Hi all,
I am having problems with deploying an image from Boot Media, the client can not communicate properly with the server to check its policies and advertised task sequence. The following appears in SMSTS.log in WinPE:
<![LOG[Using SSL]LOG]!><time="14:19:00.000+000" date="01-10-2008" component="TSMBootstrap" context="" type="1" thread="1284" file="tsmediawizardcontrol.cpp:671">
<![LOG[Using CRL]LOG]!><time="14:19:00.000+000" date="01-10-2008" component="TSMBootstrap" context="" type="1" thread="1284" file="tsmediawizardcontrol.cpp:678">
<![LOG[Need to create Authenticator Info using PFX ClientCert]LOG]!><time="14:19:00.000+000" date="01-10-2008" component="TSMBootstrap" context="" type="1" thread="1284" file="tsmediawizardcontrol.cpp:705">
<![LOG[Getting MP time information]LOG]!><time="14:19:00.203+000" date="01-10-2008" component="TSMBootstrap" context="" type="1" thread="1284" file="tsmediawizardcontrol.cpp:731">
<![LOG[Initializing CLibSMSMessageHeader with authenticator]LOG]!><time="14:19:00.234+000" date="01-10-2008" component="TSMBootstrap" context="" type="1" thread="1284" file="libsmsmessaging.cpp:946">
<![LOG[Requesting client identity]LOG]!><time="14:19:00.234+000" date="01-10-2008" component="TSMBootstrap" context="" type="1" thread="1284" file="libsmsmessaging.cpp:4574">
<![LOG[Messaging Auth Using V4 Mode]LOG]!><time="14:19:00.234+000" date="01-10-2008" component="TSMBootstrap" context="" type="0" thread="1284" file="libsmsmessaging.cpp:1200">
<
end: URL: mgsyd2lhlsms01.lh:443 CCM_POST /ccm_system_AltAuth/request]LOG]!><time="14:19:00.250+000" date="01-10-2008" component="TSMBootstrap" context="" type="1" thread="1284" file="libsmsmessaging.cpp:6043">
<![LOG[In SSL, but with no client cert]LOG]!><time="14:19:00.265+000" date="01-10-2008" component="TSMBootstrap" context="" type="1" thread="1284" file="libsmsmessaging.cpp:6169">
It then fails to retrieve its policy, it looks like this is because it is not using a certificate. The following is how I set up the boot image:
Created a boot image with the correct network drivers in it then created Task Sequence Media-> Bootable Media. In this wizard I have specified the certificate to use. This certificate was from a trusted root CA, I had deployed it to another machine then exported it with its private key (it has the purpose "Client Authentication" assigned to it).
Any help would be great
Thanks,
Mark