IT Consultant Everyday Notes

Just some problems/solutions storage

SCCM 2012: SCCM 2012 SP1 Client update failed. Error: “Couldn’t verify ‘C:\Windows\ccmsetup\MicrosoftPolicyPlatformSetup.msi’ authenticode signature. Return code 0x800b0101

UPDATE: Microsoft published updated binaries for SCCM 2012 SP1 addressing this (and other minor) issues. You should use this new file set  for new installations. Links are here: http://blogs.technet.com/b/gladiatormsft/archive/2013/01/26/you-may-need-to-re-download-configuration-manager-2012-and-endpoint-protection-2012-sp1-binaries.aspx

 

I upgraded my Lab SCCM to 2012 and decided to try “Client autoupdate” feature introduced with SCCM 2012.

Unfortunately the attempt failed and I saw

Couldn’t verify ‘C:\Windows\ccmsetup\MicrosoftPolicyPlatformSetup.msi’ authenticode signature. Return code 0x800b0101

in ccmsetup.log on the Client.

Signing certificate for the msi looks like:

image

so it looks expired for me  Smile

Fortunately Microsoft published http://support.microsoft.com/kb/2801987  – Cumulative update 0 (CU0)  including an update (download)

I download the update and ran it on my SCCM

image

it did not pass from the first time, of course:

image

I should say the warning is a bit confusing – from the first sentence – Reboot is not required, from the second – I must restart the computer. Winking smile. Reboot the server and try again!

This time it looks better:

 

image

image

 

create packages:

image

and proceed with install:

image

Checking certificate again:

image

and the msi is validated successfully and the client is installed:

image

Do not forget to deploy the update to another Primary servers.

Anoop found some confusion between KB and the update wizard: http://anoopcnair.com/2013/01/14/configmgr-2012-sp1-kb-2801987-confusing-information-in-kb-article-vs-wizard/

I still think the updates is not necessary for CAS…

Advertisements

6 responses to “SCCM 2012: SCCM 2012 SP1 Client update failed. Error: “Couldn’t verify ‘C:\Windows\ccmsetup\MicrosoftPolicyPlatformSetup.msi’ authenticode signature. Return code 0x800b0101

  1. Joel Guevara January 21, 2013 at 9:18 am

    Thx for the detailed instructions. The one thing I would like clarification with is, do you apply this update after the install of SP1 or before? any information is greatly appreciated.

  2. Jason March 19, 2013 at 8:34 am

    What happens after 3/4/2013?

  3. Alon Or December 30, 2014 at 12:37 pm

    Make a .reg file with the following and import to problematic client:

    Windows Registry Editor Version 5.00

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing]
    “State”=dword:00023c00

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: