I installed SP1 on a existing configuration manager installation (fresh install no CU installations).

Everything is fine, only the SMS_State_System component shows errors

Microsoft SQL Server reported SQL message 6522, severity 16: [42000][6522][Microsoft][SQL Server Native Client 11.0][SQL Server]A .NET Framework error occurred during execution of user-defined routine or aggregate "fnReadMDMPolicyCertValidationDuration": 
System.Data.SqlTypes.SqlTypeException: Two strings to be c

in the statesys.log i find the following error

*** [42000][6522][Microsoft][SQL Server Native Client 11.0][SQL Server]A .NET Framework error occurred during execution of user-defined routine or aggregate "fnReadMDMPolicyCertValidationDuration": ~~System.Data.SqlTypes.SqlTypeException: Two strings to be compared have different collation.~~System.Data.SqlTypes.SqlTypeException: ~~   at System.Data.SqlTypes.SqlString.StringCompare(SqlString x, SqlString y)~~   at System.Data.SqlTypes.SqlString.Compare(SqlString x, SqlString y, EComparison ecExpectedResult)~~   at Microsoft.SystemsManagementServer.SQLCLR.CryptoUtility.fnReadMDMPolicyCertValidationDuration(SqlString MessageText)~~. : sp_UpdateAPNSCertAlertVariable

Can someone help me or point me in the right direction to solve this problem?

best regards and thenk you in advance.

• Edited by Christian Forst Tuesday, May 26, 2015 4:27 PM misspelled one word

At the end of the SQL error, you can find:

Microsoft.SystemsManagementServer.SQLCLR.CryptoUtility.fnReadMDMPolicyCertValidationDuration(SqlString MessageText)~~. : sp_UpdateAPNSCertAlertVariable

-----

Do you have MDM in place and/or configured a Apple Push Notification Certificate?

Just examine the SQL function, see what it does and try to find out, why it's failing. Also examine the SQL logs as Sebastien already suggested.

I have the same problem with 2 different SCCM Sites. Upgraded from SCCM 2012 R2 To SP1.

Since im activated Intune support for iOS Devices (certificate) i got this error on 2 customer sites. Seems to be bigger problem with R2 SP1.

I found no solution yet.

This is the complete error. ConfigMgr state log snipped the output

Microsoft SQL Server reported SQL message 6522, severity 16: [42000][6522][Microsoft][SQL Server Native Client 11.0][SQL Server]A .NET Framework error occurred during execution of user-defined routine or aggregate "fnReadMDMPolicyCertValidationDuration": 
System.Data.SqlTypes.SqlTypeException: Two strings to be concatenated have different collation

Alex

Make sure to call Microsoft support if you can reproduce that issue; otherwise you will never get a fix.

Hi Martin,

thanks for your input. I can reproduce this error by removing and re-adding the Intune subscription in Configuration Manager. I created a fresh APN certificate on the apple site - no efforts. after adding the Intune connector the error is appearing again.

The used SQL collation is SQL_Latin1_General_CP1_CI_AS. The SQL server is installed on the same machine as the Configuration Manager.

@Torsten: I`ll check the SQL Logs and give you feedback.

Thanks to all for your input.

best regards

Christian

we had the same error after the update auf R2 SP1

The SQL error seems to be connected to the Alert configured in Administration --> Cloud Services --> Microsoft Intune Subscriptions --> Configure Platform --> iOS --> APNs Certificate --> "Show alert before the APNs Certificate expires"

So i disabled this Alert and the SQL Errors gone Away. (

After the Upgrade we also were not able to enroll any IOS devices anymore with the error : "AccountNotOnboarded" https://technet.microsoft.com/en-us/library/dn802565.aspx?f=255&MSPPError=-2147217396)
So we registered an the APN again and a few minutes later the enrollment works again.

After that i enabled the Alert and until now there error seems to be away.

