Re: SMS 2003 SP1 Client Install Problem or Policy Retreival Problem?

From: Jeff Harbaugh [MSFT] (jeffharb_at_online.microsoft.com)
Date: 11/05/04

• Next message: Jeff Harbaugh [MSFT]: "Re: adv client does not report in all sys collection"
• Previous message: Kane: "Do I need reinstall SMS Client after SMS server refresh?"
• In reply to: Stuart Kirk: "Re: SMS 2003 SP1 Client Install Problem or Policy Retreival Problem?"
• Next in thread: Stuart Kirk: "Re: SMS 2003 SP1 Client Install Problem or Policy Retreival Problem?"
• Reply: Stuart Kirk: "Re: SMS 2003 SP1 Client Install Problem or Policy Retreival Problem?"
• Messages sorted by: [ date ] [ thread ]

Date: Fri, 5 Nov 2004 11:37:41 -0800

Have you tried to shutdown the ccmexec service and restart it?

-- 
Thanks,
Jeff Harbaugh [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.
"Stuart Kirk" <stuart.kirk@cityofmesa.org> wrote in message 
news:uZWrO%23rwEHA.1524@TK2MSFTNGP09.phx.gbl...
> Thanks.
>
> I checked the ACLs on the crypto locations, and they had been modified.  I
> ran the batch file which reset the ACLs to what is needed; however, I am
> still not receiving policy updates.  Both of these machines now show up in
> the admin console as installed, but nothing is showing as 'Enabled' or
> 'Disabled' under the Components tab on the clients.  The ccmexec.log is 
> now
> growing on these machines rapidly.  Here are the new entries:
> ...
> Initializing queue 'mp_mp_ddrendpoint'...
> Queue 'mp_mp_ddrendpoint' initialized with 0 messages.
> Initialized queue processor 'mp_mp_ddrendpoint'  Enabled=true 
> Concurrency=1
> Endpoint'PolicyAgent_ReRequestPolicy' return 0x80004005 from event
> notification
> Successfully notified endpoint 'PolicyAgent_ReRequestPolicy' of settings
> change.
> Initializing queue 'mp_[http]mp_policymanager'...
> Queue 'mp_[http]mp_policymanager' initialized with 0 messages.
> Initialized queue processor 'mp_[http]mp_policymanager'  Enabled=true
> Concurrency=1
> Failed to find running shell process
> Failed to find running shell process
> Failed to find running shell process
> Failed to find running shell process
> Failed to find running shell process
> ...
> The "Failed to find running..." entries continue for the rest of the log,
> and are continually being written.
>
> Thanks.
>
> --Stuart
>
>
>
> "Jeff Harbaugh [MSFT]" <jeffharb@online.microsoft.com> wrote in message
> news:OnpfRXpwEHA.3668@tk2msftngp13.phx.gbl...
>> This just means an internal error occurred on generation of the private
> key.
>> It is possible that the crypto store has somehow been corrupted. make 
>> sure
>> that the acls are set correctly on his crypto locations.  The attached
> batch
>> file sets them to what we need.
>>
>>
>> -- 
>> Thanks,
>> Jeff Harbaugh [MSFT]
>> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>>
>> "Stuart Kirk" <stuart.kirk@cityofmesa.org> wrote in message
>> news:OzXESJdwEHA.3376@TK2MSFTNGP12.phx.gbl...
>> > The MP is setup and thousands of other clients have access.  These
> clients
>> > show as assigned to the site in the admin console, but not installed;
>> > these
>> > particular machines are on the same subnet as many other servers that
>> > don't
>> > have this problem.  I see nothing unusual in the clientlocation.log or
> the
>> > locationservices.log; everything is assigned to the proper server;
>> > however,
>> > the ccmexec.log has some interesting entries:
>> > ...
>> > Failed to find the certificate in the store, retry 1.
>> > Failed to find the certificate in the store, retry 2.
>> > Failed to find the certificate in the store, retry 3.
>> > Failed to find the certificate in the store, retry 4.
>> > Failed to find the certificate in the store, retry 5.
