Cannot do a machine policy retrieval since upgrade to 2111

Mike Schmidt 1 Reputation point
2022-02-22T22:27:16.827+00:00

Took over an environment that was 1910. Upgraded to 2107 and then 2111. No Issues
Moved SQL to separate box, pointed SCCM to it. No issues
Added a passive server to SCCM. No issues
switched passive to active. No issues. Left it like that for a couple days
Removed passive server (old original server). No Issue

Then the weekend happened. enjoyed it and came back Monday. No, no client can get policy, If I do a machine policy retrieval on a client, in the policyagent.log I get....

Raising event:
instance of CCM_PolicyAgent_PolicyAuthorizationFailure
{
ClientID = "GUID:09726F11-832C-4827-927F-0544133C5B66";
DateTime = "20220222221431.180000+000";
PolicyNamespace = "\\.\ROOT\ccm\policy\machine\requestedconfig";
PolicySource = "SMS:WRI";
ProcessID = 13560;
ThreadID = 13424;
};
PolicyAgent_RequestAssignments 2/22/2022 4:14:31 PM 13424 (0x3470)
[Assignment Request] Assignments request for Machine <machine-name> completed with status 0x80004005 PolicyAgent_RequestAssignments 2/22/2022 4:14:31 PM 13424 (0x3470)

After doing some searching, some ideas thrown out were around the self signed certs, it was still in HTTP. No enchanced.
So I added web server pki cert to one of MP's, changed the bindings in IIS, told that MP to use https.
Added a client pki cert to my machine and a server. both show PKI as cert instead of old self signed.
When doing the policy retrieval, same exact error.

So my conclusion is it's not the certs, pki or self signed.

Stumped on this one, never seen anything like it before.

Microsoft Configuration Manager
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Rahul Jindal [MVP] 10,041 Reputation points MVP
    2022-02-22T22:52:53.507+00:00

    Any errors in ccmmessaging? Also, did the clients also upgrade to 2111?


  2. Thiago B Andrade 76 Reputation points
    2024-03-21T16:09:38.0566667+00:00

    Hi Mike!

    Have you ever solved this problem? Could you share it? I am facing the same problem, CB 2303. Out of nowhere all the clients stopped processing machine policy. The exact same error you posted.

    Raising event:

    instance of CCM_PolicyAgent_PolicyAuthorizationFailure

    {

    ClientID = "GUID:50F63C6B-BFBB-4D2D-B6DD-A379406E86DA";
    
    DateTime = "20240321155854.150000+000";
    
    PolicyNamespace = "\\\\.\\ROOT\\ccm\\policy\\machine\\requestedconfig";
    
    PolicySource = "SMS:SDE";
    
    ProcessID = 1020;
    
    ThreadID = 4232;
    

    };

    [Assignment Request] Assignments request for Machine <MachinePolicy> completed with status 0x80004005

    Regards,

    Thiago

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.