SMS_POLICY_PROVIDER » snowland.se

ConfigMrg Native Mode and site signing certificate

By Rikard Ronnkvist, 2010-07-09 09:48 ConfigMgr

After trying to switch to native mode in ConfigMgr we got some errors from SMS_POLICY_PROVIDER saying “SMS Policy Provider has failed to sign one or more policy assignments. It will retry this operation automatically.”

Strange since we did follow a (this one) step-by-step guide from Microsoft.

After a few searches on Google and TechNet I found out that I needed to add a few lines in the request-file… FriendlyName and KeyLength…

[NewRequest]
FriendlyName = "ConfigMgr Site Signing ABC"
Subject = "CN=The site code of this site server is ABC"
MachineKeySet = True
KeyLength = 2048

[RequestAttributes]
CertificateTemplate = ConfigMgrSiteServerSigningCertificate

Then I requested a new cert with that file and used the new certificate instead… and a few minutes later SMS_POLICY_PROVIDER says “SMS Policy Provider successfully updated a settings policy and a settings policy assignment.”

ConfigMrg Native Mode and site signing certificate

Tag cloud

Categories

Archives


Fun stuff... one of our printers tried to PXE-boot from our ConfigMgr PXE Point...

	Rikard Ronnkvist From