SCCM 2016 client connectivity

I am working with SCCM 2016 on server 2019. I have a client that is functional but the CcmMessaging log display these messages:

No reply message from Server. Server may be temporarily down or a transient network error.
Post to http://Hood.IFM/ccm_system_windowsauth/request failed with 0x8000000a.

I have full connectivity to the device, it shows active in SCCM console, I can use SCCM to remote control and deploy software (I have been testing software center all morning with no issues)

I looked up the errors and people suggested reinstalling the MP which is on "hood" and as soon as I do that, everything breaks, and I cannot restore a connection to the device no matter what I do during the reconfiguration.

*Any suggestions or other logs I should look at?
Steve HarrisIT AnalystAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

RobertSystem AdminCommented:
There may be a local security certificate is installed and config manager is trying to use it instead of the one it installs.
I previously ran into an issue where I had to go into the site and add a specific path for the SMS because of that.
I set it under the client computer communication. Modified the client certificate selection and entered SMS in the path.

If that is the case you would fine entries in the wsusctrl.log (mine was in c:\program files\Microsoft configuration manager\logs\wsusctrl.log)
Steve HarrisIT AnalystAuthor Commented:
I had a GPO that was assigning an auto enroll certificate for HTTPS (which I couldn't get working yet) so I removed it, still getting the same error with no certificates installed.

No errors in WSUSctrl.log either. (granted I am not pushing out updates from there yet)
RobertSystem AdminCommented:
The log may be in another location depending on your configuration.
The issue I ran into with the certificate path allowed the client to be remotely pushed but then it failed to connect to the server and report any status back.

Are any clients communicating properly (if not check that the IIS service and app pool are running, also that the firewall isn't blocking it)?

There are a lot of SCCM logs to review (personally I think to many) to determine the cause of the issue.
Usually I start by reviewing the logs on the client side then move on to the server logs.  
The error you provided is just basically indicating that the client cannot connect to the server.
Price Your IT Services for Profit

Managed service contracts are great - when they're making you money. Yes, you’re getting paid monthly, but is it actually profitable? Learn to calculate your hourly overhead burden so you can master your IT services pricing strategy.

Steve HarrisIT AnalystAuthor Commented:
The clients connected properly and nothing was blocking it on the firewall side.

So you lead me to the IIS pool which I found one setting that was changed for HTTPS that never got reconfigured.

enabling Anonymous Authentication in the IIS settings for the CCM_System_WindowsAuth page is the solution.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
RobertSystem AdminCommented:
Good find I am glad you were able to discover the cause of the issue.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.