Hello Everyone, I have a problem with Client Push on SCCM SP2 R3 native mode site system. We have around 50 computers that has successfully received the agent via Client Push, but 5 computers are unable to meet the certificate requirements. These clients are W08R2 SP1 domain controllers and SCVMM, Hyper-V servers (these servers has self signed certificates also) The SCCM setting background is the following: Primary site server is in native mode with proper certificate and the certificate criteria is set to "Select any...". Failing computers has V3 certificate with Client and Server Authentication purposes and the subjects are filled FQDN and the Netbios name. The ccmsetup.log file contains the following error: Running as user "SYSTEM" Detected 68658 MB free disk space on system drive. DetectWindowsEmbeddedFBWF() Detecting OS Version Client OS Version is 6.1, Service Pack Version 1 Client OS is not a supported Windows Embedded Platform Ccmsetup is being restarted due to an administrative action. Installation files will be reset and downloaded again. Successfully ran BITS check. The 'Certificate Store' is empty in the registry, using default store name 'MY'. The 'Certificate Selection Criteria' was not specified, counting number of certificates present in 'MY' store of 'Local Computer'. 2 certificate(s) found in the 'MY' certificate store. The 'MY' of 'Local Computer' store has 2 certificate(s). Using custom selection criteria based on the machine name. Machine name is 'X.Y.Z'. There are no certificate(s) that meet the criteria. Performing search that includes SAN2 extensions... Checking if certificate issued to 'X.Y.Z' is valid for ConfigMgr usage. SSL Registry key Software\Microsoft\CCM not found, assuming Client SSL is disabled. Certificate issued to 'X.Y.Z' doesn't have private key. The certificate found using 'X.Y.Z' as cert name is not valid for ConfigMgr usage. Certificate SAN2 extension doesn't have DNS name. Using custom selection criteria based on the machine NetBIOS name. Machine name is 'X'. There are no certificate(s) that meet the criteria. I have checked all the certificate and all certificate have private key and the SAN2 extension contains the FQDN and Netbios name also. Can anyone tell me what is the problem? What am I missing? Any other clients are working properly... Thanks, mrgabriel

Hi - Native mode related post should be posted on Native mode Sub forum so that you can get timely response.Anoop C Nair - This posting is provided "AS IS" with no warranties or guarantees, and confers no rights. |Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi - Native mode related post should be posted on Native mode Sub forum so that you can get timely response. That's true, but no need to comment each and every posting that was posted to the "wrong" forum. There are moderators out here that will move those threads. That also helps to avoid double postings. Thanks.Torsten Meringer | http://www.mssccmfaq.de