New clients do not install and existing clients do not run advertisements after you install a new Management Point (832109)
The information in this article applies to:
- Microsoft Systems Management Server 2003
SYMPTOMSAfter you install and configure a new Management Point (MP) for Microsoft Systems Management Server (SMS) 2003, you may experience one or more of the following issues: - Computers are discovered and appear in the SMS Administrator Console as advanced clients, but the SMS client software is not installed on the client computers.
- Computers are discovered and appear in the SMS Administrator Console as advanced clients, but the standard SMS client software is installed on the computer that is discovered.
- Existing clients do not report a status for advertisements.
- The following message is logged in the CAS.log on the SMS Advanced Client computer and in the SQLERROR log on SQL server: Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection
- The IIS log on the management point may contain Error 401.
The following entries may appear on the Management Point in the MP_GetAuth.log file. Depending on whether the SMS client is also installed, this log file is located either in the \ %windir%\system32\CCM\Logs\ folder or in the \SMS_CCM\Logs\ folder. ( %windir% is the folder where the operating system is installed.) <![LOG[CMPDBConnection::Init(): IDBInitialize::Initialize() failed with 0x80004005]LOG]!>
<![LOG[Raising event: [SMS_CodePage(437), SMS_LocaleID(1033)] instance of
MpEvent_ConnectDatabaseFailed {
ClientID = "GUID:F4AB9DD6-362A-44B4-BAFA-6797AD71C79F";
DatabaseName = "SMSDBname";
DateTime = "20030919053031.203000+000";
ErrorCode = "0x80004005";
MachineName = "MPcomputername";
ProcessID = 5124;
ServerName = "SMSservername";
SiteCode = "sitecode";
ThreadID = 3512;
Win32ErrorCode = 0;
};
]LOG]><time="00:30:31.219+000" date="09-19-2003" component="MP_GetAuth_ISAPI" context="Auth"
type="1" thread="3512" file="event.cpp:522"> CMPDBConnection::Init(): IDBInitialize::Initialize() failed with 0x80040e4d $$<MP_GetAuth_ISAPI><Wed Feb 4 17:19:29.240 2004 Eastern Standard Time><thread=2664 (0xA68)> CAUSEThe Management Point may be prevented from connecting to the server that is running Microsoft SQL Server. These issues may occur for any one of the following reasons: - The Management Point does not have correct permissions on the SQL server.
- Problems exist with SQL Service Principal Name (SPN) registration.
- Problems exist with Kerberos or the Domain Name System (DNS) protocol.
WORKAROUNDTo work around this problem, switch from a TCP connection to a Named Pipes connection between the Management Point and the SQL server. This can also be used to test whether the issue is with Kerberos authentication, which TCP uses. Named Pipes uses NTLM authentication. If switching from TCP to Named Pipes does not resolve the issue, run a Network Monitor trace to investigate possible network connectivity issues. If enabling Named Pipes on the Management Point resolves the issue, it indicates that Kerberos authentication is failing and the troubleshooting steps in this article will be helpful in diagnosing the cause. To enable Named Pipes, do the following on the Management Point server. Click Start, click Run, type cliconfg, and then click OK. This starts the Client Network Utility. Add the SQL server NetBIOS name on the Alias tab with Named Pipes selected. This is the default setting. On the SQL server, run the Server Network Utility and make sure Named Pipes is at the top of the protocol stack. The Management Point queries SQL every 10 minutes. A log entry will appear that indicates the number of Management Points in the site. This indicates a successful connection.REFERENCES
For more information about running in SMS Advanced security with a remote SQL server, click the following article number to view the article in the Microsoft Knowledge Base:
829868
Systems Management Server 2003 Advanced Security site with Remote SQL does not connect to SQL Server
For more information about retrieving SPNs from Active Directory, click the following article number to view the article in the Microsoft Knowledge Base:
298718
How to retrieve SPNs from the directory
For more information about Kerberos, click the following article numbers to view the articles in the Microsoft Knowledge Base:
266080
Answers to frequently asked Kerberos questions
326985 How to troubleshoot Kerberos-related issues in IIS
Modification Type: | Minor | Last Reviewed: | 8/22/2006 |
---|
Keywords: | kbSoftwareDist kbClient kbSecurity kbinfo KB832109 kbAudITPRO |
---|
|