Hello, 

When I distribute content to a DP, I get this error repeatedly in my distmgr.log: 

SetObjectSecurity failed; 0x80070002

then a ton of these after:

Failed to decrypt cert PFX data

I'm running with HTTPS, and the packages always seem to copy ok, anyone know what this error indi

I have the same issue on a HTTP DP.

I'm working on a fix but my error is occuring only between 12AM and 2AM so I need to wait tonight to see if it resolve my issue.

I'll keep you posted on the results.

Thanks Benoit. I'm thinking of running filemon or something to capture the file activity when the DP is processing a package, but I'm not sure if those errors are stemming from my primary site server or the DP i'm distributing packages to.

My first attempt in resolving the issue failed. (recreate the DP certificate)

I'll try another solution and keep you posted.

Did you have any shared DP in your hierarchy at the moment ?

Yes I have several shared dp's that I have yet to reassign to my 2012 env. I thought about recreating my dp cert. in fact, when I spoke with a MS engineer about dp certs, he recommended creating a new unique dp cert for every dp, he couldn't really tell me why it was a good idea, but it will prevent the error about the cert already being in use whenever you set up a new dp and select the existing dp cert.

I've been able to figure where this error comes from.

I had 51 errors in my distmgr.log, i've reassign a DP  o do a test and after the reassign, I had 50 errors. (-1)

This makes sense because the 2007 DP certificate is not known to SCCM before the reassign. Once reassign the DP create it's own cert in 2012 so the error goes away.

This error can be ignored as it will be removed after you reassign all your shared DP.

Good catch! I have 14 errors, and have 14 2007 DP's remaining (13 secondary, 1 primary = 14) so this makes sense, well done.

That is not it in my case.... I am seeing this on new 2012 R2 CU3 Sites where a Primary has a Secondary Site and it is getting this error trying to copy files out to it. They never had SCCM 2007.

Is there anything not working? So are you just worrying about those error messages in the log? Any chance that the site was restored in the past?

Hello Torsten

I have this error on an SCCM site that was recoverd, how do I get rid of it?

Thanks

Suz x

I was getting this error and it was a fresh install of SCCM 2012 R2 running CU5.  Changing the date in the General Tab on both DP's seemed to have fixed it. You have to wait 10 minutes thYough as I found the error did flash up again but after 10 minutes, never reappeared so it seems to take it time.