SCCM Clients installation Troubleshooting Check list

Here is the check list which i have prepared to follow in brief .There may be other issues which are not mentioned here but mostly, issues lies under the below conditions.
There are a variety of Client deployment methods that are available to you when installing the client. Each has its advantages and disadvantages along with the need to meet specific business requirements.
If you choose to go SCCM client push installation method, Ensure you have created Client push installation account which should have Admin rights on the target computer else it may fail .Client push installation Step by Step Guide is here http://technet.microsoft.com/en-us/library/bb632380.aspx and with Screen shots how to configure from Windows-Noob
Once you initiated the Client push installation from SCCM console( right click on computer,say install client etc ),you can start monitoring CCM.log from your <SCCM installation folder:>\Logs. For more info on how SCCM client push installation works,please refer this article for process and troubleshooting .
The procedure  is same what ever the installation method you choose.The CCMSETUP.EXE will be downloaded to the system (c:\windows\system32\ccmsetup) and is executed. The ccmsetup.exe reads the manifest file (and also mobileclient.tcf) and fetches the remaining files(prerequisites files listed below ) to continue the client installation.

Some of the components that are used in the client deployment process include the following:

• CCMSetup.exe: Used to Install, uninstall and upgrade the SCCM 2007 client using client push installation or manual installation. It is low bandwidth aware and is the single way to launch client deployment. You also do not need to use CCMClean to uninstall the client as the uninstall switch can be used instead.
• BITS: BITS 2.0 is required for Windows 2000 clients. BITS 2.5 is used for most of the Windows operating systems with the exception of Windows Vista which uses BITS 3.0.
Note: When installing BITS 2.0 on Windows 2000 SP4 machines, a restart is required. This means that if you do not have BITS 2.0, then ccmsetup will stop the install and wait until the next process of reboot before it starts the next process.
• Microsoft Windows Installer v3.1 v2 (KB 893803): Update to all operating systems except Windows Server 2003 SP1 and later
• Windows Update Agent (WUA) version 7.0.6000.363: Used on clients to support detection of applicable updates and deployment
• MSXML6.msi - Windows installer script for installing the Core XML Services
• MSRDC (Remote Differential Compression): Required for branch DP to support binary differential replication. For more information on binary differential replication, please visit http://technet.microsoft.com/en-us/library/bb693953.aspx%20.
Regarding windows 2000 clients, they don't support MSRDC, so Windows 2000 clients cannot be branch DP’s. Windows XP and later will install this utility and the associated windows server code will be used to install the bits.
• Wimgapi.msi: Imaging API for custom tools for image management
• CCMSetup.msi: Windows installer package for deploying of the SCCM 2007 client using AD GPO. You cannot run CCMSetup.msi to install clients manually.

You can monitor CCMSETUP.LOG ,CLIENTMSI.LOG from your ccmsetup folder. It will take few min to complete the installation .Once you see, client installation succeeded,You may confirm that,installation is done but it doesn't mean,client is healthy and able to receive policies /send information to Management Point.
Below are the SMS Related services which should (applicability depends on the client perform actions let say BITS is not used when you run the Application from DP) be running on the Client to be healthy all the time..

1. Automatic Updates
2. Background intelligence Transfer service
3. Remote Registry
4. SMS agent Host
5. Terminal Services
6. Windows Installer
7. Windows Management Instrumentation

To know if the client is healthy and able to send /receive polcicies /able to talk to Management point or not ,there are few Log files which you should look into:
CCMSETUP.LOG----->Logs the Client installation activities
ClientLocation.log---->  Records site assignment tasks. Can help to troubleshoot scenarios where the client is not assigned to a Configuration Manager 2007 site.
LocationServices.log---> Records attempts to find management points and distribution points.Can help to troubleshoot scenarios where the client cannot find a management point or distribution point.
AND open the configuration manager Applet from control Panel and go to actions tab,check if you are able to if you are able to see more than 5 policy agents displaying or not which means that client is healthy and sent its inventory information to SCCM site server. You should be able to see the Client with SCCM client Installed and assigned Yes
more information about  SCCM client log files,please refer TechNet
Now its time to do the actual troubleshooting why client is not getting the above policy agents or not reported to SCCM console with Client YES and Installed YES

