KnowledgeBase Archive

An Archive of Early Microsoft KnowledgeBase Articles

View on GitHub

Q263398: ITG: Site Component Manager Reinstalls Repeatedly

Article: Q263398
Product(s): Microsoft Systems Management Server
Version(s): winnt:2.0,2.0 SP1,2.0 SP2
Operating System(s): 
Keyword(s): kbsms200 kbsms200preSP3
Last Modified: 20-OCT-2000

-------------------------------------------------------------------------------
The information in this article applies to:

- Microsoft Systems Management Server versions 2.0, 2.0 SP1, 2.0 SP2 
-------------------------------------------------------------------------------

SYMPTOMS
========

When you run various Microsoft Systems Management Server services in both
Microsoft Windows NT 4.0 and Microsoft Windows 2000, you may find that the
services are unable to establish communication with a site system and the site
system is flagged to be reinstalled.

CAUSE
=====

This behavior can occur if the following conditions are true:

- A server is unavailable during the Systems Management Server services normal
  polling cycle, because of scheduled downtime or transient network failure.

- The security policy is modified to prevent domain administrators from making
  policy changes.

- The security policy is configured to deny "logon as a service" rights to all
  domain accounts. When Systems Management Server services are configured to
  use one of these accounts and the Systems Management Server Administrator
  configures either logon discovery/installation or configures a domain
  controller as a client access point (CAP), the logon server manager or site
  component manager configures itself on the new site system. The security
  policy prevents "logon as a service" rights and a new account is created to
  support the new service. The new account works until the security policy is
  applied to the system at the next logon or refresh interval. The new account
  does not have "logon as a service" rights and the service cannot start again.
  When the failed service is detected, the site system is marked for
  reinstallation. This cycle continues until the security policy is corrected.

WORKAROUND
==========

To work around this issue, try one of the following:

- Grant the Systems Management Server Service account the rights to add this
  policy to accounts.

- Change the default policy to allow any account to log on as a service on
  domain controllers.

- Do not use Logon Discovery. Use logon installation or Network Discovery -
  Remote Client Installation to install clients.

- Do not use domain controllers as CAPs.

Additional query words: prodsms

======================================================================
Keywords          : kbsms200 kbsms200preSP3 
Technology        : kbSMSSearch kbSMS200 kbSMS200SP1 kbSMS200SP2
Version           : winnt:2.0,2.0 SP1,2.0 SP2
Issue type        : kbprb
Solution Type     : kbnofix

=============================================================================

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Copyright Microsoft Corporation 1986-2002.