Error Messages in Clientauth.log - anything to worry about?

Author
pysclist
New Member
  • Total Posts : 13
  • Scores: 0
  • Reward points: 6550
  • Joined: 2013/01/10 11:39:47
  • Status: offline
2014/01/17 05:45:02 (permalink)
0

Error Messages in Clientauth.log - anything to worry about?

Hi All,
 
I'm hoping someone may have some experience of this situation & can shed some light on it.
 
We have 2012 R2 site, primary site server with local DB, 3 MPs with Replicas (one for ICBM, not yet fully configured) the other 2 for intranet clients. The MPs each have a sql replica configured, based on guides found on this site. Replication Monitor looks happy. We have recently migrated around 3000 clients from SCCM 2007 R3 on to this 2012 site - the 2007 site is still up, but no longer discovering or pushing.
 
I have noticed that both of the Intranet MPs have a good number of these errors in the clientauth.log - these also appear in component monitor which cycles between warning state and green - guess it is on the threshold of warning counts;
 

Message from GUID:blah client failed signature validation 17/01/2014 10:09:47 5400 (0x1518)Skipping raising MPEvent_ClientAuth_SignatureFailure event because 4 such events were already raised in the past 60 minutes 17/01/2014 10:09:47 5400 (0x1518)Could not verify message signature for client GUID:blah . 17/01/2014 10:09:47 5400 (0x1518)Error verifying message from client GUID:blah  (0x80090006). 17/01/2014 10:09:47 5400 (0x1518)

 
There have been roughly 18 of these on one MP in the last hour (which is roughly the hour when everyone is turning on & waking up PCs)  the log file on the other MP looks very similar in counts of these errors.
 
Component Monitor looks like this - it logs 2 of these for each client.
 

MP has rejected a message from GUID:blah because the signature could not be validated. If this is a valid client, it will attempt to re-register automatically so its signature can be correctly validated.

 
I've traced these back to 3 clients so far & cant see anything not working - clientidmanagerstartup looks fine, ccmessaging seems normal - you can even see the times of messages sent that correspond with the errors - no errors on the client & you do not seem to see errors for every message the client sends, looks like just the first 2 messages.
 
Inventory also seems happy, they are downloading scep updates OK & there are no obvious errors in other supporting logs.
 
Happy to give more information & details, but just wanted to air this first & see if anyone else has come across it.
 
Many thanks
 
Colin
 
 
 
 
#1

2 Replies Related Threads

    bmason505
    Expert Member
    • Total Posts : 3348
    • Scores: 250
    • Reward points: 104870
    • Joined: 2003/01/23 10:05:07
    • Location: Minneapolis, MN
    • Status: offline
    Re:Error Messages in Clientauth.log - anything to worry about? 2014/01/17 17:09:15 (permalink)
    0
    The signature validation sort of sounds like they are CM07 clients hitting it.  They're really CM12?

    Brian Mason
    MCTS\MS MVP - Enterprise Mobility (CM)     
    http://mmsmoa.com
    Attend MMS in May!
    #2
    pysclist
    New Member
    • Total Posts : 13
    • Scores: 0
    • Reward points: 6550
    • Joined: 2013/01/10 11:39:47
    • Status: offline
    Re:Error Messages in Clientauth.log - anything to worry about? 2014/01/22 16:57:47 (permalink)
    0
    Fairly certain - the ones I've looked at so far were updating scep fine & didn't see anything in logs to suggest that they were looking at the old hierachy .

    I will bare that in mind though - maybe the GUID exists on 2007 as well and points at a different machine ... Seems a bit thin, but I'll try look again tomorrow and report back.

    Thank you

    Colin
    #3
    Jump to:
    © 2018 APG vNext Commercial Version 5.5