Unable to access DP Source - HTTP code 503 service unavailable

Sometimes you find clients are failed to download software updates , application and you will be seeing error massage HTTP code 503 service unavailable in few client logs.

First you have to check the boundary and boundary group are correctly configured
Then check if you see any error in IIS or check the application pool is running, If its stopped start again.
If the IIS Application Pool stops frequently,  check for any error in event viewer

If you find the about error, it could be related with permission issue
Check  HKLM\Software\Microsoft\SMS permission, if the permission are not configured for users,
Create it as mention below.

WSUS Cleanup Using SQL Script

Whenever we do a cleanup on WSUS we always get the below error.

Every update on WSUS (even if they are unapproved) get their metadata sent to clients unless the updates are marked as expired

WSUS does not clean unneeded (obsolete? superseded? unapproved?) updates itself. we had been running it as a "fire and forget" server: allow it to auto approve security updates and then leaving it alone. This fills the database with a bunch of updates that gets sent out

WSUS has a Cleanup Wizard which is supposed to expire obsolete and unneeded updates. We tried running this, but it would get stuck and hang forever

There is lots of advice about how to fix this problem: defragging hard drives, running the Cleanup Wizard multiple times, running weird PowerShell scripts that launch the Wizard via the command line. Most of the time noting will work 

Finally we found the below script which will help to do the cleanup through SQL

1. ·         We can’t access WSUS database through remote SQL Management Studio, so we have to install SQL Management Studio locally.
2. ·         To connect SUSDB - \\.\pipe\MSSQL$MICROSOFT##SSEE\sql\query For Server 2012 \\.\pipe\MICROSOFT##WID\tsql\query.
3. ·         Make a New Query

Run the below query to check the status

exec spGetObsoleteUpdatesToCleanup

Again execute the below query to clean up the unapproved, superseded and obsolete updates.

DECLARE @var1 INT

                                DECLARE @msg nvarchar(100)

                                 CREATE TABLE #results (Col1 INT)

                                INSERT INTO #results(Col1) EXEC spGetObsoleteUpdatesToCleanup

                                 DECLARE WC Cursor

                                FOR

                                SELECT Col1 FROM #results

                                OPEN WC

                                FETCH NEXT FROM WC

                                INTO @var1

                                WHILE (@@FETCH_STATUS > -1)

                                BEGIN SET @msg = 'Deleting ' + CONVERT(varchar(10), @var1)

                                RAISERROR(@msg,0,1) WITH NOWAIT EXEC spDeleteUpdate @localUpdateID=@var1

                                FETCH NEXT FROM WC INTO @var1 END

                                CLOSE WC

                                DEALLOCATE WC

DROP TABLE #results

Now check if you see any update using this query - exec spGetObsoleteUpdatesToCleanup

Finally, run the WSUS cleanup wizard now, you will not get any errors now.

Task Sequence - Restart Option - Error (0x00000032)

In SCCM image deployment if you get the below error during software/application installation, it could be a problem with restart step in task sequence

To confirm this you have to check the deployment log and you will be getting the below error after the restart step,

The operating system reported error 50: The request is not supported

If you check the restart properties in the task sequence the important thing to note here is that the Reboot must be set to restart "The currently installed default operating system" otherwise it will try and run the TS boot image again which obviously won't really like trying to install drivers/software/applications. In short, be sure any reboot which forms part of the Task Sequence has the below option selected,

SCCM Console Object Edit Error (Cannot edit the object which is used by...)

Sometimes when you try to edit any objects in 2012 Console, you probably get the below error, 

his because the ConfigMgr console was crashing while editing the object.

We have to run the following query in SQL to free the objects again

 select * from SEDO_LockState where LockStateID <> 0
(where SEDO stands for Serialized Editing of Data Objects)

Collect the Lock ID from the above query result and delete it with the below query,

DELETE from SEDO_LockState where LockID = ‘<LockID of the record identified in the previous query>’

Once the record is removed, We should be able to modify the object again. Hope it helps!

