Hi Prajwal,
I am having issue with the client Status of devices that are part of an untrusted domain. This is a newly added forest that I would like to manage with our current sccm environment, but for several considerations there is no trust set between the forests.
I used some online guidance to setup the new forest in SCCM, and what I have so far:
- All the ports: 80,443,8530,8531,10123,3268 are open from the clients
- Boundaries for the new Forest are set in SCCM
- The discovery and publishing is Successful to the new forest in SCCM
- Clients are visible in the console, but shown as "NO" (The clients were installed manually also by using the switches for the MP and DNSSuffix). I only see two actions in the control panel.
- nslookup can resolve the FQDN of the management point from the client
Things that I noticed:
When I was checking the connectivity to the management point from the client in the new forest, I noticed that if I type the management point name/IP to the web browser, it cannot reach the page.
Also some additional info from logs:
ccmeval.log (just the most recent errors):
Failed in WinHttpReceiveResponse API, ErrorCode = 0x2efe
[CCMHTTP] ERROR: URL=http://Managementpoint/SMS_MP/.sms_aut?MPLIST, Port=80, Options=1216, Code=12030, Text=ERROR_WINHTTP_CONNECTION_ERROR
Failed to queue event on HTTP/HTTPS failure for server 'managementpoint'. Error 0x87d00202
Can't get MP list from MP
Client registered check: FAILED
Communication with MP check: FAILED
Failed to get MDM_ConfigSetting instance, 0x80041013
No errors in the ClientLocation.log, it seems to see there the Assigned Site and MP.
smscliui.log:
Failed to set DNSSuffix value to the registry.
ccmmessaging.log:
Post to managementpoint failed with 0x87d00231.
locationservices.log:
Failed to send management point list Location Request Message to managementpoint
I am searching around in google but nothing helped so far.
Have you had a similar behavior like this already?
Thanks!
I am having issue with the client Status of devices that are part of an untrusted domain. This is a newly added forest that I would like to manage with our current sccm environment, but for several considerations there is no trust set between the forests.
I used some online guidance to setup the new forest in SCCM, and what I have so far:
- All the ports: 80,443,8530,8531,10123,3268 are open from the clients
- Boundaries for the new Forest are set in SCCM
- The discovery and publishing is Successful to the new forest in SCCM
- Clients are visible in the console, but shown as "NO" (The clients were installed manually also by using the switches for the MP and DNSSuffix). I only see two actions in the control panel.
- nslookup can resolve the FQDN of the management point from the client
Things that I noticed:
When I was checking the connectivity to the management point from the client in the new forest, I noticed that if I type the management point name/IP to the web browser, it cannot reach the page.
Also some additional info from logs:
ccmeval.log (just the most recent errors):
Failed in WinHttpReceiveResponse API, ErrorCode = 0x2efe
[CCMHTTP] ERROR: URL=http://Managementpoint/SMS_MP/.sms_aut?MPLIST, Port=80, Options=1216, Code=12030, Text=ERROR_WINHTTP_CONNECTION_ERROR
Failed to queue event on HTTP/HTTPS failure for server 'managementpoint'. Error 0x87d00202
Can't get MP list from MP
Client registered check: FAILED
Communication with MP check: FAILED
Failed to get MDM_ConfigSetting instance, 0x80041013
No errors in the ClientLocation.log, it seems to see there the Assigned Site and MP.
smscliui.log:
Failed to set DNSSuffix value to the registry.
ccmmessaging.log:
Post to managementpoint failed with 0x87d00231.
locationservices.log:
Failed to send management point list Location Request Message to managementpoint
I am searching around in google but nothing helped so far.
Have you had a similar behavior like this already?
Thanks!
