Task Sequence Hangs on Applying Drivers

[IndyGuy4KI]

Here in the last few weeks, we have been seeing an issue where the task of Invoke-CMApplyDriverPackage.ps1 in my task sequence hangs for a very long time. It is very sporadic, sometimes it does and sometimes it doesn't hang. It never errors and the task sequence continues normally when it finally runs. Has anyone seen this issue? If so, how did you fix it?

I tried the latest version of the Invoke-CMApplyDriverPackage.ps1 file with no improvements. Created a new service account just in case that was somehow messed up. No change.

Config Manager is version 2211, running on Server 2016.

[IndyGuy4KI]

Here is my applydriverspackage.log file. Things to note. It says I have 68 packages and I only have 67.

Then there is this line: The remote AdminService endpoint certificate is invalid according to the validation procedure. The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. Will attempt to set the current session to ignore self-signed certificates and retry AdminService endpoint connection.

Any help would be appreciated.

Start of file: <![LOG[[ApplyDriverPackage]: Apply Driver Package process initiated]LOG]!> <![LOG[ - Apply driver package deployment type: BareMetal]LOG]!> <![LOG[ - Apply driver package operational mode: Production]LOG]!> <![LOG[[PrerequisiteChecker]: Starting environment prerequisite checker]LOG]!> <![LOG[ - Supported computer platform detected, script execution allowed to continue]LOG]!> <![LOG[ - Computer manufacturer determined as: Dell]LOG]!> <![LOG[ - Computer model determined as: Latitude 9520]LOG]!> <![LOG[ - Computer SystemSKU determined as: 0A3F]LOG]!> <![LOG[ - Computer Fallback SystemSKU determined as: 0A3F]LOG]!> <![LOG[ - Computer model detection was successful]LOG]!> <![LOG[ - Computer SystemSKU detection was successful]LOG]!> <![LOG[ - Computer details successfully verified]LOG]!> <![LOG[ - Determined primary computer detection method: SystemSKU]LOG]!> <![LOG[[PrerequisiteChecker]: Completed environment prerequisite checker]LOG]!> <![LOG[[AdminService]: Starting AdminService endpoint phase]LOG]!> <![LOG[ - Detected that script was running within a task sequence in WinPE phase, automatically configuring AdminService endpoint type]LOG]!> <![LOG[ - Determined AdminService endpoint type as: Internal]LOG]!> <![LOG[ - Successfully read service account user name from TS environment variable 'MDMUserName': *]LOG]!> <![LOG[ - Successfully read service account password from TS environment variable 'MDMPassword': ]LOG]!> <![LOG[ - Setting 'AdminServiceURL' variable to: /AdminService/wmi]LOG]!> <![LOG[[AdminService]: Completed AdminService endpoint phase]LOG]!> <![LOG[[DriverPackage]: Starting driver package retrieval using method: AdminService]LOG]!> <![LOG[ - Querying AdminService for driver package instances]LOG]!> <![LOG[ - Calling AdminService endpoint with URI: AdminService/wmi/SMS_Package?$filter=contains(Name,'Drivers')]LOG]!> <![LOG[ - The remote AdminService endpoint certificate is invalid according to the validation procedure. Error message: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.]LOG]!> <![LOG[ - Will attempt to set the current session to ignore self-signed certificates and retry AdminService endpoint connection]LOG]!> <![LOG[ - Retrieved a total of '68' driver packages from AdminService matching operational mode: Production]LOG]!> <![LOG[ - Target operating system name configured as: Windows 10]LOG]!> <![LOG[ - Target operating system architecture configured as: x64]LOG]!> <![LOG[ - Target operating system version configured as: 2004]LOG]!> <![LOG[[DriverPackage]: Starting driver package matching phase]LOG]!> <![LOG[ - Initial count of driver packages before starting filtering process: 68]LOG]!> <![LOG[ - Filtering driver package results to detected computer manufacturer: Dell]LOG]!> <![LOG[ - Count of driver packages after filter processing: 6]LOG]!> <![LOG[ - Filtering driver package results to only include packages that have details added to the description field]LOG]!> <![LOG[ - Count of driver packages after filter processing: 6]LOG]!> <![LOG[[DriverPackage:WTS006A7]: Processing driver package with 4 detection methods: Drivers - Dell OptiPlex 3000 - Windows 10 2004 x64]LOG]!> <![LOG[[DriverPackage:WTS006B9]: Processing driver package with 4 detection methods: Drivers - Dell Latitude 9520 - Windows 10 2004 x64]LOG]!> <![LOG[ - Matched SystemSKU: 0A3F]LOG]!> <![LOG[ - Matched operating system name: Windows 10]LOG]!> <![LOG[ - Matched operating system architecture: x64]LOG]!> <![LOG[ - Matched operating system version: 2004]LOG]!> <![LOG[[DriverPackage:WTS006B9]: Driver package was created on: 2023-03-13T18:30:48Z]LOG]!> <![LOG[[DriverPackage:WTS006B9]: Match found between driver package and computer for 4/4 checks, adding to list for post-processing of matched driver packages]LOG]!> <![LOG[[DriverPackage:WTS00697]: Processing driver package with 4 detection methods: Drivers - Dell Latitude 7430 - Windows 10 2004 x64]LOG]!> <![LOG[[DriverPackage:WTS00652]: Processing driver package with 4 detection methods: Drivers - Dell Precision 5560 - Windows 10 2004 x64]LOG]!> <![LOG[[DriverPackage:WTS00694]: Processing driver package with 4 detection methods: Drivers - OptiPlex Dell 5090 - Windows 10 2004 x64]LOG]!> <![LOG[[DriverPackage:WTS00696]: Processing driver package with 4 detection methods: Drivers - Dell Latitude 9430 - Windows 10 2004 x64]LOG]!> <![LOG[[DriverPackage]: Completed driver package matching phase]LOG]!> <![LOG[[DriverPackageValidation]: Starting driver package validation phase]LOG]!> <![LOG[ - Amount of driver packages detected by validation process: 1]LOG]!> <![LOG[ - Successfully completed validation with a single driver package, script execution is allowed to continue]LOG]!> <![LOG[[DriverPackageValidation]: Completed driver package validation phase]LOG]!> <![LOG[[DriverPackageDownload]: Starting driver package download phase]LOG]!> <![LOG[ - Attempting to download content files for matched driver package: Drivers - Dell Latitude 9520 - Windows 10 2004 x64]LOG]!> <![LOG[ - Setting task sequence variable OSDDownloadDownloadPackages to: WTS006B9]LOG]!> <![LOG[ - Setting task sequence variable OSDDownloadDestinationLocationType to: Custom]LOG]!> <![LOG[ - Setting task sequence variable OSDDownloadDestinationVariable to: OSDDriverPackage]LOG]!> <![LOG[ - Setting task sequence variable OSDDownloadDestinationPath to: %_SMSTSMDataPath%\DriverPackage]LOG]!> <![LOG[ - Starting package content download process (WinPE), this might take some time]LOG]!> <![LOG[ - Successfully downloaded package content with PackageID: WTS006B9]LOG]!> <![LOG[ - Driver package content files was successfully downloaded to: C:_SMSTaskSequence\DriverPackage\WTS006B9]LOG]!> <![LOG[[DriverPackageDownload]: Completed driver package download phase]LOG]!> <![LOG[[DriverPackageInstall]: Starting driver package install phase]LOG]!> <![LOG[ - Attempting to apply drivers using dism.exe located in: C:_SMSTaskSequence\DriverPackage\WTS006B9]LOG]!> <![LOG[ - DriverInstallMode is currently set to: Recurse]LOG]!> <![LOG[ - Successfully installed drivers recursively in driver package content location using dism.exe]LOG]!> <![LOG[[DriverPackageInstall]: Completed driver package install phase]LOG]!> <![LOG[ - Setting task sequence variable OSDDownloadDownloadPackages to a blank value]LOG]!> <![LOG[ - Setting task sequence variable OSDDownloadDestinationLocationType to a blank value]LOG]!> <![LOG[ - Setting task sequence variable OSDDownloadDestinationVariable to a blank value]LOG]!> <![LOG[ - Setting task sequence variable OSDDownloadDestinationPath to a blank value]LOG]!> <![LOG[[ApplyDriverPackage]: Completed Apply Driver Package process]LOG]!>

