Wednesday, February 12, 2014

ConfigMgr 2012 R2 bug found in task sequence account details

Today I did a "Build and Capture" on a Windows 7 image with software and updates. Everything went fine, till it was on 99% of the task sequence. Build and Capture fails capturing with error 0x80070056. When looking in the task sequence on the last step and click Verify and Test connection there's an error message: The specified network password is not correct. (Exception from HRESULT: 0x80070056).  

Another time I was seeing this error message: The user name or password is incorrect (Exception from HRESULT: 0x8007052E). 

Strange thing is when I enter account information again, everything seems to be okay. "The connection was successfully verified."

After closing the task sequence and do Verify and Test connection again, same error message as above!

I closed the ConfigMgr console, created a new task sequence, did a reboot of the Primary Site server, nothing seems to solve the issue. When looking at another step in the task sequence (join domain credentials) it goes wrong also. "The user name or password is incorrect." and 0x8007052E error message.

Very strange however that account details are wrong, while I have filled in domain and account details before successfully. For it seems ConfigMgr is not saving my domain and account information in the task sequence(s), while other properties are going fine.

Does someone recognize above issue and has an solution!?
Maybe it's better if Verify and Test connection button can be pressed only once, and is greyed out after that. This prevents mistakes!


Update: Kenny Buntinx has posted: It is certainly not a bug, but a security decision. All “secrets” including all passwords are encrypted in delivery and by client using Windows data protection API.

Update: Nicholas Jones is right in this post: SCCM 2012 Network Access Account password problemVerify the password only once, and you should have no issues.

4 comments:

  1. It is certainly not a bug , but a security decision to not store the password inside the task sequence and copy it with it when you duplicate or export /import . see technet : http://technet.microsoft.com/en-us/library/hh273490.aspx

    Passwords that are stored in the task sequence are not exported. If you export and import a task sequence that contains passwords, you must edit the imported task sequence and specify any passwords again. Ensure that you specify passwords for Join Domain or Workgroup, map network drive, and Run Command Line actions

    Kenny Buntinx

    ReplyDelete
    Replies
    1. Hi Kenny, I did not export or import the task sequence. When I create a new task sequence with Capture steps only, I have above issue also. Therefore I still think it's a bug.

      On MS TechNet there's a workaround mentioned (for SP1) to verify only once, and not again after that (because of the error message). When that's the case it's a bug for sure..

      Regards, Henk

      Delete
  2. I have the same issue - help!

    ReplyDelete
    Replies
    1. Just verify the password only once, and you should have no issues. Hope it helps!

      Delete