Jump to content


Jeff K

Internet Management Point setup and errors

Recommended Posts

Hi

 

i am trying to setup a Internet MP for just users that never see an office. i have follwed this post to set it up but running into issues that i cant figure out. i am hoping that someone can assist me in getting this fixed.

 

http://www.systemcenterdudes.com/internet-based-client-management/

 

 

I went and did all the client certs before installing. made sure IIS had the cert installed before SCCM was installed. made sure site and site systems were set for internet and intranet access. imported DP cert in the dp section. installed SCCM and got no errors.

 

Here is from the mpcontrol.log

 

Machine name is 'NWICCM01.nwtraders.msft'. 1/7/2015 2:12:49 PM
Begin validation of Certificate [Thumbprint 98542e7bd2343725dda3f14a69cb373274df9a63] issued to 'NWICCM01.nwtraders.msft' 1/7/2015 2:12:49 PM
Completed validation of Certificate [Thumbprint 98542e7bd2343725dda3f14a69cb373274df9a63] issued to 'NWICCM01.nwtraders.msft' 1/7/2015 2:12:49 PM
Skipping this certificate which is not valid for ConfigMgr usage. 1/7/2015 2:12:49 PM
There are no certificate(s) that meet the criteria. 1/7/2015 2:12:49 PM
Performing machine FQDN to SAN2 search. 1/7/2015 2:12:49 PM
Begin validation of Certificate [Thumbprint 98542e7bd2343725dda3f14a69cb373274df9a63] issued to 'NWICCM01.nwtraders.msft' 1/7/2015 2:12:49 PM
Completed validation of Certificate [Thumbprint 98542e7bd2343725dda3f14a69cb373274df9a63] issued to 'NWICCM01.nwtraders.msft' 1/7/2015 2:12:49 PM
Using custom selection criteria based on the machine NetBIOS name. 1/7/2015 2:12:49 PM
Machine name is 'NWICCM01'. 1/7/2015 2:12:49 PM
Begin validation of Certificate [Thumbprint 98542e7bd2343725dda3f14a69cb373274df9a63] issued to 'NWICCM01.nwtraders.msft' 1/7/2015 2:12:49 PM
Completed validation of Certificate [Thumbprint 98542e7bd2343725dda3f14a69cb373274df9a63] issued to 'NWICCM01.nwtraders.msft' 1/7/2015 2:12:49 PM
Skipping this certificate which is not valid for ConfigMgr usage. 1/7/2015 2:12:49 PM
Begin validation of Certificate [Thumbprint 341f426c7a86ea084ff324ede6450fa173498f4c] issued to 'sccmlab.domain.com' 1/7/2015 2:12:49 PM
Certificate doesn't have "SSL Client Authentication" capabilities. 1/7/2015 2:12:49 PM
Completed validation of Certificate [Thumbprint 341f426c7a86ea084ff324ede6450fa173498f4c] issued to 'sccmlab.domain.com' 1/7/2015 2:12:49 PM
Skipping this certificate which is not valid for ConfigMgr usage. 1/7/2015 2:12:49 PM
There are no certificate(s) that meet the criteria. 1/7/2015 2:12:49 PM
Failed to retrieve client certificate. Error -2147467259 1/7/2015 2:12:49 PM
Call to HttpSendRequestSync failed for port 443 with -2147467259 error code. 1/7/2015 2:12:49 PM
Sent summary record of SMS Management Point on ["Display=\\NWICCM01.NWTRADERS.MSFT\"]MSWNET:["SMS_SITE=IMP"]\\NWICCM01.NWTRADERS.MSFT\ to \\NWICCM01.nwtraders.msft\SMS_IMP\inboxes\sitestat.box\haj0o219.SUM, Availability 1, 52425724 KB total disk space , 42883468 KB free disk space, installation state 0. 1/7/2015 2:12:49 PM
Http test request failed, error code is -2147467259. 1/7/2015 2:12:49 PM
Successfully performed Management Point availability check against local computer. 1/7/2015 2:12:49 PM
i can telnet to the open 443 over the web and no issues there long with port 80.
in the line that says Begin validation of Certificate [Thumbprint 341f426c7a86ea084ff324ede6450fa173498f4c] issued to 'sccmlab.domain.com' i have followed that document and am sure it does have ssl capabilities. am i missing a step in IIS????

 

Share this post


Link to post
Share on other sites

Well the MP finally settled down and was successful. b ut now the client I am trying from doesn't want to install. the first line is the install with switches from a batch file.