Maybe its enough to disable and enable the Alert, but basically it seems that R2 SP1 update crashed the APN certificate.

after removing the intune subscription the error remains on the SMS_STATE_SYSTEM component status. i`ll try to implement the intune subscription again (also the APN) and give feedback.

best regards

Christian

after removing the intune subscription the error remains on the SMS_STATE_SYSTEM component status. i`ll try to implement the intune subscription again (also the APN) and give feedback.

best regards

Christian

update: the error remains after re-adding the subscription and the APN certificate.

• Edited by Christian Forst Monday, June 08, 2015 6:09 AM misspelled one word

Well i have to correct my answer. the error is back again... :(

Well i have to correct my answer. the error is back again... :(
 we are still able to enroll IOS devices, but the device dont get any compliance baselin or Application could be delivered to the device.

We will follow up and will make a call on Intune - it seems that the Service is not running like it should ... -  we also see Errors in the dmpdownloader.log

ERROR: FastDownload Exception: [Microsoft.Management.Services.Common.ServiceTooBusyException: operation timed out for service: https://fef.msub05.manage.microsoft.com/StatelessConnectorService - Operation ID (for customer support): 3adf4083-8e8c-43d9-8631-3cd79ea168f0 ---> Microsoft.Management.Services.Common.ServiceTooBusyException: operation timed out for service: https://fef.msub05.manage.microsoft.com/StatelessConnectorService - Operation ID (for customer support): 3adf4083-8e8c-43d9-8631-3cd79ea168f0 ---> System.TimeoutException: operation timed out for service: https://fef.msub05.manage.microsoft.com/StatelessConnectorService - Operation ID (for customer support): 3adf4083-8e8c-43d9-8631-3cd79ea168f0~~   at Microsoft.Management.Services.OData.Client.ODataServiceContext.<FromAsyncWithCancel>d__b`1.MoveNext()~~--- End of stack trace from previous location where exception was thrown ---~~   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)~~   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)~~   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()~~   at Microsoft.Management.Services.OData.Client.ODataServiceSearchContext`1.<ExecuteAsync>d__7.MoveNext()~~--- End of stack trace from previous location where exception was thrown ---~~   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)~~   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)~~   at Microsoft.Management.Services.OData.Client.V2ContextExecutor.<<ExecuteContextAsync>b__0>d__2.MoveNext()~~--- End of stack trace from previous location where exception was thrown ---~~   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)~~   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)~~   at Microsoft.Management.Services.OData.Client.V2ContextExecutor.<ExecuteContextAsyncInternal>d__9.MoveNext()~~--- End of stack trace from previous location where exception was thrown ---~~   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)~~   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)~~   at Microsoft.Management.Services.OData.Client.FabricServiceSession.<>c__DisplayClass1.<<ExecuteAsync>b__0>d__3.MoveNext()~~--- End of stack trace from previous location where exception was thrown ---~~   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)~~   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)~~   at Microsoft.Management.Services.OData.Client.FabricServiceSession.<ExecuteWithRetryAsync>d__12.MoveNext()~~--- End of stack trace from previous location where exception was thrown ---~~   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)~~   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebugge

and

ERROR: Failed to load assembly for message downloader. Exception: System.IO.DirectoryNotFoundException: Could not find a part of the path 'D:\Program%20Files\Microsoft%20Configuration%20Manager\bin\x64\MessageHandlerConfig.xml'.~~   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)~~   at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)~~   at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)~~   at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize)~~   at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn)~~   at System.Xml.XmlTextReaderImpl.OpenUrlDelegate(Object xmlResolver)~~   at System.Threading.CompressedStack.runTryCode(Object userData)~~   at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode code, CleanupCode backoutCode, Object userData)~~   at System.Threading.CompressedStack.Run(CompressedStack compressedStack, ContextCallback callback, Object state)~~   at System.Xml.XmlTextReaderImpl.OpenUrl()~~   at System.Xml.XmlTextReaderImpl.Read()~~   at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)~~   at System.Xml.XmlDocument.Load(XmlReader reader)~~   at System.Xml.XmlDocument.Load(String filename)~~   at Microsoft.ConfigurationManager.DmpConnector.MessageDownload.MessageDownloader.LoadMessageHandlers()

but the XML is in the right path

• Edited by RSC_phat Friday, June 05, 2015 12:06 PM submit new information

after readding the APN Certificate and disabling the Warning for the Certificate Expiration the Error is gone. Now i try to enroll an iOS device. I`ll keep you updated.

