MECM 2303 - 5601 failure Security Event on PCs - ConfigMgrMigrationKey - 0x80090016

system center 51 Reputation points
2023-10-26T08:20:56.2566667+00:00

Hello All

Request your help with the following

Env:

MECM - 2303

On-prem - Single Primary with DB hosted on same Win Server 2019

1 SUP hosted on Primary

Clients - win10 22h2

SCCM client: 5.00.9106.1022

WUA: 10.0.19041.3031

Issue:

Security Event event being logged every hour on all Workstations

Please advise the cause/remediation and how concerning it can be from a Security point of view - Thanks

Security Event Logs

EventID: 5601

SubjectUserSID: S-1-5-18

SubjectUserName: MyPC$

SubjectDomainName: MyDomain

SubjectLogonID: 0x3e7

ProviderName: Microsoft Software Key Storage Provider

Algorithm Name: UNKNOWN

KeyName: ConfigMgrMigrationKey

KeyType: %%2499

Operation: %%2480

ReturnCode: 0x80090016

Recent changes:

upgraded to 2303 8 weeks ago; including clients

migrated SCCM to new Server 2019 server (using backup/restore) 6 weeks ago

All SCCM functions are healthy

Please advise - Thanks

Microsoft Configuration Manager
0 comments No comments
{count} vote

1 answer

Sort by: Most helpful
  1. XinGuo-MSFT 19,696 Reputation points
    2023-10-27T07:07:58.9766667+00:00

    Hi,

    Error 0x80090016: Keyset not found. It appears that the issue may be related to the absence of a certificate chain.

    Assuming you're utilizing Enhanced HTTP (EHTTP), you might want to refer to this resource: https://www.anoopcnair.com/enable-configmgr-enhanced-http-configuration/ for further guidance.

    If your configuration involves Public Key Infrastructure (PKI), it's advisable to verify the presence of Root CA and intermediate certificates on both the client and the Management Point (MP).


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.