I think there may be something to do with the MP certificate, because I see this in the log from the CertificateMaintenance component on the client:
"Failed to verify signature of message received from MP using name 'ServerName'" Otherwise it seems it is talking to the correct server (MP wise) it just doesn't like the answer it gets from that server. Is there a way to generate a new cert? Mark Kent (MCP) Sr. Desktop Systems Engineer Computing & Technology Services - SUNY Buffalo State From: [email protected] [mailto:[email protected]] On Behalf Of Trevor Sullivan Sent: Thursday, July 11, 2013 12:52 PM To: [email protected] Subject: RE: [mssms] RE: Site assignment help Have you tried the MPLIST and MPCERT test URLs? http://technet.microsoft.com/en-us/library/bb932118.aspx Also, have you tried specifying RESTKEYINFORMATION=TRUE in your client install command line? Cheers, Trevor Sullivan [cid:[email protected]]<http://trevorsullivan.net/> [cid:[email protected]] <http://twitter.com/pcgeek86> [cid:[email protected]] <http://facebook.com/trevor.sullivan> [cid:[email protected]] <https://plus.google.com/106658223083457664096> From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Kent, Mark Sent: Wednesday, July 10, 2013 3:02 PM To: [email protected]<mailto:[email protected]> Subject: [mssms] RE: Site assignment help Yep, used the one you have specified. I also get the message "Failed to verify signature of message received from MP using name 'FullServerFQDN' from the certificate maintenance log. Mark Kent (MCP) Sr. Desktop Systems Engineer Computing & Technology Services - SUNY Buffalo State From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Jason Sandys Sent: Wednesday, July 10, 2013 3:58 PM To: [email protected]<mailto:[email protected]> Subject: [mssms] RE: Site assignment help How did you specify the MP? Specifically, did you use /mp? If so, that does *not* specify the MP for the client agent to initial use during installation. Use the SMSMP property instead. J From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Kent, Mark Sent: Wednesday, July 10, 2013 2:45 PM To: [email protected]<mailto:[email protected]> Subject: [mssms] Site assignment help I have set up SCCM2012, SP1, CU2 and am beginning to test out client management. We are still on SCCM2007 so I have not given the CM12 server access to publish site information into AD. I set up the CM12 server to publish to DNS for MP information (so it can get the site code from the MP). I have done both client push and manual client installs on a PC to test out an agent and it fails at site assignment. In both client installs, I have specified the management point and site code. In looking at the client logs it shows that it cannot find the site info in AD (which it shouldn't) and it then goes to find the MP from DNS (which it is successful at doing). However, it then tries to look at AD again as it comes up with the error "Failed to retrieve MP certificate encryption info from AD". And then immediately after that "HandleFSPCcmHttpStatus - Failed to retrieve internet, proxy or assigned MP. Assuming 'ServerNameHere' is not a relevant MP." I am confused by this part, because this seems to cripple site assignment and I can't go any further. I don't want to enable any AD publishing as we are not ready to migrate over. Is there something I am overlooking here? I can reach the MP thru a web browser, and there is nothing wrong with the MP according to SCCM status information. Thanks! Mark Kent (MCP) Sr. Desktop Systems Engineer Computing & Technology Services - SUNY Buffalo State
<<inline: image001.gif>>
<<inline: image002.gif>>
<<inline: image003.gif>>
<<inline: image004.gif>>
