Hello,
I have several machines giving the error 2147942405 on a Client push...
The Boundaries are okThe Certificate are ok
The Local Administrators group contains the service account
The Windows Firewall is off
The access through WBEMTEST \\Server_Name\root\cimv2 (from the site server) is working fine
the CCM.log is giving an access error :
Execute query exec [sp_CP_GetNewPushMachines] N'UCP'~
Execute query exec [sp_CP_SetPushRequestMachineStatus] 2097263794, 1~
Execute query exec [sp_CP_GetPushRequestMachine] 2097263794~
Successfully retrieved information for machine VIPPPDG01 from DB
Execute query exec [sp_CP_GetPushRequestMachineIP] 2097263794~
Execute query exec [sp_CP_GetPushRequestMachineResource] 2097263794~
Execute query exec [sp_CP_GetPushMachineName] 2097263794~
Received request: "2097263794" for machine name: "VIPPPDG01" on queue: "Incoming".
Stored request "2097263794", machine name "VIPPPDG01", in queue "Processing".
Execute query exec [sp_CP_SetPushRequestMachineStatus] 2097263794, 1~
======>Begin Processing request: "2097263794", machine name: "VIPPPDG01"
Execute query exec [sp_IsMPAvailable] N'UCP'~
---> Trying the 'best-shot' account which worked for previous CCRs (index = 0x1)~
---> Attempting to connect to administrative share '\\VIPPPDG01\admin$' using account 'AD\svcDGITsccm'~
---> SspiEncodeStringsAsAuthIdentity succeeded!~
---> SspiExcludePackage succeeded!~
---> SspiMarshalAuthIdentity succeeded!~
---> NetUseAdd failed: 1219: dwParamError = 0~
---> NTLM fallback is not enabled
---> The 'best-shot' account has now succeeded 9 times and failed 2 times.
---> Trying each entry in the SMS Client Remote Installation account list~
---> Attempting to connect to administrative share '\\VIPPPDG01\admin$' using account 'AD\svcconfigmgrsrv'~
---> SspiEncodeStringsAsAuthIdentity succeeded!~
---> SspiExcludePackage succeeded!~
---> SspiMarshalAuthIdentity succeeded!~
---> NetUseAdd succeeded!~
---> Connected to administrative share on machine VIPPPDG01 using account 'AD\svcconfigmgrsrv'~
---> Trying the 'best-shot' account which worked for previous CCRs (index = 0x1)~
---> Attempting to make IPC connection to share <\\VIPPPDG01\IPC$> with Kerberos authentication ~
---> SspiEncodeStringsAsAuthIdentity succeeded for IPC$ authentication!~
---> SspiExcludePackage succeeded for IPC$ authentication!~
---> SspiMarshalAuthIdentity succeeded for IPC$ authentication!~
---> NetUseAdd succeeded for IPC$ authentication!~
---> Searching for SMSClientInstall. under '\\VIPPPDG01\admin$\'~
---> Unable to connect to remote machine "VIPPPDG01" using Kerberos with alternate account, error - 0x80004005.
--> NTLM fallback is not enabled, remote machine "VIPPPDG01" is not continuing with client push.
--> NTLM fallback is not enabled, remote machine "VIPPPDG01" is not continuing with client push.
Submitted request successfully
Getting a new request from queue "Incoming" after 100 millisecond delay.
Waiting for change in directory "E:\SCCM\inboxes\ccr.box" for queue "Incoming", (30 minute backup timeout).
Waiting for change in directory "E:\SCCM\inboxes\ccr.box" for queue "Incoming", (30 minute backup timeout).
---> Unable to connect to remote machine "VIPPPDG01.ad" using Kerberos with machine account, error - 0x80070005.*
--> NTLM fallback is not enabled, remote machine "VIPPPDG01.ad" is not continuing with client push.
---> Unable to connect to remote machine "VIPPPDG01" using Kerberos with machine account, error - 0x80070005.
--> NTLM fallback is not enabled, remote machine "VIPPPDG01" is not continuing with client push.
---> Deleting SMS Client Install Lock File '\\VIPPPDG01\admin$\SMSClientInstall.UCP'~
Execute query exec [sp_CP_SetLastErrorCode] 2097263794, -2147024891~
Stored request "2097263794", machine name "VIPPPDG01", in queue "Retry".
Execute query exec [sp_CP_SetPushRequestMachineStatus] 2097263794, 2~
Execute query exec [sp_CP_SetLatest] 2097263794, N'05/19/2021 15:08:44', 14~
<======End request: "2097263794", machine name: "VIPPPDG01".
<======End request: "2097263794", machine name: "VIPPPDG01".
Not sure where to check next?
no log on the client ...
Thanks,
Dom
