update 13/05/2015

It may not be that complicated, 2 things to check:

1. If there are leftover of last deployment, so go to c drive, windows and delete everything related to SCCM. CCMsetup or etc.

2. Check the system bios time.



SCCM OSD Reboots straight after TASK Sequence commence
1. Before it restart hold F8 to bring up the dos window
2. Find the log from X:\windows\Temp\SmsTSlog\smsts.log
3. From log find this:
<![LOG[There are no task sequences available to this computer.. Please ensure you have at least one task sequence advertised to this computer.\

4. Google this error and found several posts regarding certificate :
There are no task sequences available to this computer.. Please ensure you have at least one task sequence advertised to this computer. Unspecified error (Error: 80004005; Source: Windows)

Finally I believe either way it is not a good idea to use the self-signed certificate on Distribution point, because of this:

KB: A PXE enabled Distribution Point that uses a self-signed certificate will generate many files in System Center 2012 Configuration Manager

5. From there I need to following instruction of here to installed a certificate for DP:

To create and issue the custom Workstation Authentication certificate template on the certification authority

  1. On the member server that is running the Certification Authority console, right-click Certificate Templates, and then click Manage to load the Certificate Templates management console.
  2. In the results pane, right-click the entry that displays Workstation Authentication in the column Template Display Name, and then click Duplicate Template.
  3. In the Duplicate Template dialog box, ensure that Windows 2003 Server, Enterprise Edition is selected, and then click OK.
  4. ImportantImportant
  5. Do not select Windows 2008 Server, Enterprise Edition.
  6. In the Properties of New Template dialog box, on the General tab, enter a template name to generate the client authentication certificate for distribution points, such as ConfigMgr Client Distribution Point Certificate.
  7. Click the Request Handling tab, and select Allow private key to be exported.
  8. Click the Security tab, and remove the Enroll permission from the Enterprise Admins security group.
  9. Click Add, enter ConfigMgr IIS Servers in the text box, and then click OK.
  10. Select the Enroll permission for this group, and do not clear the Read permission.
  11. Click OK and close Certificate Templates Console.
  12. In the Certification Authority console, right-click Certificate Templates, click New, and then click Certificate Template to Issue.
  13. In the Enable Certificate Templates dialog box, select the new template that you have just created, ConfigMgr Client Distribution Point Certificate, and then click OK.
  14. If you do not have to create and issue any more certificates, close Certification Authority.
  15. Requesting the Custom Workstation Authentication Certificate
  16. This procedure requests and then installs the custom client certificate on to the member server that runs IIS and that will be configured as a distribution point.

To request the custom Workstation Authentication certificate

  1. Click Start, click Run, and type mmc.exe. In the empty console, click File, and then click Add/Remove Snap-in.
  2. In the Add or Remove Snap-ins dialog box, select Certificates from the list of Available snap-ins, and then click Add.
  3. In the Certificate snap-in dialog box, select Computer account, and then click Next.
  4. In the Select Computer dialog box, ensure Local computer: (the computer this console is running on) is selected, and then click Finish.
  5. In the Add or Remove Snap-ins dialog box, click OK.
  6. In the console, expand Certificates (Local Computer), and then click Personal.
  7. Right-click Certificates, click All Tasks, and then click Request New Certificate.
  8. On the Before You Begin page, click Next.
  9. If you see the Select Certificate Enrollment Policy page, click Next.
  10. On the Request Certificates page, select the ConfigMgr Client Distribution Point Certificate from the list of displayed certificates, and then click Enroll.
  11. On the Certificates Installation Results page, wait until the certificate is installed, and then click Finish.
  12. In the results pane, confirm that a certificate is displayed that has Client Authentication displayed in the Intended Purpose column, and that ConfigMgr Client Distribution Point Certificate is displayed in the Certificate Template column.
  13. Do not close Certificates (Local Computer).

Exporting the Client Certificate for Distribution Points

This procedure exports the custom Workstation Authentication certificate to a file, so that it can be imported in the distribution point properties.
To export the client certificate for distribution points

  1. In the Certificates (Local Computer) console, right-click the certificate that you have just installed, select All Tasks, and then click Export.
  2. In the Certificates Export Wizard, click Next.
  3. On the Export Private Key page, select Yes, export the private key, and then click Next.
  4. noteNote
  5. If this option is not available, the certificate has been created without the option to export the private key. In this scenario, you cannot export the certificate in the required format. You must reconfigure the certificate template to allow the private key to be exported, and then request the certificate again.
  6. On the Export File Format page, ensure that the option Personal Information Exchange - PKCS #12 (.PFX) is selected.
  7. On the Password page, specify a strong password to protect the exported certificate with its private key, and then click Next.
  8. On the File to Export page, specify the name of the file that you want to export, and then click Next.
  9. To close the wizard, click Finish in the Certificate Export Wizard page, and click OK in the confirmation dialog box.
  10. Close Certificates (Local Computer).
  11. Store the file securely and ensure that you can access it from the Configuration Manager console.
  12. The certificate is now ready to be imported when you configure the distribution point.

Have done all that, no difference. So look into logs again:
Find the computer name:
Client GUID = GUID:xxxxxx, Netbios name = xxxxx, State = Known]LOG]!><time="10:05:27.351-660" date="03-13-2015" component="TSPxe" context="" type="0" thread="832" file="tspolicy.cpp:685">

From configuration server delete computer and test it again, it runs normal.

This actually make sense.
Because for this computer, it was imaging half way and finished by me manually, it looks like from Server it stores clients remaining tasks and try to let client finish the remained tasks by restarting, however I have manually interupted it so it lost track of what to do next.
Good to learn.

About Lei

I am an IT specialist with over 10 year experience - years on Automation, on-Premise or Azure.

I am happy to develop however never want be a full time developer. Only do what I have to do. If it has to be PowerShell,HTML, PHP, CSS, C#, VBS or JS, front end or backend, so be it, doesn't matter!

Spent years with Windows, SCCM, SharePoint, SQL and Exchange servers. For last several years, I have been actively working under On Premise > Azure environment.


Current Certificates:
    Microsoft® Certified-
  • -Enterprise Administrator
  • -Database Administrator
  • -SharePoint Administrator
  • -Administering and Deploying SCCM 2012
Red Hat Certified Technician
ITIL V3 Foundation - Practitioner

Working on Azure Certificates now and hopefully they can stop upgrading their questions one day! GIVE ME A BREAK!

Contact Lei

Name *
Email *
Comments *

Traffic since 10/08/2016

This week518
This month2591

Visitor Info

  • IP:
  • Browser: Unknown
  • Browser Version:
  • Operating System: Unknown

Who Is Online