Enterprise Mobility and Security Blog

RSS

[Today’s post comes to us from Carol Bailey]


When you reassign a Configuration Manager client from one hierarchy to another, the client already has a trusted root key from its original hierarchy. Reassigning the client to a new hierarchy means that the client will also be assigned to a new management point. When both the trusted root key and the management point changes, by default, the client will become unmanaged. In this scenario, the Advanced Client component will send the status message ID 10822 to the site, with a description that it encountered a certificate for a management point that it could not verify. Additionally, the client log file Locationservices.log will display the following error: The trusted key, mp certificate and the mp machine have changed on server. The client cannot validate the authentication information.


If you want to just reassign a client to a new hierarchy without reinstalling it, you have two options:



Alternatively, when you reassign the client, you can also reinstall it by using a method that includes the trusted root key.  For example:



Carol Bailey


This posting is provided “AS IS” with no warranties, and confers no rights.