SCCM Secondary Site SQL Replication Issue (DRS Issue)

When you see the SQL replication has been failed and try to run replication link analyzer and you get there is an DRS issue with database, try these steps,

Below command will help you to view all SQL replication status
EXEC spDiagDRS – Running this command in SQL Management Studio will show all filed of SQL Replication

If you see the the replication group is disable ot inactive follow the below steps,

• Run this command to remove To service entry from SSB_Dialogpool “delete from SSB_DialogPool where ToService like '%PRIMARYSITECODE' “
• On the Secondary Site create the below two files under C:\Program Files\Microsoft Configuration Manager\inboxes\rcm.box

1. Secondary_Site_Replication_Configuration.pub
2. Secondary Site Data.pub

• Now run EXEC spDiagDRS command again and check if all replications are active

Distribution Point Installation failed to install Error 0x800706BA

When you install SCCM distribution point you may get this error on distmgr.log DPConnection::ConnectWMI() – Failed to connect to servernameError 0x800706BA

This means that SCCM server is unable to connect to the WMI namespace on the target machine which is why the installation of distribution point is failing. You would also see an error which reads Failed to install DP files on the remote DP Error code=1722

Fix

Copy the smsdpprov.mof file into Distribution Point installation drive, you can find the smsdpprov.mof file under <drive:>\Program Files\Microsoft Configuration Manager\bin\X64 in your primary site server

Run the command prompt as administrator and execute the following command

mofcomp.exe smsdpprov.mof

If you still getting the same error run the below command,

netsh firewall set service remoteadmin enable

This command will allow remote user to execute / allow access the local firewall policy

How PXE Works

• Machine Start the network boot and send the broadcast to the entire network with  option 60

• Both DHCP and WDS/PXE servers gets the broadcast on port 67

• DHCP Offers the free IP to the client and the client receive the IP on port 68

• But before the client machine requests for the offered IP, it waits for a green signal from WDS. WDS/PXE sever runs a stored procedure, LOOKUPDEVICE for the client machine against SCCM DB. If the machine is found in the DB or If there is an advert for Unknown collection, WDS signals client to proceed with the PXE boot.

• Client machine now requests for the IP offered by DHCP and DHCP then acknowledges this IP assignment. Machine finally has an IP address and is ready to proceed further. (DORA completes).

• The above scenario is only true if we have the client machine PXE and DHCP all are in same subnet. If any of these 3 are in a separate subnet, necessary arrangement needs to be made so that the Broadcast sent by client could reach to both DHCP and PXE server.

• In this case we configure IP helper in router so the broadcast can to forwarded to DHCP and  PXE Server.

• Now the client download WDSNBP.COM from PXE server

• Wdsnbp.com validates the DHCP/PXE response packet and proceeds to download PXEBoot.com

• PXEBoot.com downloads Bootmgr.exe and the BCD store. The BCD store must reside in a \Boot directory in the TFTP root folder. Additionally, the BCD store must be called BCD (BootMGR and BCD store are used to initialize the WINPE environment)

• Bootmgr.exe reads the BCD operating system entries and downloads Boot.sdi and the Windows PE image (Winpe.wim).

• Bootmgr.exe begins booting Windows PE by calling into Winload.exe within the Windows PE image.
Point for Failure

• Client Machine may not be part of SCCM DB and there is not advert on Unknown collection.        This can be tracked in SMSPXE.LOG which is available on PXE service point in MP directory.

• Client machine is not in the same subnet as of the PXE and DHCP server. In this situation if the IP helper table is not configured, the broadcast sent by client will not be forwarded to the other  subnet.

• Ports: 66, 67 and 4011 should be open for IP assignment and WDS file download.

• Machine reboots the moment WINPE screen appears Enable command prompt in WINPE and open CMD by hitting F8 once WinPE initializes. Make sure machine has an IP address and the HDD is Setting detected. Command which you can run here is IPCONFIG and DISKPART. DISKPART will confirm the presence of storage while ipconfig will confirm network connectivity.

