Deployment status: Few Client machines are in Unknown State with message client Check passed/Active

Question

 

Issue: Deployed monthly patches to device collection and 3 of 8 shows in unknown state all systems are 2012r2. But few Client machines are in Unknown State with message client Check passed/Active

Steps taken till now:
CAS.logs, location.logs– no errors

Updatehandler.logs– Updates scan completion received, result = 0x8024401c. (Same as HTTP status 408 – the server timed out waiting for the request)

WUAHandler.logs- OnSearchComplete – Failed to end search job. Error = 0x8024401c.
Scan failed with error = 0x8024401c.

ScanAgent.logs::ScanCompleteCallback – failed at OnScanComplete with error=0x87d00631
CScanJob::OnScanComplete -Scan Failed with Error=0x8024401c

Updatesdeployment.logs: Job error (0x8024401c) received for assignment ({99749A58-DD49-4C04-8D8A-9468D383850F}) action
Updates will not be made available

UpdateStore.logs:Failed to refresh Resync state message. Error = 0x87d00310.
Failed to refresh sync message. Error = 0x87d00310.

Tried recycling services like windows update, Bits, wmi, ran Retrieved from configmgr applet, rebooted machine with no luck.

Note: The target machines are windows server 2012r2, and sccm version 1806. are on dmz network but assigned to correct boundaries/group, client shows active and last Hardware and software policy refresh looks recent.

The only common among the 3 servers in unknown state is they are on same network id.

Any help would be highly appreciated.

solved 1
Deepak Pathak 2020-05-18T12:38:42+05:30 3 Answers 1437 views Beginner
0

Answers ( 3 )

  2. Mohan Kumar
    1
    2020-05-18T14:37:37+05:30
    Reply

    Hi Deepak,

    The error what you are getting is Network issue, the client unable to reach to server it trying and failed with requested timed out after time period, please check the DMZ server able to connect with SUP Server or not.

    Run this cmd in PowerShell on DMZ server to validate port allowed or not
    Test-NetConnection -ComputerName SUPServer -Port 8530

    Best answer
  4. Guru Vaidya
    2
    2020-05-18T13:35:27+05:30
    Reply

    Has it worked earlier ? (asking this since it is mentioned the target clients are in dmz network)

    Is your SUP healthy ?
    Also all the required ports including RPC dynamic opened between DMZ and Intranet (SCCM) network
    also please if there is a personal firewall blocking the communication

    • Deepak Pathak
      1
      2020-05-18T14:27:59+05:30
      Reply

      Thanks for replying, this is the first attempt to these dmz devices, from total 8 there are 4 devices in dmz of which only 3 with common Network range having issues.
      Yes ip range is with sccm intranet will share communication status to ports

Leave an answer

Sorry, you do not have permission to answer to this question .