FIX SCCM Administration Service Issues

SCCM 1906 (TP) onwards, administration service helps SCCM console to communicate with the SMS Provider over HTTPS (instead WMI). In this video post, you will see an issue with SCCM 1906 Technical Preview version “Configuration Manager Can’t connect to the administration Service.”

Log file AdminService.log


You can now enable some nodes of the SCCM console to use the administration service. This change allows the console to communicate with the SMS Provider over HTTPS instead of via WMI. This change is only applicable to the following nodes:

  • Administrative Users
  • Security Roles
  • Security Scopes
  • Console Connections

Note! – You can read more details about SCCM Administration Service from here.

The Issue

I upgraded to SCCM 1906 technical preview, and since then, I was not able to access four (4) nodes mentioned above.

Whenever I try to access Administrative Users node from SCCM console, it gave me the following error.

“Configuration Manager can’t connect to the administration service. The configuration manager console can’t connect to the site database through the administration service on”

Configuration Manager can't connect to the administration service
Configuration Manager can’t connect to the administration service

FIX – Administration Service Issue

You need to enable the following configuration/checkbox to get the SCCM console for Administrative users, Security Scopes, and security roles nodes.

  • In the SCCM console, go to the Administration workspace, expand Site Configuration, and select the Sites node. In the ribbon, select Hierarchy Settings.
  • On the General page, select the option to Enable the Configuration Manager console to use the administration service.
FIX - administration Service
FIX – administration Service

Above Fix – Didn’t Work?

As Mentioned in the above video, you need to make sure you have enabled the following settings. