Wizard.hta Access Denied

Jan 16, 2010 at 10:39 AM


I'm running through MaikKoster.Deployment_v5 and I have a problem when the Wizard.hta when booting up a client. It loads into Winpe and then says "A vbscript error has occurred Error:                           -2147024891". If I bootup a PC which has XP OS on it, and copy over all the scripts, then run it from the command prompt, I get exactly the same error message.

The user account I am using is a domain admin account with permissions to SCCM and I can run all the ad.asmx and sccm.asmx scripts. However, when I run the GetSCCMAssignedSite script, it just returns the XML headings with no Site Code information.

I am not using the MDT workbench database, just the MDT integration scripts loaded for Task Sequencer

I have been perservering with this for a week, but don't seem to be getting any closer.

The webservice log (MyMTDTrace.log) is below:

AD Webservice: Specified Domain is DC=Lab,DC=net
AD Webservice: Specified Username is Lab\administrator
Constructor: Trying to create new Active Directory Root Entry for Domain DC=Lab,DC=net
Constructor: Using credentials for supplied Username Lab\administrator
Constructor: Created new Active Directory Root Entry LDAP://DC=Lab,DC=net
IPToDecimal: Parsed IP Address to 3232261487
GetSystemManagement: Found "System Management" OU at LDAP://CN=System Management,CN=System,DC=Lab,DC=net
GetSCCMAssignedSite: Searching for SCCM AssignedSite for IP Address
GetSCCMAssignedSite: Searching within all objects of objectClass mSSMSRoamingBoundaryRange
GetSCCMAssignedSite: Not found within objects of objectClass mSSMSRoamingBoundaryRange.
GetSite: Searching for Active Directory Site for IP Address
IPInSubnet: Check if IP is within subnet
IPToDecimal: Parsed IP Address to 3232261487
IPToDecimal: Parsed IP Address to 3232261376
IPInSubnet: IP is within subnet
GetSite: Found Site Default-First-Site-Name for IP Address
GetSCCMAssignedSite: Searching within all objects of objectClass = mSSMSSite
GetSCCMSite: Active Directory site not found in objects of objectClass mSSMSSite.
GetSCCMSite: Loop again through Property mSSMSRoamingBoundaries interpreting IP Subnets.
GetSCCMAssignedSite: Could not find SCCM AssignedSite for IP Address
SCCM Webservice: Specified root server is SCCM01
SCCM Webservice: Specified SLP server is SCCM01
SCCM Webservice: Specified Root SiteCode is CEN
SCCM Webservice: Specified SCCM connection string is  Server=sccm01;Database=SMS_CEN;User ID=Lab\administrator;Password=Passw0rd-123
SCCM - Connect: Not site code available

The BDD log is below:

