SCCM 2012 R2 Package Deployment Compliance Stuck at 0%

Hi all;

I'm trying to deploy a couple of packages using SCCM 2012 R2 running on Win2K8 R2 with no luck, knowing that I could install the packages on a test VM, but when trying to deploy the packages to production PC, packages deployment compliance stuck at 0%

Infrastructure:

3 SCCM servers: CAS, PRI & SEC. Both CAS and PRI are in the DataCenter site, and SEC is in the Office site. The office site has several IP subnets.

Boundaries are configured per AD sites since that the AD site should contain all the IP subnets the the AD site contains, Boundaries groups are also configured and a site reference server is configured for each group respectively.

A OU based Collection has been configured that contains 13 PC "the collection contains the PCs that the packages should be installed.

Packages are configured correctly since that I could successfully deploy the packages to the test VM which is on the same subnet as the CAS and the PRI servers "the DataCenter subnet". The issue is that I can't deploy the packages to production PCs in the Office subnet!

Firewall rules are configured and applied via GP, and I even turned Windows Firewall off, and still nothing! I tried to manually initiate Computer Policy download via the SCCM GUI and via a script, still no luck!

I tried configuring IP Subnet Boundaries, still no luck!!

What I'm I missing?

Please help...
Kinan Al-HaffarSenior Systems EngineerAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Kinan Al-HaffarConnect With a Mentor Senior Systems EngineerAuthor Commented:
The issue is solved for now and things are stable.

Here is how the issue was resolved:

1.      Client side: Upgraded the Test VM to Win7 SP1, and installed all the required Windows Updates, then I performed the following concerning the following errors:

A.      For the “SHA could not bind as nap agent might not be running” error, I did the following fix:

1. Open regedit
2. Navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B292921D-AF50-400c-9B75-0C57A7F29BA1}
3. Right click the {B292921D-AF50-400c-9B75-0C57A7F29BA1} folder and select "Permissions"
4. Click Advanced
5. Click the "Owner" tab
6. Change owner to the local "Administrators" group and click OK.
7. Grant the local "Administrators" group Full Control over the {B292921D-AF50-400c-9B75-0C57A7F29BA1} key and click OK.
8. Launch “Component Services” under Start -> Programs -> Administrative Tools
9. Navigate to Component Services -> Computers -> My Computer -> DCOM Config
10. Right-click the "NAP Agent Service" and select properties.
11. Click the security tab
12. Click the "Edit..." button under the "Launch and Activation Permissions"
13. Highlight the "SYSTEM" user. Grant the user "Local Launch" permission.
14. Click OK and exit out of Component Services and regedit.

B.  For the “could not load logging configuration for component CcmTask using default values” error, I did the following: I uninstalled the client and pushed it again from the console, rebooted, and the error vanished.

2.       On the backend, I added TCP and UDP port 1434 to both inbound and outbound FW rule to the FW GP.
3.      Uninstalled the SQL 2008R2 Native client and reinstalled again across all SCCM 3 servers, rebooted, tested the App Deployment and it worked fine.
0
 
Kinan Al-HaffarSenior Systems EngineerAuthor Commented:
I set the Boundaries as AD sites since that the AD site should contain all the IP subnets with in that site. Therefore; I have 2 Boundaries, One for the DataCenter and one for the office that reflicts the AD sites and services current configuration, and each Boundary belongs to a Boundary group group that contains the reference site server for each site. I also did configure IP subnets for the different IP sunbents in each site and join them to the respective Boundary group, but still no luck.
0
 
Kinan Al-HaffarSenior Systems EngineerAuthor Commented:
I changed the Boundaries to IP Ranges, recreated the package and still no luck... the compliance still 0% and the package is still in the Unknown status....
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
Kinan Al-HaffarSenior Systems EngineerAuthor Commented:
Changed the Boundaries to Automatic by Forest Discovery, and recreated the package, and still no luck.....

Please help....
0
 
Kinan Al-HaffarSenior Systems EngineerAuthor Commented:
Update:

I created Automatic Boundaries "IP Range & AD Sites" via Forest Discovery, and created  a new Client Settings and deployed it, recreated the Package and deployed it.

Results:

1. The package was installed on 5 PCs out of 13

2. 3 show as success and 10 show as Unknown, although that the package has been installed on 5 PCs!

3. All PCs run Win7 SP1 64x with the latest updates, firewall rules have been configured via GP and deployed to all PCs

Can anyone please advise why the package isn't getting installed on the remaining PCs, and why the 2 PCs that have the package installed are still showing as unknown in the Package status?

Please help...
0
 
Kinan Al-HaffarSenior Systems EngineerAuthor Commented:
Anybody...
0
 
eeRootCommented:
Have you been able to push updates to these PC's before?  Or are these PC's getting patched via SCCM for the first time?  can yo verify that the Windows Update service is running and issue the "gpupdate /force" command on a few of them?  Can you post a few screenshots of how the deployment is currently configured?  And can you check of of the PC's for any update related errors in the event logs?
0
 
Kinan Al-HaffarSenior Systems EngineerAuthor Commented:
Issue was solved
0
All Courses

From novice to tech pro — start learning today.