Jump to content


Jeremy Lyons

MECM 2309 OSD via client failing at Applying device drivers

By Jeremy Lyons, in System Center Configuration Manager (Current Branch)

Recommended Posts

Jeremy Lyons Newbie

Jeremy Lyons

Posted
Posted

Hi,

 

I am relatively new to MECM and am having an issue with OSD via config client on all models of computers in our organization. all computers are physical computers.

 

They are failing at applying device drivers with the following error

image.thumb.png.78a8c55fe0a8745232e9256383b107ae.png

Failed to create certificate store from encoded certificate. Verify the provided Certificate was provisioned correctly. . 
An error occurred during encode or decode operation. (Error: 80092002; Source: Windows)

interestingly enough the usb distribution is completing successfully:

 

attached full log

I want to add what i have tried so far, to no avail:

1. according to this link:

 https://learn.microsoft.com/en-us/answers/questions/784791/configmanager-unable-to-perform-osd-that-starts-fr

i added a command to change the registry:

reg.exe add HKLM\SOFTWARE\Policies\Microsoft\TPM /v OSManagedAuthLevel /t REG_DWORD /d 2 /f

before and after the apply operating system stage.

 

2. Rebuilt the task sequence with only basic commands 

 

why is this failing?

Is there any more information that may help?

one interesting difference that i noticed is that the config client osd is trying to set a client certificate however the usb osd is creating successfully a media certificate.

 

on further investigation and working according to this blog:

https://www.prajwaldesai.com/enable-sccm-enhanced-http-configuration/

I found that enhanced http is configured on the server

image.png.da188cdd392f95e274556c0c9b87212b.png

, however even thought the certificate is found in the certlm.msc

image.png.e984e1afd1a993b403882dfc4a6201d9.png

, the manager is not importing the certificate to the IIS:

image.png.45759679c267de166cfa2204d0f26064.png

Referring to the difference between USB OSD and CLient Config OSD the certificates only show on the client after the USB OSD and not when using the client.

The server is 2016 

 

I have tried to restart the server, remove and re-install the configuration, also to no avail. 

smsts-m920.log

Share this post

Link to post
Share on other sites
anyweb Proficient

anyweb

Posted
Posted

from you log i saw this line

 

Quote

Failed to create certificate store from encoded certificate. Verify the provided Certificate was provisioned correctly. .
An error occurred during encode or decode operation. (Error: 80092002; Source: Windows)

and a quick search brought me here https://learn.microsoft.com/en-us/troubleshoot/mem/configmgr/os-deployment/pxe-boot-not-work

 

can you try the advice there and report back ?

Share this post

Link to post
Share on other sites
Jeremy Lyons Newbie

Jeremy Lyons

Posted
Posted

Thanks for your reply.

I finally found the solution, i noticed that the boot image was not up2date, with the current client:

1.thumb.png.d1586913ceaa432743ead2c4d6d1c45b.png

i created a new one and now it works.

Then i saw you can up date the current boot images by using the update distribution points

image.thumb.png.fa9e997a6e4c1bac31bae13db2f19cd5.png

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.