Hi - I know this question has been asked many times before - but I have tried almost everything and a no closer to solving the problem.

Background: Recently a SCCM 2012 SP1 single stand-alone site was upgraded to SCCM 2012 R2. The site is a single stand-alone primary site with a single DP, single MP, using mixed mode (HTTP). The R2 upgrade ran without any problem and all SCCM components are showing as healthy.

A few test SCCM 2012 SP1 clients were upgraded to the R2 client using client-push.

However the upgraded clients are not retrieving policy from the Management Point. In the Actions Tab of the SCCM client, only Machine Policy Retrieval and User Policy Retrieval are available. But kicking of those actions does not result in any of the advertised applications, Task Sequences becoming available. Infact Custom Client Settings are not being set either (e.g. Organisation Name in software Center).

I have checked and rechecked the following:

• The upgrade of the client completed successfully (checked ccmsetup.log) and the version number went from 5.00.7804.1000 (SP1) to 5.00.7958.1000 (R2).
• The MP health in the SCCM console is showing healthy.
• The MP access URL's load correctly when run from SCCm client computers
  • http://<ServerName>/sms_mp/.sms_aut?mplist is ok
  • http://<ServerName>/sms_mp/.sms_aut?mpcert is ok
• The SCCM clients are assigned to the site correctly verified via the SCCM client and ClientLocation.Log
• ClientIDManager.Log is not showing any errors
• CCMExec.log and ExecMgr.log don't show any advertisements being executed (Execmgr.log is almost empty and only has "Software ditrbution site settings policy does not yet exist on the client). If the client is not yest registered this is expected behaviour")
• The SCCM clients are Approved and NOT Blocked in SCCM
• I have attempted to upgrade the SCCM client and also completely removed and reinstalled - and both have the same result (no client policy dpwnloaded)
• I have also deleted the above clients completely from SCCM, Run divoery again and pushed the client to the machines again ...with the same result (SCCM client installs, assigns to correct site and then no policy downloaded)
• SCCM 2012 Boundaries are configured correctly and assigned to Boundary Groups correctly
• The SCCM clients do not have the firewall enabled
• Changed boundary from AD Site to Subnet to IP Address Range: Same issue exists
• Uninstalled MP role and reinstalled it: same Issue exists
• Tried to connect to SCCm client using 3rd party SCCM Client center tool but cannot connect
• ??? Not sure what else to try ???

• Edited by GeekierThanYou Monday, March 24, 2014 10:18 PM Updated

Are you using IP address range boundaries or IP subnet boundaries?

If the answer is subnet, change to IP address range. http://blog.configmgrftw.com/ip-subnet-boundaries-are-evil/

I have tried both AD site and IP subnet boundaries.

However this doesn't explain why even SCCM client setting are not being applied?

The log show the client is being assigned to the correct Site and MP.

i have done quite a few SCCM 2012 R2 and SP1-to-R2 upgrades and this is the first time that I have come across this issue....

Have you tried doing a hard policy reset with the Client Center tool from Roger Zander (download:  http://sourceforge.net/projects/smsclictr/)? 

I've had a few clients in the past that have acted similarly, and they were fixed by triggering these schedules.  The hard policy reset triggers schedules 40 and 21.

  A full list off client schedules can be found in the SendScheduleMessages.xml located in the R2 toolkit.

Try restarting CCMexec service in client machine

Command prompt with Admin rights

net stop ccmexec

net start ccmexec, once done check policydownloader or policyevaluator.log

Is there a chance the site code was changed?

When you have removed the client from both the device and the repository, try shutting down and restarting the device then reinstall or rediscover the device.

last thing to try possibly is to uninstalling the client, remove from the domain, re-add to the domain, rediscover and see if the PC shows up.

Thanks everyone for the suggestions - I have tried most of them with no success

#1) Changed the boundary to an IP Address Range = No change in client behaviour

#2) Restarting CCMExec - this happens when the SCCM client is reinstalled = No change in client behaviour

#3) Uninstalled the MP and reinstalled it = No change in client behaviour

#4) SCCM Client Center (great tool which I used in SCCm 2007 - didn't realise it was updated for SCCM 2012). However I can't connect to any SCCM Client using this - not sure why since the clients are on the same subnet as the SCCM Primary Site server and there are no firewall's/AV enabled on the SCCm server or the clients!