• Collect SMSTS log to see the detailed error and troubleshoot accordingly.

• Once you see the TS execution has started, we conclude PXE boot is working

SCCM Prompt Query to find Machine Name Using MAC address

During the OSD deployment you may faced issue with known machine in SCCM database. Even thought you deleted the machine, somehow the MAC address register in SCCM database in different name.

Below is the prompt query which helps to find computer name using MAC address.

select distinct SMS_R_System.Name, SMS_R_System.MACAddresses from  SMS_R_System where SMS_R_System.MACAddresses = ##PRM:SMS_R_System.MACAddresses## order by SMS_R_System.MACAddresses

WSUS sync fails with HTTP 503 errors

During the SCCM 2012 Migration, as soon as we complete, we probably get this error where number of SCCM client is high.

Error on SMS_WSUS_SYNC_MANAGER component

Message ID: 6703
WSUS Synchronization failed.
Message: The request failed with HTTP status 503: Service Unavailable.
Source: Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer.

When you attempt to open Update Services on the WSUS server you receive the following error:

error: Connection Error
An error occurred trying to connect to the WSUS server. This error can happen for a number of reasons. Please contact your network administrator if the problem persists. Click the Reset Server Node to connect to the server again.

In wsyncmgr.log you will get the below error,

Sync failed: The request failed with HTTP status 503: Service Unavailable.


In this situation, the most likely cause is that the WsusPool Application Pool in IIS is in a stopped state, as shown below.

Also, the Private Memory Limit (KB) for the Application Pool is probably set to the default value of 1843200 KB.

If you encounter this problem, increase the Private Memory Limit to 4GB (4000000 KB) and restart the Application Pool. To increase the Private Memory Limit, select the WsusPool Application Pool and click Advanced Settings under Edit Application Pool. Then set the Private Memory Limit to 4GB (4000000 KB).

After the Application Pool has been restarted, monitor the SMS_WSUS_SYNC_MANAGER component status, wcm.log and wsyncmgr.log for failures. Please note that it may be necessary to increase the Private Memory Limit to 8GB (8000000 KB) or higher depending on the environment.

Access content directly from distribution point - SCCM 2012

Microsoft introduced the new content library, the idea is to save space by saving all files in a library but only save identical files once, and refer to the location for all other instances of the file. The idea is good, but it comes with a price. All content stored in the library must be extracted during installation. This slows down the deployment meaning all files will have to be downloaded by the client.

If you want to change this and store your content in a share, you can. Please be aware that this has a cost in disk space.

On all your content in the task sequence meaning packages, boot, images, drivers even the configuration manager agent, select “copy the content in this package to a package share on distribution points.”

At this point you will start to see package shares (eg smspkgc$) start to appear on the distribution points, just like they would in SMS & SCCM ‘07. Once all of the packages have had the above option enabled, open up your task sequence deployment (aka advertisement) and on the Distribution Point tab you will now see an additional option in your drop down box:

Of course you should have a think about and understand the effect this is going to have, for example this may used up to double the amount of storage space for each package on your DP as the files will be stored in the Content Library as well as the Package Share location.

Error - Cannot create NAL path for the distribution point

Sometimes distribution point unable to process the distributed package and state as waiting to install package for long time.

And when you check the distmgr.log you get the below error,

Error - Cannot create NAL path for the distribution point

That’s the error, the distribution manager component is trying to create the folder using a wrong provider.

Solution

Now  The NAL providers are stored in Registry and all 4 providers (LOCAL, MSWNET, NWNDS, NWBIND) was found the HKLM\Software\Microsoft\NAL\Providers\Active Orders key. And you will discover that the HKLM\Software\Microsoft\NAL\Server\Connections\Operational Active Order was missing an important value  and have only LOCAL.

added MSWNET to the list and restart the SMS_executive service.

Refresh the package from SCCM Console and monitor the distmgr.log.

