I’ve seen this quite a bit so I thought I might as well post it in case others see the same problem, what happens is that computers (virtual or real) that have an incorrect date in the BIOS will cause Policy retrieval problems during PXE boot.
Failure to retrieve policy means you cannot run any task sequence and the failure will in turn produce an error just before running any Required (Mandatory) task sequence or before displaying a list of one or more Available (optional) task sequences.
Note: The error produced occurs immediately after entering the PXE password if one is set. The error message displayed to the end user is shown below, in the example below the DATE was set to one year earlier than the current date:
Failed to Run Task Sequence An error occurred while retrieving policy for this computer (0×80004005). For more information, please contact your system administrator or helpdesk operator.
and the actual error message shown using CMTrace in red text in the SMSTS.LOG file found in x:\windows\temp\smstslog is shown below
and the text of the error message contained in SMSTS.LOG will appear something like the below
<![LOG[reply has no message header marker]LOG]!><time=”17:18:38.515+480″ date=”07-22-2013″ component=”TSPxe” context=”” type=”3″ thread=”1260″ file=”libsmsmessaging.cpp:1970″>
<![LOG[DoRequest (sReply, true), HRESULT=80004005 (e:\qfe\nts\sms\framework\osdmessaging\libsmsmessaging.cpp,5868)]LOG]!><time=”17:18:38.515+480″ date=”07-22-2013″ component=”TSPxe” context=”” type=”0″ thread=”1260″ file=”libsmsmessaging.cpp:5868″>
<![LOG[Failed to get client identity (80004005)]LOG]!><time=”17:18:38.530+480″ date=”07-22-2013″ component=”TSPxe” context=”” type=”3″ thread=”1260″ file=”libsmsmessaging.cpp:6148″>
<![LOG[ClientIdentity.RequestClientIdentity (), HRESULT=80004005 (e:\qfe\nts\sms\client\tasksequence\tsmbootstrap\tsmediawizardcontrol.cpp,1114)]LOG]!><time=”17:18:38.530+480″ date=”07-22-2013″ component=”TSPxe” context=”” type=”0″ thread=”1260″ file=”tsmediawizardcontrol.cpp:1114″>
<![LOG[failed to request for client]LOG]!><time=”17:18:38.530+480″ date=”07-22-2013″ component=”TSPxe” context=”” type=”3″ thread=”1260″ file=”tsmediawizardcontrol.cpp:1114″>
<![LOG[Exiting TSMediaWizardControl::GetPolicy.]LOG]!><time=”17:18:38.530+480″ date=”07-22-2013″ component=”TSPxe” context=”” type=”0″ thread=”1260″ file=”tsmediawizardcontrol.cpp:1420″>
Well the fix is easy enough, simply set the correct date in the bios and then reboot the client computer and PXE boot again, this time it should not get the error noted above and it should receive policy correctly.
While the above is an easy fix if it’s a rare event you might want to automate a solution if you deal with imaging a lot of computers. So here’s a method I’ve created to do just that, it uses the prestart ability to run a script in WinPE to sync time using NET TIME with a server you specify in your domain, it does require domain user credentials but you can decide how to deal with that.
So Let’s get started…
Step 1. Download the following script
WinPE_timesync.zip 1.35KB 4 downloads
Copy this script somewhere useful on your ConfigMgr server, once done open it in notepad and configure the following section before continuing,
save your changes
Step 2. Add a prestart command to your boot wim
Locate a boot image that you are using in your Task Sequences, and right click it, choose properties.
click on the Customization tab and place a checkmark in Enable Prestart Command as in the screenshot below, enter the following in the box provided
Next, place a checkmark in the Include files for the prestart command and click on browse, then browse to the network share where the script downloaded above is stored as shown in the screenshot below
Apply the changes above, and answer yes when prompted as shown below
Click next when prompted and continue through that wizard to completion.
Step 3. Test PXE boot
Using a computer that has the bios DATE deliberately set incorrectly (like 05-05-05) PXE boot the computer. If you only have access to a virtual machine such as hyperV then PXE boot and before entering the PXE password press F8, then type Date and enter the date 05-05-05.
Note: Please make sure that the last deployed task sequence contain the boot image used above otherwise this prestart won’t be used. You can do this by right clicking on the last deployed task sequence and verify what boot image is listed in the Advanced tab like below.
Once done, PXE boot the computer with that you plan on testing with.
If it’s a virtual machine like mine, press F8 and type date to set the date to something incorrect like 05-05-05 as shown below
Note: Without the prestart command and script provided here, the above date would be enough to produce the problem mentioned at the start of this guide !
Now you are ready to enter the PXE password, so go ahead and enter it, then press next, if you did the above correctly the prestart will pop up a command prompt window before running the script
After a while, you’ll see the list of task sequences displayed even though the computer had an incorrect BIOS date, now that is a result, no reboot needed !
So how does it all work ? well the script makes a connection to the specified server using a domain user, once this completes successfully (and it’s required), we use a NET TIME command to sync the bios DATE/TIME with that on the server specified. You can see this in action by reviewing the SMSTS.log in CMTRACE
In the screenshot below we see the first command prompt we opened to forcefully change the date manually.
Notice how the logging jumps from the real date/time to 2005, that’s the incorrect date now in ‘action’.
scroll down a bit until you see it executing the prestart command as shown in the screenshot below, notice how before the prestart the date is 05-05-2005 but after it’s changed to the correct date and that the date change correction occurs before the Management point is contacted
the rest of the smsts.log file will look like any normal one processing and downloading policy before displaying the list of task sequences, this would not be possible without the fix above.
job done !
The script generates three log files listed below
please refer to these logs when troubleshooting non-working scenarios, for comparison purposes you can see what my successful log files look like below:
You can download a Microsoft Word copy of this guide here.