For us, in 1602 it was .config files getting blocked. All our DPs are MPs and SUPs. We could never see it blocked in the client logs, we have to either look at the BITS job, or the IIS logs on that DP.
Daniel Ratliff From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Burke, John Sent: Friday, December 09, 2016 12:34 PM To: mssms@lists.myitforum.com Subject: [mssms] RE: IIS and SCCM - how does 2012 and Current Branch bypass this? Wow. Seriously? I just checked my settings and all the filters are still on, on the dp and the pakage I sent had a folder called BIN. I’m going directly to config file in system32 and looking via the IIS Manager. Perhaps I’m not looking in the right place? In my 2007 environment this would sit there at 0% and never really download. Started right up in CB. 1606 I believe. Hmm is it possible it’s just the BIN piece that isn’t being blocked properly I wonder. Could it matter if the DP is also a MP? I do notice that the URL it’s using in the datatransferservice.log in our 2007 log that was getting stuck pointed at http://server.bla.bla./SMS_DP_ccmdistpt$/SMSPKG/NS2005EA Where the CB log is http://server.bla.bla./SMS_MP DTSJob {A82FC2B4-340E-4FA2-9C44-0D340061E087} created to download from 'http://XXXXXXXX:80/SMS_MP' to 'C:\WINDOWS\CCM\CIDownloader\Staging'. DataTransferService 11/10/2016 11:42:56 AM 2992 (0x0BB0) DTSJob {A82FC2B4-340E-4FA2-9C44-0D340061E087} in state 'PendingDownload'. DataTransferService 11/10/2016 11:42:56 AM 352 (0x0160) DTSFlag is 0x00209c8a DataTransferService 11/10/2016 11:42:56 AM 352 (0x0160) Exclude file list: DataTransferService 11/10/2016 11:42:56 AM 352 (0x0160) Using branch cache option DataTransferService 11/10/2016 11:42:56 AM 352 (0x0160) DTSJob {A82FC2B4-340E-4FA2-9C44-0D340061E087} in state 'DownloadingData'. DataTransferService 11/10/2016 11:42:56 AM 352 (0x0160) DTSJob {2EF43FD1-99CB-4C54-A0F7-C7462EA9AED8} in state 'RetrievedData'. DataTransferService 11/10/2016 11:43:00 AM 2152 (0x0868) DTSJob {2EF43FD1-99CB-4C54-A0F7-C7462EA9AED8} successfully completed download. DataTransferService 11/10/2016 11:43:00 AM 2152 (0x0868) From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Daniel Ratliff Sent: December-09-16 12:47 PM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] RE: IIS and SCCM - how does 2012 and Current Branch bypass this? Can confirm, this happened on 2012 R2 and 1602 for us. We use a PowerShell script to configure all our DPs. Daniel Ratliff From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Burke, John Sent: Friday, December 09, 2016 11:24 AM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] IIS and SCCM - how does 2012 and Current Branch bypass this? https://technet.microsoft.com/en-us/library/cc431377.aspx?f=255&MSPPError=-2147217396 I ran into this issue with packages and noticed none of this custom stuff had to be done with CB and I asked about 2012 and folks said it didn’t happen in 2012. When I look at IIS for the default site and dp, it appears as if the filtering SHOULD be blocking those exentions and the bin folder without these changes made. Why not? Configure requestFiltering for IIS on distribution points The following information applies when you use distribution points that are enabled for Allow clients to transfer content from this distribution point using BITS, HTTP, and HTTPS. By default, IIS blocks several file extensions and folder locations. If package source files contain extensions that are blocked in IIS, you must configure the requestFiltering section in the applicationHost.config file on a distribution points that is enabled for Allow clients to transfer content from this distribution point using BITS, HTTP, and HTTPS. For example, you might have source files for a software deployment that include a folder named bin, or that contain a file with the .mdb file extension. By default, IIS request filtering blocks access to these elements. When you use the default IIS configuration on a distribution point, clients that use BITS fail to download this software deployment from the distribution point. In this scenario, the clients indicate that they are waiting for content. To enable the clients to download this content by using BITS, on each applicable distribution point, edit the requestFiltering section of the applicationHost.config file to allow access to the files and folders in the software deployment. The information transmitted is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL material. If you receive this material/information in error, please contact the sender and delete or destroy the material/information. The information transmitted is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL material. If you receive this material/information in error, please contact the sender and delete or destroy the material/information.
