Hello,
We have an issue with the HTTPS configuration of the MP.
We followed some procedure and documentation, everthing looks great about certificates and so...
But the SCCM client agent cannot communicate with the MP. Here are some part of LocationServices.log
<![LOG[Retrieved lookup MP(s) from AD]LOG]!><time="08:16:48.900-120" date="06-26-2015" component="LocationServices" context="" type="1" thread="18868" file="lsad.cpp:2377">
<![LOG[Attempting to retrieve site information from lookup MP(s) via HTTPS]LOG]!><time="08:16:48.931-120" date="06-26-2015" component="LocationServices" context="" type="1" thread="18868"
file="lssecurity.cpp:6006">
<![LOG[LSGetSiteVersionFromAD : Failed to retrieve version for the site 'FR1' (0x80004005)]LOG]!><time="08:16:48.946-120" date="06-26-2015" component="LocationServices" context="" type="2" thread="18868"
file="lsad.cpp:5311">
<![LOG[Attempting to retrieve lookup MP(s) from AD]LOG]!><time="08:16:48.962-120" date="06-26-2015" component="LocationServices" context="" type="1" thread="18868" file="lsad.cpp:2351">
<![LOG[Lookup Management Points from AD:]LOG]!><time="08:16:48.962-120" date="06-26-2015" component="LocationServices" context="" type="1" thread="18868" file="lsutils.h:205">
<![LOG[Name: 'SERVERNAME1' HTTPS: 'N' ForestTrust: 'N']LOG]!><time="08:16:48.962-120" date="06-26-2015" component="LocationServices" context="" type="1" thread="18868" file="lsutils.h:211">
<![LOG[Name: 'SERVERNAME2' HTTPS: 'N' ForestTrust: 'N']LOG]!><time="08:16:48.962-120" date="06-26-2015" component="LocationServices" context="" type="1" thread="18868" file="lsutils.h:211">
<![LOG[Retrieved lookup MP(s) from AD]LOG]!><time="08:16:48.962-120" date="06-26-2015" component="LocationServices" context="" type="1" thread="18868" file="lsad.cpp:2377">
<![LOG[Attempting to retrieve site information from lookup MP(s) via HTTP]LOG]!><time="08:16:48.978-120" date="06-26-2015" component="LocationServices" context="" type="1" thread="18868" file="lssecurity.cpp:6025">
<![LOG[Failed to send site information Location Request Message to SERVERNAME1]LOG]!><time="08:16:49.165-120" date="06-26-2015" component="LocationServices" context="" type="2" thread="18868"
file="lssecurity.cpp:5558">
<![LOG[Failed to send site information Location Request Message to SERVERNAME2]LOG]!><time="08:16:49.274-120" date="06-26-2015" component="LocationServices" context="" type="2" thread="18868"
file="lssecurity.cpp:5558">
<![LOG[LSIsSiteCompatible : Failed to get Site Version from all directories]LOG]!><time="08:16:49.274-120" date="06-26-2015" component="LocationServices" context="" type="3" thread="18868"
file="lsad.cpp:5470">
<![LOG[Won't send a client assignment fallback status point message because the last assignment error matches this one.]LOG]!><time="08:16:49.274-120" date="06-26-2015" component="LocationServices" context=""
type="1" thread="18868" file="fspclientdeployassign.cpp:197">
<![LOG[Won't send client assignment fallback status point message because last assignment message was sent too recently.]LOG]!><time="08:24:14.298-120" date="06-26-2015" component="LocationServices" context=""
type="1" thread="18868" file="fspclientdeployassign.cpp:180">
<![LOG[Processing pending site assignment.]LOG]!><time="08:24:14.298-120" date="06-26-2015" component="LocationServices" context="" type="1" thread="18868" file="lsad.cpp:3509">
<![LOG[Assigning to site 'FR1']LOG]!><time="08:24:14.298-120" date="06-26-2015" component="LocationServices" context="" type="1" thread="18868" file="lsad.cpp:3515">
<![LOG[LSIsSiteCompatible : Verifying Site Compatibility for <FR1>]LOG]!><time="08:24:14.298-120" date="06-26-2015" component="LocationServices" context="" type="1" thread="18868" file="lsad.cpp:5419">
As you can see, the information in AD is "no HTTPS" : Name: 'SERVERNAME1' HTTPS: 'N' ForestTrust: 'N'
Then later in another log, the agent tried to access to the MP through HTTP, which obviously doesn't work. CcmMessaging.log :
instance of CCM_CcmHttp_Status
{
DateTime = "20150626063140.945000+000";
HostName = "SERVERNAME1";
HRESULT = "0x87d0027e";
ProcessID = 37480;
StatusCode = 403;
ThreadID = 18868;
};
]LOG]!><time="08:31:40.945-120" date="06-26-2015" component="CcmMessaging" context="" type="1" thread="18868" file="event.cpp:715">
<![LOG[Successfully sent security settings refresh message.]LOG]!><time="08:31:41.007-120" date="06-26-2015" component="CcmMessaging" context="" type="1" thread="18868" file="ccmhttperror.cpp:369">
<![LOG[Successfully sent location services HTTP failure message.]LOG]!><time="08:31:41.054-120" date="06-26-2015" component="CcmMessaging" context="" type="1" thread="18868" file="ccmhttperror.cpp:396">
<![LOG[Post to http://SERVERNAME1.LAN/ccm_system/request failed with 0x87d00231.]LOG]!><time="08:31:41.054-120" date="06-26-2015" component="CcmMessaging" context="" type="2" thread="18868"
file="messagequeueproc_outgoing.cpp:442">
So I guess there is an error in the AD attributes of the MP? I'm not able to find any information of this, where is saved this information in the AD? We have the "System management" container in the AD, with all the MP, which looks correct. So, where is the information of communication method in the AD ?
Many thanks for your help
Regards