SCCM Untrusted Forest Issues Require the Site server to Initiate Connection. Have you ever noticed the importance of the option “Require the site server to Initiate Connection to this Site System” in Site System Properties?
Is this option really useful? Yes, it’s very important and useful when deploying Remote Site Systems to untrusted forest/s.
- Fix SCCM Untrusted Forest Remote DP Installation Error 0x800706BA ConfigMgr Endpoint Manager HTMD Blog (anoopcnair.com)
- Install A New Configuration Manager Distribution Point (anoopcnair.com)
SCCM Untrusted Forest Issues Require the Site server to Initiate Connection
If you think about an untrusted forest scenario, there is “no way” the remote site system can contact your site server (by default).
Whereas the site server can initiate the connection with the remote site system using “site system installation account.”
Navigate – \Administration\Overview\Site Configuration\Servers and Site System Roles. Right-Click on the Site System role.
Select the properties. Click on General Tab. Enable Require the site server to initiate connections to this system option.
Click on Use another account for installing this site system. Enter User name and password of remote servers local admin.
Once you select the “site server to initiate connection” option for a remote site system, the site server initiates a connection, and it will copy all the required files to respective folders on the site server.
Troubleshooting
More details about the log files can verify whether the remote site system is in PULL mode or PUSH mode. SCCM Untrusted Forest Issues Require the Site server to Initiate Connection ConfigMgr MEMCM?
Log file = mpfdm.log (MP File Dispatch Manager). Default Location of the log file in Remote Site System = \SMS\Logs.
Default Location of the log file in Site Server = Program Files\Microsoft Configuration Manager\Logs. Remote Site System = acncmrsite.remote.configmgr.com.
mpfdm.log file @ site server
- acncmrsite.remote.configmgr.com is pushing files. Mode must be pull.
- Pulling files from acncmrsite.remote.configmgr.com. Mode must be pull.
- Starting pull jobs for acncmrsite.remote.configmgr.com.
PULL:Moving 1 *.SUM file(s) from \\acncmrsite.remote.configmgr.com\C$\SMS\MP\OUTBOXES\sitestat.box\ to D:\Program Files\Microsoft Configuration Manager\inboxes\sitestat.box\.
Moved file \\acncmrsite.remote.configmgr.com\C$\SMS\MP\OUTBOXES\sitestat.box\lgexcktm.SUM to D:\Program Files\Microsoft Configuration Manager\inboxes\sitestat.box\lgexcktm.SUM
mpfdm.log file @ Remote site system (acncmrsite.remote.configmgr.com)
- Remote site is in pull-mode.
- Stopping all push jobs.
- Site Server to initiate connection option is not required if you don’t have any forest trust related issues.
Resources
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
Good one dude.. but I am getting the following error message:
Successfully logged on user seaworld\administrator (Token = 0000000000002680) and impersonated for accessing [“Display=\\SERVER01.SEAWORLD.COM\”]MSWNET:[“SMS_SITE=FJW”]\\SERVER01.SEAWORLD.COM\. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:10:25 p.m. 3324 (0x0CFC)
Successfully made a network connection to \\SERVER01.SEAWORLD.COM\ADMIN$. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:10:27 p.m. 3324 (0x0CFC)
Failed to read FDM State keys of SERVER01.SEAWORLD.COM. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:10:27 p.m. 3324 (0x0CFC)
Failed to get the push/pull state of SERVER01.SEAWORLD.COM. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:10:27 p.m. 3324 (0x0CFC)
Cancelling network connection to \\SERVER01.SEAWORLD.COM\ADMIN$. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:10:27 p.m. 3324 (0x0CFC)
Reverting current impersonation. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:10:27 p.m. 3324 (0x0CFC)
Successfully logged on user seaworld\administrator (Token = 00000000000016D0) and impersonated for accessing [“Display=\\SERVER01.SEAWORLD.COM\”]MSWNET:[“SMS_SITE=FJW”]\\SERVER01.SEAWORLD.COM\. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:15:27 p.m. 3324 (0x0CFC)
Successfully made a network connection to \\SERVER01.SEAWORLD.COM\ADMIN$. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:15:30 p.m. 3324 (0x0CFC)
Failed to read FDM State keys of SERVER01.SEAWORLD.COM. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:15:30 p.m. 3324 (0x0CFC)
Failed to get the push/pull state of SERVER01.SEAWORLD.COM. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:15:30 p.m. 3324 (0x0CFC)
Cancelling network connection to \\SERVER01.SEAWORLD.COM\ADMIN$. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:15:30 p.m. 3324 (0x0CFC)
Reverting current impersonation. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:15:30 p.m. 3324 (0x0CFC)
Successfully logged on user seaworld\administrator (Token = 0000000000002150) and impersonated for accessing [“Display=\\SERVER01.SEAWORLD.COM\”]MSWNET:[“SMS_SITE=FJW”]\\SERVER01.SEAWORLD.COM\. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:20:30 p.m. 3324 (0x0CFC)
