What's new
Forums on Intune, SCCM, and Windows 11

Welcome to the forums. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your topics and posts, as well as connect with other members through your own private inbox!

SOLVED Broken link between Windows 7 SCCM clients and MP. Application portal fails to install applications

Status
Not open for further replies.
J

John Simiyu

Member
Messages
6
Reaction score
1
Points
3
I have an issue on my SCCM 2012 SP1 server managing 2000+ clients and running on Windows server 2012 platform. Everything was running smoothly until recently when most of the Windows 7 client machine status suddenly changed status to inactive and when I deploy applications they cannot be reached as they appear as Unknown. Similarly I cannot install any application from the client's self service portal and I get the error “cannot install or request software. The security information for this application could not be verified”. The system and component status shows all is green OK. I have tried to remove and reinstall the MP role rebooting in the process but there is no change.It's apparent the client machines are no longer able to pick policies from the MP.
The MP health check reveals it is ok.
http://<Mysite server>/sms_mp/.sms_aut?mpcert
<?xml version=”1.0??>
-<MPCertificate>
<Certificate>308202ED30820185FA8CDFC5C0FBCAE84177CC24C6052BD1377750B558(summarized) 57F9542488</Certificate>
</MPCertificate>
------------------------------------
http://<Mysite server>/sms_mp/.sms_aut?mplist
<?xml version=”1.0??>
-<MPList>
-<MP FQDN=”<Mysite server>” Name=”<Mysite server>”>
<Version>7804</Version>
-<Capabilities SchemaVersion=”1.0?>
<Property Name=”SSLState” Value=”0?/>
</Capabilities>
</MP>
</MPList

A review at the Windows 7 clients logs reveals the following:

ClientLocation.LOG
———————-
Assigned MP changed from <SiteServer> to <SiteServer>. ClientLocation 5/17/2016 6:31:38 PM 4928 (0x1340)
Current AD forest name is <My domain>, domain name is <My domain> ClientLocation 5/18/2016 11:34:20 AM 456 (0x01C8)
Domain joined client is in Intranet ClientLocation 5/18/2016 11:34:20 AM 456 (0x01C8)
Rotating assigned management point, new management point [1] is: SiteServer (7804) with capabilities: <Capabilities SchemaVersion=”1.0?><Property Name=”SSLState” Value=”0?/></Capabilities> ClientLocation 5/18/2016 11:34:20 AM 456 (0x01C8)
Assigned MP changed from <SiteServer> to <SiteServer>. ClientLocation 5/18/2016 11:34:20 AM 456 (0x01C8)

ClientIDManagerStartup.log
—————————
[RegTask] – Client is not registered. Sending registration request for GUID:6C3D7776-184C-48DD-A8BA-738BCF32644E … ClientIDManagerStartup 5/18/2016 12:20:21 PM 456 (0x01C8)
RegTask: Failed to send registration request message. Error: 0x87d00231 ClientIDManagerStartup 5/18/2016 12:20:21 PM 456 (0x01C8)
RegTask: Failed to send registration request. Error: 0x87d00231 ClientIDManagerStartup 5/18/2016 12:20:21 PM 456 (0x01C8)
[RegTask] – Sleeping for 960 seconds … ClientIDManagerStartup 5/18/2016 12:20:21 PM 456 (0x01C8)

CcmMessaging.log
——————
[CCMHTTP] ERROR: URL=http://SiteServer/ccm_system_windowsauth/request, Port=80, Options=224, Code=0, Text=CCM_E_BAD_HTTP_STATUS_CODE CcmMessaging 5/18/2016 12:20:21 PM 456 (0x01C8)
Raising event:
instance of CCM_CcmHttp_Status
{
ClientID = “GUID:6C3D7776-184C-48DD-A8BA-738BCF32644E”;
DateTime = “20160518092021.705000+000”;
HostName = “SiteServer”;
HRESULT = “0x87d0027e”;
ProcessID = 4180;
StatusCode = 400;
ThreadID = 456;
};
CcmMessaging 5/18/2016 12:20:21 PM 456 (0x01C8)
Request to http://SiteServer/ccm_system_windowsauth/request failed with 400 CcmMessaging 5/18/2016 12:20:21 PM 456 (0x01C8)
Successfully sent location services HTTP failure message. CcmMessaging 5/18/2016 12:20:21 PM 456 (0x01C8)
Post to http://SiteServer/ccm_system_windowsauth/request failed with 0x87d00231. CcmMessaging 5/18/2016 12:20:21 PM 456 (0x01C8)