------------------------- Initialization ------------------------- ZTIGather 15/01/2010 16:28:46 0 (0x0000)
Operating System = WinPE ZTIGather 15/01/2010 16:28:46 0 (0x0000)
Is a server OS = False ZTIGather 15/01/2010 16:28:46 0 (0x0000)
OS current version = 6.0.6001 ZTIGather 15/01/2010 16:28:46 0 (0x0000)
OS current build = 6001 ZTIGather 15/01/2010 16:28:46 0 (0x0000)
Property OSVersion is now = WinPE ZTIGather 15/01/2010 16:28:46 0 (0x0000)
Property IsServerOS is now = False ZTIGather 15/01/2010 16:28:46 0 (0x0000)
Property OSCurrentVersion is now = 6.0.6001 ZTIGather 15/01/2010 16:28:46 0 (0x0000)
Property OSCurrentBuild is now = 6001 ZTIGather 15/01/2010 16:28:46 0 (0x0000)
Is a server core OS = False ZTIGather 15/01/2010 16:28:46 0 (0x0000)
Property IsServerCoreOS is now = False ZTIGather 15/01/2010 16:28:46 0 (0x0000)
HAL Name = acpiapic ZTIGather 15/01/2010 16:28:46 0 (0x0000)
Property HALName is now = acpiapic ZTIGather 15/01/2010 16:28:46 0 (0x0000)
Host name = MININT-U79MDA6 ZTIGather 15/01/2010 16:28:46 0 (0x0000)
Property HostName is now = MININT-U79MDA6 ZTIGather 15/01/2010 16:28:46 0 (0x0000)
Asset tag = CZC7180G0Y ZTIGather 15/01/2010 16:28:47 0 (0x0000)
IsLaptop = False ZTIGather 15/01/2010 16:28:47 0 (0x0000)
IsDesktop = True ZTIGather 15/01/2010 16:28:47 0 (0x0000)
IsServer = False ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Serial number = CZC7180G0Y ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Processor architecture = X86 ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Processor speed = 2133 ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Capable architecture = AMD64 X64 X86 ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Make = Hewlett-Packard ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Model = HP Compaq dc7700 Small Form Factor ZTIGather 15/01/2010 16:28:47 0 (0x0000)
UUID = 0C282DDD-F85F-11DB-BBDA-4BC6449E001A ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Product = 0A54h ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property AssetTag is now = CZC7180G0Y ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property SerialNumber is now = CZC7180G0Y ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property Make is now = Hewlett-Packard ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property Model is now = HP Compaq dc7700 Small Form Factor ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property Product is now = 0A54h ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property UUID is now = 0C282DDD-F85F-11DB-BBDA-4BC6449E001A ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property Memory is now = 2022 ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property Architecture is now = X86 ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property ProcessorSpeed is now = 2133 ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property CapableArchitecture is now = AMD64 X64 X86 ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property IsLaptop is now = False ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property IsDesktop is now = True ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property IsServer is now = False ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Checking network adapter: [00000000] Intel(R) 82566DM Gigabit Network Connection ZTIGather 15/01/2010 16:28:47 0 (0x0000)
MAC address = 00:1A:4B:C6:44:9E ZTIGather 15/01/2010 16:28:47 0 (0x0000)
IP Address = ZTIGather 15/01/2010 16:28:47 0 (0x0000)
IP Address = fe80::681d:c7ba:1f59:cf35 ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Default Gateway = ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Finished retrieving network info via WMI ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property IPAddress001 is now = ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property IPAddress002 is now = fe80::681d:c7ba:1f59:cf35 ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property MacAddress001 is now = 00:1A:4B:C6:44:9E ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Property DefaultGateway001 is now = ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Unable to determine SMS distribution point server name ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Unable to determine WDS server name, probably not booted from WDS. ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Processing the  phase. ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Using from [Settings]: Rule Priority = DEFAULT ZTIGather 15/01/2010 16:28:47 0 (0x0000)
------ Processing the [DEFAULT] section ------ ZTIGather 15/01/2010 16:28:47 0 (0x0000)
------ Done processing x:\Deploy\Scripts\SCCM_Bootstrap.ini ------ ZTIGather 15/01/2010 16:28:47 0 (0x0000)
ZTIGather processing completed successfully. ZTIGather 15/01/2010 16:28:47 0 (0x0000)
Successfully executed command wscript.exe "x:\Deploy\Scripts\ZTIGather.wsf" /inifile:SCCM_Bootstrap.ini, rc = 0 ZTIMediaHook 15/01/2010 16:28:47 0 (0x0000)
Using COMMAND LINE ARG: Ini file = x:\Deploy\Scripts\SCCM_Bootstrap.ini ZTIMediaHook 15/01/2010 16:28:47 0 (0x0000)
CHECKING the [GetSCCMAssignedSite] section ZTIMediaHook 15/01/2010 16:28:47 0 (0x0000)
No parameters to include in the web service call were specified ZTIMediaHook 15/01/2010 16:28:47 0 (0x0000)
About to execute web service call to http://SCCM01/Deployment/AD.asmx/GetSCCMAssignedSite:  ZTIMediaHook 15/01/2010 16:28:47 0 (0x0000)
Response from web service: 200 OK ZTIMediaHook 15/01/2010 16:28:47 0 (0x0000)
Successfully executed the web service. ZTIMediaHook 15/01/2010 16:28:47 0 (0x0000)
Property AssignedSite is now =  ZTIMediaHook 15/01/2010 16:28:48 0 (0x0000)
Unable to determine assigned site. ZTIMediaHook 15/01/2010 16:28:48 0 (0x0000)
Using COMMAND LINE ARG: Ini file = x:\Deploy\Scripts\SCCM_Bootstrap.ini ZTIMediaHook 15/01/2010 16:28:48 0 (0x0000)
CHECKING the [HasOSDAdvertisement] section ZTIMediaHook 15/01/2010 16:28:48 0 (0x0000)
Only the first MACADDRESS value will be used in the web service call. ZTIMediaHook 15/01/2010 16:28:48 0 (0x0000)
No valid specified for parameter 'ASSIGNEDSITE', web service results could be unpredictable. ZTIMediaHook 15/01/2010 16:28:48 0 (0x0000)
About to execute web service call to http://SCCM01/Deployment/SCCM.asmx/HasOSDAdvertisement: macAddress=00:1A:4B:C6:44:9E&UUID=0C282DDD-F85F-11DB-BBDA-4BC6449E001A&siteCode= ZTIMediaHook 15/01/2010 16:28:48 0 (0x0000)
Response from web service: 200 OK ZTIMediaHook 15/01/2010 16:28:48 0 (0x0000)
Successfully executed the web service. ZTIMediaHook 15/01/2010 16:28:48 0 (0x0000)
About to run command: MSHTA.exe "x:\Deploy\Scripts\Wizard.hta" /definition:CustomBootWizard.xml ZTIMediaHook 15/01/2010 16:28:48 0 (0x0000)
Property WizardComplete is now = N Wizard 15/01/2010 16:28:48 0 (0x0000)
Using COMMAND LINE ARG: Ini file = x:\Deploy\Scripts\SCCM_Bootstrap.ini Wizard 15/01/2010 16:28:48 0 (0x0000)
CHECKING the [GetOSDCollections] section Wizard 15/01/2010 16:28:48 0 (0x0000)
No valid specified for parameter 'ASSIGNEDSITE', web service results could be unpredictable. Wizard 15/01/2010 16:28:48 0 (0x0000)
About to execute web service call to http://SCCM01/Deployment/SCCM.asmx/GetOSDCollections: siteCode= Wizard 15/01/2010 16:28:48 0 (0x0000)
A VBScript Runtime Error has occurred:

