Hi @Amandayou-MSFT
yes all the entries as per screenshot shared by you are there in DNS and Adsiedit. I did multiple time installation of client but every time result is same.
below are the command lines used on multiple laptops.
Command line used -
ccmsetup.exe /mp:https://ABCCMG.CLOUDAPP.NET/CCM_Proxy_MutualAuth/XXXXX59403XXXXX CCMHOSTNAME=ABCCMG.CLOUDAPP.NET/CCM_Proxy_MutualAuth/XXXXX59403XXXXX SMSSITECODE=TTP SMSMP=https://SCCM01.ABC.COM AADTENANTID=XXXXXXX AADCLIENTAPPID=XXXXXXXXXXXXX AADRESOURCEURI=https://INABC-cg-configmgrservice
Token Based command line -
ccmsetup.exe /mp:https://ABCCMG.CLOUDAPP.NET/CCM_Proxy_MutualAuth/XXXXX59403XXXXX CCMHOSTNAME=ABCCMG.CLOUDAPP.NET/CCM_Proxy_MutualAuth/XXXXX59403XXXXX SMSSiteCode=TTP SMSMP=SCCM01.ABC.COM /regtoken:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXxxx
standard command line -
ccmsetup.exe /mp:sccm01.abc.com smssitecode=TTP FSP=sccm01.abc.com
just for testing purpose i have changed the registry entry for one of internal client and tried to install one package but no luck.
changes made on one of internal sccm client -
HKLM/Software/Microsoft/CCM/Security/ClientAlwaysOnInternet to 1 and restarted the SMS Agent host service.
CCMexec.log -
Begin searching client certificates based on Certificate Issuers CcmExec 24/08/2021 08:51:17 10708 (0x29D4)
Certificate Issuer 1 [CN=ABCCMG.cloudapp.net] CcmExec 24/08/2021 08:51:17 10708 (0x29D4)
Skipping Certificate [Thumbprint 12E2A2B16B95C352044E7C1AFC967C8B77385731] issued to 'TSVDiSCCMSTS1.abc.com' as root is 'CN=ABC Root CA, O=ABC, OU= IT, L=Hoossss, S=Zd-india, C=IN' CcmExec 24/08/2021 08:51:17 10708 (0x29D4)
Completed searching client certificates based on Certificate Issuers CcmExec 24/08/2021 08:51:17 10708 (0x29D4)
Unable to find any Certificate based on Certificate Issuers CcmExec 24/08/2021 08:51:17 10708 (0x29D4)
Raising event:
instance of CCM_ServiceHost_CertRetrieval_Status
{
ClientID = "GUID:9F324D1F-3682-42C4-8089-EF957B2C1EF7";
DateTime = "20210824075117.943000+000";
HRESULT = "0x87d00215";
ProcessID = 11316;
ThreadID = 10708;
};
CcmExec 24/08/2021 08:51:17 10708 (0x29D4)
[CCMHTTP] ERROR: URL=https://ABCCMG.CLOUDAPP.NET/CCM_Proxy_ServerAuth/xxxxxxxxx/ccm_system_tokenauth/request, Port=443, Options=1472, Code=0, Text=CCM_E_BAD_HTTP_STATUS_CODE CcmExec 24/08/2021 08:51:17 10708 (0x29D4)
[CCMHTTP] ERROR INFO: StatusCode=403 StatusText=Forbidden CcmExec 24/08/2021 08:51:17 10708 (0x29D4)
Raising event:
CcmExec 24/08/2021 08:51:18 10708 (0x29D4)
[CCMHTTP] ERROR: URL=https://ABCCMG.CLOUDAPP.NET/CCM_Proxy_ServerAuth/XXXXXXXX/ccm_system_tokenauth/request, Port=443, Options=1472, Code=0, Text=CCM_E_BAD_HTTP_STATUS_CODE CcmExec 24/08/2021 08:51:18 10708 (0x29D4)
[CCMHTTP] ERROR INFO: StatusCode=403 StatusText=Forbidden CcmExec 24/08/2021 08:51:18 10708 (0x29D4)
Raising event:
instance of CCM_CcmHttp_Status
{