Successfully made a network connection to \\SERVER01.SEAWORLD.COM\ADMIN$. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:20:32 p.m. 3324 (0x0CFC)
Failed to read FDM State keys of SERVER01.SEAWORLD.COM. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:20:32 p.m. 3324 (0x0CFC)
Failed to get the push/pull state of SERVER01.SEAWORLD.COM. SMS_MP_FILE_DISPATCH_MANAGER 24/09/2014 4:20:32 p.m. 3324 (0x0CFC)
I’ve got a the following environment:
Standalone Primary Site with SQL2012 on the same box (ConfigMgr 2012 R2) in Test domain (FJW.com) & an Untrusted domain (SeaWorld) both in test lab- I can ping both ways and name resolution is happening via Host files both direction – Next, I am trying to install the MP role in the untrusted forest running Windows Server 2012 R2 using the following account types –
1. Site System Installation Account = seaworld\administrator with the Require Site server to initiate connections to this site system option
2.MP Connection Account = fjw\configMgrAdmin which has got SA rights on cm_FJW database
I do see the folder structure in the untrusted domain server as c
c:\sms\bin
\sms\client
\sms\scripts
but no Logs folder 🙁
Thoughts ?
Have you opened RPC dynamic ports between remote MP in untrusted forest and Primary server. As per the log file the primary server is trying to access registry key of the remote server and that is not accessable .
SERVER01.SEAWORLD.COM. SMS_MP_FILE_DISPATCH_MANAGER
Regards
Anoop
Thanks Anoop for taking the time to revert back!
In my case, the firewall is disabled since I thought it would be a firewall issue (again this is lab 🙂
Moreover, I keep getting the following error message (in the event log) on Remote Site System on Untrusted Forest –
-=-=-=-=-=-=-=
ApplicationLog:
The description for Event ID 1020 from source SMS Server cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
-=-=-=-=-=-=-=
SystemLog – Event 7009
The SMS_SERVER_BOOTSTRAP_CONFIGMGR01 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
—
A timeout was reached (30000 milliseconds) while waiting for the SMS_SERVER_BOOTSTRAP_CONFIGMGR01 service to connect.
—
SystemLog (Event 7045-Information)
A service was installed in the system.
Service Name: SMS_SERVER_BOOTSTRAP_CONFIGMGR01
Service File Name: “C:\SMS\bin\x64\srvboot.exe”
Service Type: user mode service
Service Start Type: demand start
-=-=-=-=-=-=-=-=-=–=-=-=-
On Primary Site Server sitecomp.log: I get the following message
————
Reinstallation failed and will be retried in the next polling cycle. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
LogEvent(): Successfully logged Event to NT Event Log (1, 70, -1073740804, (null)). SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
STATMSG: ID=578 SEV=E LEV=D SOURCE=”SMS Server” COMP=”SMS_COMPONENT_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:34.923 2014 ISTR0=”HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\SMS_EXECUTIVE\Threads\SMS_COMPONENT_MONITOR” ISTR1=”SERVER01.SEAWORLD.COM” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
STATMSG: ID=1094 SEV=I LEV=D SOURCE=”SMS Server” COMP=”SMS_COMPONENT_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:44.397 2014 ISTR0=”” ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
STATMSG: ID=1098 SEV=E LEV=D SOURCE=”SMS Server” COMP=”SMS_COMPONENT_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:44.400 2014 ISTR0=”” ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
STATMSG: ID=1020 SEV=E LEV=M SOURCE=”SMS Server” COMP=”SMS_COMPONENT_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:44.401 2014 ISTR0=”60″ ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
Installing component SMS_OUTBOX_MONITOR… SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
Cannot read registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\SMS_EXECUTIVE\Threads\SMS_OUTBOX_MONITOR on server SERVER01.SEAWORLD.COM. The operating system reported error 997: Overlapped I/O operation is in progress. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
INFO: ‘SERVER01.SEAWORLD.COM’ is a valid FQDN. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
STATMSG: ID=578 SEV=E LEV=M SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:44.450 2014 ISTR0=”HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\SMS_EXECUTIVE\Threads\SMS_OUTBOX_MONITOR” ISTR1=”SERVER01.SEAWORLD.COM” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
Component assumed to be deinstalled. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
LogEvent(): Successfully logged Event to NT Event Log (4, 80, 1073742838, (null)). SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
INFO: ‘SERVER01.SEAWORLD.COM’ is a valid FQDN. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
STATMSG: ID=1014 SEV=I LEV=M SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:44.452 2014 ISTR0=”” ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
The “\\SERVER01.SEAWORLD.COM\C$\SMS” directory has 122227961856 bytes free out of 135996108800 total bytes. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
9077448 bytes are required in the “\\SERVER01.SEAWORLD.COM\C$\SMS” directory for this component’s files. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
