Solved

Client Push Install SCCM2007

Posted on 2011-09-08
41
1,694 Views
Last Modified: 2013-11-21
I am running System Center Configuration Manger 2007 R3.  I am having probems with the push install.

All the machines are discovered, the primary site is not the domain controller but is a domain admin in AD.  The internal firewall is off throughout the network.

I can't figure out why this won't push to clients.

Any ideas,
JOe K.
0
Comment
Question by:ClaudeWalker
  • 23
  • 14
  • 3
  • +1
41 Comments
 
LVL 10

Expert Comment

by:Kezzi
ID: 36503840
Are you using a client push installation account?
0
 

Author Comment

by:ClaudeWalker
ID: 36503859
You're referring to an account in AD or a special account within SCCM?

I created an account on default called SCCM which is a domain admin, domain user and offer remote assistance user account.

0
 
LVL 10

Expert Comment

by:Kezzi
ID: 36503876
OK and you have specified this account on the Accounts tab of your Client Push Installation setting?

One of the first things SCCM does prior to installing the client, is making sure it can access the admin$ share of the machine, it then caches the files locally via BITS transfer.  Do you have any log files on the pc's at all?  It is attempting the install and failing, or is not reaching the client at all.
0
 

Author Comment

by:ClaudeWalker
ID: 36503986
I have domain\administrator AND domain\sccm added to the client push installation setting.

I looked at the log on the machine and I don't see anything about a failed installation.  Therefore, I don't think it's reaching the client.

0
 

Author Comment

by:ClaudeWalker
ID: 36503997
I stand corrected:

Under the event log I get this under system:

Event ID:      7036
The ccmsetup service entered the stopped state.
-----------------------------------------------------------------
Log Name:      System
Source:        Service Control Manager
Date:          9/8/2011 11:51:23 AM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      wks-0052.PHI.local
Description:
The ccmsetup service entered the stopped state.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-08T16:51:23.112518300Z" />
    <EventRecordID>27197</EventRecordID>
    <Correlation />
    <Execution ProcessID="684" ThreadID="4072" />
    <Channel>System</Channel>
    <Computer>wks-0052.PHI.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">ccmsetup</Data>
    <Data Name="param2">stopped</Data>
    <Binary>630063006D00730065007400750070002F0031000000</Binary>
  </EventData>
</Event>
0
 

Author Comment

by:ClaudeWalker
ID: 36505585
It looks like I didn't have BITS OR WebDAV configured properly.

http://technet.microsoft.com/en-us/library/cc431377.aspx



0
 

Author Comment

by:ClaudeWalker
ID: 36506041
I was able to deploy the software however the machine is still not listed as a client within my collections.

Any idea on why this may be happening?
0
 
LVL 31

Expert Comment

by:merowinger
ID: 36508438
Please download the ConfigMgr v2 Toolkit and start the MP Troubleshooter within that. This tools makes you possible to check your Management Point for errors and wrong configuration
0
 
LVL 7

Expert Comment

by:George Simos
ID: 36511522
If client push is such a pain for you to achieve then why don't you try the "Software Update Based Client Installation" method?
It doesn't requires turning off host firewalls.
You can find more here http://technet.microsoft.com/en-us/library/bb633194.aspx
Also you may wan't to check that you don't have any host firewalls from your Endpoint Protection Solution (Such Symantec Endpoint Protection, ESET etc), there were cases that people had their host windows firewalls turned off but their endpoint protection solutions were taking over!
0
 
LVL 10

Expert Comment

by:Kezzi
ID: 36511589
Claude do you have 3rd party tools installed on your console?
If not, in control panel - Configuration Manager client, initiate the discovery action.

Also, If the client is now installed on a machine, you can post the C:\windows\system32\ccm\logs folder here and we can look through the logs to see what may be failing.
0
 

Author Comment

by:ClaudeWalker
ID: 36512156
The MP troubleshooter checked out

It looks like all the machines now have configuration manager and run advertised program in the control panel.  However, they are not listed as clients.

When I went to the control panel to initiate discovery it can't find the site automatically NOR when I put the site code in.  

Also, the ConnectionType is not listed in the general properties of configuration manager.
ConnectionTypeUnknown.jpg
AutoSiteCode-NotFound.jpg
0
 

Author Comment

by:ClaudeWalker
ID: 36512174
That:  C:\windows\system32\ccm\logs directory does not exist.
0
 

Author Comment

by:ClaudeWalker
ID: 36512186
Sorry it was in SysWOW64.  Which file would you like me to post?
0
 
LVL 7

Expert Comment

by:George Simos
ID: 36513218
Hi ClaudeWalker,

I'd like to ask you if you have enabled the "Server Locator Point" (SLP) on your site server, if not then you should do this first because it's vital for the Client Assignment, especially when you haven't extended your Active Directory schema (which as far as I understand you haven't yet and you did a custom install as you mentioned in your previous question here http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Systems_Management_Server/Q_27282603.html).

