• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1730
  • Last Modified:

Client Push Install SCCM2007

I am running System Center Configuration Manger 2007 R3.  I am having probems with the push install.

All the machines are discovered, the primary site is not the domain controller but is a domain admin in AD.  The internal firewall is off throughout the network.

I can't figure out why this won't push to clients.

Any ideas,
JOe K.
0
ClaudeWalker
Asked:
ClaudeWalker
  • 23
  • 14
  • 3
  • +1
1 Solution
 
KezziCommented:
Are you using a client push installation account?
0
 
ClaudeWalkerAuthor Commented:
You're referring to an account in AD or a special account within SCCM?

I created an account on default called SCCM which is a domain admin, domain user and offer remote assistance user account.

0
 
KezziCommented:
OK and you have specified this account on the Accounts tab of your Client Push Installation setting?

One of the first things SCCM does prior to installing the client, is making sure it can access the admin$ share of the machine, it then caches the files locally via BITS transfer.  Do you have any log files on the pc's at all?  It is attempting the install and failing, or is not reaching the client at all.
0
Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

 
ClaudeWalkerAuthor Commented:
I have domain\administrator AND domain\sccm added to the client push installation setting.

I looked at the log on the machine and I don't see anything about a failed installation.  Therefore, I don't think it's reaching the client.

0
 
ClaudeWalkerAuthor Commented:
I stand corrected:

Under the event log I get this under system:

Event ID:      7036
The ccmsetup service entered the stopped state.
-----------------------------------------------------------------
Log Name:      System
Source:        Service Control Manager
Date:          9/8/2011 11:51:23 AM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      wks-0052.PHI.local
Description:
The ccmsetup service entered the stopped state.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-08T16:51:23.112518300Z" />
    <EventRecordID>27197</EventRecordID>
    <Correlation />
    <Execution ProcessID="684" ThreadID="4072" />
    <Channel>System</Channel>
    <Computer>wks-0052.PHI.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">ccmsetup</Data>
    <Data Name="param2">stopped</Data>
    <Binary>630063006D00730065007400750070002F0031000000</Binary>
  </EventData>
</Event>
0
 
ClaudeWalkerAuthor Commented:
It looks like I didn't have BITS OR WebDAV configured properly.

http://technet.microsoft.com/en-us/library/cc431377.aspx



0
 
ClaudeWalkerAuthor Commented:
I was able to deploy the software however the machine is still not listed as a client within my collections.

Any idea on why this may be happening?
0
 
merowingerCommented:
Please download the ConfigMgr v2 Toolkit and start the MP Troubleshooter within that. This tools makes you possible to check your Management Point for errors and wrong configuration
0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
If client push is such a pain for you to achieve then why don't you try the "Software Update Based Client Installation" method?
It doesn't requires turning off host firewalls.
You can find more here http://technet.microsoft.com/en-us/library/bb633194.aspx
Also you may wan't to check that you don't have any host firewalls from your Endpoint Protection Solution (Such Symantec Endpoint Protection, ESET etc), there were cases that people had their host windows firewalls turned off but their endpoint protection solutions were taking over!
0
 
KezziCommented:
Claude do you have 3rd party tools installed on your console?
If not, in control panel - Configuration Manager client, initiate the discovery action.

Also, If the client is now installed on a machine, you can post the C:\windows\system32\ccm\logs folder here and we can look through the logs to see what may be failing.
0
 
ClaudeWalkerAuthor Commented:
The MP troubleshooter checked out

It looks like all the machines now have configuration manager and run advertised program in the control panel.  However, they are not listed as clients.

When I went to the control panel to initiate discovery it can't find the site automatically NOR when I put the site code in.  

Also, the ConnectionType is not listed in the general properties of configuration manager.
ConnectionTypeUnknown.jpg
AutoSiteCode-NotFound.jpg
0
 
ClaudeWalkerAuthor Commented:
That:  C:\windows\system32\ccm\logs directory does not exist.
0
 
ClaudeWalkerAuthor Commented:
Sorry it was in SysWOW64.  Which file would you like me to post?
0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
Hi ClaudeWalker,

I'd like to ask you if you have enabled the "Server Locator Point" (SLP) on your site server, if not then you should do this first because it's vital for the Client Assignment, especially when you haven't extended your Active Directory schema (which as far as I understand you haven't yet and you did a custom install as you mentioned in your previous question here http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Systems_Management_Server/Q_27282603.html).