Error: -2147024891 = Access is denied.

VBScript Code:
InitializeTSList Wizard 15/01/2010 16:28:48 0 (0x0000)

-----that is the end of the logs

Any help on this would be much appreciated. I remember Mark Neemann having the same issue on 18  September 2009, but the last entry on the myitforum email does not provide a resolution.



Jan 17, 2010 at 2:04 PM


if possible I would first recommend to upgrade to Version 6 which has been published a few weeks ago. It includes a lot of improvements on the Active Directory part of the webservice. Especially the discovery of the sccm assigned site has been significantly improved. You can mainly copy the new files over the old files. Just be sure to check the web.config or better to say the application settings. I've moved the before used connection strings into application settings as a lot of people had problems setting up the proper connection string. It's now (hopefully) a lot easier to set up.

Regarding the logs, I can see two main problems. The first one is, that it doesn't find a valid site code. Version 6 of the webservice will most probably be able to find the proper site code. Additionally have a look on the updated wizard. I implemented some minor changes which allow you to add a default site code to the sccm_bootstrap.ini in case the site discovery fails. It also contains a part to query the SLP if you can't query AD. You just would need to uncomment a line in the ZTIMediaHook.wsf file. It's all commented in the source code you should be able to find it.

The second problem regards to some issues with some security settings in Internet Explorer. Depending on your configuration and environment it might be necessary to enable "Access data sources accross domains". Mark Neemann supplied a quickfix for this, which is already included in the current release of the Custom Boot Wizard. It's again part of the ZTIMediaHook.wsf file and commented in the source.




Jan 19, 2010 at 1:46 PM

Hi Maik,

Everything is working fine now with the webservice v6 and the boot wizard v3. The only problem I have is no advertisement is being selected for the unknown computer, but since I am using a test lab and the connection to the server is very fast, I guess I just need to increase the wait for advertisements timeout (it will probably work on the production LAN).

All I need to do now is add my customsettings.ini to the custom boot folder so that it will get the computer name from the computer Asset Tag, then interrogate our separate configuration database to find the Task Sequence id for that computer, and then find the advertisement and install the operating system.

This will mean that I will not have to display the Wizard.hta front end, since everything will be automatically selected (All pretty much the same as we have in SMS 2003)

Quite a bit of this is already done from your ztimediahook files, but I'll let you know how I get on.