1.Check the Firewall Enabled or Disabled if enabled,allow the ports to talk to site server.Guide to add Ports to the firewall to allow the required files or policies to download.
2.Check Boundaries (could be (AD site or IP Range or IP Subnet) of the Agent are specified in the site server
3.Schema extension and ensure attributes published into AD system management container (you can see component status if there are any errors while updating the system Management container with attributes)
4.Check the if there no DNS issue in the client and that client is able to resolve the SCCM server NetBIOS as well as FQDN without any issues.
5. Check if the Client is able to talk to Management Point or not using the following Links.
http://%3csccm_server/SMS_MP/.sms_aut?mplist ----should give you blank page
http://%3csccm_server/SMS_MP/.sms_aut?mpcert------should give you some random numbers
6.Check if WMI is working or not if not try repairing the WMI by stopping WMI service and renaming repository folder (C:\Windows\System32\wbem) and start the service.
If the above test fails make sure that MP is working fine. You can check mpcontrol.log on the site server to find the error and make sure that the same works.
4.Check the Locationservices.log( Finds management points and distribution points) and clientlocation.log( Site assignment tasks) and ClientIDManagerStartup.log(Creates and maintains the client GUID)

If you see anything apart from the above discussed,you may can post the query on  SCCM forums also I would like to hear from you if i miss anything from above steps.

Certificate Details From Machine Through Inventory

VBScript:

'****************************************************************
'c:\windows\syswow64\cscript NameOfTheScript.vbs to use the 32bit capicom
'Option Explicit
On Error Resume next
dim ExtProp, certificatedata,Extension,EKU
dim sho, fso, strcurrentdir, strsysfolder
Set sho = Wscript.CreateObject("Wscript.Shell")
Set FSO = CreateObject("Scripting.FileSystemObject")
Dim Store, Certificates, Certificate
Dim StrsubjectName(500), STRIssuerName(500), strValidFrom(500), strValidTo(500),
strDaysToExpire(500), i,j,k,g,m
Dim strEDUOID(500,500), StrFriendlyName(500,500)
Const CAPICOM_LOCAL_MACHINE_STORE = 1
Const CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME = 1
Const CAPICOM_STORE_OPEN_READ_ONLY = 0
const CAPICOM_PROPID_FRIENDLY_NAME =11
const CAPICOM_ENCODE_BINARY = 1
Set Store = CreateObject("CAPICOM.Store")
Select Case err.number
   Case 0'object registered OK
   Case 429'CAPICOM needs to be registered
      registercapicom 'go register capicom
      err.Clear
   Case Else
   wscript err.number
   err.Clear
End Select
Store.Open CAPICOM_LOCAL_MACHINE_STORE, "MY" ,CAPICOM_STORE_OPEN_READ_ONLY
Set Certificates = Store.Certificates
If Certificates.Count >0 Then
   For Each Certificate in Certificates
       g=g+1
       strSubjectName(g) = Certificate.SubjectName
       strIssuerName(g) = Certificate.IssuerName
       strValidFrom(g) = Certificate.ValidFromDate
