Turns out it was mostly the need for a user with access, such as the site server computer account or Client installation account as a member of the DCOM users group on the domain.
From: [email protected] [mailto:[email protected]] On Behalf Of elsalvoz Sent: Friday, May 09, 2014 7:28 PM To: [email protected] Subject: Re: [mssms] SCCM 2012 SP1 client won't install on Domain Controller long shot but is remote registry enabled? On Fri, May 9, 2014 at 1:47 PM, Lindenfeld, Ivan <[email protected]<mailto:[email protected]>> wrote: I added the site server's computer account to the DCOM Users Group and the client installed. I mean, it tried to but BITS 2.5 isn't there. It's always something. Ivan -----Original Message----- From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Lindenfeld, Ivan Sent: Friday, May 09, 2014 2:42 PM To: [email protected]<mailto:[email protected]> Subject: RE: [mssms] SCCM 2012 SP1 client won't install on Domain Controller I stand corrected. Linear thinker multitasking. Thanks, Todd. -----Original Message----- From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Todd Hemsell Sent: Friday, May 09, 2014 2:20 PM To: [email protected]<mailto:[email protected]> Subject: Re: [mssms] SCCM 2012 SP1 client won't install on Domain Controller there is no local admins on a DC. Only domain admins. On Fri, May 9, 2014 at 1:02 PM, Lindenfeld, Ivan <[email protected]<mailto:[email protected]>> wrote: > Hi Folks. Bing-Fu or Technet is not helping. Here is my issue, hope > you can help… > > > > SCCM 2012 SP1 CU3 > > Site Server computer account is in the local Administrators group on > the DC > > Trying to push client from the wizard in the console. > > YES I checked the tickbox for Install on DC > > The domain controllers are not in the local domain or forest…trusts are: > external non-transitive and external non-transitive at the domain to > domain level. Outgoing forest trust is transitive as is incoming forest > trust. > > > > We already successfully manage all member servers in that domain with > SCCM and have for a long time. > > > > ISSUE: SCCM connects to admin$ but not to WMI, here is the snippet of > the CCM.LOG > > > > ---> Attempting to connect to administrative share > '\\DOMAINCONTROLLER\admin$' using account > 'LOCALDOMAIN\SCCM_CLIENT_PUSH_ACCOUNT' > SMS_CLIENT_CONFIG_MANAGER 5/7/2014 2:13:23 PM 5980 (0x175C) > > ---> WNetAddConnection2 failed (LOGON32_LOGON_NEW_CREDENTIALS) using > ---> account > LOCALDOMAIN\SCCM_CLIENT_PUSH_ACCOUNT (00000005) > SMS_CLIENT_CONFIG_MANAGER 5/7/2014 2:13:23 PM 5980 (0x175C) > > ---> Attempting to connect to administrative share > '\\DOMAINCONTROLLER\admin$' using machine account. > SMS_CLIENT_CONFIG_MANAGER 5/7/2014 2:13:23 PM 5980 (0x175C) > > ---> Connected to administrative share on machine DOMAINCONTROLLER > SMS_CLIENT_CONFIG_MANAGER 5/7/2014 2:13:24 PM 5980 > (0x175C) > > ---> Attempting to make IPC connection to share > ---> <\\DOMAINCONTROLLER\IPC$<file:///\\DOMAINCONTROLLER\IPC$>> > SMS_CLIENT_CONFIG_MANAGER 5/7/2014 2:13:24 PM 5980 > (0x175C) > > ---> Searching for SMSClientInstall.* under '\\DOMAINCONTROLLER\admin$\' > SMS_CLIENT_CONFIG_MANAGER 5/7/2014 2:13:24 PM 5980 > (0x175C) > > ---> Unable to connect to WMI on remote machine "DOMAINCONTROLLER", > ---> error = > 0x800706ba. SMS_CLIENT_CONFIG_MANAGER 5/7/2014 > 2:13:24 PM 5980 (0x175C) > > > > I have never in my career of 17 years in SCCM managed a domain > controller as a client on purpose. So I am sure I’m missing something. > > > > Thanks for your time. > > > > > > Ivan Lindenfeld > > Manager, Enterprise Deployment/SCCM > > Fidelity National Financial | Jacksonville, Florida > > > > ________________________________ > NOTICE: The information contained in this message is proprietary > and/or confidential and may be privileged. If you are not the intended > recipient of this communication, you are hereby notified to: (i) > delete the message and all copies; (ii) do not disclose, distribute or > use the message in any manner; and (iii) notify the sender immediately. > ________________________________ NOTICE: The information contained in this message is proprietary and/or confidential and may be privileged. If you are not the intended recipient of this communication, you are hereby notified to: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately.