[isaiiah]

I am having the same issue, any resolution here?

[IndyGuy4KI]

Not yet. I now have a vendor looking into this for me now. I was hoping for someone who helped develop the app was going to chime in. If I learn anything, I will let you know!

[isaiiah]

Not yet. I now have a vendor looking into this for me now. I was hoping for someone who helped develop the app was going to chime in. If I learn anything, I will let you know!

Thank you!

[IndyGuy4KI]

So the issue ended up being a certificate issue on the SCCM Servers.

This describes the issue, but we was getting stuck at the apply drivers task. https://www.prajwaldesai.com/sending-with-winhttp-failed-80072f8f-sccm-osd/

To add the cert into the Endpoint Config Mgr we used these directions. https://www.prajwaldesai.com/export-root-ca-certificate-for-configmgr/

That was not the total fix.

We also had to add an SCCM IIS Cert onto our SCCM Server and we also just added it to our distribution point servers as well. for these directions scroll down to the Requesting a new certificate section of this website to do that. https://www.niallbrady.com/2020/08/16/how-can-i-replace-an-expired-iis-certificate-in-a-pki-enabled-configmgr-environment/

In our case we had not even created an SCCM IIS Cert from our CA Server using the template. We went and created one of those and published it before we got this to work. I hope this works for you and any other person with the same issue.