FSiglmueller

Hi, I will send a Screenshot later. But in the software install group are only 2 steps. 1. Convert Collection variables (Coalesce Script) 2. Install Applications (Dynamic List) Do you Need More informations ? thanks in advance

Hi, attached the requested logfiles. Thanks in advance. Capture_TS_Logs.zip

Hi All ! I am struggeling with the following topic since a few days: I am not able to install applications during my Build and capture sequence. I have a PKI (HTTPS-only) infrastructure. I installed a client certificate during the unattend.xml. (https://www.jamesbannanit.com/2012/05/how-to-build-and-capture-in-configuration-manager-2012-using-https/) Softwareupdates install Fine - only Applications are the problem. Have you got an idea what I can do to fix this ? It seems like the Client is having Problems in communicating with the MP. In the IIS log I can‘t find any errors. Thanks in advance and a merry x-mas. Florian

Hi ! the registry is pointing to the correct endpoint. It would be great if you can remote assist. When does it fit for you ? Today evening (german time - 8.30pm) ? Thanks in advance

Hi ! No, ist doesn‘t Look like there is something missing. I checkend everything, but it does not upload the keys. Any ideas ? Thanks in advance

Hi All ! Today I checked it and found out, that the keys were not uploaded to the MECM database. But I don't no why. First I checked the registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" for the EnableEncryptionKey (without the XTS) but we only have there the keys for the XTS. Any ideas whats going on here ? Thanks in advance. Kind Regards

Hi ! Yes, all the Users are in the appropriate AD groups. No User groups were changed. That means the Users are the same like before the SQL Server move. Kind regards

Hi ! I didn't get any errors during the helpdesk installation. The powershell script went flawlessly. What do you mean with: - are your helpdesk users that you use to retrieve keys correctly setup ? All our groups exist in the AD. Thanks in advance. Kind regards

Hi ! OK, I tried the reinstallation, but the error still exist afterwards: Any ideas how to fix this ? Thanks in advance. Kind Regards Flo

Hi All, after moving the Primary Site (including the SUP) to another server, I am not able to download any Office 365 update. I will get the following error message: "Failed to download content id <ID>. Error: Invalid certificate signature". My WSUS Certificate of the new server (Self-Signed) is placed here: - trusted publishers - trusted root certificate authorities Any help is appreciated. Thanks in advance.

Hi All ! I have migrated my SQL DB to another Server. After that move the MECM Bitlocker Helpdesk Portal (Webportal) shows no recovery key for any system. When I have a look to the database, there are all entries inside (encrypted). How can I go on to get it working with the helpdesk Portal ? I urgently need the keys, because at the moment I am not able to solve any bitlocker issues for my systems. The whole MECM environment is in HTTPS mode only (if this is helpful). Any help is appreciated. Thanks in advance.

Hi, thanks for your reply. I just checked it. For me it seems ok: I have to use HTTP or HTTPS Mode, because most of my Distribution Points are configured in HTTP Mode at the moment. I will switch to fully HTTPS, when everything works fine with this Test-DP. The error only occurs during the step "Installing Software Updates". And thats what I only knew in the past from an Deployment to a Workgroup client. Any other ideas ? This time I deployed a domain client the OSD finished successfully, but the softwareupdate installation step failed with the following error: Could it be possible, that I imported a false certificate for the DP: Can I check, which certificate is the correct one for importing ? Thanks in advance.

Hi ! I have the following infrastructure: Site is HTTP and HTTPS All the MPs are in HTTPS mode. Several DPs in HTTP and only one which is configured for HTTPS. If I now try to run an OSD, the OSD fails after the step Install Software Updates. I only know that from the Build and Capture Tasksequence. Here I added the client certificate to my MDT package and modified the unattended.xml to import the .pfx file during the Apply Operation system step. What I have to do, to get a normal OS Deployment working with this HTTPS Distribution Point ? Do I have to modify anything like in the Build and Capture Tasksequence ? Which parameters I have to use during the Setup and Configuring SCCM Agent Step ? During the Installation I get the following error message in the log: The ConfigMgr Client encounted an SSL-related failure (0x80190193) when using BITS to access location https://<FQDN of the DP>:443 How can I fix it ? Thanks in advance. Regards Florian

Hi Niall, thanks for your reply. I did everything you mentioned, but now I got a really strange error message, when I try to load a report (via the browser URL to the Reportserver): A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.) I tried that from the Reportserver itself, which is hosted on the SCCM Primary Site (The SQL Server is also on that Server - Primary Site) I don't know why, because if I click on the lock in the browser to see the certificate and its chain, everything looks ok. Have you got an idea, what I did wrong ? Thanks in advance. Florian

Hi Niall, thanks for your reply. OK, I installed the Helpdesk and the SelfService on the Distribution Point. How can I now remove the old installation (Helpdesk and Selfservice) from the primary site ? Can you also tell me, if it is a must to set the ssl settings for both iis sites (Helpdesk and SelfService) to RequireSSL ? Thanks in advance. Florian

Hi Niall, thanks for your quick reply. 1. Can you please post the commandlines I have to use for moving those roles to another server ? 2. If I understand correctly, I don't have to prepare something, because: - I am a full admin in Configuration Manager - My MPs are all HTTPs enabled - The reporting service point is on my primary site (here it can stay, or must it be also installed on the Distribution Point, where I want the Helpdesk and SelfService to be ?) - I only have to install the ASP.NET MVC 4.0 on the Distribution Point, where I want to host the SelfService and the Helpdesk, correct ? - My user is a sql sysadmin I would appreciate a quick answer. Florian

Hi All, I have the following problem. Today, we have the SCCM CB1910 Bitlocker Selfservice and the Helpdesk on the SCCM Primary Site Server. Now, we want to move out, those mainly used services to another server (in our case a distribution server which is located in another data center). First: Is this possible, or must those services be located on a Primary Site ? Second: How can I get rid of the actual IIS Sites (Self Service and Helpdesk) or move them to another server ? Third: What are the prereqs, we have to do, before we move it to the other server (install additional roles, or something like that) I would appreciate a quick answer. Florian