Ran into an interesting case this week that I thought was definitely worth sharing. So a client updated their SCCM 2012 environment to the latest SP CU combination and everything appeared to be working but the Software Update Synchronizations were failing. In the console it was showing error code 0x8013141A. A dig into the “WSYNCMGR.log” showed the errors below:
We did some digging around through IIS, certificates, SUP settings in the SCCM 2012 console, and even the SUP settings in the WSUS console. Nothing suspicious was found. Some quick searching with our favorite search provider (Bing of course) for “Strong name validation failed” turned up various posts relating to Visual Studio and .Net. This server did not have Visual Studio installed nor was any application development occurring. But we ran across a solution on MSDN blogs and figured it was worth a shot. (https://blogs.msdn.microsoft.com/keithmg/2012/03/20/strong-name-validation-failed-exception-from-hresult-0x8013141a/)
Basically we needed to create new registry keys under HKLM\Software\Microsoft and HKLM\Software\Wow6432Node\Microsoft to reflect the public key to exclude it from the “Strong Name Validation”. Now I will warn that the above Microsoft blog post does mention that this could potentially be an unsafe configuration so be aware of the risks before making this change in your environment. The exact keys in our example from above to be created are as follows:
HKLM\Software\Microsoft\StrongName\Verification\*,31bf3856ad364e35
HKLM\Software\Wow6432Node\Microsoft\StrongName\Verification\*,31bf3856ad364e35
Once both of those keys were inputted in the registry we gave the server a quick reboot. Once it came back online and settled down we kicked off a SUP Synchronization from the SCCM console and kept a close eye on the “WSYNCMGR.log” for any recurrence of errors. Luckily, synchronization kicked off without a hitch and began processing successfully.
No comments:
Post a Comment