Jump to content


akay0402

Workgroup Computers not able to get MDM_Config from Secondary Management Point

Recommended Posts

Hi All,
I have a primary site and a secondary site in my SCCM architecture, I have setup a secondary site server from scratch (Built a brand new Win2019 machine, Installed required roles, setup Secondary site with SQL Express)
After the setup I had noticed that the clients are not able to receive the MDM_Config
I had looked at the CCMMessaging.log and in the PolicyAgent.log and I'm getting 0x8000000A errors
Clients are workgroup computers, below are the list of troubleshooting steps taken,
  1. Uninstalled and reinstalled MP role on the secondary site system server
  2. Checked to see the AppPools have "Enable 32-bit applications set to FALSE"
  3. Checked on ccm_system have Anonymous Authentication Enabled
  4. Setup a brand new server with same name and IP and have rebuilt the server with all roles
  5. Checked IUSR permissions for CCM/Incoming Folder
  6. Checked CCM/Incoming folder and it's not empty
  7. Reinstalled the client on Client Machine
  8. Rebuilt WMI on client machine
  9. Checked Boundary and they're pointing to the right site system server
  10. Changed it to primary and they get the config
 
These are the error messages from different logs
CCMMessaging.log (Client)
Raising event: instance of CCM_CcmHttp_Status {ClientID= "GUID:xxxx-xxxx-xxxx-xxxx-xxxx-xxxx";DateTime="20230803003230.426000+000";Hostname="Secondary.FQDN";HRESULT="0x0000000";ProcessID=4432;StatusCode=0;ThreadID=33572;};
No reply message from Server. Server may be temporarily down or a transient network error.
Post to http://Secondary.FQDN/ccm_system/request failed with 0x8000000A
PolicyAgent.log (Client)
Requesting Machine policy assignments from authority SMS:ABC
[Assignment Request] Assignments request for Machine HOSTNAME completed with status 0x8000000A
Reached max retries count 3. WIll retry at the next polling cycle.
IIS Logs (secondary site system server)
<SecondaryServerIP> CCM_POST /ccm_system/request - 80 - <Client IP> ccmhttp - 500 0 0 28
Other workgroup computers are also getting the same error
MPControl.log (secondary site system server)
Call to HttpSendRequestSync failed for port 80 with status code 401, text:Unauthorized
Please note that there are "Call to HttpSendRequestSync succeeded for port 80 with status code 200, text:OK" but there is one error every 1 hour or so
MPFDM.log (secondary site system server)
No errors
Any help would be greatly appreciated
Thanks,
Ace.

Share this post


Link to post
Share on other sites

to rule out your workgroup computers being part of the problem, have you tried joining a computer to the domain and seeing if it works when using that Secondary site ?

Share this post


Link to post
Share on other sites

Managed to figure out what was wrong, the SQL database was the cause, it turned out to be a problem with the spn.

The spn was registered with service account and I was getting SSPI error

Reset the SPNs and set the SQL startup account to Local System and it had worked

  • Like 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.