Oneone Posted November 23, 2012 Report post Posted November 23, 2012 I would check that the SCCM system really has the rights it needs on the System Management Container in Active Directory. Quote Share this post Link to post Share on other sites More sharing options...
Rocket Man Posted November 23, 2012 Report post Posted November 23, 2012 Reading a few other posts online, I heard some people say to setup boundaries and boundary groups, so I did that as well. I still get the same errors about failing to get assigned site from AD. Are you sure this is set up correctly? If this is set up correctly you will automatically know if you update the all systems collection and any system within this collection should have the unique site code associated with it regardless if they have not got the client installed! If they have no site code then im afraid you have not set up the boundaries correctly OR If SCCM has not published correctly to the Sys management container in AD then as Oneone has mentioned above you may not have delegated control properly. What does the status of the forest discovery component in the console read....successful...error?? Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted November 23, 2012 Report post Posted November 23, 2012 also make sure you've spelled System Management container correctly, the Component Status Logs will reveal your issue,. right click on one that shows up as red, choose show all, then read the logs for the failure messages see below as before, double check every part of my guide as you've made a mistake somewhere... Quote Share this post Link to post Share on other sites More sharing options...
rrasco Posted November 26, 2012 Report post Posted November 26, 2012 Thanks for the guidance guys. There were only green checks in the Component Status console. Going off of Rocket Man's advice, I was looking for the Active Directory Forests status and discovered under the domain properties on the Publishing tab, there was an option 'Select the sites that will be published to this forest'. This is in addition to the check box on the Site properties dialog under the Publishing tab. Once I checked that box, the container immediately began populating. Now to see if I can get my endpoint clients pushed out. Quote Share this post Link to post Share on other sites More sharing options...
rrasco Posted November 26, 2012 Report post Posted November 26, 2012 I was able to successfully deploy the management client but it does not appear to be including the SCEP client. I see SCEPInstall.exe in the ccmsetup directory on the client machine, but it does not appear to have installed any EP client? Quote Share this post Link to post Share on other sites More sharing options...
Peter van der Woude Posted November 26, 2012 Report post Posted November 26, 2012 Did you configure the ConfigMgr Client settings to automatically deploy the SCEP Client? Quote Share this post Link to post Share on other sites More sharing options...
rrasco Posted November 26, 2012 Report post Posted November 26, 2012 I did. I have a few updates, and in turn a few more questions... The SCEP client was pushed out to one of the two computers in my managed endpoint desktop device collection. This was the collection I deployed the client settings to, which included the SCEP installation. There are two devices in this collection, one is listed as a client, one is not (the one it didn't install on). Why would one machine be listed as a client and the other not? All of the machines discovered that were pushed the client, also say 'Yes' in the client column. The other one says 'No'. I was surprised to know that the configuration client was pushed out to all discovered devices automatically. I am attempting to remove the client from machines it was installed to, as I am not ready to deploy this just yet and wasn't aware the client was pushed upon discovery. I did not think ccmsetup would run until I applied client settings to a device collection; specifically the computer agent. These devices are not in a collection, just discovered. My current issue is after running ccmsetup /uninstall on the client machines, then delete it from the device list in SCCM, it re-appears a little later. I'm assuming this is because the client is communicating with SCCM, thus it's rediscovered. I have modified my discovery methods to only discover 2 machines in a test OU. So, to summarize: 1. What is the criteria for a device to be a 'client' to SCCM? Specifically, showing a value of 'Yes' in the 'Client' column for devices? 2. How can I fully remove clients from SCCM (including uninstalling the client agent) once they have been discovered and pushed the client installation? Lastly, I REALLY appreciate all of you guys' help. Quote Share this post Link to post Share on other sites More sharing options...
Rocket Man Posted November 26, 2012 Report post Posted November 26, 2012 You have automatic site wide client configured, thus the reason as to why the client is installing automatically! My current issue is after running ccmsetup /uninstall on the client machines, then delete it from the device list in SCCM, it re-appears a little later They will always reappear as this is suppose to happen because if it didn't then your SCCM would not work..(forest discovery, system discovery etc looks after this).......they are however reappearing as non clients after you have done the above, right? Quote Share this post Link to post Share on other sites More sharing options...
rrasco Posted November 27, 2012 Report post Posted November 27, 2012 Yesterday they kept showing up as a client after I uninstalled the client. It seems like it was pushing it back out to the clients, even after I disabled and restricted the discovery methods. It kept discovering them. Today, all those machines had the client again. I ran the uninstall again, deleted all the ccmsetup files (and CCM folder) from Windows directory and then removed them from SCCM console. It appears to have worked. For now. Quote Share this post Link to post Share on other sites More sharing options...
