Follow the steps that apply to the problem that you are experiencing based on the conditions from the "Cause" section.
Important After you resolve the problem, you must remove the distribution point and then install it again to create the virtual directory.
Required services are not started on the remote distribution point
The following services must be running on the distribution point server for the distribution point installation to complete successfully. You must manually start these services if they are not running.
- COM+ System Application on Windows Server 2003
The default startup type is Automatic. - COM+ Event System
The default startup type is Manual.
For more information about a possible a cause for these services not starting, click the following article number to view the article in the Microsoft Knowledge Base:
909444 You may experience various problems after you install the Microsoft Security Bulletin MS05-051 for COM+ and MS DTC
Internet Information Services (IIS) is not installed on the remote distribution point
IIS must be installed on any remote server that hosts a distribution point. The following list shows the required IIS components:
- IIS Common Files
- IIS Manager
- W3SVC
- Enable network COM+ access
Install IIS on the distribution point server. After you install IIS on the distribution point, you must stop and then start the
SMS Executive service on the site server.
Note You must stop and then start the
SMS Executive service on the distribution point if the distribution point server is also a site server.
Incorrect IIS file and registry permissions on the remote distribution point
In Microsoft Windows 2000, the IWAM_
computername user account must have Read permissions to the
HKLM\System\CurrentControlSet\Services\W3SVC registry subkey.
In Windows Server 2003, the IIS_WPG group must have Read permissions to the
HKLM\System\CurrentControlSet\Services\W3SVC registry subkey.
For more information about IIS permissions, click the following article numbers to view the articles in the Microsoft Knowledge Base:
271071 How to set required NTFS permissions and user rights for an IIS 5.0 Web server
812614 Default permissions and user rights for IIS 6.0
To troubleshoot IIS permissions problems, you can use the Regmon and the Filemon third-party products from Sysinternals.
Run the Regmon utility and the Filemon utility when you install the distribution point. Then, search for
ACCDENIED in the Regmon utility and
FAILURE in the Filemon utility for the Dllhost.exe process.
For more information about the Regmon utility and the Filemon utility, and to download the utilities, see the following Microsoft Web site:
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
There are various DNS problems
To resolve problems that deal with DNS, take the following measures:
- Look for problems that occur because of a disjoined DNS namespace.
- Verify that the domain that the site server is connecting to is listed at the top of the DNS suffix search order on the distribution point server. To change the suffix search list, follow these steps:
- Click Start, click Run, type ncpa.cpl, and then click OK.
- Right-click the connection that you want to change, and then click Properties.
- In the Connection Name Properties dialog box, select Internet Protocol (TCP/IP) under This connection uses the following items, and then click Properties.
- On the General tab, click Advanced.
- On the DNS tab, click Append these DNS suffixes (in order), click the target domain, and then move the target domain to the top of the list by clicking the UP ARROW key.
- Click OK two times, and then click Close.
- To troubleshoot DNS problems, connect to the NetBIOS name and the fully qualified domain name (FQDN) of the distribution point server in the context of the site server computer account. To do this, follow these steps:
- Open a command prompt on the site server, type AT CurrentTime +2 minutes/interactive cmd.exe, and then press ENTER.
- A new command prompt opens after two minutes. At the new command prompt, type ping NetBIOSName.
- After the command is completed, type ping FQDN
Note If the ping FQDN fails, there is a problem with the DNS configuration.
You can also open the Internet Information Service (IIS) Manager (Inetmgr.exe) from the new command prompt and then try to connect to the Default Web Site on the distribution point server. You can do this manually or by using a script that calls the AdsGetObject function. The following sample script will list the IIS virtual directories on the target computer.
Microsoft provides programming examples for illustration only, without warranty either expressed or implied. This includes, but is not limited to, the implied warranties of merchantability or fitness for a particular purpose. This article assumes that you are familiar with the programming language that is being demonstrated and with the tools that are used to create and to debug procedures. Microsoft support engineers can help explain the functionality of a particular procedure. However, they will not modify these examples to provide added functionality or construct procedures to meet your specific requirements. DsGetObject.vbs: 'Syntax: cscript.exe
ADsGetObject.vbs <FQDNofDP> 'Run from site server to DP, and make sure it's run under LOCAL SYSTEM
On Error Resume Next
Set objWeb = GetObject("IIS://" &WScript.Arguments(0)& "/w3svc/1/ROOT")
If Err.Number <> 0 Then WScript.Echo "Failed to connect:" &Err.Number&":"&Err.Description WScript.Quit
End If
For each vDir in objWeb WScript.Echo vDir.Name
Next 'End of script
In this example script, <PathOf> is a placeholder for the path to the ADsGetObject.vbs file and <FQDN> is a placeholder for the FQDN of the distribution point server.
Note This script must be run from the new command window that you created by using the AT command in the steps earlier in this section.
For more information about the ADsGetObject function, visit the following Microsoft Developer Network (MSDN) Web site: For more information about how to troubleshoot DNS, visit the following Microsoft Web site:
The Windows Server 2003 Security Configuration Wizard (SCW) has been run on the remote distribution point
When you run the Windows Server 2003 SCW on a BITS-enabled distribution point, you must select
Remote administration for IIS and related components on the
Installed Options page of the SCW. If you do not enable remote administration for IIS and related components, the Windows Server 2003 SCW prevents the Configuration Manager 2007 Distribution Manager from creating virtual directories on the BITS-enabled distribution point.
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.