msandbu
-
Posts
12 -
Joined
-
Last visited
Posts posted by msandbu
-
-
Hi,
We are looking at the possibility to deploy SCCM 2012 without the use of PKI.
I have looked at several options avaliable in the site.
I know that I can enable two things.
I can activate require SHA-256 signing and use 3DES encryption.
Can I also sett the MP to use a third part Certificate without the deployment of PKI ?
The purpose of this post is actually, can I deploy a secure SCCM infrastructure without PKI ?
Regards,
Marius
-
Hi,
I am getting a problem with some reports I try running, for example I try running the Unhealthy Clients Detail, and in there im asked to enter an collection and the value cannot be blank, but I cannot enter anything in the text field. I get this with some other reports as well, any reason for this ?
-
Hi,
Im am trying to make the reporting service work "as intended" but looks like thats not so easy.
I have SQL 2008 SP1 with CU14, and have SRS installed and its working fine from inside SQL Management Studio.
But when im innstalling the SRS Service on SCCM I choose the option "not credentials needed to view the report" and install, but I get error messages from the SRS that the account does not have permission to view the rapport. Then I tried removing the role and adding it again, this time I choose "the user running the rapport enters his credentials" but then again I get the error message from the running the report that I done have the permission.
Anyone else having trouble with using the rapporting services from sccm 2012?
-
Hi,
We are trying to calculate the requirments for use of SCCM on our clients.
Therefore I wonder if Microsoft have any best practices for how we should scale our sql cluster when we use SCCM? Or if they have a SQL calculator like they have for exchange.
Or if you guys have any good points
-
I can also tell you that client push install worked from the server to the client, but It didnt register with the MP.
And when I did a client push from the server to server it worked to and It registered like it should.
But I only have an A-record in DNS for the MP, do I need the SRV record as well? even If I am using SLP point ?
-
Nvm that, now It managed to install with the site code, so the client successfully installed, but hte Client wont register with the MP.
from log
ClientIDManagerStartup.txt
![LOG[RegTask: Client is not registered. Sending registration request...]LOG]!><time="09:06:27.473-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="1" thread="7424" file="regtask.cpp:1483">
<![LOG[RegTask: Failed to send registration request message. Error: 0x8000000a]LOG]!><time="09:06:27.476-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="3" thread="7424" file="regtask.cpp:1190">
<![LOG[RegTask: Failed to send registration request. Error: 0x8000000a]LOG]!><time="09:06:27.476-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="3" thread="7424" file="regtask.cpp:1363">
<![LOG[RegTask: Client is not registered. Sending registration request...]LOG]!><time="09:07:27.479-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="1" thread="7424" file="regtask.cpp:1483">
<![LOG[RegTask: Failed to send registration request message. Error: 0x8000000a]LOG]!><time="09:07:27.487-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="3" thread="7424" file="regtask.cpp:1190">
<![LOG[RegTask: Failed to send registration request. Error: 0x8000000a]LOG]!><time="09:07:27.487-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="3" thread="7424" file="regtask.cpp:1363">
<![LOG[RegTask: Client is not registered. Sending registration request...]LOG]!><time="09:08:27.490-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="1" thread="7424" file="regtask.cpp:1483">
<![LOG[RegTask: Failed to send registration request message. Error: 0x8000000a]LOG]!><time="09:08:27.500-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="3" thread="7424" file="regtask.cpp:1190">
<![LOG[RegTask: Failed to send registration request. Error: 0x8000000a]LOG]!><time="09:08:27.500-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="3" thread="7424" file="regtask.cpp:1363">
<![LOG[RegTask: Client is not registered. Sending registration request...]LOG]!><time="09:10:27.506-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="1" thread="7424" file="regtask.cpp:1483">
<![LOG[RegTask: Failed to send registration request message. Error: 0x8000000a]LOG]!><time="09:10:27.516-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="3" thread="7424" file="regtask.cpp:1190">
<![LOG[RegTask: Failed to send registration request. Error: 0x8000000a]LOG]!><time="09:10:27.516-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="3" thread="7424" file="regtask.cpp:1363">
<![LOG[RegTask: Client is not registered. Sending registration request...]LOG]!><time="09:12:27.522-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="1" thread="7424" file="regtask.cpp:1483">
<![LOG[RegTask: Failed to send registration request message. Error: 0x8000000a]LOG]!><time="09:12:27.529-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="3" thread="7424" file="regtask.cpp:1190">