You may check the existence of the "SLP" by going to "SITE DB (SITE NAME) > Site Mgmt > Site Name > Site Settings > Site Systems > Server Name" and check if "ConfigMgr Server Locator Point" role exists.
If not then right click on the "Server Name" and select "New roles" then add the "Server Locator Point" Role accordingly.

Also before this, please post the log file named "LocationServices.log" from a client of yours that can't find the Site Server.

After installing the SLP try to discover the site server from a client manually and tell us what happened.
0
 

Author Comment

by:ClaudeWalker
ID: 36513288
Thaks for your detailed response:

I had SLP installed with "Use the site database" and "Use the Server locator point's computer account" options selected.

Here is my locatoryServices.log file from the client workstation. Manual Entry of Site CodeLocationServices.log
0
 
LVL 7

Expert Comment

by:George Simos
ID: 36513371
Please post a snapshot or a list of your Boundaries.
0
 

Author Comment

by:ClaudeWalker
ID: 36513434
Here you go:  
 boundaries
0
 
LVL 7

Expert Comment

by:George Simos
ID: 36513556
Well that's not adequate, setting the AD site boundary is useful when you have also extended the AD Schema for Configuration Manager, while this boundary let's your Site Server discover the potential clients of your AD Site(s) it is not used by the SLP role which needs the boundary in the form of an IP network.
Now if you remember from your previous post (about WSUS) I told you to add also the IP subnet or subnets of your network for later use (and because i didn't know every detail of your installation).
So in order to make the SLP available to clients (for the part of Site discovery from them) you should add any subnets you use and are interested to be covered from SLP, from the above images I can say that you use the network 192.168.152.x Network but I don't know the Subnet Mask.
Please add this network at least in the Boundaries area and retry the discovery.

Note: Your logfile states the errors of the incapability of clients to detect the SLP :)
0
 

Author Comment

by:ClaudeWalker
ID: 36513637
hmmm.  Where did you get 192.168.152.x from?  

Where can I find my subnet using ipconfig /all I can see is the subnet mask 255.255.255.0 and our gateway is 192.168.1.x
0
 
LVL 7

Expert Comment

by:George Simos
ID: 36513653
Sorry I stick the digits 1.52 accidentally in one number :)

I got it from the images of yours above.

The subnet mask is the one you need, this denotes the subnet.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:ClaudeWalker
ID: 36513704
So my gateway is 192.168.1.1
my sn mask is 255.255.255.0

does that mean my subnet id is 192.168.1.0?

That's what it keeps defaulting to.
0
 

Author Comment

by:ClaudeWalker
ID: 36513717
Are these the correct settings?

my SCCM server is .41

 subnet
0
 
LVL 7

Expert Comment

by:George Simos
ID: 36513791
This is not correct, fill only the Subnet ID with the 192.168.1.0 digits, type the subnet mask and delete the Network ip of 192.168.1.41.
Remember we need to claim the network not a single ip address as your example above.
So it should look like this (after you press OK and re-entering it's properties) :
Adding a Subnet as a boundary for SLP Use
0
 

Author Comment

by:ClaudeWalker
ID: 36513842
I did that and I still can't get this registered as a client

 still not listed as a client in the collection
0
 
LVL 7

Expert Comment

by:George Simos
ID: 36513844
And you should have already a WINS server installed on your network (it's a trivial thing to do).
0
 
LVL 7

Expert Comment

by:George Simos
ID: 36513864
You should go on a Client and open the Configuration Manager Client through Control Panel, then click discover.
Give it some time though....
0
 
LVL 7

Expert Comment

by:George Simos
ID: 36513869
Then please post the logs named "ClientLocation.log" and "LocationServices.log" here.
0
 

Author Comment

by:ClaudeWalker
ID: 36513900
Is the discover setting in the advance tab?  That's the only place where I can see it.  I tried inputting the site code but still didn't get anything.

Here's the client logs.
ClientLocation.log
LocationServices.log
0
 
LVL 7

Expert Comment

by:George Simos
ID: 36514160
Yes it's in the advanced tab.
Did you got an error again when you pressed the Discover Button? (Don't try it first by entering manually the Site Code, we need to test the Site Discovery via the SLP)
0
 
LVL 7

Expert Comment

by:George Simos
ID: 36514223
ClaudeWalker,

Do you have a WINS server installed in your network?
If yes then we have one last step to do, this is the manual registration of SLP at the WINS server.

