Forum Discussion
SCCM CMG internet clients download failed for content error 0x80070057
- Dec 07, 2020
alid01 I think that the Internet FQDN for the affected Distribution points was removed in the Site system Properties without changing the Communication settings in the Distribution Point Properties first. I just tried this and I get the same results as you do: even though the Communication settings are set to Allow intranet-only connections, the Internet-Based column in the Distribution Points node still shows Yes.
What you can do to try and fix this problem is this:
- In the ConfigMgr Console, navigate to \ Administration \ Overview \ Site Configuration \ Servers and Site System Roles;
- Open the Site system role properties for the affected Distribution Point server;
- Enable the Specify an FQDN for this site system for use on the Internet check box and enter an Internet FQDN in the text box (it doesn't have to work, so any fake FQDN will do);
- Close the Site system Properties window by clicking OK and open the Distribution point role properties for the same server;
- Check the Communication tab. You will probably see that it now shows either Allow Internet-only connections or Allow intranet and Internet connections. If that's the case, change the communication setting to Allow intranet-only connections;
- Close the Distribution point properties window by clicking OK and open the Site system role properties again;
- Remove the Internet FQDN, disable the Specify an FQDN for this site system for use on the Internet check box and close the Site system Properties window by clicking OK.
After following these steps, the Internet-Based column for the affected Distribution point in my test environment shows No again. Let us know how it went!
hello Michiel Overweel ,
actually i have a custom boundary group and the local DPs are assigned to it,
the CMG DP is only assigned to the default boundary group.( local DPs are not assigned to it)
the clients on internet are still showing the local DPs.
when the client is on internet it shows that in the locationservices log that there is no boundary group for this client and retrieving 3 DPs,
what could be the issue?
thank you.
Hello Michiel,
Ive noticed that for deployed applications having only the CMG DP in its content location , download is working normally and only the CMG DP is showing, however for deployed Apps having on prem and CMG DPs in its content location, im having this issue.
Do you think that deploying apps to intenet i have to specify only the CMG DP through the deployment process?
thank you.
- Michiel OverweelDec 04, 2020Microsoft
alid01 There's no need to distribute content to the CMG only. After all, your on-premise clients need to be able to download and install applications as well, right? If your two on-premise DP's are offered to internet-based clients with "Locality: INTERNETFACING", that would mean that they are enabled for internet access. Check the "Communication" tab for the affected DP's and make sure that "Allow intranet-only connections" is selected.
- alid01Dec 06, 2020Copper Contributor
hello Michiel Overweel ,
My on-premise DP's are offered to internet-based clients with "Locality: INTERNETFACING",
when going to DP communication TAB, its showing "Allow intranet-only connections" and its the only option for HTTPS there.
on the other hand, when seeing the distribution point parameters, it shows " internet based = yes"
what could be the issue?
thank you.
- Michiel OverweelDec 07, 2020Microsoft
alid01 I think that the Internet FQDN for the affected Distribution points was removed in the Site system Properties without changing the Communication settings in the Distribution Point Properties first. I just tried this and I get the same results as you do: even though the Communication settings are set to Allow intranet-only connections, the Internet-Based column in the Distribution Points node still shows Yes.
What you can do to try and fix this problem is this:
- In the ConfigMgr Console, navigate to \ Administration \ Overview \ Site Configuration \ Servers and Site System Roles;
- Open the Site system role properties for the affected Distribution Point server;
- Enable the Specify an FQDN for this site system for use on the Internet check box and enter an Internet FQDN in the text box (it doesn't have to work, so any fake FQDN will do);
- Close the Site system Properties window by clicking OK and open the Distribution point role properties for the same server;
- Check the Communication tab. You will probably see that it now shows either Allow Internet-only connections or Allow intranet and Internet connections. If that's the case, change the communication setting to Allow intranet-only connections;
- Close the Distribution point properties window by clicking OK and open the Site system role properties again;
- Remove the Internet FQDN, disable the Specify an FQDN for this site system for use on the Internet check box and close the Site system Properties window by clicking OK.
After following these steps, the Internet-Based column for the affected Distribution point in my test environment shows No again. Let us know how it went!