Client installation using Internet faced MP
Question
I am installing SCCM client using PKI cert and Internet facing MP. Client is getting installed but after that many device are trying to connect with AD, DNS & WINS for MP and getting failed, when checked in location service file…please assist
Answers ( 10 )
Hopefully, this issue is already resolved . Hence closing the thread. Try to share the solution to help others in the community
Yeah obviously Internet MP will be in DMZ with public IP associated.
Sorry but are you saying you are trying to perform Client push for the internet connected machines ?
Clients are able to connect with it during installation as checked in CCMSetup => Which clients Internet or Intranet clients ?
But not attempting to connect with it after installation => If they are intranet connected machines why they should talk to your Internet MP ?
Something is not clear here
I am installing it with a script not with client push.
If I understood correctly client will not attempt Internet MP after AD, DNS and WINS if machine is in Intranet…. Am I right here.
Any update on this, please?
Another forest means you may have some firewalls in between and network segments may be entirely different corporate connected machines should not be talking to internet facing MP any ways.
Based on your boundary settings, configuration and AD publishing corporate clients on other forest should ideally associate with Internal MP
This Internet MP is on public IP.
Clients are able to connect with it during installation as checked in CCMSetup log file but not attempting to connect with it after installation.
can you please eloborate the question
Are you seeing the error on Intranet connected machine or internet connected machine ?
When you internet facing MP … does that mean you are using IBCM ?
If you are using IBCM and seeing these errors on internet connected machine then i think it is expected
Anyways these are some points based on short description of the question.
Yes, we are using IBCM.
Error is on clients that are on corporate network but in different Forest, there we have not extended SCCM.
Clients that are on public network, not facing any issue.
After these errors machine is not trying to connect with Internet MP.
I think we discussed the topic in a different thread
Can you provide me the details of the log file entries to help you more
PKI certificate is installed on device and it is visible on SCCM console but with ? mark as I believe issue is with client registration and MP.
below is location service logs:
Processing pending site assignment. LocationServices 5/12/2020 4:20:46 AM 15440 (0x3C50)
Assigning to site ‘sp1’ LocationServices 5/12/2020 4:20:46 AM 15440 (0x3C50)
LSIsSiteCompatible : Verifying Site Compatibility for LocationServices 5/12/2020 4:20:46 AM 15440 (0x3C50)
Attempting to retrieve lookup MP(s) from AD LocationServices 5/12/2020 4:20:46 AM 15440 (0x3C50)
No lookup MP(s) from AD LocationServices 5/12/2020 4:20:46 AM 15440 (0x3C50)
Attempting to retrieve lookup MP(s) from DNS LocationServices 5/12/2020 4:20:46 AM 15440 (0x3C50)
Using default DNS suffix sss.com.br LocationServices 5/12/2020 4:20:46 AM 15440 (0x3C50)
Attempting to retrieve default management points from DNS LocationServices 5/12/2020 4:20:46 AM 15440 (0x3C50)
Failed to retrieve DNS service record using _mssms_mp_sp1._tcp.aaa.com.br lookup. DNS returned error 9003 LocationServices 5/12/2020 4:20:46 AM 15440 (0x3C50)
No lookup MP(s) from DNS LocationServices 5/12/2020 4:20:46 AM 15440 (0x3C50)
Failed to resolve ‘SMS_SLP’ from WINS LocationServices 5/12/2020 4:20:55 AM 15440 (0x3C50)
No lookup MP(s) from WINS LocationServices 5/12/2020 4:20:55 AM 15440 (0x3C50)
Unable to find lookup MP(s) in Registry, AD, DNS and WINS LocationServices 5/12/2020 4:20:55 AM 15440 (0x3C50)
LSGetSiteVersionFromAD : Failed to retrieve version for the site ‘sp1’ (0x80004005) LocationServices 5/12/2020 4:20:55 AM 15440 (0x3C50)