Failed to get client identity during ConfigMgr OSD

Trying to build some Windows servers today I kept getting met with errors whilst the device attempted to download policy at the point where I can choose a Task Sequence for my build. 

The errors were:

‘reply has no message header marker’

‘Failed to get client identity (80004005)’

‘Failed to read client identity (Code 0x80004005)’ and

‘Failed to get client identity.’

I’ve seen these errors before and normally they relate to the time and date being out on the devices BIOS. Since these devices were XenServer VM’s there was no option to modify the date & time since XenCenter controls this. I checked the time and date at the command prompt and this reported back fine.

Checking the site’s Component Status I could see warnings in the SMS_MP_CONTROL_MANAGER for one of the MP’s


and the error appeared as:


So a certificate I am using has expired. I’m using boot media so it seemed more than likely that the certificate from that had expired.

In Configmgr you can check the certificates under the Administrator>Security>Certificates node.

Sure enough I had a certificate that had expired a few days ago


Time to re-create the boot media and, if necessary, set the expiration date far into the future.

Problem solved. 


  1. Thank you, thank you, thank you for posting this! This fixed my problem after about 8 hours of stress trying different things.

Leave a Reply to Chris Wiley Cancel reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s