INFO: ‘SERVER01.SEAWORLD.COM’ is a valid FQDN. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
A network connection already exists to \\SERVER01.SEAWORLD.COM\ADMIN$. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
Installed file \\SERVER01.SEAWORLD.COM\C$\SMS\bin\x64\outboxmon.dll. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
A network connection already exists to \\SERVER01.SEAWORLD.COM\ADMIN$. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:44 p.m. 5784 (0x1698)
Installed file \\SERVER01.SEAWORLD.COM\C$\SMS\bin\x64\srvboot.exe. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:48 p.m. 5784 (0x1698)
A network connection already exists to \\SERVER01.SEAWORLD.COM\ADMIN$. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:48 p.m. 5784 (0x1698)
Installed file \\SERVER01.SEAWORLD.COM\C$\SMS\bin\x64\vcredist_x64.exe. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:52 p.m. 5784 (0x1698)
All files installed. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Writing the SMS Performance Data Provider key to server SERVER01.SEAWORLD.COM. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
The SMS Performance Data Provider key is already in the registry on server SERVER01.SEAWORLD.COM. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
The SMS Performance Data Provider key is already in the registry on server SERVER01.SEAWORLD.COM. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Installed as a thread of SMS_EXECUTIVE, startup type = “Automatic”. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
INFO: ‘SERVER01.SEAWORLD.COM’ is a valid FQDN. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Cannot be started – SMS_EXECUTIVE is not running. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
INFO: ‘SERVER01.SEAWORLD.COM’ is a valid FQDN. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Installation failed and will be retried in the next polling cycle. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
LogEvent(): Successfully logged Event to NT Event Log (1, 80, -1073740808, (null)). SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
STATMSG: ID=1075 SEV=I LEV=D SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:44.465 2014 ISTR0=”9077448″ ISTR1=”\\SERVER01.SEAWORLD.COM\C$\SMS” ISTR2=”122227961856″ ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
STATMSG: ID=1094 SEV=I LEV=D SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:53.251 2014 ISTR0=”” ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
STATMSG: ID=1098 SEV=E LEV=D SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:53.253 2014 ISTR0=”” ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
STATMSG: ID=1016 SEV=E LEV=M SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:53.254 2014 ISTR0=”60″ ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Installing component SMS_OUTBOX_MONITOR… SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Component is already installed. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Reinstalling component SMS_OUTBOX_MONITOR… SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
INFO: ‘SERVER01.SEAWORLD.COM’ is a valid FQDN. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
STATMSG: ID=1018 SEV=I LEV=M SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:53.436 2014 ISTR0=”” ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Cannot delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\SMS_EXECUTIVE\Threads\SMS_OUTBOX_MONITOR on server SERVER01.SEAWORLD.COM. The operating system reported error 997: Overlapped I/O operation is in progress. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
INFO: ‘SERVER01.SEAWORLD.COM’ is a valid FQDN. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Reinstallation failed and will be retried in the next polling cycle. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
STATMSG: ID=580 SEV=E LEV=D SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:53.580 2014 ISTR0=”HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\SMS_EXECUTIVE\Threads\SMS_OUTBOX_MONITOR” ISTR1=”SERVER01.SEAWORLD.COM” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
STATMSG: ID=1020 SEV=E LEV=M SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:53.580 2014 ISTR0=”60″ ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Reinstalling component SMS_OUTBOX_MONITOR… SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
INFO: ‘SERVER01.SEAWORLD.COM’ is a valid FQDN. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
STATMSG: ID=1018 SEV=I LEV=M SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:53.602 2014 ISTR0=”” ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Cannot read registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\SMS_EXECUTIVE\Threads\SMS_OUTBOX_MONITOR on server SERVER01.SEAWORLD.COM. The operating system reported error 997: Overlapped I/O operation is in progress. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
INFO: ‘SERVER01.SEAWORLD.COM’ is a valid FQDN. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Component assumed to be deinstalled. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