       strValidTo(g) = Certificate.ValidToDate
       strDaysToExpire(g) = DateDiff("d",now(),Certificate.ValidToDate)
       if Certificate.ExtendedKeyUsage.IsPresent Then
          i=1
          For Each EKU In Certificate.ExtendedKeyUsage.Ekus
             strEDUOID(g,i) = EKU.OID
             i=i+1
          Next
       end if
       For Each ExtProp In Certificate.ExtendedProperties
           j=1
           If  ExtProp.PropID = CAPICOM_PROPID_FRIENDLY_NAME then
             strFriendlyName(g,j) = ExtProp.Value (CAPICOM_ENCODE_BINARY)
             j=j+1
           End if
       Next
  Next
End If
'------The dump in WMI section
Dim wbemCimtypeSint16
Dim wbemCimtypeSint32
Dim wbemCimtypeReal32
Dim wbemCimtypeReal64
Dim wbemCimtypeString
Dim wbemCimtypeBoolean
Dim wbemCimtypeObject
Dim wbemCimtypeSint8
Dim wbemCimtypeUint8
Dim wbemCimtypeUint16
Dim wbemCimtypeUint32
Dim wbemCimtypeSint64
Dim wbemCimtypeUint64
Dim wbemCimtypeDateTime
Dim wbemCimtypeReference
Dim wbemCimtypeChar16
wbemCimtypeSint16 = 2
wbemCimtypeSint32 = 3
wbemCimtypeReal32 = 4
wbemCimtypeReal64 = 5
wbemCimtypeString = 8
wbemCimtypeBoolean = 11
wbemCimtypeObject = 13
wbemCimtypeSint8 = 16
wbemCimtypeUint8 = 17
wbemCimtypeUint16 = 18
wbemCimtypeUint32 = 19
wbemCimtypeSint64 = 20
wbemCimtypeUint64 = 21
wbemCimtypeDateTime = 101
wbemCimtypeReference = 102
wbemCimtypeChar16 = 103
Set oLocation = CreateObject("WbemScripting.SWbemLocator")
'Remove classes
Set oServices = oLocation.ConnectServer(, "root\cimv2")
set oNewObject = oServices.Get("SCCM_Certs")
oNewObject.Delete_
Set oServices = oLocation.ConnectServer(, "root\cimv2\SMS")
set oNewObject = oServices.Get("SCCM_Certs")
oNewObject.Delete_
'Create data class structure
Set oServices = oLocation.ConnectServer(, "root\cimv2")
Set oDataObject = oServices.Get
oDataObject.Path_.Class = "SCCM_Certs"
oDataObject.Properties_.add "Counter", wbemCimtypeUint32
oDataObject.Properties_.add "SubjectName", wbemCimtypeString
oDataObject.Properties_.add "IssuerName", wbemCimtypeString
oDataObject.Properties_.add "ValidFrom", wbemCimtypeString
oDataObject.Properties_.add "ValidTo", wbemCimtypeString
oDataObject.Properties_.add "DaysToExpire", wbemCimtypeUint32
oDataObject.Properties_.add "EKUOID", wbemCimtypeString
oDataObject.Properties_.add "FriendlyName", wbemCimtypeString
oDataObject.Properties_.add "ScriptLastRan", wbemCimtypeString
oDataObject.Properties_("Counter").Qualifiers_.add "key", True
oDataObject.Put_
'*********************************************
'Add Instances to data class
Set oServices = oLocation.ConnectServer(, "root\cimv2")
for k = 1 to g 'number of certs
 Set oNewObject = oServices.Get("SCCM_Certs").SpawnInstance_
        oNewObject.Counter = k
        oNewObject.SubjectName = strSubjectName(k)
        oNewObject.IssuerName = strIssuerName(k)
        oNewObject.ValidFrom = strValidFrom(k)
        oNewObject.ValidTo = strValidTo(k)
        onewObject.DaysToExpire = strDaysToExpire(k)
        oNewObject.FriendlyName = strFriendlyName(k,1)