<![LOG[RegTask: Failed to send registration request. Error: 0x8000000a]LOG]!><time="09:12:27.529-120" date="09-21-2011" component="ClientIDManagerStartup" context="" type="3" thread="7424" file="regtask.cpp:1363">
Locationservices.log
<![LOG[Failed to refresh security settings over AD with error 0x80040215.]LOG]!><time="09:06:27.202-120" date="09-21-2011" component="LocationServices" context="" type="3" thread="7424" file="lsad.cpp:5120">
<![LOG[Refreshing security settings over SLP]LOG]!><time="09:06:27.202-120" date="09-21-2011" component="LocationServices" context="" type="1" thread="7424" file="lsad.cpp:5148">
<![LOG[Refreshing ClientOperationalSettings from SLP is not allowed]LOG]!><time="09:06:27.203-120" date="09-21-2011" component="LocationServices" context="" type="2" thread="7424" file="lsad.cpp:4609">
<![LOG[Failed to refresh security settings over SLP with error 0x80070032.]LOG]!><time="09:06:27.203-120" date="09-21-2011" component="LocationServices" context="" type="3" thread="7424" file="lsad.cpp:5173">
<![LOG[The 'Certificate Store' is empty in the registry, using default store name 'MY'.]LOG]!><time="09:06:27.203-120" date="09-21-2011" component="LocationServices" context="" type="1" thread="7424" file="ccmcert.cpp:219">
<![LOG[No security settings update detected.]LOG]!><time="09:06:27.206-120" date="09-21-2011" component="LocationServices" context="" type="1" thread="7424" file="lssecurity.cpp:4906">
<![LOG[Current AD site of machine is Default-First-Site-Name]LOG]!><time="09:06:27.310-120" date="09-21-2011" component="LocationServices" context="" type="1" thread="7424" file="lsad.cpp:525">
<![LOG[Current AD forest name is domain.no, domain name is domain.no]LOG]!><time="09:06:27.414-120" date="09-21-2011" component="LocationServices" context="" type="1" thread="7424" file="lsad.cpp:586">
<![LOG[begin checking Alternate Network Configuration]LOG]!><time="09:06:27.415-120" date="09-21-2011" component="LocationServices" context="" type="1" thread="7424" file="ccmiputil.cpp:1069">
<![LOG[Finished checking Alternate Network Configuration]LOG]!><time="09:06:27.418-120" date="09-21-2011" component="LocationServices" context="" type="1" thread="7424" file="ccmiputil.cpp:1146">
I have verfied that the MP is working as it should, same is with DNS. Any ideas?
-
Yup, have done that.
But when im trying to install manually do I need both SMSSLP & SMSMP parameter ? or just the SMSSLP ?
-
Thank you for the replies, but I am having some trouble with the Beta 2.
I have installed a single server with all the roles MP, SLP
And when I am trying to install ccm client on a computer with the following parameteres ccmsetup.exe /mp:ipadressofmp SMSMP=ipofmp SMSSLP=ipofslp
Might not be necessary to use both MP and SLP but, still my computer will not recongize the site.
Or have the parameteres chanced since 2007 ?
The reason why I use the SLP is because we dont want to touch AD is the testing phase
-
Hi,
We are about to test SCCM 2012, but before that I have some questions.
When Microsoft says that SCCM 2012 allows you to manage all mobiles devices, but is this done trough the Exchange connector ?
What happended to the Service Locator point that was in 2007 ? Has the Role been merged with another role ?
Regards,
Martin
-
Welcome, difficult question.....
the laptops are a concern but not a huge concern to be honest.
also, the number of clients and DP, are relative to the size of the sites involved.
we work with every site with 50 devices or more has a DP, and every country has a MP (basic setup, things get complicated real quick)
DirectAccess is a series of configurations hooked into group policy.... yes those pc's will be manageable however this is really dependant on your configuration and its firewall settings (if using UAG its possible)
i need t dig out sizing guides, will try and grab them tomorrow for you
Thanks for the reply!
In our domain, we have all our clients (desktop computers) located in basiclly the same location, so should we in that case just stick with 1 primary site flat structure? And I see that according to microsoft that says that 1 MP can manage up to 25.000 clients
But something we are thinking about is how to manage it properly, in our domain we have about 40 - 50 sub OUs (probably have more, but just thinking out loud here)
root
--> ou 1
--> ou 2
--> ou ..
--> ou 40
And each OU has its own IT-staff, is it possible to give the IT-staff access to only its own OU in the SCCM console?
Thanks again for any replies!
--
Regards,
Martin
-
Hi,
(Im new to this forum, so if you feel that this post should be placed somewhere else feel free to move it
I have some questions about scalability for sccm 2007.
if we were to have about 10.000 clients in our domain (only have 1 forest & 1 domain) ( regular computers ) and about 2.500 laptops romaing in our domain, how many DPs and MPs should we have to ensure it works properly
And if we want to implement direct access in our domain, could we manage those computers from the sccm console ?
Regards,
Martin
SCCM with PKI
in Configuration Manager 2012
Posted
Anyone ?