You may check the existence of the "SLP" by going to "SITE DB (SITE NAME) > Site Mgmt > Site Name > Site Settings > Site Systems > Server Name" and check if "ConfigMgr Server Locator Point" role exists.
If not then right click on the "Server Name" and select "New roles" then add the "Server Locator Point" Role accordingly.

Also before this, please post the log file named "LocationServices.log" from a client of yours that can't find the Site Server.

After installing the SLP try to discover the site server from a client manually and tell us what happened.
0
 
ClaudeWalkerAuthor Commented:
Thaks for your detailed response:

I had SLP installed with "Use the site database" and "Use the Server locator point's computer account" options selected.

Here is my locatoryServices.log file from the client workstation. Manual Entry of Site CodeLocationServices.log
0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
Please post a snapshot or a list of your Boundaries.
0
 
ClaudeWalkerAuthor Commented:
Here you go:  
 boundaries
0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
Well that's not adequate, setting the AD site boundary is useful when you have also extended the AD Schema for Configuration Manager, while this boundary let's your Site Server discover the potential clients of your AD Site(s) it is not used by the SLP role which needs the boundary in the form of an IP network.
Now if you remember from your previous post (about WSUS) I told you to add also the IP subnet or subnets of your network for later use (and because i didn't know every detail of your installation).
So in order to make the SLP available to clients (for the part of Site discovery from them) you should add any subnets you use and are interested to be covered from SLP, from the above images I can say that you use the network 192.168.152.x Network but I don't know the Subnet Mask.
Please add this network at least in the Boundaries area and retry the discovery.

Note: Your logfile states the errors of the incapability of clients to detect the SLP :)
0
 
ClaudeWalkerAuthor Commented:
hmmm.  Where did you get 192.168.152.x from?  

Where can I find my subnet using ipconfig /all I can see is the subnet mask 255.255.255.0 and our gateway is 192.168.1.x
0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
Sorry I stick the digits 1.52 accidentally in one number :)

I got it from the images of yours above.

The subnet mask is the one you need, this denotes the subnet.
0
 
ClaudeWalkerAuthor Commented:
So my gateway is 192.168.1.1
my sn mask is 255.255.255.0

does that mean my subnet id is 192.168.1.0?

That's what it keeps defaulting to.
0
 
ClaudeWalkerAuthor Commented:
Are these the correct settings?

my SCCM server is .41

 subnet
0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
This is not correct, fill only the Subnet ID with the 192.168.1.0 digits, type the subnet mask and delete the Network ip of 192.168.1.41.
Remember we need to claim the network not a single ip address as your example above.
So it should look like this (after you press OK and re-entering it's properties) :
Adding a Subnet as a boundary for SLP Use
0
 
ClaudeWalkerAuthor Commented:
I did that and I still can't get this registered as a client

 still not listed as a client in the collection
0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
And you should have already a WINS server installed on your network (it's a trivial thing to do).
0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
You should go on a Client and open the Configuration Manager Client through Control Panel, then click discover.
Give it some time though....
0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
Then please post the logs named "ClientLocation.log" and "LocationServices.log" here.
0
 
ClaudeWalkerAuthor Commented:
Is the discover setting in the advance tab?  That's the only place where I can see it.  I tried inputting the site code but still didn't get anything.

Here's the client logs.
ClientLocation.log
LocationServices.log
0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
Yes it's in the advanced tab.
Did you got an error again when you pressed the Discover Button? (Don't try it first by entering manually the Site Code, we need to test the Site Discovery via the SLP)
0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
ClaudeWalker,

Do you have a WINS server installed in your network?
If yes then we have one last step to do, this is the manual registration of SLP at the WINS server.

