MEM Remote Control Failing on Initiating Handshake

Mark Broughton 1 Reputation point


I'm getting this same error inconsistently across differing models of machines and seemingly at random. been looking for an answer for about 1 1/2 months now.
We can image 4 and 3 we can remote control just fine but 1 will fail at the initiating handshake.
we've tried the obvious things and then some not so obvious things. have tried all these on various machines over the time, ran repair on client, uninstall/reinstall client, re-image the machine, check rsop to make policy is right, confirmed registry is right for allowed access, ran dism /online /cleanup-image /restorehealth, tried winmgmt /salvagerepository and /resetrepository, check out the DCOM, checked DNS for stale entries, did a rename with a slightly different name and rejoined (that worked on 1 machine and then we named it back and still worked but that didn't work on other machines). checked the hostfile to make sure it was good. found two more things to try: deleting the contents of the CmRcService.log apparently worked for someone and then saw another say to stop the SMS Agent Host service then delete a system file starting with 19c5 in ProgramData>MachineKeys so tried those. no joy.
PKI certs are in place. Remote Control Group is present and correctly populated. (can't be something as easy as that!)
Errors in the logs are saying Class not Registered 80040154
and connection was forcibly closed by the remote host 80072746
and failed to open WMI namespace error 80070005 Permissions may be configured incorrectly. Access is Denied.
Haven't identified any specific, consistent cause but the errors do seem consistently the same. Thoughts? Suggestions? Ideas.

Microsoft Configuration Manager
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. AllenLiu-MSFT 35,116 Reputation points Microsoft Vendor

    Hi, @Mark Broughton

    Thank you for posting in Microsoft Q&A forum.

    Have we checked below article to troubleshoot the handshake issue.
    If the local security group: ConfigMgr Remote Control Users is empty like the article mentioned, we may need to either add the permitted viewers using GPO or compliance baseline using SCCM.

    Here is the article link for your reference:
    (Note: This is a third-party link, Just for your reference)

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.