 for m = 1 to i 'number of extended keys
  if strEDUOID(k,m) = "" then
   'do nothing
   else
         if m = 1 then
            oNewObject.EKUOID = strEDUOID(k,m)
         else
            oNewObject.EKUOID = oNewObject.EKUOID &"," & strEDUOID(k,m)
         end if
  end if
 next
   oNewObject.ScriptLastRan = Now
   oNewObject.Put_
next 'end of number of certs

'Create reporting class structure
Set oServices = oLocation.ConnectServer(, "root\cimv2\SMS")
Set oRptObject = oServices.Get("SMS_Class_Template").SpawnDerivedClass_
'Set Class Name and Qualifiers
oRptObject.Path_.Class = "SCCM_Certs"
oRptObject.Qualifiers_.Add "SMS_Report", True
oRptObject.Qualifiers_.Add "SMS_Group_Name", "Certificates"
oRptObject.Qualifiers_.Add "SMS_Class_ID", "Custom|Certificates|1.0"
'Add Reporting Class Properties
oRptObject.Properties_.Add("Counter", wbemCimtypeUint32).Qualifiers_.Add "SMS_Report", True
oRptObject.Properties_.Add("SubjectName", wbemCimtypeString).Qualifiers_.Add "SMS_Report",
True
oRptObject.Properties_.Add("IssuerName", wbemCimtypeString).Qualifiers_.Add "SMS_Report",
True
oRptObject.Properties_.Add("ValidFrom", wbemCimtypeString).Qualifiers_.Add "SMS_Report",
True
oRptObject.Properties_.Add("ValidTo", wbemCimtypeString).Qualifiers_.Add "SMS_Report", True
oRptObject.Properties_.Add("DaysToExpire", wbemCimtypeUint32).Qualifiers_.Add "SMS_Report",
True
oRptObject.Properties_.Add("EKUOID", wbemCimtypeString).Qualifiers_.Add "SMS_Report", True
oRptObject.Properties_.Add("FriendlyName", wbemCimtypeString).Qualifiers_.Add "SMS_Report",
True
oRptObject.Properties_.Add("ScriptLastRan", wbemCimtypeString).Qualifiers_.Add
"SMS_Report", True
oRptObject.Properties_("Counter" ).Qualifiers_.Add "key", True
oRptObject.Put_
Set Certificates = Nothing
Set Store = Nothing
sub registercapicom
  '''''''''''''' registr capcom.dll from system 32
  strCurrentDir = Left(Wscript.ScriptFullName, (InstrRev(Wscript.ScriptFullName, "\") -1))
  Set strSysFolder = FSO.GetSpecialFolder(1) 'get system32 folder
  'Copy the dll to the system folder
  FSO.CopyFile strcurrentdir & "\capicom.dll",strSysFolder & "\"
  'Register the dll
  sho.Run "cmd.exe /c regsvr32.exe /s " & Chr(34) &_
    strSysFolder & "\capicom.dll" & Chr(34),0,vbTrue
end sub

SMS_Def.Mof


----------SMS_DEF.MOF-------------------------------------------
[ SMS_Report     (TRUE),
  SMS_Group_Name ("Certificates"),
  SMS_Class_ID   ("CUSTOM|Certificates|1.0") ]
class SCCM_Certs : SMS_Class_Template
{
    [SMS_Report (TRUE), key ] uint32  Counter;
    [SMS_Report (TRUE)      ] uint32  DaysToExpire;
    [SMS_Report (TRUE)      ] string  EKUOID;
    [SMS_Report (TRUE)      ] string  FriendlyName;
    [SMS_Report (TRUE)      ] string  IssuerName;
    [SMS_Report (TRUE)      ] string  ScriptLastRan;
    [SMS_Report (TRUE)      ] string  SubjectName;
    [SMS_Report (TRUE)      ] string  ValidFrom;
    [SMS_Report (TRUE)      ] string  ValidTo;
};

WQL Query for DDRHeartbeat Not send by last 14 days

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.ResourceId not in (select ResourceID from SMS_R_System where AgentName in ("Heartbeat Discovery") and DATEDIFF(day,AgentTime,GetDate())<=14)

Machines Which Has Last Software Scan ( WQL Query)

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_LastSoftwareScan on SMS_G_System_LastSoftwareScan.ResourceId = SMS_R_System.ResourceId where SMS_G_System_LastSoftwareScan.LastScanDate < DateAdd(dd,-30,GetDate())

Find Machines Which had Last Hardware Scan ( WQL Query )

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_WORKSTATION_STATUS on SMS_G_System_WORKSTATION_STATUS.ResourceId = SMS_R_System.ResourceId where SMS_G_System_WORKSTATION_STATUS.LastHardwareScan < DateAdd(dd,-30,GetDate())

Client installed but showing as 'No' to SCCM console - troubleshooting tips

It's better to understand the difference between reinstalling sccm client and repairing sccm client. When you reinstall a client, it creates SMS classes in WBEM repository, initiates policies for notification to SCCM management point and gets new SMS GUID as an identification but it won't delete the exisitng GUID (SMS keeps it until we delete certificate using ccmdelcert.exe from the toolkit.. or uninstall sccm client porperly). SMS identifies it as new record and acts on it as new client. If you have added this machine to somewhere your system based collection, it won't be getting any policies. Machine, having old GUID certificate, would be negligable and policies would be rejected from respective Management point.
While, if you repair a client; it removes old certs, assigns it new certificate and initiates policies as unique record. It works properly and policies are apporved by MP.

