I was installing a SBS Essentials and kept getting an error indicating a problem connecting the computer wouldn’t do a trust connection to the server.


In digging out the log files (per http://social.technet.microsoft.com/wiki/contents/articles/3887.aspx)

On XP machines the log files are located in C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Server\Logs and on Vista and later under the hidden ProgramData folder.

[1068] 110924.220212.0677: ClientSetup: JoinNetwork had errors: ErrorCatalog:CAError ErrorCode:2
BaseException: Microsoft.WindowsServerSolutions.Devices.Identity.MachineIdentityException: MachineIdentityManager.GetCert
at Microsoft.WindowsServerSolutions.Devices.Identity.MachineIdentityManager.GetCert(String serverName, String userName, String password, Boolean bForce)
at Microsoft.WindowsServerSolutions.ClientSetup.ClientDeploy.JoinNetworkTask.Run(WizData data)
[1068] 110924.220212.0677: ClientSetup: Exiting JoinNetworkTask.Run

All the known resolutions talked about machine key permissions (which were set right in my case) or a time situationi on the workstations (also set fine in my case).  It wasn’t until I opened up the Certificate Authority on the server and remembered that I had shifted the date on the server because it wasn’t coming up with the right date… and sure enough after I shifted it back, the workstations installed just fine.

It was in looking at the CA and the failed cert deployments that it reminded me of a sequence that occurred in the deployment that might explain this.

The server was accidentally off in it’s time.  Bottom line this isn’t something that you’d normally see, but just remember to look in unexpected places like the Certificate Authority on a SBS Essentials box that might give you a clue of what’s going on.


One Response to When the log files give you a clue

  1. Dean says:

    Here is a good topic for a posting.

    Hitachi states on thier web site that for a failed drive that you return:

    “You will receive a different hard drive. All data and software on your returned hard drive will be lost.”

    So if the drive is not functional you cannot wipe the data before you send it in. So do you send it in with all of the data on it and get a replacement or keep it and destroy it ?