Jump to content


  • 0
HGITS

Noob with issue pushing out client to computers

Question

I seem to be missing something here. I followed anyweb's guides for setting up and configuring SCCM2007 pretty much to a T, Except for a couple of fields. now comes the fun part of me trying to articulate our environment and what i've done to better help you guys point me to the right direction.

we have about 4ish companies we manage(each has their own respective domain and around 400ish users) and there is a Parent domain...

 

Our Config manager server:

member of Parent domain, running server 2008 R2, It is a Virt, running SCCM 2007 SP2 R3.... <-- any other info you need there?

 

SQL server:

member of Parent domain, running server 2008 R2, It is a Virt, running SQL server 2008 R2....<-- any other info you need there?

 

We have a mixed environment of mostly xp pro SP3 boxes, but all new computers are Win 7 32x Enterprise

 

Basically I can't push the client out remotely?!?! FYI I am testing this on computers in one of the Child domains.. I will try some computers in the parent domain tomorrow to see if thats the issue

I think I have the Discovery methods set up correctly... I have a bunch of computers, users, security groups, etc... in the Queries folder... but if i Right click and attempt to "install client" nothing happens.. There is no CCM folder/logs on the remote computer, so i'm not sure if its even communicating accross the domains.

I've checked a bunch of logs on the SCCM server and have not been able to make any headway. Can someone point me to the correct log or next step in troubleshooting?

 

I'm probally leaving out a bunch of important info but i've been consulting the oracle (google) like crazy ALL day and tried a bunch of stuff and havent gotten anywhere, that my brain is a little over spent today.

Anyways I appoligize if I leave out some crucial info, just ask me and I'll post it up. and THANK YOU anyweb for writing those guides... it made this implimentation of this software pretty painless so far. I'm sure my problems with setting this up are becuase of the cross forest issues, and its some checkbox or site/boundary issue......

Share this post


Link to post
Share on other sites

7 answers to this question

Recommended Posts

  • 0
:) so instead of going home I decieded to test a computer on the parent domain and it appears to be working correctly... I added the respective OU, that the computer resides in, to the "Active Directory system Discovery" group and it found it right away and pushed all the client software out to it. So it is a cross forest issue... anybody set this up and have any pointers or other areas for me to look? I'll dig around more tomorrow now that I have narrowed the issue down a little more.

Share this post


Link to post
Share on other sites

  • 0

Are the boundary set for the subnet/AD site where the clients in the child domain are located? Does the client push account have permissions on the clients? You can define several accounts for client push if that helps

Share this post


Link to post
Share on other sites

  • 0

Are the boundary set for the subnet/AD site where the clients in the child domain are located? Does the client push account have permissions on the clients? You can define several accounts for client push if that helps

 

Yes and yes. I wasnt able to set the Boundaries to the other forest AD site, so I had to use IP address range. Is there a way to pull other AD sites?

 

and yes The client push account is in the Parent domain, and I've added a logon script that adds that account to the local admin account for all workstations. I've done a gpudpate /force on the test computer and verified that it does have the SMSAdvCli account as a local admin.

 

I'll be consulting the Oracle all day, as well as checking back here.

 

Thank you!!!!!!

Share this post


Link to post
Share on other sites

  • 0

So...I was checking the server side CCMlogs and kept seeing WMI errors failing to connect and so forth... I then checked WMI on a client computer from the SCCM server. FAIL.. then it hit me. I tried pinging that client name from the SCCM server... FAIL!... then I pinged FQDN of client SUCCESS!! :) I forgot to manually append DNS for the other domain names <-- rookie mistake :( so it has now pushed the client out to that computer... but i'm still seeing some WMI errors, but I figure its go a lot of processes to get caught up with.

 

I was able to push the client to one of the computers in a child domain yesterday, but it still doesnt show up under "Queries-->All Client Systems", it still shows up under "Queries --> All Non-Client Systems" does that mean that CM thinks that it still doesnt have all the client software installed? is there a way to clear all those flags and rescan it, or is that what queuing all the "discovery methods" to run ASAP does?

 

Thank you!!!

Share this post


Link to post
Share on other sites

  • 0

Go to %windir%\system32\CCM\Logs on the client and look at LocationServices.log to make sure the client is assigned to the site (use the trace32 log parser inluced in the sccm toolkit v2). If it doesn't find the site i would look at boundaries again. And what parameters do you use when you install the client? Have you installed the server locator point role on the SCCM server and is the AD schema extended?

Share this post


Link to post
Share on other sites

  • 0

Go to %windir%\system32\CCM\Logs on the client and look at LocationServices.log to make sure the client is assigned to the site (use the trace32 log parser inluced in the sccm toolkit v2). If it doesn't find the site i would look at boundaries again. And what parameters do you use when you install the client? Have you installed the server locator point role on the SCCM server and is the AD schema extended?

 

 

Thank you Daniz, I got the log from one of them.. This appears over and over again.

 

LSGetSiteVersionFromAD : Failed to retrieve version for the site 'WNC' (0x80004005) LocationServices 4/7/2011 9:35:32 AM 1332 (0x0534)

Attempting to retrieve SLPs from AD LocationServices 4/7/2011 9:35:32 AM 1332 (0x0534)

Failed to resolve 'SMS_SLP' to IP address from WINS LocationServices 4/7/2011 9:35:32 AM 1332 (0x0534)

LSGetSLP : Failed to resolve SLP from WINS, is it published LocationServices 4/7/2011 9:35:32 AM 1332 (0x0534)

LSGetSiteVersionFromSLP : Unable to get the list of SLPs LocationServices 4/7/2011 9:35:32 AM 1332 (0x0534)

LSVerifySiteVersion: Failed to get Site Version from AD and SLP LocationServices 4/7/2011 9:35:32 AM 1332 (0x0534)

 

I have 2 questions though....

1st I did NOT extend AD for the other forests.... Do I need to do that and do I need to create the "System Management" OU under the "System" folder in each forest AD?

2nd Can I set up the "boundaries" to pull from another Forest's Active Directory site? or am I forced to using IP subnet/ IP address range for child domains?

Share this post


Link to post
Share on other sites

  • 0

ok I made some progress...I was able to Add the SMSSLP location manually to the client install. Under Site Settigns --> Client Installation Methods --> Client Push Installation --> "Client TAB" --> In "Installation Properties" I added the SMSSLP=Servername (FYI I did not use FQDN). I will create a Test Application now that I know the site clients can check in.

 

After that I got a couple of computers to check in , but the bulk was still not there. I did some checking and the ones that DID check in were on a different vlan that was using the parent domain's DNS even though they were added to the Child domain. I then rechecked the logs of one that was not checking in and it looked like it was having troubles resolving the shortname of our sccm server.

 

After this I added a C record in DNS for the Child domain to point the short name back to the parent domain. An A record probally would have worked but I did not test that. I walked away to get water and came back to my desk and I had 100+ computers showing up :)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.