- Scores: 25
- Joined: 9/21/2001
- Location: Bern - Switzerland
Upgrading R2 clients with Hotfix KB2905002 causes problems
Thursday, February 13, 2014 8:01 AM
I ran into an issue last week after installing this patch on the single primary site server W2K8 R2.
The patch created 2 packages with the proper command-line to install the MSP. We've added this patch command-line to the OSD task sequence after having modified the client agent package and everything works fine. The agent gets installed with the new version 7958.1101, either in english or german depending on the OS language and communicates with the site server. This works like a charm.
The other scenario is a little bit more complicated. A machine having the old agent 7701.0000 (no R2) installed gets migrated from one domain to another one. After being joined to the new domain, the AD discovery detects this machine and it'll appear in the new SCCM 2012 R2 console, displayed with "Client=No", because it does communicate with the new server. The automatic client push installation then installs the new R2 agent 7958.1000. So far, everything's working fine, it only takes a couple of minutes between domain join and installation of the new agent. By discovering the new agent, the machine ends up in a collection to get the patch 2905002 installed. This installation fails every time, exit code 1603. After this, the agent is more or less useless.
The only reasonable error that can be found in the log file is "Setup was unable to apply security permissions to C:\WINDOWS\CCM\1031\DCMStrings.xml. The error code is 80070002". The file is present and has all necessary permissions. The folder 1031 points to the german version. The patch is only available in ENU version, so I thought it might be an issue detecting the correct language version of the client. Funnily, when installing this patch manually using a command prompt and the same command line, everything works fine, the client is updated and communicates.
Does anybody have experienced the same or similar issue? Even if the agent can communicate with the server while being on version 7958.1000, I would appreciate it to have them all updated to 7958.1101. I cannot do a manual installation on 700 machines. Reinstalling this hotfix seems to provide some sort of solution but only if the client's still working after the first try. Any ideas?