Difference between Obsolete and Inactive Clients

Obsolete Clients

Obsolete client s are those that have been replaced by new ones. This usually happens during refresh OS deployments where the hardware stays the same and thus the hardware id is the same but the SMS GUID changes because the OS has been reloaded or the GUID is regenerated for another reason but the hardware remains the same.

Reasons -
1. hard disk swapping
2. Renaming machines
3. Reimage OS
4. Reinstalling SMS/SCCM agent on the machines without proper uninstall.

Inactive Clients 

Inactive client s are those that have not been discovered recently by the heartbeat discovery. The definition of recently is defined in the delete task as a number of days. Please note that obsolete client s are also marked inactive.

Reasons-
1. Offline machines
2. Machines having DNS issue/No name resolution
3. Machines are in inventory stock

Clean Up Inbox !

• Compsumm.box – This is for component summarize messages.  If you have old stuff, it may not be relevant any more so remove the files.
• CIAMgr.box – Configuration items, probably related to patches but perhaps for other things.  If the files are older than a week, they have probably been forgotten and can be removed.
• Auth\dataldr.box\badmifs – Hardware inventory that was bad for some reason.  Often times the bad file will be a temporary thing and the system will self correct, leaving files behind.  Once you have investigated and solved the reason it is bad, feel free to remove the files.
• Hman.box – Don’t touch stuff in the subfolders, but if files in the root are old, site communication probably had a hiccup at some time and the files can be removed.
• Sinv.box\badsinv – Software inventory gone bad, similar to the dataldr.box\badmifs.  Remove files once any investigation is done.
• Statmgr.box – These are status messages and old files can be removed as they are probably no longer relevant.
• Auth\statesys.box\corrupt – Old status messages here should be removed .  They are probably out of date anyway.
• Auth\ddm.box\regreq\bad_ddrs - These are discovery records that couldn't process for some reason.
• Colleval.box - old .CEP files may become orphaned and can be safely deleted if older than a week

SCCM 2012 and Fallback

Fallback Status Point

The Fallback Status Point (FSP) is a role is used to receive State Messages from clients, similar to a management point (MP).  The difference is that only certain types of state messages are sent to a FSP, in particular messages related to client installation, client site assignment, and clients unable to communicate with their HTTPS MP.  There are built-in reports that can be leverage to view the data the is received by the FSP

There are various reports available for viewing the results of the data processed by the Fallback Status Point.  They are located in the "SMS - Client Information" category in Reporting Services.  The ones related to Client Installation and Site assignment are:

1. Client assignment detailed status report
2. Client assignment failure details
3. Client assignment status details
4. Client assignment success details
5. Client deployment failure report
6. Client deployment status details
7. Client deployment success report

Fallback Site

The next "Fallback" to discuss is using a "Fallback Site".  I recommend using caution when enabling this feature.  It can lead to unexpected results if its not used properly.  In Configuration Manager 2012, simply creating boundaries is not enough.  It order to define a boundary to be used for Site Assignment it must be added to a Boundary Group that is enabled for Site Assignment.  The Fallback Site allows clients that are installed using the SMSSITECODE=AUTO installation property to be assigned to the Fallback Site if they are not located in a boundary that is associated with a Boundary Group that is enabled for Site Assignment.

Fallback for Content Location

Finally, let's dive into the "fallback" for content location feature.  Essentially, this feature is designed to allow client to gain access to content that is not available on a Distribution Point (DP) that is located in their Boundary Group.  If this feature is not implemented correctly, it can lead to unexpected results and high network utilization over remote WAN links.

SCCM and WMI

WMI in SCCM

ConfigMgr uses WMI extensively for both client and server operations. The ConfigMgr client uses WMI for internal control of its own operations and for gathering hardware inventory. ConfigMgr also uses WMI as an interface to the site database.

