ok, continuing from part 1 (https://the-d-spot.org2016/07/26/adventures-with-sccm-cb-part-1/ )
part 2: ad group discovery and known computers can cause pxe failures.
for this one I actually made a bug on connect, but they can’t reproduce. strange as I reproduced it twice already…
the issue is that if you configure AD group discovery and configure it to the root of the AD domain (which is bad, I know) and then use known computers for OS deployment then probably the Ts will not start and just say: ‘no advertisements found’ (look for a complementary post on that: (https://the-d-spot.org2016/07/26/no-advertisements-foundthere-are-no-task-sequences-available/ )
as you might know: AD group discovery creates also a small DDR for computers and users next to the full DDR for groups. you would see those machines in the console having a resourceid starting with 20something (10 digits)
(a regular machine has a resourceid starting with 16something (8 digits)
what happens now is that If you import a machine in sccm that has already been populated through the group discovery it will perfectly merge both items but keep its first resourceid (so the one starting with 20…)
RESULT: you will not be able to pxe boot this one
and again: this just worked/works in SCCM 2012 !
SOLUTION: delete the machine with the resourceid 20… and then import it again
but it would be better to NOT use AD group discovery to the ROOT of the AD and use a location instead
and, I can’t repeat this enough: in my experience using known computers is BAD
(but sometimes for finegrained security implementations you have no other option)