Hello, I made a setup of a mixed SCCM R3 on a 2008 R2 machine in a DNS only AD domain. The intention today is not to make any schema extensions so I deployed a SLP. Now when I am deploying clients with the options SMSDIRECTORYLOOKUP=NOWINS SMSSITECODE=AUTO SMSSLP=server. I have to add the option SMSMP otherwise the client doesn't find the information. Installing the hotfix KB977384 does a reset from the options I gave when installing the client and so he does a reset of SMSDIRECTORYLOOKUP value. When I found this out I tried installing the R2SP2 client with the options and now the client is listed as an active client in the SCCM console but he does not start the download from the policies. If I look at clientIDManagerStartup.log file - I can find RegTask: Failed to send registration request message 0x80040309. In the locationservices.log I can find at the same time the message "failed to verify message, sending MP not in allowed list". Does this look familiar for someone? Any help appreciated! Regards.

Hi - See, the error details below. CCM_E_LOCATION_MESSAGEFAILED CCM_ERRORCODE(0x80040309) 2147746569 In most cases this indicates that the in band server authorization failed on a client, usually because the trusted root key does not match the management point certificate. Anoop C Nair - This posting is provided "AS IS" with no warranties or guarantees, and confers no rights. |Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

See, http://technet.microsoft.com/en-us/library/bb632759.aspx How to Manage the Trusted Root Key in Configuration ManagerAnoop C Nair - This posting is provided "AS IS" with no warranties or guarantees, and confers no rights. |Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Tom, SMSDIRECTORYLOOKUP property specifies how the client uses Windows Internet Name Service (WINS) for service location. Service location by using WINS in mixed mode includes the management point and server locator point. If WINS is not used by clients to find a server locator point, it must be directly assigned to clients. So from SLP clients can find the default MP (MP is published to SLP defaultly when SLP role exists), you don't need to add SMSMP option. For trusted root key issue you can use SMSPublicRootKey option. Read this: http://technet.microsoft.com/en-us/library/bb680504.aspx how to Pre-provision the Trusted Root Key on Clients. Thanks