Archive for February, 2012

SCCM – An error occurred while trying to initialize the Windows Deployment Services image server. Error Information: 0xC1030104

February 17, 2012

Got the above error after updating the SCCM boot images with some network drivers.
The PXE service wasn’t running, because the Windows Deployment Service service had stopped.
When starting this service manually, the above error occured
Usually people remove and re-install the PXE Point sccm Role, and/or the WDS Windows role.
What worked for me was just to refresh the boot image packages on the server. Nothing more.
Then the WDS service would start properly, and PXE worked again.
So, if you get this error, first simply try refreshing the packages containing your boot images.

IIS fails after Renewal of SSL certificate – The page cannot be displayed –

February 8, 2012

Scenario: After a PKI infrastructure migration, we were renewing SSL certificates on webservers, to replace all certificates issued by the old CA, by new certificates provided by the new CA.
Problems arose when we bound the new certificate to an IIS instance; the website on which it was used would stop working.
When you typed in the url of the website, you would simply get a message ” The page could not be displayed”
After using the SSL Diagnostics tool it turned out the private key was missing.
Of course, IIS doesn’t complain about that when you assign the certificate to the website… 😦
So, how did the private key turn up missing?
Well, we generated the certificate using the Web Enrollment page of the internal CA server. Then when you click the generated certificate, is is placed automatically in the Personal certificate Store.
We then just cut-paste the certificate to the Computer certificate Store.
But alas, that doesn’t include the private key then! So, you have to manually Export the ssl certificate from the Personal store, including the privaate key, and then import it into the local Computer certificate store.
Only then will it work for IIS.
Thanks to this article for helping us out

ADMT 3.2 on DC with SQLexpress 2008 fails – [DBNETLIB][ConnectionOpen (Connect().]SQL Server does not exist or access denied.”

February 1, 2012

In my small VM testenvironment, i created 2 2008 R2 DC’s and 1 Windows 7 client, to test some cross-forest migration scenarios.
For this, i tried to instal the ADMT (Active Directory Migration Tool ) 3.2.on one of the Domain Controllers.
Of course, you never would install this on a DC in production, but i simply did not have enough resources to add a member server to run this on. So, on the DC it is.
The ADMT needs a SQL server (sql express is also OK) to store its data in.
So i figured to install SQL Express 2008 SP1 on the DC.
Right away i got an error:

“SQL Server Setup Failure.
SQL Server Setup has encountered the following error:
Invoke or BeginInvoke cannot be called on a control unit until the window handle has been created..”

Workaround was using a custom install of sql express (using commandline) to provide the parameters to use a service account for the instance, because you cannot run it as a local service on a DC. Fair enough. Run the sqlexpress setup with the /? parameter and you get all the info needed. Installation of part 1 succeeded.

After that, i tried to install the ADMT. During this setup, it could not connect to the local SQL express instance, no matter what i tried.
Got the error:

“Unable to connect to ‘server\instance’, please ensure the SQL Server hosting this instance is running and connections can be made to this instance. [DBNETLIB][ConnectionOpen (Connect().]SQL Server does not exist or access denied.”

Then i stumbled across this posting, describing all the workarounds needed to get sql 2008 express working on the DC.
Also, it explained that there is no advantage to using sql 2008 express over 2005. Aha.
Conclusion: don’t run sql 2008 express on a DC. Use SQL 2005 Express with SP3 instead.