LocationServices.log
———————–
Name: ‘Siteserver’ HTTPS: ‘N’ ForestTrust: ‘N’ LocationServices 5/18/2016 11:34:20 AM 456 (0x01C8)
Retrieved lookup MP(s) from AD LocationServices 5/18/2016 11:34:20 AM 456 (0x01C8)
Default Management Points from AD: LocationServices 5/18/2016 11:34:20 AM 456 (0x01C8)
Name: ‘Siteserver’ HTTPS: ‘N’ ForestTrust: ‘N’ LocationServices 5/18/2016 11:34:20 AM 456 (0x01C8)
Persisting the default management points in WMI LocationServices 5/18/2016 11:34:20 AM 456 (0x01C8)
Current AD site of machine is NOFDATACENTER LocationServices 5/18/2016 11:34:20 AM 456 (0x01C8)
Failed to send management point list Location Request Message to Siteserver LocationServices 5/18/2016 11:34:20 AM 456 (0x01C8)
Persisted Default Management Point Locations locally LocationServices 5/18/2016 11:34:20 AM 456 (0x01C8)
Attempting to retrieve local MPs from the assigned MP LocationServices 5/18/2016 11:34:20 AM 456 (0x01C8)
Current AD site of machine is NOFDATACENTER LocationServices 5/18/2016 11:34:20 AM 456 (0x01C8)
Failed to send management point list Location Request Message to Siteserver LocationServices 5/18/2016 11:34:20 AM 456 (0x01C8)

Any ideas on how to resolve the issue will be highly appreciated.
 

Attachments

  • client erro.JPG
    client erro.JPG
    43.1 KB · Views: 23
  • appcatalog.JPG
    appcatalog.JPG
    52.7 KB · Views: 22
Sort by date Sort by votes
Thanks for your response. I have also checked the mpcert and mplist on the Windows 7 clients and they appear Ok. I upgraded SCCM to SP2 and manually removed and reinstalled the client on several Windows 7 machines using the client push option. The client version changed from 5.00.7804.100 to
5.00.8239.1000 respectively however the config manager console has not reflected the change obviously because the policies are not effected as yet. Consequently the the config manager properties proves that the client is not registered as certificate shows none, the unique identifier is missing from and Action tab shows only 2 items for machine and user policy retrieval cycle. I have repaired the MP but no change. There is a slight increase in the number of active clients. I'm currently trying to probe the connectivity issue (firewall) with my network security team and it's proving to be difficult to identify where the issue might be.
 
Upvote 0 Downvote
After reviewing the CcmMessaging.log on the Win7 machines I noticed a failure in connecting to port 80.
[CCMHTTP] ERROR: URL=http://server/ccm_system_windowsauth/request, Port=80, Options=224, Code=0, Text=CCM_E_BAD_HTTP_STATUS_CODE

I engaged our Cisco network team to check out the issue. It took a while to discover changes had been made on the proxy server and the new Web Cache Communication Protocol (WCCP) Cisco IOS rules that were blocking traffic on port 80. Changed ports under Site properties from 80 to alternate port 8080 and all machines changed status to active.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

  • PENDING SCCM Capture media error 0x80070091
  • PENDING Fresh SCCM Server 2022 Install – Reuse Same Site Code Without Reinstalling All Clients?
  • PENDING Problems after Upgrading to ConfigMgr 2503
  • PENDING MDT integration still working in SCCM 2509?
  • PENDING SCCM failed update, restored but thinks its still on the new version - SQL issue?

    • Forum statistics

    Threads
    7,135
    Messages
    27,867
    Members
    18,153
    Latest member
    gpickardnsf

    Latest posts

    Trending content
    Back
    Top