Hi guys

I'm new to SCCM 2012. I work on a domain with a primary SCCM 2012 R2 site server.

The server's specs is: Server 2012 Standard, 16GB RAM. The server doesn't even use half of it's performance & there is enough disc space on the server.

Every couple of hours I get this error on all the workstations: System task 'PolicyEvaluator_Unlock' returned error code 0x8000ffff.

I've rebooted the clients but still get the same error after a few minutes. After rebooting the server the error goes away, the clients can then communicate with the MP & after a couple of hours the error returns.

It seems as there is a problem on the primary MP. I've been searching on the internet & tried a couple of things but no luck.

Please help. Thanks

Hi,

>>It seems as there is a problem on the primary MP

Please check CcmMessaging.log on the client.

Have you checked MP component status in Monitoring workspace of SCCM console? Please also check Mpcontrol.log on the MP server.

Joyce

Every couple of hours I get this error on all the workstations: System task 'PolicyEvaluator_Unlock' returned error code 0x8000ffff.

Where exactly are you seing this error?

Hi Joyce

The MP component status is green. When I open it I get the following:

Component Status Summarizer detected that the availability of component "SMS_MP_CONTROL_MANAGER" on computer "Server.domain.local" has changed to Online.

This component started.

This component stopped.

As for the MPControl it doesn't have any errors on it.The ccmmessaging on the other hand is full of errors such as:

CRequestResponse::Send failed with code 0x87d00241

EndpointMessage(Queue='StatusReceiver', ID={DA767478-A83D-4C49-AD5B-7960A6765899}): Will be discarded (0x87d00298).

On the workstations under the ccmexec.log file

Hi ,

From the error it seems that a policy of some sort was created and not signed for some reason. It may be something went wrong when policy was created and written. Run the following query against the SCCM SQL DB. In the select query below you will see a date that represents when the issue started and when the policy was created. The query will find out if site wide policy had NULL hash body.

SELECT * FROM ResPolicyMap WHERE machineid = 0 and PADBID IN (SELECT PADBID FROM PolicyAssignment WHERE BodyHash IS NULL)

Be very careful with the above query, any returns from the select statement are invalid however if you see a great deal of them there may be a larger issue present.  If you have just one or two you should be fine with the delete.

Please first perform a full backup of the SCCM database and then deleted them:

Delete FROM ResPolicyMap WHERE machineid = 0 and PADBID IN (SELECT PADBID FROM PolicyAssignment WHERE BodyHash IS NULL)

Restart the SCCM server and see how it goes.

I believe you are seeing this error in PolicyAgent.log on the client machine. Is that so? I have seen this message. It is usually harmless. If the client machine has ConfigMgr client installed on the machine with all the 10 actions visible and you are able to deploy packages or applications on the machines without issues, you can safely ignore this "error"

Hi

Ok I ran the top query & no results returned. What is interesting is this error usually happens & the MP server stops communicating to the workstations. I can't deploy applications to any workstations at all. The clients' activity become inactive on the console after a couple of days.

This message has disappeared for now but it will be back. Sometimes the SCCM server operates fine for a couple of days & then randomly starts giving these errors on the workstations again & all the clients become inactive again. Something else I noticed is the SCCM client tries to install itself on the MP. Right after the agent host stops & when I try and run it again, it can't start (Sorry I can't remember the exact error, I believe it said it can't find certain files.) What I did do (not sure if this is what stopped the SCCM server from reacting in this way) is to exclude the MP in the registry from discovering itself, once it discovers itself, it tries to install the SCCM client on the main MP server & then the error 0x8000ffff appears. The registry key I found was: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\Components\SMS_DISCOVERY_DATA_MANAGER & I then edited the ExcludeServers key & added the MP's name in it & rebooted the server. Not sure but the server has been behaving a lot better since.

Well if I do ignore it, all my clients show up as inactive, I can't deploy packages or updates to any workstations or servers. The error message appeared on the workstations under the ccmexec.log file

If the clients start showing as inactive, what do you see in CCMMessaging.log? 

Hi ,

When the issue occurs, did you observe other issues? (The clients' activity become inactive on the console after a couple of days). Perform a wbemtest on the SCCM server itself to test namespace \\root\sms\site_<sitecode>. Also perform a test from the client to this server.

What did you do to make "this message has disappeared"? Is there any scheduled anti-virus scan when the issue occurs?

Thanks.