ClientID = "GUID:9F324D1F-3682-42C4-8089-EF957B2C1EF7";
DateTime = "20210824075118.099000+000";
HostName = "ABC.CLOUDAPP.NET";
HRESULT = "0x87d0027e";
ProcessID = 11316;
StatusCode = 403;
ThreadID = 10708;
};
CcmExec 24/08/2021 08:51:18 10708 (0x29D4)
Successfully queued RefreshSecuritySettingsEvent event. CcmExec 24/08/2021 08:51:18 10708 (0x29D4)
Successfully queued event on HTTP/HTTPS failure for server 'ABCCMG.CLOUDAPP.NET'. CcmExec 24/08/2021 08:51:18 10708 (0x29D4)
Post to https://ABCCMG.CLOUDAPP.NET/CCM_Proxy_MutualAuth/XXXXXXX/ccm_system/ request failed with 0x87d00231. CcmExec 24/08/2021 08:51:18 10708 (0x29D4)
Exiting recently resumed state. CcmExec 24/08/2021 08:51:32 6480 (0x1950)
User SID 'S-1-5-21-1482476501-839522115-725345543-31035' unlock processing. CCMEXEC 24/08/2021 08:51:41 6480 (0x1950)
SystemTaskProcessor::QueueEvent(Unlock, 0) CCMEXEC 24/08/2021 08:51:41 6480 (0x1950)
BEGIN ExecuteSystemTasks('Unlock') CcmExec 24/08/2021 08:51:41 7120 (0x1BD0)
Invoking system task 'ComplRelayAgentUnlockTask' via ICcmSystemTask2 interface. CcmExec 24/08/2021 08:51:41 6480 (0x1950)
Invoking system task 'CertEnrollAgentUnlockTask' via ICcmSystemTask2 interface. CcmExec 24/08/2021 08:51:41 8848 (0x2290)
Invoking system task 'PolicyEvaluator_Unlock' via ICcmSystemTask2 interface. CcmExec 24/08/2021 08:51:41 10708 (0x29D4)
END ExecuteSystemTasks('Unlock') CcmExec 24/08/2021 08:51:41 7120 (0x1BD0)
SystemTaskProcessor::QueueEvent(PowerChanged, 0) CCMEXEC 24/08/2021 09:01:25 592 (0x0250)
BEGIN ExecuteSystemTasks('PowerChanged') CcmExec 24/08/2021 09:01:25 6480 (0x1950)
[Resource-Idle] User is away CCMEXEC 24/08/2021 09:01:25 592 (0x0250)
SystemTaskProcessor::QueueEvent(PowerChangedEx, 0) CCMEXEC 24/08/2021 09:01:25 592 (0x0250)
Invoking system task 'PowerStateManager_PowerChanged' via ICcmSystemTask2 interface. CcmExec 24/08/2021 09:01:25 8848 (0x2290)
Invoking system task 'PwrMgmtPowerChanged' via ICcmSystemTask2 interface. CcmExec 24/08/2021 09:01:25 8848 (0x2290)
END ExecuteSystemTasks('PowerChanged') CcmExec 24/08/2021 09:01:25 6480 (0x1950)
BEGIN ExecuteSystemTasks('PowerChangedEx') CcmExec 24/08/2021 09:01:25 10708 (0x29D4)
Invoking system task 'PwrMgmtPowerChangedEx' via ICcmSystemTask2 interface. CcmExec 24/08/2021 09:01:25 10136 (0x2798)
END ExecuteSystemTasks('PowerChangedEx') CcmExec 24/08/2021 09:01:25 10708 (0x29D4)
User SID 'S-1-5-21-1482476501-839522115-725345543-31035' lock processing. CCMEXEC 24/08/2021 09:01:25 10136 (0x2798)
SystemTaskProcessor::QueueEvent(Lock, 0) CCMEXEC 24/08/2021 09:01:25 10136 (0x2798)
BEGIN ExecuteSystemTasks('Lock') CcmExec 24/08/2021 09:01:25 10708 (0x29D4)
END ExecuteSystemTasks('Lock') CcmExec 24/08/2021 09:01:25 10708 (0x29D4)
SystemTaskProcessor::QueueEvent(PowerChanged, 0) CCMEXEC 24/08/2021 09:01:25 592 (0x0250)
BEGIN ExecuteSystemTasks('PowerChanged') CcmExec 24/08/2021 09:01:25 10136 (0x2798)