LogEvent(): Successfully logged Event to NT Event Log (4, 80, 1073742842, (null)). SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
The server already contains some of the required files for this component. A disk space check will not be made. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
A network connection already exists to \\SERVER01.SEAWORLD.COM\ADMIN$. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Installed file \\SERVER01.SEAWORLD.COM\C$\SMS\bin\x64\outboxmon.dll. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
A network connection already exists to \\SERVER01.SEAWORLD.COM\ADMIN$. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:53 p.m. 5784 (0x1698)
Installed file \\SERVER01.SEAWORLD.COM\C$\SMS\bin\x64\srvboot.exe. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:58 p.m. 5784 (0x1698)
A network connection already exists to \\SERVER01.SEAWORLD.COM\ADMIN$. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:35:58 p.m. 5784 (0x1698)
Installed file \\SERVER01.SEAWORLD.COM\C$\SMS\bin\x64\vcredist_x64.exe. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
All files installed. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
Writing the SMS Performance Data Provider key to server SERVER01.SEAWORLD.COM. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
The SMS Performance Data Provider key is already in the registry on server SERVER01.SEAWORLD.COM. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
The SMS Performance Data Provider key is already in the registry on server SERVER01.SEAWORLD.COM. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
Installed as a thread of SMS_EXECUTIVE, startup type = “Automatic”. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
INFO: ‘SERVER01.SEAWORLD.COM’ is a valid FQDN. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
Cannot be started – SMS_EXECUTIVE is not running. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
INFO: ‘SERVER01.SEAWORLD.COM’ is a valid FQDN. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
Reinstallation failed and will be retried in the next polling cycle. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
LogEvent(): Successfully logged Event to NT Event Log (1, 80, -1073740804, (null)). SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
STATMSG: ID=578 SEV=E LEV=D SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:35:53.650 2014 ISTR0=”HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\SMS_EXECUTIVE\Threads\SMS_OUTBOX_MONITOR” ISTR1=”SERVER01.SEAWORLD.COM” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
STATMSG: ID=1094 SEV=I LEV=D SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:36:02.707 2014 ISTR0=”” ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
STATMSG: ID=1098 SEV=E LEV=D SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:36:02.708 2014 ISTR0=”” ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
STATMSG: ID=1020 SEV=E LEV=M SOURCE=”SMS Server” COMP=”SMS_OUTBOX_MONITOR” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:36:02.709 2014 ISTR0=”60″ ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
Deinstalling component SMS_EXECUTIVE… SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
LogEvent(): Successfully logged Event to NT Event Log (4, 13, 1073742846, (null)). SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
INFO: ‘SERVER01.SEAWORLD.COM’ is a valid FQDN. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
STATMSG: ID=1022 SEV=I LEV=M SOURCE=”SMS Server” COMP=”SMS_EXECUTIVE” SYS=SERVER01.SEAWORLD.COM SITE=FJW PID=2792 TID=5784 GMTDATE=Thu Sep 25 03:36:02.715 2014 ISTR0=”” ISTR1=”” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=0 SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
Already stopped. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
Starting bootstrap operations… SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
Installed service SMS_SERVER_BOOTSTRAP_CONFIGMGR01. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
Starting service SMS_SERVER_BOOTSTRAP_CONFIGMGR01 with command-line arguments “FJW C:\SMS /deinstall \\SERVER01.SEAWORLD.COM\C$\SMS\bin\x64\perfsetup.exe SMS_EXECUTIVE “… SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
Could not start service SMS_SERVER_BOOTSTRAP_CONFIGMGR01. The operating system reported error 1053: The service did not respond to the start or control request in a timely fashion. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
INFO: ‘SERVER01.SEAWORLD.COM’ is a valid FQDN. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
Bootstrap operation failed. SMS_SITE_COMPONENT_MANAGER 25/09/2014 3:36:02 p.m. 5784 (0x1698)
Deinstalled service SMS_SERVER_BOOTSTRAP_CONFIGMGR01. SMS_SITE_
-=-=-=-=-=–=-=-=-=-=-=-=-=
Not sure what’s causing this issue.. any thoughts help be much appreciated ? let me know if you’d like to take this discussion offline 🙂
You didn’t answer to my second question regarding remote registry connectivity to untrusted domain MP server. 🙂
Also, please make sure “Require the Site server to Initiate Connection” and the Site System installation account should have administrative rights on remote MP server.
