Our goal is that the machine will have a registered CSA certificate after the process.
Regarding your Questions:
Yes, the problem lies within the imaging / os provisioning.
I am not entirely sure that the certificate is actually missing but at least the brokerconfig.exe does not find any certificate on the client.
I do not copy the .0 file to a different location, they are included in the agent configuration and paths are not changed or modified.
The provisioning agent has no CSA communication enabled, it contacts the core via IP (previosuly FQDN but thatmde no difference).
The final agent has CSA communication enabled + "dynamically determine connection route".
I will outline the problem a little further:
As previously said we want the machines to be "ready to go", so everything basic included when the os deployment is finished.
That includes a working certificate to communicate with the LANDesk Gateway appliance, also known as Cloud Service Appliance (CSA).
In system configuration step we have the following actions:
- Delete unattend.xml
- Configure agent provisioning
- Execute file gateway cert
- Reboot
- Installation of Dell Command Update
- Installation of drivers
- Reboot
- Configure agent standard
- Wait of 120s
- vulscan.exe for patchisntallation
- Reboot
As you can see we have a provisioning agent with limited functionality for the deployment process and later the full agent including all configurations.
Please note that only variant 1 from the first post is described here, variant 2 and 3 will have their respective actions after wait of 120s / the last reboot.
The problem lies within the action "Execute file gateway cert":
Result from provisioning history:
Execution status: Success
Internal status: 0
External status: -2146435027
If you start brokerconfig.exe on the client it states that the certificate is not installed.
So this step in all its variants as described in the first post seems not to be working.
Intresting enough just executing the command line brokerconfig.exe -r manually works without any problem.
Even when being within provisioning as local administrator.
However I can not see any difference to the screenshot provided above.
From my view of things either both should work or none of them.
Is there any difference?
Maybe something in the process changed by updating from 9.6 to 9.6 sp2?