To do this go to the server that holds the WINS Server service and follow these steps:

1. Open a command prompt.
2. Type netsh, and press Enter.
3. Type wins, and press Enter.
4. Type server, and press Enter.
5. Type the appropriate add name command. For example:
add name Name=SMS_SLP endchar=1A rectype=0 ip={static IP of your SLP}
0
 

Author Comment

by:ClaudeWalker
ID: 36514241
How do I know what the name of my sys_SLP is?  Is that the computer name in AD or is it the site database name?
0
 
LVL 7

Expert Comment

by:George Simos
ID: 36514271
in the line above you only have to fill in your Site Server's IP address (the one that holds the SLP role) in your case is 192.168.1.41 also don't include the curly braces, so your line should be:

add name Name=SMS_SLP endchar=1A rectype=0 ip=192.168.1.41

Open in new window


SMS_SLP is the record type registered in WINS and is used by ConfigMgr Clients to locate the SLP (SMS is the old name of ConfigMgr).
0
 
LVL 7

Expert Comment

by:George Simos
ID: 36514316
In order to verify the correct registration run this while in netsh:

show name Name=SMS_SLP endchar=1A

Open in new window


After that make sure that your clients have the WINS Server set in their TCP/IP Properties (these may be distributed via DHCP but I don't know your network infrastructure to assume that).

Then by pressing the Discover button on a client it will find the SLP and you'll be ok, just let the clients some time to start discovering at their own intervals.
0
 

Author Comment

by:ClaudeWalker
ID: 36523093
How do I know if I have a WINS Server?

When I entered show name Name=SMS_SLP endchar=1A in netsh I got a "Wins Server Show Name failed with error:  the name does not exist in the WINS database"

Perhaps SMS_SLP doesn't exist?  Or do I not have a Wins Sever?

Thanks for sticking with me on this.  I think we're close.
0
 

Author Comment

by:ClaudeWalker
ID: 36523154
That error above is when I tried on the SCCM server.  However, when I try on the domain controller I get a the parameter specified is either invalid or insufficient to complete operations.

When I try on the SCCM server I can't get server

netsh
wins
server = error
and the cmd prompt is netsh winsock>
0
 

Author Comment

by:ClaudeWalker
ID: 36523323
Can I manually add an entry through the GUI of the WINS server on the domain controller?
0
 

Author Comment

by:ClaudeWalker
ID: 36524335
Here is my WINS server entry.

My issue with the command line was using the Name= I should have just typed in the name.

 Added via GUI
0
 

Author Comment

by:ClaudeWalker
ID: 36524352
Here is the locationservices log.
<![LOG[Current AD site of machine is Default-First-Site]LOG]!><time="12:27:20.619+300" date="09-12-2011" component="LocationServices" context="" type="1" thread="5776" file="lsad.cpp:457">
<![LOG[Attempting to retrieve SLPs from AD]LOG]!><time="12:27:20.624+300" date="09-12-2011" component="LocationServices" context="" type="1" thread="5776" file="lsad.cpp:2261">
<![LOG[Failed to resolve 'SMS_SLP' to IP address from WINS]LOG]!><time="12:27:25.438+300" date="09-12-2011" component="LocationServices" context="" type="3" thread="5776" file="lswins.cpp:324">
<![LOG[LSGetSLP : Failed to resolve SLP from WINS, is it published]LOG]!><time="12:27:25.438+300" date="09-12-2011" component="LocationServices" context="" type="3" thread="5776" file="lsad.cpp:2277">
<![LOG[LSGetAssignedSiteFromSLP : Unable to get the list of SLPs]LOG]!><time="12:27:25.438+300" date="09-12-2011" component="LocationServices" context="" type="3" thread="5776" file="lsad.cpp:1986">

Open in new window

0
 
LVL 7

Accepted Solution

by:
George Simos earned 500 total points
ID: 36525388
Make sure your client has the WINS' Server IP in the TCP/IP configuration (WINS Tab)
0
 

Author Comment

by:ClaudeWalker
ID: 36525518
I added them.  I guess I'll give them time to propagate.  

I deleted my machine from the collection and now I can't see it.  The reason for this is that I was no longer able to do a push install.  I wanted to install using the command line switch SMSSLP=SMS_PRJ.  

However, I could get the install to run locally NOR pushing.

So I deleted my machine from the collection.  I'm trying to re-add my machine so I can see it in the collection but it hasn't been discovered in the past few hours.  I no longer have the log because I deleted the folder so the install log is gone.

Phase1:   How do I re-add my machine.  
Phase2:  Try push install
Phase3:  Figure out why I can't push install anymore

This has been a disaster but I appreciate your help very much.

0
 

Author Closing Comment

by:ClaudeWalker
ID: 36530468
I appreciate you keeping up with me on this.  I'll have to put the project down and perhaps re-install throughly going through the documentation (I wasn't pulling my weight by the end).

Perhaps I'll wait for 2012 to come out and maybe it will be easier to configure.

Thanks again, you went above and beyond,
JOe K.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Every system administrator encounters once in while in a problem where the solution seems to be a needle in haystack.  My needle was an anti-virus version causing problems with my Exchange server. I have an HP DL350 with Windows Server 2008 Stand…
Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now