Packages stucked to copy on DP: 'Install Pending'

There might be different scenarios so apply fix as per need-

1. Packages are not copied to DP due to lack of permissions, pls check the necessary rights.
2. Check for package on affected DP whether it's present or not.
3. If not, check distmgr.log file on affected DP and manually copy .pck file from primary server to affected DPs and use PreloadPkgOnSite.exe tool to replicate package information to SCCM database.
here's info regarding this tool-
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=C36FCDA8-9336-4D44-9568-5530FF7635DD&amp%3Bdisplaylang=en
4. If package is present on DP but not updated to database or SCCM console; refresh DP again.
5. If still DPs not updated, try run these queries for affected DPs through central server-

update pkgstatus set Status = 2 where id = ' ' and sitecode = ' ' and type = 1

update pkgstatus set SourceVersion = 0 where id = ' ' and sitecode = ' ' and type = 1

6. After running above queries, refresh DPs again.

Client installed but showing as 'No' to SCCM console - troubleshooting tips

It generally happens during upgrade or restructuring of SMS/SCCM infrastructure. Anyway, if it happens with you, try below steps-

1. list out all these clients or make collection of these clients
2. run script to trigger discovery data collection cycle on listed machines or use right click tools to initiate discovery data collection cycle on machines listed in collection
3. once you have finished with above two actions, try update collection membership and refersh then.
4. Check status and make yourself happy.

Pls find link to download right click tools.
http://myitforum.com/cs2/blogs/rhouchins/0401ConfigMgrTools.zip

and here's script to initiate discovery data collection cycle on affected clients-

'copy below code to notepad and save it as discovery.vbs
'and run remotely on clients with help of psexec.exe utility

actionNameToRun = "Discovery Data Collection Cycle"

Dim controlPanelAppletManager
Set controlPanelAppletManager = CreateObject("CPApplet.CPAppletMgr")
Dim clientActions
Set clientActions = controlPanelAppletManager.GetClientActions()
Dim clientAction
For Each clientAction In clientActions
If clientAction.Name = actionNameToRun Then
clientAction.PerformAction
End If
Next
wscript.echo "Executed: " & actionNameToRun     ' if you want to get message

these are some more actions which can be used in above script as and when required-

'Software Metering Usage Report Cycle

'Request & Evaluate Machine Policy
'Updates Source Scan Cycle
'Request & Evaluate User Policy
'Hardware Inventory Collection Cycle
'Software Inventory Collection Cycle
'Software Updates Assignments Evaluation Cycle
'Peer DP Maintenance Task
'Machine Policy Retrieval & Evaluation Cycle
'MSI Product Source Update Cycle

Dynamic collection query to get machines in which specific advertisement has been failed

This dynamic query will help admin to list out machines in which specific advertisement has been failed and he can readvert it to dynamic collection.

SMS_R_SYSTEM.ResourceID not in (select

SMS_ClientAdvertismentStatus.ResourceID from
SMS_ClientAdvertisementStatus where
SMS_ClientAdvertisementStatus.AdvertisementID = "ADVxxxxx" and
SMS_ClientAdvertisementStatus.laststatusmessageID in (10009))

Troubleshooting Tips: Non SCCM & Unhealthy Client Machines

Sometimes the most challenging part of the Configuration Manager 2007/SMS 2003 deployment phase can be ensuring that the client successfully reports to the site server. We occasionally see these issues here in support, typically either as cases for clients not reporting after the client installation, or maybe where it’s noticed that the client count is decreasing from the collection.

When we look at the SMS/SCCM console collection, there is an entry for the client status that indicates either Yes or No. Assuming everything is installed and configured properly, a client installed on a system should automatically report as Yes, but sometimes that does not turn out to be the case. The reason could be that the client has not yet reported to the SCCM\SMS server, or it was reporting previously but has now stopped. Managing the client in the collection is a continuous task and for a healthy environment the client should be continuously reporting to the SMS\SCCM server.

There are various reasons why a client may not be able to report to even if the SMS\SCCM agent is installed on a machine. A few of these reasons are discussed below:

The first thing to check is whether the client is on the network, and if it’s not on the network, does the system even exist? It’s possible that represents a stale record from AD.

Systems NOT on the network: If the system is not actually on the network, check if it is shutdown, and if so if it’s been shut down for long time. If yes then first restart the system and then initiate the discovery cycle from the control panel agent properties action TAB.

Stale Entries: When you use AD discovery, the DDRs are created for the computers that reside in the AD container that we have requested to be queried by the discovery process. If that container has the stale records for the resources, then client records may be created for systems that don’t actually exist, thus they will never report.

There is a Maintenance task that will clear the inactive records but if the discovery process runs again and the AD container still has these entries then they will simply show up again.

