An error occured while retrieving policy for this computer (0x80004005) when PXE booting from a USB stick

You may have run into the following error when you use a USB stick to PXE boot your device in preparation for running an SCCM Task Sequence:

Failed to Run Task Sequence - 0x80004005

However, other devices that you PXE boot from the network are working fine. What’s going on?

It could be a number of fairly quick things to troubleshoot, such as checking that the time and date on the device are the same as on the SCCM server and checking whether or not the device is already in SCCM (and therefore may not be receiving advertisements for Task Sequences).

If neither of those work, you’ll need to check the SMSTS.log file on the device. This can exist in a number of different places, however if the Task Sequence has not even begun, you should find it in X:\Windows\temp\SMSTSLog\smsts.log.

Let’s say you open the log file and you see the following error messages:

USB PXE Boot Error

At first glance this would suggest that there is an issue with the time or date on the device being incorrect, and you should definitely double check whether or not that is the case. However, if you are certain it is not the problem, there is one other thing it might be that is not obvious at all from the error messages.

When you go through the Create Task Sequence Media Wizard to create the USB PXE image, one of the steps requires you to specify the start and end date for the self-signed certificate that is used for HTTP communication:

Create Task Sequence Media Wizard - Self-Signed Certificate

By default this is set to one year, and if you attempt to PXE boot from a USB stick using this image after the certificate expiration date, you will receive the error “An error occurred while retrieving policy for this computer (0x80004005)” and your SMSTS.log file will contain the errors in the screenshot above.

To solve this issue, go through the Create Task Sequence Media Wizard once again to generate a new image with a certificate that is in date. Perhaps also consider increasing the validity period of the certificate from one year to three.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s