ConfigMgr Client Namespaces

The ConfigMgr client agent gathers hardware inventory data by querying WMI. The Client Agent settings determine which object classes are reported as part of the client inventory. For the majority of hardware inventory policy definitions, enabling or disabling what is reported from the clients to the ConfigMgr infrastructure is done from the console, via Client Agent settings

WMI on ConfigMgr Servers

The SMS Provider is a WMI provider that exposes many of the most important objects in the ConfigMgr site database as WMI managed objects. This provider is generally installed on either the site server or the site database server
The SMS Provider namespace is Root\SMS\site_<site code>. You can use standard WMI tools to view ConfigMgr classes and objects.

Update Classifications

Critical updates : Broadly released fixes for specific problems addressing critical, non-security related bugs.

Definition Updates: Updates to anti-malware or other definition files.

Feature Packs: New product functionality usually included in the next full product release.

Security Updates: Broadly released fixes for specific products, addressing security issues.

Service Packs: Cumulative sets of all hotfixes, security updates, critical updates, and updates created since the release of the product. Service packs might also contain a limited number of customer-requested design changes or features.

Tools: Utilities or features that aid in accomplishing a task or set of tasks.

Update Rollups: Cumulative sets of hotfixes, security updates, critical updates, and updates packaged together for easy deployment. A rollup generally targets a specific area, such as security, or a specific component, such as Internet Information Services (IIS).

Updates:  Broadly released fixes for specific problems addressing non-critical, non-security related bugs.

SCCM 2012 Log Details

SCCM 2012 Log Details

Client Side Application Deployment related log files:

·         AppDiscovery.log

·         AppEnforce.log

·         AppIntentEval.log

·         CAS.log

·         CIAgent.log

·         CIDownloader.log

·         CIStateStore.log

·         CIStore.log

·         CITaskMgr.log

·         DataTransferService.log

·         DCMAgent.log

·         DCMReporting.log

·         LocationServices.log

·         PolicyAgent.log

Server Side Software Update Logs:

·                SUPsetup.log - Installation of SUP Site Role.

·                WCM.log, WSUSCtrl.log - Configuration of WSUS Server/SUP.

·                WSyncMgr.log - SMS/WSUS Updates Synchronization Issues.

·                Objreplmgr.log - Policy Issues for Update Assignments/CI Version Info policies.

·                RuleEngine.log - Auto Deployment Rules.

Client Side Software Update Logs:

·         UpdatesDeployment.log - Deployments, SDK, UX.

·         UpdatesHandler.log - Updates, Download.

·         ScanAgent.log - Online/Offline scans, WSUS location requests.

·         WUAHandler.log - Update status (missing/installed - verbose logging), WU interaction.

·         UpdatesStore.log - Update status (missing/installed).

·         %windir%\WindowsUpdate.log - Scanning/Installation of updates.

SCCM 2012 Log file Reference:

·         adctrl.log - Records enrollment processing activity.

·         ADForestDisc.log - Records Active Directory Forest Discovery actions.

·         ADService.log - Records account creation and security group details in Active Directory.

·         adsgdis.log - Records Active Directory Security Group Discovery actions.

·         adsysdis.log - Records Active Directory System Discovery actions.

·         adusrdis.log - Records Active Directory User Discovery actions.

·         ccm.log - Records client push installation activities.

·         CertMgr.log - Records the certificate activities for intra-site communications.

·         chmgr.log - Records activities of the client health manager.

·         Cidm.log - Records changes to the client settings by the Client Install Data Manager (CIDM).

·         colleval.log - Records details about when collections are created, changed, and deleted by the Collection Evaluator.

·         compmon.log - Records the status of component threads monitored for the site server.

·         compsumm.log - Records Component Status Summarizer tasks.

·         ComRegSetup.log - Records the initial installation of COM registration results for a site server.

·         ConfigMgrPrereq.log - Records pre-requisite component evaluation and installation activities.

·         dataldr.log - Records information about the processing of Management Information Format (MIF) files and hardware inventory in the Configuration Manager database.

·         ddm.log - Records activities of the discovery data manager.