Resolution: For the stale records you need to make sure that the AD container is cleared of these stale records and scavenging is done for the computers container in AD regularly. Once this is done you can either make use of the maintenance task or you can create a collection for the NON SMS CLIENTS and then do a delete special to the collection so that the entries will be removed permanently from the SMS\SCCM database. Then a discovery can be run which will bring back only the active systems in the collection.

Once the agent is available on the network and the client is installed, the client goes through the following actions as part of the reporting process:

1. Client location services identify the site code and the MP it is supposed to connect to.

2. The client connects to the Management Point and downloads the policies.

3. Once the policies are downloaded it sends the heartbeat record to the server.

4. Once the server receives this heartbeat record these are converted in to DDR and processed. This will set the client flag to 1 which will make the client status display as Yes in the console.

5. On a regular basis the agent will send the heartbeat and if no heart beat or inventory shows up for a length of time then the client flag will be marked as 0 by the client flag maintenance task, setting the client status to No.

So only if this process is completed and it continues to happen will the client remain reporting to the server. This is why I said earlier that client management is a continuous task. There can be a variety of reasons why this process might fail, and I’ve outlined a couple of them below:

The Boundaries of the Agent are not specified in the site server

If the client is not assigned in the console or the client is unable to discover the site code, make sure that the AD site or the IP subnet is added in the boundary list. The server will only allow those clients within its boundary to download the policies, so if you have not specified the boundaries the client will not be authorized and the policies will not get downloaded. For boundary issues you can use this as a reference:

In the client if you check the location services.log (log location: C:\Windows\System32\CCM\Logs), you can get the information of the site assigned to it as well as the MP it is reporting to. If it is not able to report properly, you need to make sure that the agent can communicate over the network to the site server successfully.

Unable to get the site code

If the client is not able to get the site code, you need to check first the boundaries as above, and also verify that the site information is published in the AD. You can check the last part of the sitecomp.log after you start the site component manager which will say that the components like the MP, SLP etc successfully published or updated. If you are unable to see that and you get access denied errors, make sure that the computer account has read\write permission to the system container in AD. Make sure the permission is flowing to the objects within and the objects below. If you are not publishing the information in AD then you need to make sure that the SLP is configured and working.

The client itself is not installed in the Agent

To confirm this, try checking ccmexec.log file from client machine or check ccm.log from server end.

Make a list if you find any of these issues-

1. Newly discovered client computers are not assigned to the current site

2. Advanced Client Push Installation is not enabled at the appropriate site

3. The SMS Client Configuration Manager cannot connect to the client Admin$ share or to the Remote Registry Service (IPC$)

4. The SMS Advanced Client Push Installation account is configured incorrectly or is missing or is locked out

5. The SMS Advanced Client cannot access the installation file on the SMS site server

6. The SMS Advanced Client cannot access the management point during an upgrade

7. The SMS Advanced Client displays a site assignment but does not appear as installed

8. The Client computer appears in collections with the following values:

Site Code Client Assigned Client Type

This occurs when one or more of the following conditions are true:

a) The collection information has not been updated. Collection updates usually run on a daily or weekly schedule. In this case, you must make sure that the collection information has been updated. You can manually update the collection membership, and then update the collection view.

b) The client computer shares the same SMSID with another client computer. This issue can occur when you use a disk image to install the SMS Advanced Client. Duplicate SMSIDs are also referred to as duplicate GUIDs. You must determine whether duplicate SMSIDs exist on the client computers. For more information about how to detect duplicate GUIDs and how to use Tranguid.exe to create a New SMS GUID for the affected clients.

c) The SMS Advanced Client is assigned. However, the SMS Advanced Client is not installed. You must verify that the SMS Advanced Client is installed successfully and is assigned to the site that you are viewing.

d) The Network Discovery method is enabled. When you use the Network Discovery method in Systems Management Server (SMS), it populates the IsClient fields in the database by using a Null value. If other discovery methods are enabled, the computer will appear in the collection as Assigned with no client installed even though the client is installed. To resolve this issue, disable the Network Discovery method. Also, verify that the Heartbeat Discovery method that is enabled by default has not been disabled. Then, wait for the specified Heartbeat Discovery polling interval to pass. When the clients send up new discovery data, the database is updated to reflect the correct values.