Regards
Anoop
Sorry man.. yes, that’s all getting connected – I just verified it again by connecting to the remote registry.
I can see – Server01\HKLM\Software\Microsoft\SMS\MP etc..
Also, I ensured that “Require the Site server to initiate connection” is checked. The account that I am using is seaworld\administrator (domain admins) – tried with a different account seaworld\admin both part of the local admin group on the remote MP box.
Moreover, for MP connection account – I’ve assigned that account (part of Primary Server Domain) permission to CM DB and smsdbrole_MP role
One thing, I’ve also noticed that I don’t see any SMS related services on remote MP machine. Also, when I try to connect from Component Manager (Configuration Manager Service Manager) Server01 – query service — it fails with “error communicating with the component”
What next ?
“I’ve also noticed that I don’t see any SMS related services on remote MP machine. Also, when I try to connect from Component Manager (Configuration Manager Service Manager) Server01 – query service — it fails with “error communicating with the component” ”
This could be the problem. You can’t connect to services.msc on server01? How about connecting to remote WMI of server01? Use Wbemtest to connect remote registry.
Also can you perform telnet from your primary server to server01 on ports like 135, 445, 80 and RPC dynamic ports
Regards
Anoop
Hi Anoop,
I need your suggestion here. In my environment i have issues like DP communication with primary server. When we check the Distmgr.log on the primary server
below entries we can see, not sure what is the resolution for this. We have been struggling with this error more than a month now.
ERROR DPConnection::ConnectWMI() – Failed to connect to Server.test.com error = 0x800706ba
Failed to find a valid drive on the distribution point [“Display=\\Server.test.com\”]MSWNET:[“SMS_SITE=R00”]\\Server.test.com\
GetContentLibLocation() failed
Failed to get the content library path on server Server.test.com
I have tried all the available solutions in the google but did not work anything. This check mark Require the site server to Initiate Connection to this Site System for the DP will helpful to resolve this.
Awaiting for your response.
Are you able to access the WMI share of the DP from SCCM Primary server ? Is there any drive letter change happened in the DP server?
Yes i am able to access WMI share of the DP from primary server. There is no drive letter changes happened. Strange thing is DP communication is working if we configure the DP with user account. But issue remained with system account.
Event logs on the remote DP machine. May be some issues with domain communication or something.
Hi Guys
Just thought I’d add an important point that was hindering my communication between the forests, everything was working except the WMI communication, for us it was only functional one way based on the trust we have in place. In our case the Site server domain trusted the remote forest’s domain. The site server required port 88 opened up to the DC’s in the other forest. This is in addition to the documented SCCM required DC LDAP communication.
Thought I should mention it somewhere as there is absolutely no mention of this fix anywhere on the internet.
Hi Anoop:
I have a Management Point – Distribution Point in an unstructured forest. Everything works fine but sometimes, suddenly I start to receive messages from some components. SMS_MP_CONTROL_MANAGER Site component manager failed to reinstall this component on this site system. Could not delete the registry key… reported error 997: overlapped I/O…
I can connect to services.msc on remote server from Site System using the same credential used to install the components on the untrusted forest
I can connect to remote WMI server
I can telnet from primary server to remote server on ports like 135, 445, 80 and RPC dynamic ports
I can connect to remote registry
I have rebooted the remote server serveral times
The option Require the site server to initiate connections is active
Another issue: I can’t find the key suggested in the registry of the remote server, it’s looks like it was already deleted.