>> > Creating Signing Certificate...
>> > CryptGenKey failed: 0x80090020
>> > Failed to create certificate 80090020
>> > CCMDoCertificateMaintenance failed (0x80090020).
>> > ...
>> > Failed to submit event to the Status Agent. Attempting to create 
>> > pending
>> > event.
>> > ...
>> > CCMDoCertificateMaintenance() raised
>> > CCM_ServiceHost_CertificateOperationsFailure status event.
>> > ...
>> > System task 'CertificateMaintenance' returned error code 0x80090020.
>> > ...
>> > EndpointMessage(Queue='CertificateMaintenanceEndpoint',
>> > ID={61984271-D12F-4789-98EF-ADF9FFA49DED}): Will be discarded
>> > (0x80090020).
>> > ...
>> > Endpoint'PolicyAgent_ReRequestPolicy' return 0x80004005 from event
>> > notification
>> > ...
>> > EndpointMessage(Queue='CertificateMaintenanceEndpoint',
>> > ID={12F47D1C-E84F-48F8-BAFD-3A67C799329E}): Will be discarded
>> > (0x80090020).
>> > EndpointMessage(Queue='CertificateMaintenanceEndpoint',
>> > ID={3CA9F5A2-606E-453B-BD57-D6904164C570}): Will be discarded
>> > (0x80090020).
>> > EndpointMessage(Queue='CertificateMaintenanceEndpoint',
>> > ID={3CDE28EC-E32F-4CD4-84EC-09132B1D8D93}): Will be discarded
>> > (0x80090020).
>> >
>> > I have obviously taken out large portions of the log, but these are all
>> > highlighted in SMS Trace.  The first bunch of events happened during or
>> > immediately after I started a manual installation of the client.  The
>> > other
>> > entries appear to be at an hourly interval thereafter.  Any help is
>> > appreciated.
>> >
>> > --Stuart
>> >
>> >
>> >
>> > "Jeff Harbaugh [MSFT]" <jeffharb@online.microsoft.com> wrote in message
>> > news:%23mZkYjcwEHA.3936@TK2MSFTNGP10.phx.gbl...
>> >> The problem is the machines are not receiving policy from the MP.
> Please
>> >> check to make sure your MP is setup and that the clients have access.
> You
>> >> can view the clientlocation.log and locationservices.log and
> ccmexec.log
>> > to
>> >> see if there are errors connecting and finding site assignment. Also
>> >> check
>> >> in the admin console that the clients show as assigned to the site. If
>> >> not
>> >> please confirm your boundaries.
>> >>
>> >> -- 
>> >> Thanks,
>> >> Jeff Harbaugh [MSFT]
>> >> This posting is provided "AS IS" with no warranties, and confers no
>> > rights.
>> >>
>> >> "Stuart Kirk" <stuart.kirk@cityofmesa.org> wrote in message
>> >> news:%23sG1GecwEHA.3108@TK2MSFTNGP14.phx.gbl...
>> >> >I have two servers that won't cooperate.  The SMS client appears to 
>> >> >be
>> >> > installed when looking at the servers (icons in Control Panel, SMS
>> >> > Agent
>> >> > Host Service running), but none of the Components show Enabled or
>> > Disabled
>> >> > (all of them are simply Installed).  The Actions tab only shows two
>> >> > possible
>> >> > actions:  Machine Policy Retrieval and User Policy Retreival.  They
>> >> > both
>> >> > show Assigned but not installed in the Admin console.  I may also
> have
>> >> > this
>> >> > problem on some of our workstations, but I haven't gotten that far
> yet.
>> >> > Thanks in advance.
>> >> >
>> >> > --Stuart
>> >> >
>> >> >
>> >>
>> >>
>> >
>> >
>>
>>
>>
>
> 

• Next message: Jeff Harbaugh [MSFT]: "Re: adv client does not report in all sys collection"
• Previous message: Kane: "Do I need reinstall SMS Client after SMS server refresh?"
• In reply to: Stuart Kirk: "Re: SMS 2003 SP1 Client Install Problem or Policy Retreival Problem?"
• Next in thread: Stuart Kirk: "Re: SMS 2003 SP1 Client Install Problem or Policy Retreival Problem?"
• Reply: Stuart Kirk: "Re: SMS 2003 SP1 Client Install Problem or Policy Retreival Problem?"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint