ConfigMgr 2012 SP1 client will not communicate with MP

by Thomas Forsmark Sørensen 4. June 2013 07:26

During a ConfigMgr 2012 SP1 client deployment I had problems with one client on a Windows Server 2003.

It seemed like the client installed correctly but it would not communicate with the management point.

I looked in the log files and found the following:

RegTask: Failed to get certificate. Error: 0x80004005
CryptGenKey failed: 0x80070005
Failed to create certificate 80070005
CCMDOCertificateMaintenance() failed (0x80070005)

I could also notice that there were no SMS certificates in the local computer certificate store.

I asked Google for an answer to the problem and found several posts like this one suggesting to delete all files in the "C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys" folder and then restart the SMS Agent service. This solution had helped several people but in my case it did not work.

Instead the information here guided me to the solution.

When the SMS Agent host service was restarted it recreated a certificate (19c5cf9c7b5dc9de3e548adb70398402_6ee5afbf-3882-4a52-8ad4-1ef3db2563ee) in the above mentioned folder but it turned out that it had the wrong access permissions. I gave "System" full control to the file and restarted the SMS Agent Host service again and now the SMS certificates were created and the ConfigMgr client could communicate with the MP as it should.

Problem solved......


Powered by BlogEngine.NET
Theme by Mads Kristensen | Modified by Mooglegiant

About Me


My name is Thomas Forsmark Sørensen.

I live in Odense in Denmark and work for Globeteam in Virum.

I am working as a Microsoft Infrastructure consultant with main focus on application and Operating System Deployment.

I work mostly with Microsoft System Center Configuration Manager 2012 R2 and MDT 2013, but I also work with other of Microsofts products. 


<<  February 2021  >>

View posts in large calendar