What do you think is happening?
Why do you thinks it happens after everything it’s been working fine for a period of time?
Best Regards.
Sincerely
Ruben Garcia
Hi Ruben ! – Do you think, MP is working fine for some set of clients or it’s stopped working for all SCCM clients? If MP is working fine then you should ignore the error you mentioned about the deleting the reg key. You can manually try to delete the mentioned reg keys if needed but that is supported I guess.
KR
Anoop
Hi Anoop:
Thanks for taking the time to reply.
It’s stopped for all SCCM clients in the boundary he belongs to. All SCCM clients shows inactive in Client Activity and with and X in the icon status (I am using SCCM 1511).
As I told you before, this start to happens some days after working fine. I am sure If I reinstall the MP Role in this server, everything will work, but some days later the problem will happens again. I have done it before several times.
I would like to find out what is happening that is triggering this situation. The client is not installed in the server.
Anoop,
I’ve got about 20 DMZ servers in my test environment that have the necessary ports open, including port 80 for DP and MP communications. (only using for patching) Everything works fine as is, no issues. BUT moving into production there are some security concerns going forward with (currently not implemented yet) port 80 being open. Would this help with those security concerns?I would only need 80 going out, correct? Would that break the installation of the clients (doesn’t port 80 need to be open to install the client, or am i mistaken?
I don’t think this would be nearly a security concern for us if port 80 was only outbound from our internal PSS to the DMZ clients.
Thoughts?
Yeah the communication is Client to DP/MP/SUP (one way) – port #80 if DP/MP/SUP are using same ports. Ref https://technet.microsoft.com/en-us/library/hh427328.aspx Also you can use custom ports as mentioned in the document for this kind of SCCM 2012 MP/DP communication
Hi Anoop,
I am in the middle of setting up a Configuration Manager to support our DMZ by are installing a site system within the untrusted domain to act as the MP, DP and SUP.
We are using Configuration Manager 2012 R2 SP1 with a Primary on our internal domain. The primary site server is running Windows 2008 R2 and the CM database is also installed locally. The forest disovery to the untrusted domain is working fine and the devices in the untrusted domain are listed within the Configuration Manager console (we have a one-way trust where the external (DMZ) domain trusts internal). We can resolve hostnames OK between the domains and the schema in the untrusted domain has been extended.
I have opened the ports per technet article: https://blogs.technet.microsoft.com/jchalfant/ports-required-for-a-site-system-in-dmz-in-configuration-manager/
I am having issues however, with the Management Point role on the site server in the external domain. I can install the role OK, however, the MP does not communicate back with the SQL server on the primary on the internal domain. The following errors appear in the MP_GetAuth.log:
MPDB ERROR – CONNECTION PARAMETERS
SQL Server Name : xxx
SQL Database Name : CM_V01
Integrated Auth : True
MPDB ERROR – EXTENDED INFORMATION
MPDB Method : Init()
MPDB Method HRESULT : 0x80004005
Error Description : null
OLEDB IID : null
ProgID : null
MPDB ERROR – INFORMATION FROM DRIVER
null
And this error in the MP_Status.log
MPDB ERROR – CONNECTION PARAMETERS
SQL Server Name : xxx
SQL Database Name : CM_V01
Integrated Auth : True
MPDB ERROR – EXTENDED INFORMATION
MPDB Method : Init()
MPDB Method HRESULT : 0x80004005
Error Description : Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.
OLEDB IID : {0C733A8B-2A1C-11CE-ADE5-00AA0044773D}
ProgID : Microsoft SQL Server Native Client 11.0
MPDB ERROR – INFORMATION FROM DRIVER
SQL Server Name : xxx
Native Error no. : 18452
Error State : 1
Class (Severity) : 14
Line number in SP : 1
We implemented the following workaround as recommended by Microsoft: https://support.microsoft.com/en-gb/help/2689646/system-center-2012-configuration-manager-incorrectly-uses-the-site-sys
Would be grateful if you had any suggestions?
Thanks