·         despool.log - Records incoming site-to-site communication transfers.

·         distmgr.log - Records details about package creation, compression, delta replication, and information updates.

·         EPCtrlMgr.log - Records information about the synchronization of malware threat information from the Endpoint Protection site system role server into the Configuration Manager database.

·         EPMgr.log - Records the status of the Endpoint Protection site system role.

·         EPSetup.log - Provides information about the installation of the Endpoint Protection site system role.

·         EnrollSrv.log - Records activities of the Enrollment service process.

·         EnrollWeb.log - Records activities of the enrollment website process.

·         fspmgr.log - Records activities of the fallback status point site system role.

·         hman.log - Records information about site configuration changes, and the publishing of site information in Active Directory Domain Services.

·         Inboxast.log - Records the files that are moved from the management point to the corresponding INBOXES folder on the site server.

·         inboxmgr.log - Records file transfer activities between inbox folders.

·         inboxmon.log - Records the processing of inbox files and performance counter updates.

·         invproc.log - Records the forwarding of MIF files from a secondary site to its parent site.

·         migmctrl.log - Records information for Migration actions involving migration jobs, shared distribution points, and distribution point upgrades.

·         mpcontrol.log - Records the registration of the management point with WINS. Records the availability of the management point every 10 minutes.

·         mpfdm.log - Records the actions of the management point component that moves client files to the corresponding INBOXES folder on the site server.

·         mpMSI.log - Records details of about the management point installation.

·         MPSetup.log - Records the management point installation wrapper process.

·         netdisc.log - Records Network Discovery actions.

·         ntsvrdis.log - Records the discovery activity of site system servers.

·         Objreplmgr - Records the processing of object change notifications for replication.

·         offermgr.log - Records advertisement updates.

·         offersum.log - Records the summarization of deployment status messages.

·         OfflineServicingMgr.log - Records the activities of applying updates to operating system image files.

·         outboxmon.log - Records the processing of outbox files and performance counter updates.

·         PerfSetup.log - Records the results of the installation of performance counters.

·         PkgXferMgr.log - Records the actions of the SMS Executive component that is responsible for sending content from a primary site to a remote distribution point.

·         policypv.log - Records updates to the client policies to reflect changes to client settings or advertisements.

·         rcmctrl.log - Records the activities of database replication between sites in the hierarchy.

·         replmgr.log - Records the replication of files between the site server components and the Scheduler component.

·         ResourceExplorer.log - Records errors, warnings, and information about running the Resource Explorer.

·         ruleengine.log - Records details about Auto Deployment Rules around the identification, content download, and update group and deployment creation.

·         Sched.log - Records details about site-to-site job and package replication.

·         schedule.log - Records the activities for standard sender content scheduling jobs.

·         sender.log - Records the files that transfer by file-based replication between sites.

·         sinvproc.log - Records information about the processing of software inventory data to the site database.

·         sitecomp.log - Records details about the maintenance of the installed site components on all site system servers in the site.

·         sitectrl.log - Records site setting changes made to site control objects in the database.

·         sitestat.log - Records the availability and disk space monitoring process of all site systems.

·         SmsAdminUI.log - Records Configuration Manager console activity.

·         SMSAWEBSVCSetup.log - Records the installation activities of the application catalog web service.

·         smsbkup.log - Records output from the site backup process.

·         smsdbmon.log - Records database changes.

·         SMSENROLLSRVSetup.log - Records the installation activities of the enrollment web service.

·         SMSENROLLWEBSetup.log - Records the installation activities of the enrollment website.

·         smsexec.log - Records the processing of all site server component threads.

·         SMSFSPSetup.log - Records messages generated by the installation of a fallback status point.

·         SMSPORTALWEBSetup.log - Records the installation activities of the application catalog web site.

·         SMSProv.log - Records WMI provider access to the site database.

·         smstsvc.log - Records information about the installation, use, and removal of a Windows service that is used to test network connectivity and permissions between servers, using the computer account of the server initiating the connection.