It seems that SP2 (=R2 SP1) breaks Intune - SCCM connectivity! We tried to enroll iPhones, Android devices and Windows Phones. There's always the same error: MDMAUTHORITYNOTDEFINED while everything is configured correctly. Tried several new lab SCCM Installations with Intune Trial subscriptions. Connector is configured, Roles are installed, no Errors in the Logs , Software applications sync to Intune. I even can see in Intune Console that MDM Authority is Configmgr!

Regards, Berndt

Jumping on with a +1 reply.

I've got the same issue and have just tried the remove and re-add, will report back with findings.

Regards,
Steve

another +1. since upgrading to 2012 R2 SP1 this error has appeared.

We're having this error too in dmpdownloader.log

Devices can still enroll and they still appear in SCCM but the company portal isn't installing on Windows Phones when they connect. I'm having to email each user the .xap file to run.

This all started after we installed SP1.

Hoping for a hotfix soon!

• Edited by Mark__L 18 hours 23 minutes ago

We're having this error too in dmpdownloader.log

Devices can still enroll and they still appear in SCCM but the company portal isn't installing on Windows Phones when they connect. I'm having to email each user the .xap file to run.

This all started after we installed SP1.

Hoping for a hotfix soon!

• Edited by Mark__L Tuesday, July 07, 2015 1:24 PM

Hi RSC_phat,

any news on this one? After removing and reading the certifiecate/intune role I do not have any errors. (This was

only in a lab).

best regards - Christian

Running into this same issue.  Production environment.  Giving the fix described a go.  

Untick the Alert for checkbox. Wait for the next APN Expiration Alert Update Task to run (monitor in the statesys.log) and then attempt to enroll. 

I have just done this successfully with iOS device which wouldn't enroll until I did the above procedure.

My SMS_State_System is now reporting as OK and looking healthy

Hi Folks,

we first assumed it was depending on the actual iOS Version 8.4 but now it started working after we disabled the alert check box and now it seems to start working again....

so thanks to Paul - we are waiting for R2 SP1 CU1 to fix it  ;)

 

BTW I re-enabled the alert a day later and the errors started in the statesys.log. I expected to fall with iOS enrolment. I waited 24 hours and was able to enrol a device. Strange!  Anyway MS has confirmed this will be fixed regardless in a CU

CU1 for SP2 and R2 SP1 is now out with the fix for this issue

https://support.microsoft.com/en-us/kb/3074857

The SMS_STATE_SYSTEM component has a "Critical" status, and errors that resemble the following are logged in the StateSys.log file:

*** [42000][6522][Microsoft][SQL Server Native Client 11.0][SQL Server]A .NET Framework error occurred during execution of user-defined routine or aggregate "fnReadMDMPolicyCertValidationDuration": ~~System.Data.SqlTypes.SqlTypeException: Two strings to be compared have different collation.~~
System.Data.SqlTypes.SqlTypeException: ~~ 
at System.Data.SqlTypes.SqlString.StringCompare(SqlString x, SqlString y)~~
at System.Data.SqlTypes.SqlString.Compare(SqlString x, SqlString y, EComparison ecExpectedResult)~~ 
at Microsoft.SystemsManagementServer.SQLCLR.CryptoUtility.fnReadMDMPolicyCertValidationDuration(SqlString MessageText)~~. 
: sp_UpdateAPNSCertAlertVariable

This issue occurs when the SQL Server installation is using a non-English collation, and the Apple Push Notification Service (APNS) certificate that is associated with the Microsoft Intune subscription is expired.