, February 19, 2014 4:31 PM
  • Muchas gracias!

    Franco you saved my day!

    I spent more than two days trying to fix my installation problem until i read your message.

    Fixing BIOS Time solved my problem!:)

    Monday, February 24, 2014 10:19 AM
  • First, excuse my english, but I'm from Argentina.

    I has the same issue, and the solution was really simple.

    The problem was in the client computer, that has wrong Time and Date in BIOS.
    Simply adjust date and time to actual time, and the deployment works perfectly.

    Lo escribo en español, por si le sirve a alguien, o por si lo que escribi en inglés está demasiado mal.

    Yo tuve el mismo problema, y la solución fue bastante simple.
    El problema era que la fecha y la hora del cliente estaban mal, adelantadas respecto la hora del servidor.
    Entre al BIOS Setup de la PC, corregí la fecha y la hora, y asunto solucionado, el deployment funcionó de maravillas.


    Saludos

    Franco
    Who knew system time was important? :-p

    Thanks Franco!
    Wednesday, March 19, 2014 10:14 PM
  • First, excuse my english, but I'm from Argentina.

    I has the same issue, and the solution was really simple.

    The problem was in the client computer, that has wrong Time and Date in BIOS.
    Simply adjust date and time to actual time, and the deployment works perfectly.

    Lo escribo en español, por si le sirve a alguien, o por si lo que escribi en inglés está demasiado mal.

    Yo tuve el mismo problema, y la solución fue bastante simple.
    El problema era que la fecha y la hora del cliente estaban mal, adelantadas respecto la hora del servidor.
    Entre al BIOS Setup de la PC, corregí la fecha y la hora, y asunto solucionado, el deployment funcionó de maravillas.


    Saludos

    Franco

    Thanks for the idea Franco. The ElitePad BIOS is not very configurable. This was the exact trouble we were having. HP sent us many of these that were off by weeks.

    DJD

    Friday, May 02, 2014 10:51 PM
  • First, excuse my english, but I'm from Argentina.

    I has the same issue, and the solution was really simple.

    The problem was in the client computer, that has wrong Time and Date in BIOS.
    Simply adjust date and time to actual time, and the deployment works perfectly.

    Franco
    Dead on right!  As many others have said fixing the date and time in the BIOS of the Client resolved the issue.  Thanks Franco!

    Find this post helpful? Does this post answer your question? Be sure to mark it appropriately to help others find answers to their searches.

    • Proposed as answer by Chase Roth Thursday, June 05, 2014 11:59 PM
    Thursday, June 05, 2014 11:58 PM
  • Fixing time in bios fixed my problem
    • Edited by yannara Tuesday, July 29, 2014 9:01 AM
    • Proposed as answer by yannara Wednesday, November 18, 2015 11:22 AM
    Tuesday, July 29, 2014 9:01 AM
  • Fixing the BIOS date & time made the problem go away for me.  Thank you!
    Thursday, October 09, 2014 5:31 PM
  • I had two identical Dell Venue 11 Pro Tablets, one OSD would work properly, the other would not... I was like wtf! After flashing BIOS, confirming hardware was identical, I looked at the smsts.log file and led me to this forum. Thanks, what a stupid error! Glad it was an easy fix. This was using SCCM 2012 R2 SP1.

    - Cheers

    Wednesday, August 26, 2015 8:13 PM
  • This fixed it for me. Thanks much Darin S. Your English is great.
    Tuesday, July 12, 2016 5:09 PM