Just weird that the clients can't talk to the SCCM Primary Site server!

• Edited by GeekierThanYou Thursday, March 20, 2014 9:20 PM

I should add - it seems ALL clients are experiencing this issue. Not just clients upgraded to R2.

I have done the client delete > rediscovery > reinstall multiple times with the same result.

Don't understand how the client installs successfully but then refuses to talk to the MP!

• Check your firewall configuration. You can use this tool to check are the needed ports (http://sccmguru.wordpress.com/2012/11/09/configuration-manager-2012-port-information-and-spreadsheet/) open. You should run the tool on the client and on the mp to make sure the traffic goes both ways. http://www.microsoft.com/en-us/download/details.aspx?id=17148
• Check your DNS configuration

Please upload the ClientIDManagerStartup.log, LocationServices.log and CCMMessaging.log.

-Umair

Hello everyone - sorry for the slow response (weekend).

I have done a complete fresh SCCM 2012 R2 client install on a VM and have uploaded the requested logs to a public Google Drive store: http://bit.ly/1nV9hIb

Logs uploaded:

CcmExec.log

CcmMessaging.log

ClientIDManagerStartup.log

ClientLocation.log

execmgr.log

LocationServices.log

PolicyAgent.log

Any assistance would be greatly appreciated!

• Edited by GeekierThanYou Monday, March 24, 2014 10:13 PM

Did this get resolved?  I am seeing a similar issue at my location.

What's the exact problem? How did you determine that something does not work as expected? Any errors in the si

What does MP_Registration.log on th

Hello, I did a fresh install of a client and research.

Agent is installed, it has found MP and site, Certificate - None,

ClientIDManagerStartup.log:

Failed to send registration request message. Error: 0x87d00309

I checked client ID in the MP_RegistrationManager.log:

Processing Registration request from Client 'GUID:8FB56521-A4CB-4968-9E37-D8BA35838767'

Begin validation of Certificate [Thumbprint A466797C487D34320D1EC257EB61C9D69CFDEA2F] issued to 'SMS'

Completed validation of Certificate [Thumbprint A466797C487D34320D1EC257EB61C9D69CFDEA2F] issued to 'SMS'

MP Reg: DDR written to [C:\Program Files\Microsoft Configuration Manager\inboxes\auth\ddm.box\regreq\KEQU5XHK.RDR] for Client [GUID:8FB56521-A4CB-4968-9E37-D8BA35838767] with Certificate Thumbprint [A466797C487D34320D1EC257EB61C9D69CFDEA2F]

MP Reg: Processing completed. Completion state = 0

What should I to check next?

• Edited by Andev Tuesday, June 03, 2014 10:43 AM

Hi all - sorry for the late response.

We managed to resolve the issue after logging a job with Microsoft Support.

The issue was that the SCCM 2012 R2 upgrade corrupted 2 tables in the SCCM Database - leading to corrupt SCCM client policies.

I am pasting the resolution email from Microsoft below:

(NOTE: This may not be the exact sypmtoms you are experiencing so do not implement this fix assuming it will fix your problem!)

ISSUE: 

- All clients are unable to download policies from the server

CAUSE:

- Bad policies in the Database

RESOLUTION: 

-Issue with PADbID - Run below query against SCCM DB to verify corrupt entries:

SELECT * FROM ResPolicyMap WHERE machineid = 0 and PADBID IN (SELECT PADBID FROM PolicyAssignment WHERE BodyHash IS NULL)

Confirmed Bad policies entries in the SCCM database

Run below query to delete the bad policy after which we resolved the issue:

Delete FROM ResPolicyMap WHERE machineid = 0 and PADBID IN (SELECT PADBID FROM PolicyAssignment WHERE BodyHash IS NULL)"

• Proposed as answer by Anoop C Nair Wednesday, June 04, 2014 2:34 AM

Hello,

I am sorry, this is not my topic, I have the same problem with policies, but I have a fresh install of SCCM 2012 R2.

Hello Sir

thank you very much for this solution!

worked very well for my setup!