SteelBytes.NeT
Converting bytes to knowledge
  • Home
  • SCCM
  • SCCM Component Status error: “SMS Policy Provider has failed to sign one or more policy assignments”

SCCM Component Status error: “SMS Policy Provider has failed to sign one or more policy assignments”

January 9, 2013 31 Comments Written by Paolo




You experience problems with packages, virtual applications and OS deployment with your SCCM clients. The SCCM server reports “SMS Policy Provider has failed to sign one or more policy assignments. It will retry this operation automatically.” in the Component Status SMS_POLICY_PROVIDER. This may indicate your SCCM Site Server Signing Certificate has expired.

This article consists of two parts how to indicate and resolve the problem:

A. How to check if the SCCM Site Server Signing Certificate is expired

B. How to create a request file to renew the certificate (only working method to renew!)

 

A. How to check if the SCCM Site Server Signing Certificate is expired

1. In the Configuration Manager Console, navigate to Site Management
2. Open the Properties of your Site
3. Open Site Mode and note the name of the Certificate

image

4. Click on Browse…

image

5. Check the corresponding certificate name and check the Valid From date 

If the certificate is expired, you have to renew the certificate by following the steps below.

B. How to create a request file to renew the certificate

Be sure to do this outside work hours, because it impacts the SCCM clients.

1. Create a new file ‘sitesigning.inf’ with the following content:

[NewRequest] 
FriendlyName = "SCCM Site Signing Server Certificate [your site code]" 
Subject = "CN=The site code of this site server is [your site code]" 
MachineKeySet = True 
[RequestAttributes] 
CertificateTemplate = ConfigMgrSiteServerSigningCertificate

2. Save the file and open an elevated command prompt.

3.Type the following commands in the folder where you saved the file:

certreq –new sitesigning.inf sitesigning.req
certreq –submit sitesigning.req sitesigning.cer

4. Select the correct CA:

image

Output of certreq commands:

image

The certificate is now requested at your Certificate Authority.

5. Issue the certificate in your CA in Pending Requests and remember the Request ID

image

6. In an elevated cmd on the SCCM server again, type the following command:

certreq –retrieve [requestidnumber] sitesigning.cer

7. Select the correct CA again:

image

8. Open the local Certificate store by opening an new mmc and add Certificates (Local Computer)

image

9. Check if the certificate is present in Personal / Certificates (a little key must appear with the certificate! if not, the certificate does not contain the private key)

image

11. In the Configuration Manager Console, navigate to Site Management

11. Open the Properties of your Site

12. Open Site Mode, click on Browse and select the new certificate

image

The certificate is now renewed.

You can check the SMS_POLICY_PROVIDER status again under: System Status > Site Status > [Site code] > Component Status

If the certificate is correctly renewed, the message ‘SMS Policy Provider successfully signed all policy assignments with the new Site Server Signing Certificate.’ will appear. Your SCCM clients will then be functional again.



SCCM
, , , ,
Similar posts
  • Change management console language Sy... This is an easy one. When starting the management console the language of the local OS will be detected. Then it will search if a language pack is present. When found, the corresponding language will be shown and troubleshooting will instantly become a lot harder (or you can just try to search for non-English errors, [...]
  • How to renew the SCCM Site Server Sig... When your SCCM Site Server Signing Certificate has expired you will experience problems with packages, virtual applications and OS deployment with your SCCM clients. The SCCM server reports “SMS Policy Provider has failed to sign one or more policy assignments. It will retry this operation automatically.” in the Component Status SMS_POLICY_PROVIDER. This article consists of [...]
  • Add or remove local user in SCCM OSD ... Sometimes it is necessary to add a local user to your Windows image (like notebooks which must be used at external locations). You can create an image for SCCM with local users, but then you have another image with a different configuration. I think it’s cool everything can be managed with just one image, so [...]
  • SCCM OSD error: 0x80004005 When I tried to install a server by the SCCM task sequence, I received an 0x80004005 error. This was costing me some hours to resolve. In my case however, the solution was very simple: Cause Your system date and time may be invalid, which is mostly the case with servers fresh out of the box. [...]
  • No task sequence in SCCM OSD or no ad... If you want to reinstall your desktop by using SCCM, the list of task sequences is empty. In your SCCM client, no advertisements show up. Solutions Solution 1 – Merge the conflicting record 1. In your Configuration Manager Console, navigate to Computer Management / Conlicting Records. Check if there are any records present. If so, [...]

No Comments Yet

31 Pings/Trackbacks

  1. Ванпачман интернетте оқыңыз on January 24, 2022 at 1:11 am
  2. 2022 онлайн фильмдер on January 27, 2022 at 1:42 pm
  3. серіали онлайн lostfilm on February 14, 2022 at 3:31 pm
  4. Смотреть тут бесплатно lostfilm on February 14, 2022 at 4:23 pm
  5. ең жақсы LostFilm сериялары on February 14, 2022 at 9:24 pm
  6. кращі фільми lostfilm on February 15, 2022 at 5:18 am
  7. скачать бесплатно мангу on February 15, 2022 at 12:17 pm
  8. Мультики 2022 онлайн on February 15, 2022 at 1:19 pm
  9. мына жерден қараңыз on February 15, 2022 at 2:47 pm
  10. махва мұнда оқыңыз on February 16, 2022 at 10:47 am
  11. читати комікси тут on February 16, 2022 at 12:53 pm
  12. Фильмы без регистрации и смс on February 17, 2022 at 3:54 am
  13. Лучшие фильмы lostfilm on February 17, 2022 at 9:18 am
  14. мына жерде комикстерді оқыңыз on February 17, 2022 at 2:38 pm
  15. Ванпачмен читати онлайн on February 17, 2022 at 3:33 pm
  16. Бесплатные фильмы lostfilm on February 18, 2022 at 4:02 pm
  17. Манхэттенді тегін жүктеп алыңыз on February 19, 2022 at 1:22 am
  18. 2022 онлайн сериялары on February 19, 2022 at 8:22 am
  19. комікси про Супермена on February 20, 2022 at 2:46 am
  20. 2022 серіали онлайн lostfilm on February 21, 2022 at 6:31 pm
  21. Где посмотреть фильм lostfilm on February 22, 2022 at 6:36 am
  22. Фильмы онлайн lostfilm on February 22, 2022 at 9:05 am
  23. де подивитися фільм lostfilm on February 26, 2022 at 2:38 am
  24. 2022 серіали онлайн on February 26, 2022 at 1:30 pm
  25. Сериалы онлайн on February 27, 2022 at 9:47 am
  26. 2022 фильмы онлайн on March 2, 2022 at 10:22 am
  27. Комікси марвел on March 3, 2022 at 7:40 am
  28. 2022 онлайн lostfilm сериялары on March 3, 2022 at 5:18 pm
  29. Смотреть тут lostfilm on March 4, 2022 at 6:33 am
  30. lostfilm фильмін қайда көруге болады on March 4, 2022 at 10:00 pm
  31. Комиксы о Бэтмене on March 7, 2022 at 5:00 pm

Leave a Reply

Your email address will not be published. Required fields are marked *


+ two = four