IBCM IIS Setting reset
Question
I am doing an IPU and when my IIS settings for SMS_DP_SMSPKG$ and SMSSIG$ are set to require ssl and client cert required my TS fails with errors in the smsts.log – on internet but with no internet content access certificate. if i change the iis to require ssl and client cert ignore the TS will go through. the problem is iis resets to client cert required and i dont know why it resets. does anyone have any thoughts or suggestions.
Answers ( 2 )
Are you using Network Access Account for Task Sequence?
Are you using unknown system support or PXE boot?
If you enable Enhanced HTTP to not require the NAA, the distribution point needs to be running Windows Server 2012 or later.
Upgrade clients to at least version 1806 before enabling this functionality. If you only allow Enhanced HTTP connections, older clients can’t authenticate using this method, so can’t download the client upgrade package from a distribution point.
Any help from the above info? I think it’s not recommended to use NAA
https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/hierarchy/accounts#network-access-account
i am just doing IPU for caching from our internet facing IBCM server. so its not using any of that.