SCCM Run Script not working

Question

Hello All,

We use the SCCM Run Script feature to run a PowerShell script against computers and collections in real time for a long time. The last I knew it was working correctly but from a couple of days I found out it did not work.

The Script execution dialog runs forever with nothing happening. It is stuck at the "Creating Client Jobs" stage. On the target machine, nothing is logged in the scripts.log. it looks as though the server is not creating the job. I have Full Admin rights on the SCCM box.

What am I missing? Is there any log on the server side that I can monitor?

Thank You.

Regards,
Trinadh Kola.

Answer 1

Hi @Rakesh Kumar ,
Thanks very much for your feedback. I am glad that the question is fixed now. Here's a short summary for the problem, we believe this will help other users to search for useful information more quickly. It's appreciated that you could click "Accept Answer" to the reply. If there's anything else we can help in the future, feel free to post in our Q&A to discuss together.

Problem/Symptom:
SCCM Run Script not working.

Solution/Workaround:
Recreate SMS SSL certificate, the Script run is working fine in SCCM.

Thanks again for your time! Have a nice day!

Best regards,
Cherry

Answer 2

Do you have any Guide or Link how to recreate SSL certificate with same hash , If yes kindly provide here

Answer 3

Hi @Trinadhchandra kola ,

1, Can we find the certificate with same cert hash in the Microsoft Management Console? For example:

2, What communication method are you using, HTTPS only or HTTPS or HTTP?

Looking forward to your feedback.

Best regards,
Cherry

Answer 4

Hi Cherry,

Still, I am facing the same issue unable to run the scripts. I struck at client Jobs.

I have checked the Hash value in the log file and MMC Certificate store, Both the hash values are different.

In the BGServer log, it is looking for hash value (MP SSL is Enabled, signing certificate (store: My, hash EA4E0DAD73B610BC4A617E0B280B31A25CD2A447), encryption certificate (store: My, hash EA4E0DAD73B610BC4A617E0B280B31A25CD2A447)).

But in the MMC store it is different (‎6f ec d3 52 91 8a cb cb 95 23 ce da 0c fa fa 8f 78 f8 2c cc)

Https also enabled in the Environment

Thank You.

Regards,
Trinadh Kola.

Answer 5

Hi @Trinadhchandra kola ,

According to the screenshot, you have ticked Use PKI client certificate (client authentication capability) when available and Trusted Root Certification Authorities.

Use PKI client certificate (client authentication capability) when available: If you chose the HTTPS or HTTP site server setting, choose this option to use a client PKI certificate for HTTP connections. The client uses this certificate instead of a self-signed certificate to authenticate itself to site systems. If you chose HTTPS only, this option is automatically chosen.

Trusted Root Certification Authorities: To import, view, and delete the certificates for trusted root certification authorities.

Have you added any PKI certificates? If these two options are not necessary and you have checked HTTPS or HTTP , we may uncheck them.

For more detail about Client PKI certificates, please refer to following links:
Configure security - Configuration Manager | Microsoft Learn
SCCM Configure Settings For Client PKI Certificates ConfigMgr HTMD Blog (anoopcnair.com)
Note: Microsoft provides third-party contact information to help you understand the problem. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

Looking forward to your feedback.

Best regards
Cherry