To do this go to the server that holds the WINS Server service and follow these steps:

1. Open a command prompt.
2. Type netsh, and press Enter.
3. Type wins, and press Enter.
4. Type server, and press Enter.
5. Type the appropriate add name command. For example:
add name Name=SMS_SLP endchar=1A rectype=0 ip={static IP of your SLP}
0
 
ClaudeWalkerAuthor Commented:
How do I know what the name of my sys_SLP is?  Is that the computer name in AD or is it the site database name?
0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
in the line above you only have to fill in your Site Server's IP address (the one that holds the SLP role) in your case is 192.168.1.41 also don't include the curly braces, so your line should be:

add name Name=SMS_SLP endchar=1A rectype=0 ip=192.168.1.41

Open in new window


SMS_SLP is the record type registered in WINS and is used by ConfigMgr Clients to locate the SLP (SMS is the old name of ConfigMgr).
0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
In order to verify the correct registration run this while in netsh:

show name Name=SMS_SLP endchar=1A

Open in new window


After that make sure that your clients have the WINS Server set in their TCP/IP Properties (these may be distributed via DHCP but I don't know your network infrastructure to assume that).

Then by pressing the Discover button on a client it will find the SLP and you'll be ok, just let the clients some time to start discovering at their own intervals.
0
 
ClaudeWalkerAuthor Commented:
How do I know if I have a WINS Server?

When I entered show name Name=SMS_SLP endchar=1A in netsh I got a "Wins Server Show Name failed with error:  the name does not exist in the WINS database"

Perhaps SMS_SLP doesn't exist?  Or do I not have a Wins Sever?

Thanks for sticking with me on this.  I think we're close.
0
 
ClaudeWalkerAuthor Commented:
That error above is when I tried on the SCCM server.  However, when I try on the domain controller I get a the parameter specified is either invalid or insufficient to complete operations.

When I try on the SCCM server I can't get server

netsh
wins
server = error
and the cmd prompt is netsh winsock>
0
 
ClaudeWalkerAuthor Commented:
Can I manually add an entry through the GUI of the WINS server on the domain controller?
0
 
ClaudeWalkerAuthor Commented:
Here is my WINS server entry.

My issue with the command line was using the Name= I should have just typed in the name.

 Added via GUI
0
 
ClaudeWalkerAuthor Commented:
Here is the locationservices log.
<![LOG[Current AD site of machine is Default-First-Site]LOG]!><time="12:27:20.619+300" date="09-12-2011" component="LocationServices" context="" type="1" thread="5776" file="lsad.cpp:457">
<![LOG[Attempting to retrieve SLPs from AD]LOG]!><time="12:27:20.624+300" date="09-12-2011" component="LocationServices" context="" type="1" thread="5776" file="lsad.cpp:2261">
<![LOG[Failed to resolve 'SMS_SLP' to IP address from WINS]LOG]!><time="12:27:25.438+300" date="09-12-2011" component="LocationServices" context="" type="3" thread="5776" file="lswins.cpp:324">
<![LOG[LSGetSLP : Failed to resolve SLP from WINS, is it published]LOG]!><time="12:27:25.438+300" date="09-12-2011" component="LocationServices" context="" type="3" thread="5776" file="lsad.cpp:2277">
<![LOG[LSGetAssignedSiteFromSLP : Unable to get the list of SLPs]LOG]!><time="12:27:25.438+300" date="09-12-2011" component="LocationServices" context="" type="3" thread="5776" file="lsad.cpp:1986">

Open in new window

0
 
George SimosIT Pro Consultant - IT Systems AdministratorCommented:
Make sure your client has the WINS' Server IP in the TCP/IP configuration (WINS Tab)
0
 
ClaudeWalkerAuthor Commented:
I added them.  I guess I'll give them time to propagate.  

I deleted my machine from the collection and now I can't see it.  The reason for this is that I was no longer able to do a push install.  I wanted to install using the command line switch SMSSLP=SMS_PRJ.  

However, I could get the install to run locally NOR pushing.

So I deleted my machine from the collection.  I'm trying to re-add my machine so I can see it in the collection but it hasn't been discovered in the past few hours.  I no longer have the log because I deleted the folder so the install log is gone.

Phase1:   How do I re-add my machine.  
Phase2:  Try push install
Phase3:  Figure out why I can't push install anymore

This has been a disaster but I appreciate your help very much.

0
 
ClaudeWalkerAuthor Commented:
I appreciate you keeping up with me on this.  I'll have to put the project down and perhaps re-install throughly going through the documentation (I wasn't pulling my weight by the end).

Perhaps I'll wait for 2012 to come out and maybe it will be easier to configure.

Thanks again, you went above and beyond,
JOe K.
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

  • 23
  • 14
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now