What's new
Forums on Intune, SCCM, and Windows 11

Welcome to the forums. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your topics and posts, as well as connect with other members through your own private inbox!

SOLVED OSD broken after HTTPs setup

  • Thread starter Thread starter TRichards
  • Start date Start date
  • Replies Replies 6
  • Views Views 11K
Status
Not open for further replies.
T

TRichards

New Member
Messages
2
Reaction score
0
Points
1
Hello All!

I have hunted the internet over and have not been able to find a solution to my issues, so I was hoping someone here might guide me in the right direction. Our SCCM environment is setup with two servers. One for the DB, and the other for all the management roles. The environment was built as http, however, we recently changed our SCCM environment over to HTTPS for the MP/DP/SUP. Everything worked fine before the switch. Now everything is running correctly as HTTPS except for the PXE/OSD portion. When a machine PXE boots, the machine connects, gets an ip, gets to the password prompt screen, you enter the password and then it does the "Retrieving policy for this computer..." before throwing an error(8004005). There are no errors in the SMSPXE.log. The smsts.log shows the message below five times before it jumps to the finish page and shows the bottom message in the smsts.log. I know that it has something to do with the certificate, but my searching has not yet found the solution. I appreciate the help!

Thanks,
Tanner

1568317255978.png

1568317421388.png
 
Sort by date Sort by votes
Thanks for the response. I followed guides from here and a few other sites when building all the certs and making the switch over to https, so it should all be correct. I have the client check CRL unchecked, so I don't think that should be the issue either. Time on the SCCM server reflects time we are seeing on the DC's and clients, so that shouldn't be the issue either. I'll keep looking, but thanks for the reply!
 
Upvote 0 Downvote
post your smsts.log. cant really tell from your screenshot as the second line is already saying exiting TS.
 
Upvote 0 Downvote
i also remember there is a pxe setting where you can specify http, https or http and https. maybe try http and https?

have you tried pxe boot successfully on this computer? sometime the pxe failed because there is no network driver in the boot image to retrieve the policy.
 
Upvote 0 Downvote
I just went through this myself. I could PXE boot and enter my imaging password but crashed and burned when trying to load the available task sequences.

Most definitely take a look at the link that Sam Banford posted at the top. You will need to make sure that both your DP and IIS cert has been assigned to the DP (check certlm.msc). Make sure that you have the IIS cert assigned in IIS as well on the DP. I had to manually add https to the default website on the DP. Lastly, export the DP pfx and specify that PFX under the communication tab for the DP. Once I went through these steps, I was able to load task sequences and image.
1569269079270.png
1569269151581.png
1569269199506.png
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

  • PENDING MECM cannot access to WSUS WID
  • PENDING Intune Expedite Update policy missing KB5077744 OOB update
  • PENDING KB5077744 update deployment via SCCM
  • CM 2509 - AdminService now rejects NTLM authentication
  • Service Connection Tool improvements in SCCM 2509

    • Forum statistics

    Threads
    7,170
    Messages
    27,982
    Members
    18,283
    Latest member
    mcristea

    Latest posts

    Trending content
    Back
    Top