Note Only the Heartbeat Discovery method will set the client installation status to Yes. The Active Directory System discovery method does not update the IsClient field in the SMS database.

e) Heartbeat Discovery has not reported since the client was installed.

There is a name resolution issue in the Client.

Make sure that the client is able to communicate to the SMS\SCCM server using the FQDN as well as the NetBIOS name. Use Nslookup or ping to check the name resolution. If you can’t ping the server using the FQDN then you will have problems.

The client is behind a firewall

If clients are behind a firewall, it may be restricting it from contacting the SMS site server. Check if the necessary ports are opened.

MP not working as a result of which the policies are not getting downloaded

You first need to check to see whether the MP is working. For that you will need to check the mpcontol .log (Log location: \SMS\logs in SMS and \program files\Microsoft Configuration Manager\logs in SCCM). If it is showing a 200 OK status code then that means the MP is working.

If the MP is working fine and the client is unable to contact and download polices, you will have an error on download in the policyagent.log file on the agent (Log location: C:\Windows\System32\CCM\Logs). Before checking this though, check if the locationservices.log has the correct MP information. If it does have the correct MP information, make sure that the BITS service is started on the client. You can try the following URLs to verify that this is working:

http:///sms_mp/.sms_aut?mplist

and

http:///sms_mp/.sms_aut?mpcert

Client is unable to download policy

You may also have issues downloading policies if the client agent has WMI corruption. If you suspect this to be the cause of your issue, if it is a XP client then follow these steps:

1. Uninstall SCCM client agent. Use the ccmsetup.exe /uninstall

2. Troubleshoot or rebuild WMI.

When to rebuild WMI : SCCM Client is not able to install on machines.

When to repair WMI : SCCM Client is installed on machines but inventory data is not reporting to SCCM database.

3. Restart the system and install the agent.
Server unable to process DDR

Once you find that the client is able to send the heartbeat data to the server, you next need to check on the server to see if these are getting processed successfully.

Clients going to NO after it had reported

1. The first reason for this is that the heartbeat discovery is enabled and that the DDRs are not reaching the server.

2. The second is that Clear Install Flag is running.

Solution: Initiate Discovery data collection cycle manually from client and update collection after few minutes.

SQL query to get packages which are advertised without updating DPs

SELECT dbo.v_Advertisement.AdvertisementID, dbo.v_Advertisement.AdvertisementName, dbo.v_Advertisement.CollectionID,

dbo.v_Advertisement.PresentTime, dbo.v_Advertisement.ExpirationTime, dbo.v_Advertisement.SourceSite, dbo.v_Package.PackageID,
dbo.v_Package.Name, dbo.v_Package.Version, dbo.v_Package.SourceVersion, dbo.v_Package.SourceDate, dbo.v_Package.LastRefreshTime,
dbo.v_DistributionPoint.ServerNALPath, dbo.v_DistributionPoint.SiteCode, dbo.v_DistributionPoint.SiteName,
dbo.v_DistributionPoint.LastRefreshTime AS Expr1, dbo.v_DistributionPoint.Status, dbo.v_PackageStatusDistPointsSumm.ServerNALPath AS Expr2,
dbo.v_PackageStatusDistPointsSumm.SourceVersion AS Expr3, dbo.v_PackageStatusDistPointsSumm.SiteCode AS Expr4,
dbo.v_PackageStatusDistPointsSumm.State, dbo.v_PackageStatusDistPointsSumm.LastCopied, dbo.v_PackageStatusDistPointsSumm.SummaryDate,
dbo.v_PackageStatusDistPointsSumm.InstallStatus
FROM dbo.v_Advertisement INNER JOIN
dbo.v_Package ON dbo.v_Advertisement.PackageID = dbo.v_Package.PackageID INNER JOIN
dbo.v_DistributionPoint ON dbo.v_Package.PackageID = dbo.v_DistributionPoint.PackageID INNER JOIN
dbo.v_PackageStatusDistPointsSumm ON dbo.v_DistributionPoint.PackageID = dbo.v_PackageStatusDistPointsSumm.PackageID
WHERE dbo.v_PackageStatusDistPointsSumm.state=1

Tool For Giving Admin Rights In One Console ....

Purpose Of The Tool : Used to manage the security groups of single/group of machine in a single shot.

Code Language :  VBScript and HTA.

Output : The tool will prompt for the output in plain text and will save a log file in the same directory.

Screenshot Of The Tool :