·         srsrpMSI.log - Records detailed results of the reporting point installation process from the MSI output.

·         srsrpsetup.log - Records results of the reporting point installation process.

·         Srvacct.log - Records the maintenance of accounts when the site uses standard security.

·         statesys.log - Records the processing of state system messages.

·         statmgr.log - Records the writing of all status messages to the database.

·         swmproc.log - Records the processing of metering files and settings.

SCCM Policy

·         PolicyAgent.log - Requests policies by using the Data Transfer service.

·         PolicyAgentProvider.log - Records policy changes.

·         PolicyEvaluator.log - Records new policy settings.

Inventory

·         InventoryAgent.log - Creates discovery data records (DDRs) and hardware and software inventory records.

·         inventoryprovider.log – Records all inventory details

DCM

·         DCMAgent.log:  Records high-level information about the evaluation, conflict reporting, and remediation of configuration items and applications.

·         CIAgent.log: Records details about the process of remediation and compliance for compliance settings, software updates, and application management.

·         CMReporting.log :  Records information about reporting policy platform results into state messages for configuration items.

·         DcmWmiProvider.log Records information about reading configuration item synclets from Windows Management Instrumentation (WMI).   

Client Operation Log Files

·         CAS.log  - Content Access service. Maintains the local package cache on the client.

·         Ccm32BitLauncher.log - Records actions for starting applications on the client marked as “run as 32bit”.

·         CcmEval.log - Records Configuration Manager client status evaluation activities and details for components that are required by the Configuration Manager client.

·         CcmEvalTask.log - Records the Configuration Manager client status evaluation activities that are initiated by the evaluation scheduled task.

·         CcmExec.log - Records activities of the client and the SMS Agent Host service. This log file also includes information about enabling and disabling wake-up proxy.

·         CcmMessaging.log - Records activities related to communications between the client and management points.

·         CCMNotificationAgent.log - Records activities related to client notification operations.

Client Installation Log Files

·         ccmsetup.log - Records ccmsetup tasks for client setup, client upgrade, and client removal. Can be used to troubleshoot client installation problems.

·         ccmsetup-ccmeval.log - Records ccmsetup tasks for client status and remediation.

·         CcmRepair.log - Records the repair activities of the client agent.

·         client.msi.log - Records setup tasks performed by client.msi. Can be used to troubleshoot client installation or removal problems.

Client Location Log

·         ClientLocation.log - Site assignment tasks.

·         LocationServices.log - Finds management points and distribution points.

Software Distribution Logs

·         Policyagnet.log - Requests policies software distribution.

·         PolicyEvaluator.log - Records new policy settings about new deployment

·         Execmgr.log - Records advertisements that run

·         DataTransferService.log - Records all BITS communication for policy or package access.

·         ContentTransferManager.log - Schedules the Background Intelligent Transfer Service (BITS) or the Server Message Block (SMB) to download or to access SMS packages

Admin Console Log Files

·         RepairWizard.log - Records errors, warnings, and information about the process of running the Repair Wizard.

·         ResourceExplorer.log - Records errors, warnings, and information about running the Resource Explorer.

·         SMSAdminUI.log - Records the local Configuration Manager 2007 console tasks when you connect to Configuration Manager 2007 sites.

Management Point Log Files

·         MP_Ddr.log - Records the conversion of XML.ddr records from clients, and copies them to the site server.

·         MP_GetAuth.log - Records the status of the site management points.

·         MP_GetPolicy.log - Records policy information.

·         MP_Hinv.log - Converts XML hardware inventory records from clients and copies the files to the site server.

·         MP_Location.log - Records location manager tasks.

·         MP_Policy.log - Records policy communication.

·         MP_Relay.log - Copies files that are collected from the client.

·         MP_Retry.log - Records the hardware inventory retry processes.

·         MP_Sinv.log - Converts XML hardware inventory records from clients and copies them to the site server.

