We are using ConfigManager 2111. Ever since updating to this version, we have not been able to do any OSD deployments that are started via Required or Available collections, from Software Center. OSDs performed via PXE boot or other methods outside of Windows environment continue to work fine - but this is not appropriate to image hundreds of computers in our computer labs.
It seems like in testing, the issue stems from the fact that a) all of our computers use TPM, and b) we are using HTTPS. Computers without TPM chips (of which we have only one, for testing) work fine.
Basically here's what happens:
- start OSD task sequence from software center
- computer reboots to Windows PE and begins Task Sequence, downloads WIM, applies WIM, etc
- Computer reboots to new install of Windows, runs the Setup Config Manager Client task - no obvious failures, but then:
- computer reboots to Windows again, and computer is just how it was when we captured the WIM to use.
At this point, the SCCM client is not installed, so none of the other Tasks in the Task Sequence have been done - no other software in the Application Install tasks, not joined domain, etc etc.
Looking at the smsts.log file in c:\windows\temp near the bottom, the following errors are present in lines 58 and 60. The installation of the client fails soon afterward.
This issue has been present for months with no hotfix from Microsoft in sight. We would rather not revert our site to an earlier version of ConfigManager.
Can we get a fix for this problem, or ideas on how it can be fixed? Thank you.
==============================[ OSDSetupHook.exe ]==============================
Logging successfully initialized to C:\_SMSTaskSequence\Logs
Running module version 5.0.9049.1001 from location 'C:\WINDOWS\system32\OSDSETUPHOOK.EXE'
Clients is not joined to a domain.
Executing task sequence
Loading the Task Sequencing Environment from "C:\_SMSTaskSequence\TSEnv.dat".
Creating key 'Software\Microsoft\SMS\47006C006F00620061006C005C007B00350031004100300031003600420036002D0046003000440045002D0034003700350032002D0042003900370043002D003500340045003600460033003800360041003900310032007D00'
Environment scope successfully created: Global\{51A016B6-F0DE-4752-B97C-54E6F386A912}
Creating key 'Software\Microsoft\SMS\47006C006F00620061006C005C007B00420041003300410033003900300030002D0043004100360044002D0034006100630031002D0038004300320038002D003500300037003300410046004300320032004200300033007D00'
Environment scope successfully created: Global\{BA3A3900-CA6D-4ac1-8C28-5073AFC22B03}
Reading logging settings from Task Sequence environment to set Task Sequence logging.
Setting LogEnabled to 1
Setting LogMaxSize to 5242880
Setting LogMaxHistory to 3
Setting LogLevel to 0
Setting LogDebug to 1
Saving existing desktop wallpaper settings.
Setting desktop wallpaper.
Configuring local administrator account
Enabling local administrator account
Re-assign all drive letters...
bIsMBR, HRESULT=00000000 (..\diskutils.cpp,2048)
This program is not running on MBR disk. No need to re-assign drive letters.
Installing SMS client
Setting variable to indicate client installation attempted
Clearing existing client configuration.
Cleaning existing client certificates from SMS certificate store
Restoring SMS client identity.
::DecompressBuffer(65536)
Decompression (zlib) succeeded: original size 2345, uncompressed size 7732.
hTempCertStore != NULL, HRESULT=80092002 (..\installclient.cpp,212)
Could not import certificate to temporary store (0x80092002)
Failed to restore client certificates. Code 0x80092002.
RestoreCertificateStore( hSmsCertStore, sEncodedSMSCert, sClientGuid ), HRESULT=80092002 (..\installclient.cpp,341)
Failed to restore SMS client identity. Code 0x80092002.
RestoreClientIdentity(), HRESULT=80092002 (..\installclient.cpp,964)
Setting URL = https://Mendez.privatedomain.com, Ports = 80,443, CRL = false
Setting Server Certificates.
Setting Authenticator.
::DecompressBuffer(65536)
Decompression (zlib) succeeded: original size 2345, uncompressed size 7732.
Setting Client Certificate.