 

 

 

 

cmd /c c:\windows\ccmsetup\ccmsetup.exe /mp:SCCMLAB.domain.com /usePKICert /NoCRLCheck FSP=SCCMLAB.domain.com CCMALWAYSINF=1 CCMHOSTNAME=sccmlab.domain.com SMSSITECODE=IMP RESETKEYINFORMATION=TRUE CCMLOGMAXHISTORY=0 CCMLOGMAXSIZE=300000 CMALLOWSILENTREBOOT=0

Unable to retrieve AD forest + domain membership
Domain joined client is in Internet
DHCP entry points already initialized.
Begin checking Alternate Network Configuration
Finished checking Alternate Network Configuration
Adapter {3E0F2CE1-C40D-467A-AAC3-1F7DE3F71DF8} is DHCP enabled. Checking quarantine status.
Adapter {6571246B-7970-4A9A-AD2E-06EC53BA77BF} is DHCP enabled. Checking quarantine status.
Adapter {86B668FD-7A29-4002-A477-5C25995E6D8C} is DHCP enabled. Checking quarantine status.
Adapter {C4D7AB6F-B931-4B14-9F3D-5E86EB4FA106} is DHCP enabled. Checking quarantine status.
Sending message body '<ContentLocationRequest SchemaVersion="1.00">
<AssignedSite SiteCode="IMP"/>
<ClientPackage/>
<ClientLocationInfo LocationType="SMSPACKAGE" DistributeOnDemand="0" UseProtected="0" AllowCaching="0" BranchDPFlags="0" AllowHTTP="1" AllowSMB="0" AllowMulticast="0" UseInternetDP="1">
<ADSite Name="Default-First-Site-Name"/>
<Forest Name=""/>
<Domain Name=""/>
<IPAddresses>
<IPAddress SubnetAddress="192.168.0.0" Address="192.168.0.2"/>
<IPAddress SubnetAddress="2001:0000:9D38:90D7" Address="2001:0000:9D38:90D7:10D5:273C:3F57:FFFD"/>
</IPAddresses>
</ClientLocationInfo>
</ContentLocationRequest>
'
Sending message header '<Msg SchemaVersion="1.1"><ID>{FB003907-9553-4236-9076-B0B740BB90BF}</ID><SourceHost>L00729</SourceHost><TargetAddress>mp:[http]MP_LocationManager</TargetAddress><ReplyTo>direct:L00729:LS_ReplyLocations</ReplyTo><Priority>3</Priority><Timeout>600</Timeout><ReqVersion>5931</ReqVersion><TargetHost>SCCMLAB.domain.com</TargetHost><TargetEndpoint>MP_LocationManager</TargetEndpoint><ReplyMode>Sync</ReplyMode><Protocol>http</Protocol><SentTime>2015-01-13T20:56:01Z</SentTime><Body Type="ByteRange" Offset="0" Length="1276"/><Hooks><Hook3 Name="zlib-compress"/></Hooks><Payload Type="inline"/></Msg>'
CCM_POST 'HTTP://SCCMLAB.domain.com/ccm_system/request'
Failed to receive ccm message response. Status code = 403
GetDPLocations failed with error 0x80004005
Failed to get DP locations as the expected version from MP 'SCCMLAB.domain.com'. Error 0x80004005
Failed to find DP locations from MP 'SCCMLAB.domain.com' with error 0x80004005, status code 403. Check next MP.
Only one MP SCCMLAB.domain.com is specified. Use it.
Have already tried all MPs. Couldn't find DP locations.
GET 'HTTP://SCCMLAB.domain.com/CCM_Client/ccmsetup.cab'
Failed to successfully complete WinHttp request. (StatusCode at WinHttpQueryHeaders: 403)
DownloadFileByWinHTTP failed with error 0x80004005
Sending Fallback Status Point message to 'SCCMLAB.domain.com', STATEID='308'.
Failed to get client version for sending messages to FSP. Error 0x8004100e
Params to send FSP message '5.0.7958.1000 Deployment Error 0x80004005. Url HTTP://SCCMLAB.domain.com/CCM_Client/ccmsetup.cab'
Request failed: 404 Not Found

'Configuration Manager Client Retry Task' is scheduled to run at 01/13/2015 08:56:04 PM (local) 01/14/2015 01:56:04 AM (UTC) time with arguments ' "/mp:SCCMLAB.domain.com" "/usePKICert" "/NoCRLCheck" "FSP=SCCMLAB.domain.com" "CCMALWAYSINF=1" "CCMHOSTNAME=sccmlab.domain.com" "SMSSITECODE=IMP" "RESETKEYINFORMATION=TRUE" "CCMLOGMAXHISTORY=0" "CCMLOGMAXSIZE=300000" "CMALLOWSILENTREBOOT=0" /RetryWinTask:1'.
CcmSetup failed with error code 0x80004005

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.