·         MP_Status.log - Converts XML.svf status message files from clients and copies them to the site server.

Operating System Deployment Log Files

·         CCMSetup.log - Provides information about client-based operating system actions.

·         CreateTSMedia.log - Provides information about task sequence media when it is created. This log is generated on the computer running the Configuration Manager 2007 administrator console.

·         DriverCatalog.log - Provides information about device drivers that have been imported into the driver catalog.

·         MP_ClientIDManager.log - Provides information about the Configuration Manager 2007 management point when it responds to Configuration Manager 2007 client ID requests from boot media or PXE. This log is generated on the Configuration Manager 2007 management point.

·         MP_DriverManager.log - Provides information about the Configuration Manager 2007 management point when it responds to a request from the Auto Apply Driver task sequence action. This log is generated on the Configuration Manager 2007 management point.

·         MP_Location.log - Provides information about the Configuration Manager 2007 management point when it responds to request state store or release state store requests from the state migration point. This log is generated on the Configuration Manager 2007 management point.

·         Pxecontrol.log - Provides information about the PXE Control Manager.

·         PXEMsi.log - Provides information about the PXE service point and is generated when the PXE service point site server has been created.

·         PXESetup.log - Provides information about the PXE service point and is generated when the PXE service point site server has been created.

·         Setupact.log Setupapi.log Setuperr.log Provide information about Windows Sysprep and setup logs.

·         SmpIsapi.log - Provides information about the state migration point Configuration Manager 2007 client request responses.

·         Smpmgr.log - Provides information about the results of state migration point health checks and configuration changes.

·         SmpMSI.log - Provides information about the state migration point and is generated when the state migration point site server has been created.

·         Smsprov.log - Provides information about the SMS provider.

·         Smspxe.log - Provides information about the Configuration Manager 2007 PXE service point.

·         SMSSMPSetup.log - Provides information about the state migration point and is generated when the state migration point site server has been created.

·         Smsts.log - General location for all operating system deployment and task sequence log events.

·         TaskSequenceProvider.log - Provides information about task sequences when they are imported, exported, or edited.

·         USMT Log loadstate.log - Provides information about the User State Migration Tool (USMT) regarding the restore of user state data.

·         USMT Log scanstate.log - Provides information about the USMT regarding the capture of user state data.

Discovery

·         adsgdis.log - Records Active Directory Security Group Discovery actions.

·         adsysdis.log - Records Active Directory System Discovery actions.

·         adusrdis.log - Records Active Directory User Discovery actions.

·         ADForestDisc.Log - Records Active Directory Forest Discovery actions.

·         ddm.log - Records activities of the discovery data manager.

·         netdisc.log - Records Network Discovery actions.

Inventory

·         dataldr.log - Records information about the processing of Management

                        Information Format (MIF) files and hardware inventory in the Configuration

                       Manager database.

·         invproc.log - Records the forwarding of MIF files from secondary site to its

                     parent site.

·         sinvproc.log - Records information about the processing of software inventory

               data to the site database.

Reporting

·         srsrp.log - Records information about the activity and status of the

reporting point.

·         srsrpMSI.log - Records detailed results of the reporting point installation

                        process from the MSI output.

·         srsrpsetup.log - Records results of the reporting point installation process.

 

Site to Site Communication Logs

·         despool.log - Records incoming site-to-site communication transfers.

·         hman.log -  hman.log - Records information about site configuration changes, and the publishing of site information in Active Directory Domain Services.

·         invproc.log - Records the forwarding of MIF files from a secondary site to its parent site.

·         PkgXferMgr.log - Records the actions of the SMS Executive component that is responsible for sending content from a primary site to a remote distribution point.

·         rcmctrl.log - Records the activities of database replication between sites in the hierarchy.

·         replmgr.log - Records the replication of files between the site server components and the Scheduler component.

·         Sched.log - Records details about site-to-site job and package replication.

·         sender.log - Records the files that transfer by file-based replication between sites.