Jump to content


ThomasBNewcastle

Got an issue with my AD setup in SCCM - Not sure what to do

By ThomasBNewcastle, in Configuration Manager 2012

Recommended Posts

ThomasBNewcastle Newbie

ThomasBNewcastle

Posted
Posted

Hello

Thanks for reading my post

To start with some basic info about my VM test lab

Part one – My Lab

I have two Windows 2012 Servers:

  1. Main DC called – NEW-DC01-W12 – Running DHCP – IP address 10.0.0.1
  2. SCCM Server called – NEW-SCCM-W12 10.0.0.1

On my DC I made a container called System Management and give the SCCM server (NEW-SCCM-W12$) and my SCCM admin (SCCMADMIN) account full Control permissions to the System Management container and all its child objects. Not sure where the $ came from but it adds it when I enter my SCCM server name.

 

I used http://technet.microsoft.com/en-gb/library/bb680711.aspx

 

Here is a copy of the file after I ran the file on the CD to extended Active Directory schema


<03-17-2013 00:04:45> Modifying Active Directory Schema - with SMS extensions.
<03-17-2013 00:04:45> DS Root:CN=Schema,CN=Configuration,DC=Thomas-NEW,DC=local
<03-17-2013 00:04:46> Defined attribute cn=MS-SMS-Site-Code.
<03-17-2013 00:04:46> Defined attribute cn=mS-SMS-Assignment-Site-Code.
<03-17-2013 00:04:46> Defined attribute cn=MS-SMS-Site-Boundaries.
<03-17-2013 00:04:46> Defined attribute cn=MS-SMS-Roaming-Boundaries.
<03-17-2013 00:04:46> Defined attribute cn=MS-SMS-Default-MP.
<03-17-2013 00:04:46> Defined attribute cn=mS-SMS-Device-Management-Point.
<03-17-2013 00:04:46> Defined attribute cn=MS-SMS-MP-Name.
<03-17-2013 00:04:46> Defined attribute cn=MS-SMS-MP-Address.
<03-17-2013 00:04:46> Defined attribute cn=mS-SMS-Health-State.
<03-17-2013 00:04:46> Defined attribute cn=mS-SMS-Source-Forest.
<03-17-2013 00:04:46> Defined attribute cn=MS-SMS-Ranged-IP-Low.
<03-17-2013 00:04:46> Defined attribute cn=MS-SMS-Ranged-IP-High.
<03-17-2013 00:04:46> Defined attribute cn=mS-SMS-Version.
<03-17-2013 00:04:46> Defined attribute cn=mS-SMS-Capabilities.
<03-17-2013 00:04:46> Defined class cn=MS-SMS-Management-Point.
<03-17-2013 00:04:47> Defined class cn=MS-SMS-Server-Locator-Point.
<03-17-2013 00:04:47> Defined class cn=MS-SMS-Site.
<03-17-2013 00:04:47> Defined class cn=MS-SMS-Roaming-Boundary-Range.
<03-17-2013 00:04:47> Successfully extended the Active Directory schema.

<03-17-2013 00:04:47> Please refer to the ConfigMgr documentation for instructions on the manual
<03-17-2013 00:04:47> configuration of access rights in active directory which may still
<03-17-2013 00:04:47> need to be performed. (Although the AD schema has now be extended,
<03-17-2013 00:04:47> AD must be configured to allow each ConfigMgr Site security rights to
<03-17-2013 00:04:47> publish in each of their domains.)

I can see the System Management in ad but there is nothing in it

I then installed SQL server and SCCM – after adding all the windows features it needs

 

I am now trying to install the client on to a Windows 8 VM and its not working.

Looking at the log file for ccmsetup – see below

 