Failed to create certificate store from encoded certificate. Verify the provided Certificate was provisioned correctly. .
An error occurred during encode or decode operation. (Error: 80092002; Source: Windows)
Failed to create certificate store from encoded certificate. Verify the provided Certificate was provisioned correctly. .
An error occurred during encode or decode operation. (Error: 80092002; Source: Windows)
CreateTemporaryCertificateContextFromPfx(pbPfxBlob, pbPfxBlobSize, psPfxPasswd, &m_hClientCertStore, &pCertContext, szOID), HRESULT=80092002 (..\libsmsmessaging.cpp,9010)
mtHttpTransport.SetClientCertificateContext( clientCertBuffer.getBuffer(), clientCertBuffer.size(), sClientId, g_szSMSSigningCertOID), HRESULT=80092002 (..\utils.cpp,7864)
PrepareTransport() failed. 0x80092002.
PrepareTransport(mtHttpTransport), HRESULT=80092002 (..\utils.cpp,7948)
Non fatal error 0x80092002 in sending task sequence execution status message to Management Point
Setting URL = https://Mendez.privatedomain.com, Ports = 80,443, CRL = false
Setting Server Certificates.
Setting Authenticator.
::DecompressBuffer(65536)
Decompression (zlib) succeeded: original size 2345, uncompressed size 7732.
Setting Client Certificate.
Failed to create certificate store from encoded certificate. Verify the provided Certificate was provisioned correctly. .
An error occurred during encode or decode operation. (Error: 80092002; Source: Windows)
Failed to create certificate store from encoded certificate. Verify the provided Certificate was provisioned correctly. .
An error occurred during encode or decode operation. (Error: 80092002; Source: Windows)
CreateTemporaryCertificateContextFromPfx(pbPfxBlob, pbPfxBlobSize, psPfxPasswd, &m_hClientCertStore, &pCertContext, szOID), HRESULT=80092002 (..\libsmsmessaging.cpp,9010)
mtHttpTransport.SetClientCertificateContext( clientCertBuffer.getBuffer(), clientCertBuffer.size(), sClientId, g_szSMSSigningCertOID), HRESULT=80092002 (..\utils.cpp,7864)
PrepareTransport() failed. 0x80092002.
PrepareTransport(mtHttpTransport), HRESULT=80092002 (..\utils.cpp,7948)
Non fatal error 0x80092002 in sending task sequence execution status message to Management Point
InstallSMSClient(loadDir, dwResult), HRESULT=80092002 (..\basesetuphook.cpp,1543)
Failed to install SMS Client (0x80092002)
Restoring original desktop wallpaper.
Uninstalling Setup Hook
Removing setup hook from registry.
Successfully removed C:\WINDOWS\system32\OSDGINA.DLL
Could not delete the file C:\WINDOWS\system32\OSDSETUPHOOK.EXE. Error code 5
Marking the file C:\WINDOWS\system32\OSDSETUPHOOK.EXE for deletion on Reboot
Successfully removed C:\WINDOWS\system32\OSDSETUPHOOK.EXE
Successfully removed C:\WINDOWS\system32\_SMSOSDSetup
::RegOpenKeyExW (HKEY_LOCAL_MACHINE, sKey.c_str(), 0, KEY_READ, &hSubKey), HRESULT=80070002 (..\utils.cpp,1105)
RegOpenKeyExW is unsuccessful for Software\Microsoft\SMS\Task Sequence
GetTsRegValue() is unsuccessful. 0x80070002.
End program:
Finalizing logging from process 5496
Successfully finalized logs to SMS client log directory from C:\WINDOWS\TEMP
Cleaning up task sequencing logging configuration.
Cleaning up task sequence folder
Deleting volume ID file C:\_SMSTSVolumeID.7159644d-f741-45d5-ab29-0ad8aa4771ca ...
this->run( bReboot ), HRESULT=80092002 (..\vistasetuphook.cpp,223)
pHook->execute(), HRESULT=80092002 (..\osdsetuphook.cpp,399)
Failed to execute task sequence (0x80092002)