OS Deployment Issue (no advertisements found)

[MrWyss]

Dear All,

 

I am facing a weird issue while PXE booting an imported machine that has been updated by the AD System Group Discovery.

 

The PXE boot fails with PXE-M0F: Exiting Intel PXE ROM

The smspxe.log shows.

 

00:50:56:B9:XX:XX, 22873942-8A28-3727-1326-1A37084CXXXX: device is in the database..

and

 

Client boot action reply: <ClientIDReply><Identification Unknown="0" ItemKey="2097153482" ServerName=""><Machine><ClientID/><NetbiosName/></Machine></Identification><PXEBootAction LastPXEAdvertisementID="" LastPXEAdvertisementTime="" OfferID="" OfferIDTime="" PkgID="" PackageVersion="" PackagePath="" BootImageID="" Mandatory=""/></ClientIDReply>

and therefore

00:50:56:B9:XX:XX, 22873942-8A28-3727-1326-1A37084XXXX: no advertisements found

Ifi go to All System and search for 2097153482 (ItemKey). It will find the machine and i see in the deployments tab the Deployment tasksequence.

The Agents Names on the clients properties are : "SMS_AD_SECURTITY_GROUP_DISCOVERY_AGENT"; "Manual Machine Entry" and the MAC Address: 00:50:56:B9:XX:XX

 

 

If i were to import the machine and move it to deployment collection without letting the AD Sys Grp Discover to run, it would pxe boot the tasksequence just fine.

 

• I am running: SCCM 2012 R2 CU1 with PKI
• The Client Machines are virtual VMWare machines
• I don't want to use Unknown Computer Support and therefore it is turned off
• I have reinstalled WDS and and the PXE option on the DP -> i don't think it's a WDS PXE issue since machines imported that have not been updated by the AD Sys Grp Discover run just fine.
• I don't have duplicate Names nor GUIDS
• The Duplicate MAC Addresses Report shows none, although a direct sql query on System_MAC_Addres_ARR shows duplicates. But i guess that is normal.
• Tried to boot the machine with the TS Boot Media, doesn't show a advertisment either.

I am lost here running out of ideas.

 

Help would be much apprechiated.

 

Thanks

 

[Iroqouiz]

And when that machine is discovered you add it to the deployment collection?

[MrWyss]

Yes.. and the entry has even a deployment assigned (Properties Client, in the tab Deployments)

[Iroqouiz]

Do you also have a task sequence deployed to "All Unknown Computers"?

[MrWyss]

No, i don't want to use the unknown computer feature. The ultimate goal is to pre-provision the computer in AD so create a computer account, assigned it to groups and therefore query assigned to collections and then with help of the multiple package install in the tasksequence to install the OS with all the software it is assigned in AD.

[lord_hydrax]

If you create a new computer account in AD first there is no MAC or GUID information when the computer is later 'discovered' by SCCM and imported. Or if there is, it is something randomly generated because AD will not know the correct information from the machine for manually created AD accounts.

 

And of course SCCM needs that information to link to available deployments advertised to a machine.

 

Perhaps if you created the AD Account and also manually imported the computer information into SCCM they might sync together and get your desired outcome. I'd be kinda surprised if that would actually work though.

 

I'd say you need to find a different means to get the software installed, perhaps import the computer into SCCM and after applying to image and joining to the domain, add the computer to the software groups and have the software install outside of the TS.

[MrWyss]

What I do is Create a new computer account in AD, add it to a group in order for the system group discovery to be discovered and create a sccm object. (Since the ad system discovery would not create one if the computer account is empty/unused by a computer). Once the object exist in sccm, obviously without a mac nor guid, i create a manual machine in sccm. So right after that's done, sccm merges the two objects together. So i have all the group information i need and the mac address. this merged object is then added to the deployment collection. Once i see on the object the computername, macaddress and the os deployment assigned i try to boot it from pxe which just doesn't work.

 

I have opened a ticket with Microsoft about it. So far they have only asked me whether i see duplicates in the system_disc table, which infact i do. Although only one object is not decommissoned. in the v_R_Systems i do not see duplicates.

 

I forgot to mention, this worked in SCCM 2007.

[MrWyss]

I wanted to share with you what Microsoft told me. With SP1 they have changed a view due to performance reasons. That view is vLocalResourceIDXRef. I am guessing this is the view where the pxe machines look for advertisements.

 

they changed it to

SELECT MachineID, GUID, ArchitectureKey FROM MachineIdGroupXRef
        WHERE (ArchitectureKey = 5 AND MachineID BETWEEN 16777216 AND 33554431) OR (ArchitectureKey != 5)
                UNION ALL
        SELECT MachineID, GUID, ArchitectureKey FROM vCASSystemIDXRef

I don't know what the second number used to be, but certainly higher. So .....

 

An imported machine has an ID 16'777'XXX. -> pxe boots just fine

 

An AD Group Discovered machine has the ID 2'097'15X'XXX

 

If you import a machine that has been discovered with the ad system group discovery (same name) it will merge into the ad group discovered object and therefore has a 2 Billion ID. Which will be filtered out by the vLocalResourceIDXRef view. -> does not pxe boot

 

In other words, you cannot dynamically add software via AD Group while staging a machine. :angry:

 

Unless you guys have hint.

 

The goal is to provision a machine with additional individual sw via AD Groups, and let it install during the TS.

[MyReply4112]

I'm having the same issue. Did you ever get a resolution?