<![LOG[==========[ ccmsetup started in process 2236 ]==========]LOG]!><time="18:00:02.464+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:8115">
<![LOG[CcmSetup version: 5.0.7711.0000]LOG]!><time="18:00:02.479+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:761">
<![LOG[Running on OS (6.2.9200). Service Pack (0.0). SuiteMask = 256. Product Type = 1]LOG]!><time="18:00:02.479+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:894">
<![LOG[Ccmsetup command line: "C:\Windows\SysWOW64\CCMSetup\ccmsetup.exe"]LOG]!><time="18:00:02.479+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:3030">
<![LOG[DhcpGetOriginalSubnetMask entry point is supported.]LOG]!><time="18:00:02.479+00" date="03-23-2013" component="ccmsetup" context="" type="0" thread="1260" file="ccmiputil.cpp:117">
<![LOG[begin checking Alternate Network Configuration]LOG]!><time="18:00:02.479+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmiputil.cpp:1069">
<![LOG[Finished checking Alternate Network Configuration]LOG]!><time="18:00:02.495+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmiputil.cpp:1146">
<![LOG[Adapter {17619596-8225-4A57-99B8-59401B9ED738} is DHCP enabled. Checking quarantine status.]LOG]!><time="18:00:02.495+00" date="03-23-2013" component="ccmsetup" context="" type="0" thread="1260" file="ccmiputil.cpp:416">
<![LOG[Current AD site of machine is Default-First-Site-Name]LOG]!><time="18:00:02.635+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="lsad.cpp:601">
<![LOG[Attempting to query AD for assigned site code]LOG]!><time="18:00:02.635+00" date="03-23-2013" component="ccmsetup" context="" type="0" thread="1260" file="lsad.cpp:1610">
<![LOG[Executing query (&(ObjectCategory=MSSMSRoamingBoundaryRange)(|(&(MSSMSRangedIPLow<=167772190)(MSSMSRangedIPHigh>=167772190))))]LOG]!><time="18:00:02.791+00" date="03-23-2013" component="ccmsetup" context="" type="0" thread="1260" file="lsad.cpp:1645">
<![LOG[Executing query (&(ObjectCategory=mSSMSSite)(|(mSSMSRoamingBoundaries=10.0.0.0)(mSSMSRoamingBoundaries=Default-First-Site-Name)))]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="0" thread="1260" file="lsad.cpp:1706">
<![LOG[Failed to get assigned site from AD. Error 0x80004005]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="2" thread="1260" file="ccmsetup.cpp:363">
<![LOG[GetADInstallParams failed with 0x80004005]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="3" thread="1260" file="ccmsetup.cpp:403">
<![LOG[sslState value: 224]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="0" thread="1260" file="ccmsetup.cpp:3646">
<![LOG[Ccmsetup was run without any user parameters specified. Running without registering ccmsetup as a service.]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:3698">
<![LOG[No sitecode is specified or detected. Assume AUTO sitecode.]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:3703">
<![LOG[CCMHTTPPORT: 80]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:7336">
<![LOG[CCMHTTPSPORT: 443]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:7351">
<![LOG[CCMHTTPSSTATE: 224]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:7369">
<![LOG[CCMHTTPSCERTNAME: ]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:7387">
<![LOG[FSP: ]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:7439">
<![LOG[CCMFIRSTCERT: 1]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:7497">
<![LOG[No MP or source location has been explicitly specified. Trying to discover a valid content location...]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:3907">
<![LOG[Looking for MPs from AD...]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:3916">
<![LOG[DHCP entry points already initialized.]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="0" thread="1260" file="ccmiputil.cpp:75">
<![LOG[begin checking Alternate Network Configuration]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmiputil.cpp:1069">
<![LOG[Finished checking Alternate Network Configuration]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmiputil.cpp:1146">
<![LOG[Adapter {17619596-8225-4A57-99B8-59401B9ED738} is DHCP enabled. Checking quarantine status.]LOG]!><time="18:00:02.838+00" date="03-23-2013" component="ccmsetup" context="" type="0" thread="1260" file="ccmiputil.cpp:416">
<![LOG[Current AD site of machine is Default-First-Site-Name]LOG]!><time="18:00:02.854+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="lsad.cpp:601">
<![LOG[Attempting to query AD for assigned site code]LOG]!><time="18:00:02.854+00" date="03-23-2013" component="ccmsetup" context="" type="0" thread="1260" file="lsad.cpp:1610">
<![LOG[Executing query (&(ObjectCategory=MSSMSRoamingBoundaryRange)(|(&(MSSMSRangedIPLow<=167772190)(MSSMSRangedIPHigh>=167772190))))]LOG]!><time="18:00:02.854+00" date="03-23-2013" component="ccmsetup" context="" type="0" thread="1260" file="lsad.cpp:1645">
<![LOG[Executing query (&(ObjectCategory=mSSMSSite)(|(mSSMSRoamingBoundaries=10.0.0.0)(mSSMSRoamingBoundaries=Default-First-Site-Name)))]LOG]!><time="18:00:02.854+00" date="03-23-2013" component="ccmsetup" context="" type="0" thread="1260" file="lsad.cpp:1706">
<![LOG[Failed to get assigned site from AD. Error 0x80004005]LOG]!><time="18:00:02.869+00" date="03-23-2013" component="ccmsetup" context="" type="2" thread="1260" file="ccmsetup.cpp:363">
<![LOG[GetADInstallParams failed with 0x80004005]LOG]!><time="18:00:02.869+00" date="03-23-2013" component="ccmsetup" context="" type="3" thread="1260" file="ccmsetup.cpp:403">
<![LOG[Couldn't find an MP source through AD. Error 0x80004005]LOG]!><time="18:00:02.869+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:3935">
<![LOG[Current directory 'C:\Windows\SysWOW64\CCMSetup' is not a valid source location.]LOG]!><time="18:00:02.869+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:3975">
<![LOG[No valid source or MP locations could be identified to download content from. Ccmsetup.exe cannot continue.]LOG]!><time="18:00:02.869+00" date="03-23-2013" component="ccmsetup" context="" type="3" thread="1260" file="ccmsetup.cpp:3985">
<![LOG[invalid ccmsetup command line: ]LOG]!><time="18:00:02.869+00" date="03-23-2013" component="ccmsetup" context="" type="3" thread="1260" file="ccmsetup.cpp:3789">
<![LOG[A Fallback Status Point has not been specified. Message with STATEID='100' will not be sent.]LOG]!><time="18:00:02.869+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:8443">
<![LOG[A Fallback Status Point has not been specified. Message with STATEID='307' will not be sent.]LOG]!><time="18:00:02.869+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:8443">
<![LOG[CcmSetup failed with error code 0x80004005]LOG]!><time="18:00:02.869+00" date="03-23-2013" component="ccmsetup" context="" type="1" thread="1260" file="ccmsetup.cpp:9454">

I am runing this command CCMsetup.exe /mp:NEW-SCCM-W12 SMSSITECODE=PRI FSP=NEW-SCCM-W12

Under Active Directory Forests I have the message “Insufficient access rights under Publishing Status”

And in Site under messages I have “Configuration Manager could not locate the "System Management" container in Active Directory (Thomas-NEW.local). Nor could it create a default container. This will prevent Site Component Manager and Hierarchy Manager from updating or adding any objects to Active Directory.

Possible cause: The site server's machine account might not have the correct rights to update active directory.
Solution: Either give the Service Account rights to update the domain's System Container, or manually create the "System Management" container in this domain's Active Directory system container, and give the site server computer account full rights to that container (and all children objects.)"

 

I am not sure why my site can’t talk to AD - What account is the "The site server's machine account"

 

Thanks for your help

 

 

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.