Things to check after site recovery

Unfortunately I have found myself in a disaster scenario that required recovering one of our sites.
This is my list of identified problems from that experience. Please let me know if you have ran into more. Please first check everything listed from Microsoft here. It is important to reset your passwords in the console and apply all hotfixes.

1. Compliance items not showing up on SCCM Clients
– Resolved by redeploying the compliance items

2. Hardware Inventory/Asset Intelligence not being collected
– Resolved by recreating client settings and deploying

3. OSD Broken due to DP Certificate Store error
File:TmPx86x64{x.x.x.x.x.x.xx..x.x.x.x..x}.bcd
Status: 0xc0000098
Info: The Windows Boot Configuration data(BCD) file from the PXE server does not contain a valid operating system.
When you check the SMSPXE log, it shows the following message
PXE:: MP_LookupDevice failed 0x80092002
Failed to create certificate store from encoded certificate
– Resolved by Right click on DP under General and change the date for the self sign certificate

4. OSD Broken due to all unknown computers collection no longer contains members
– Resolved by recreating the unknown computers objects and adding to collection.

To recreate the collections, change the registry value of CreatedUnknownDDR under SOFTWAREMicrosoftSMSCOMPONENTSSMS_DISCOVERY_DATA_MANAGER on your primary site server (not the CAS). Set the value to 0.

Then, re-start the SMS_EXECUTIVE service. When the Discovery Data Manager (DDM) component starts, it will think that the Unknown System records have not been created, and will recreate them.

The above restored my unknown computers however it created duplicates. I went ahead and created a collection with those for the site code and then deployed my OSD task sequences as available. I tested against my test VM and successful deployment…or so I thought.

5. Reports that OSD was STILL Broken for 15% of systems due to duplicate unknown computers
– Resolved by removing the older unknown computer object directly from the sccm database

There are known issues after a site restore for duplicate unknown computer objects. When this occurs systems will not be able to identify which unknown object to identify with, and will not fall under the proper unknown collection. We have tried to create a collection with the duplicated/original computers but this will not work. Machines will attempt to pxe and return with the following.

PXE-E53: No boot filename received PXE-M0f: Exiting Intel PXE ROM. Operating system not found.

Typically in the past the solution is to go into the configmgr console and delete the duplicate object so it will now be able to view the advertisement to unknown computers collection.

Example of problem. This will show the duplicate objects for KW1.

I am in a CAS environment and I had to perform the restore on the CAS from my primary site servers database. I Launched SQL Mgnt studio on my primary and and ran the following query

select * from UnknownSystem_DISC

Pay attention to the far right column named Creation_Date0. These dates represent when the object was originally created (initial hierarchy implementation) and the date of site restore. We are looking for the dates on the duplicate unknown objects. The item keys need to be deleted for the older object.
Run this sql command

delete from UnknownSystem_DISC where ItemKey in (2046820352, 2046820353)

After this I decided now that I Have the two proper newly created unknown computers objects (x86 and x64)

my next action would to make a new unknown computers collection and redeploy my available task sequences.

Side note: Number 4/5 When I first tested OSD I must have been a test VM that was a known computer. When I tested OSD again I must have used another test VM that was an unknown computer. This was something that was overlooked at the time which lead me to believe OSD was 100% functional before I went on weekend vacation in Dubai. When I returned from partying it was reported that some systems were still having problems with OSD.

Yes… I know it is against Microsoft best practice to deploy to all systems however this is what the customer required. Roughly 90%+ of all systems imaged at the site are existing known objects.

ALSO SEE : Start Windows Update Service Compliance item