I have a few domains inside a single AD forest with transitive trusts between them. SCCM is installed oo the Parent domain and I can deploy to machines in that domain fine. I have extended the schema, and defined the appropriate admin users in the client push setting. Using the wbemtest tool also tests successfully to the clients in the child domains with the same admin users specified in the Push window. I can also manually map the Admin$ share using the same credentials. Firewalls have been disabled. I am able to discover the machines in the child domain fine as well. When I go to push, the client never actually gets copied to the machine so no logs are generated there. I have no secondary site server in the child domain, as I would like to administrer them from the Parent domain. Here is some output from the ccm.log file on the SCCM server: ---> Attempting to connect to administrative share '\\clientmachine\admin$' using account 'childdomain\domainadmin'~ $$<SMS_CLIENT_CONFIG_MANAGER><Wed Mar 30 12:43:29.624 2011 Pacific Daylight Time><thread=5300 (0x14B4)> ---> Attempting to connect to PDC admin share '\admin$' using account 'childdomain\domainadmin'~ $$<SMS_CLIENT_CONFIG_MANAGER><Wed Mar 30 12:43:29.655 2011 Pacific Daylight Time><thread=5300 (0x14B4)> ---> WNetAddConnection2 failed (LOGON32_LOGON_NEW_CREDENTIALS) using account childdomain\domainadmin (00000043) $$<SMS_CLIENT_CONFIG_MANAGER><Wed Mar 30 12:43:29.655 2011 Pacific Daylight Time><thread=5300 (0x14B4)> ---> LogonUser failed (LOGON32_LOGON_INTERACTIVE) using account childdomain\domainadmin (00000569) $$<SMS_CLIENT_CONFIG_MANAGER><Wed Mar 30 12:43:29.702 2011 Pacific Daylight Time><thread=5300 (0x14B4)> ---> Failed to connect to PDC administrative share \admin$ (1385) $$<SMS_CLIENT_CONFIG_MANAGER><Wed Mar 30 12:43:29.702 2011 Pacific Daylight Time><thread=5300 (0x14B4)>

Error code 569 = "The SAM database on a Windows Server is significantly out of synchronization with the copy on the Domain Controller. A complete synchronization is required." Looks like the domain has replication issues.Jason | http://myitforum.com/cs2/blogs/jsandys | Twitter @JasonSandys

Hi, The log says logon failed. Also admin$ is unable to access. Please make sure that ADMIN$ is enabled in the client: 1. From the server to the client there are no DNS issue 2. Account Specified for client push is correct and have permission to connect to the share If all of above are correct, push the client again, post the latest messages in ccm.log. Regards, Sabrina This posting is provided "AS IS" with no warranties or guarantees, and confers no rights. |Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.