Remote Desktop CredSSP Failure

Temporary reprieve for affected clients:

 

REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2

 

Revert via this command once all remote connections are patched:

REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 1

PowerShell : Editing File Properties

Whilst writing a script which included a recycler section to ensure files older than 14 days were removed from a directory I needed a way to test the code. I then came across the set-itemproperty cmdlet which was just what I needed.

First i explored the cmdlet via:

get-help get-itemproperty

and

get-help get-itemproperty -examples

This then led me to run the commands

$folder = "C:\tmp\test"
get-itemproperty $folder | format-list -property *
PSPath : Microsoft.PowerShell.Core\FileSystem::C:\tmp\test
PSParentPath : Microsoft.PowerShell.Core\FileSystem::C:\tmp
PSChildName : test
PSDrive : C
PSProvider : Microsoft.PowerShell.Core\FileSystem
Mode : d-----
BaseName : test
Target : {}
LinkType :
Name : test
FullName : C:\tmp\test
Parent : tmp
Exists : True
Root : C:\
Extension :
CreationTime : 6/21/2018 11:30:13 AM
CreationTimeUtc : 6/21/2018 10:30:13 AM
LastAccessTime : 6/21/2018 11:30:13 AM
LastAccessTimeUtc : 6/21/2018 10:30:13 AM
LastWriteTime : 6/21/2018 11:30:13 AM
LastWriteTimeUtc : 6/21/2018 10:30:13 AM
Attributes : Directory

I wanted to set the creation and modified dates back in time to test my recyler one-liner, I acheieved this by first setting a variable to be a datetime object in the past (US date format so that’s the 31st January 2018):

$olddate = [datetime]"1/31/2018"

I then assigned this datetime value to the properties of the folder I wanted via the commands:

Set-ItemProperty $folder -Name CreationTime -Value $olddate
Set-ItemProperty $folder -Name LastWriteTime -Value $olddate

This worked a treat. I could then use this command to delete the folder and it’s contents if it was older than 14 days (credit to https://www.thomasmaurer.ch/2010/12/powershell-delete-files-older-than/ for this one):

$Daysback = "-14"
$CurrentDate = Get-Date
$DatetoDelete = $CurrentDate.AddDays($Daysback)
Get-ChildItem C:\tmp | Where-Object { $_.LastWriteTime -lt $DatetoDelete } | Remove-Item -recurse -force

SCCM DP Package Transfer Errors

The Problem

After a DNS change on one of our Distribution Points within SCCM 2012 R2 I decided to remove the old DP entry and recreate it. Removing the DP was easy enough, drop the roles and then delete the server from Administration > Servers and Site System Roles then wait 24 hours for synchronisation to remove the content from the DP.

I then created a new DP in SCCM under the new DNS name and monitored the package transfer via Monitoring > Distribution Point Group Status > All Site Distribution Points. The results looked bad, every package was failing to transfer.

The Investigation

I then reviewed the PkgXferMgr.log file at \\<<SCCM PRI SITE>\SMS_ES1\Logs\ which contained the errors:

Failed to get object class $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.828-60><thread=9112 (0x2398)>
~ExecStaticMethod failed (80041002) SMS_DistributionPoint, AddFile $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.828-60><thread=9112 (0x2398)>
CSendFileAction::AddFile failed; 0x80041002 $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.828-60><thread=9112 (0x2398)>
Failed to add the file bcmnfcscr7-x64.cat in content 01C39B5C-4DA1-4A0E-A328-3FD2AC9F500F. Error 0x80041002 $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.828-60><thread=9112 (0x2398)>
CSendFileAction::AddFileMetaData failed; 0x80041002 $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.828-60><thread=9112 (0x2398)>
CSendFileAction::SendFiles failed; 0x80041002 $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.828-60><thread=9112 (0x2398)>
CSendFileAction::SendContent failed; 0x80041002 $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.828-60><thread=9112 (0x2398)>
~ Sending failed. Failure count = 24, Restart time = 14/06/2018 06:56:25 GMT Daylight Time $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.828-60><thread=9112 (0x2398)>
Failed to get object class $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.812-60><thread=5008 (0x1390)>
~ExecStaticMethod failed (80041002) SMS_DistributionPoint, AddFile $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.859-60><thread=5008 (0x1390)>
CSendFileAction::AddFile failed; 0x80041002 $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.859-60><thread=5008 (0x1390)>
Failed to add the file dptf_cpu.cat in content 08D125AE-8841-4C08-90AA-0D6B091B5C39. Error 0x80041002 $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.859-60><thread=5008 (0x1390)>
CSendFileAction::AddFileMetaData failed; 0x80041002 $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.859-60><thread=5008 (0x1390)>
CSendFileAction::SendFiles failed; 0x80041002 $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.859-60><thread=5008 (0x1390)>
CSendFileAction::SendContent failed; 0x80041002 $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.859-60><thread=5008 (0x1390)>
~ Sending failed. Failure count = 24, Restart time = 14/06/2018 06:56:25 GMT Daylight Time $$<SMS_PACKAGE_TRANSFER_MANAGER><06-14-2018 06:26:25.859-60><thread=5008 (0x1390)>

Inspecting the D:\ drive on the DP suggested the packages were actually being copied, there was plenty of capacity free on the taregt disk D:\ and it’s used storage was increasing through the synch process.

I did some searching online and came across a blog which described the error I received exactly:

http://www.christopherkibble.com/sccm-2012-dp-errors-sendfiles-failed

Following this blog restored my DP’s synchronisation functionality! What follows is a copy and paste job for reference.

The Solution

On the affected distribution point:

  1. Backup the registry
  2. elevated command prompt:
    cd c:\windows\system32\wbem
    for %F in (*.dll) do regsvr32 /s %F
    mofcomp -check AuditRsop.mof
  3. Review the output of the mofcomp command, if it looks like it’ll compile continue else address any issues:
    mofcomp -AuditRsop.mof
  4. Locate the SMS_DP$ share directory
    cd SMS_DP$\sms\bin
    for %F in (*.dll) do regsvr32 /s %F
    mofcomp -check smsdpprov.mof
  5. Review the output of the mofcomp command, if it looks like it’ll compile continue else address any issues:
    mofcomp smsdpprov.mof
  6. Reboot the DP
  7. Monitor the distribution status from the SCCM console (Monitoring > Distribution Point Group Status > All Site Distribution Points)

Windows Commands : Safeboot

Safe Mode:

bcdedit /set {default} safeboot minimal

Safe Mode with Networking:

bcdedit /set {default} safeboot network

Safe Mode with Command Prompt:

bcdedit /set {default} safeboot minimal
bcdedit /set {default} safebootalternateshell yes

To Remove either use msconfig to return to a normal boot or:

bcdedit /deletevalue {default} safeboot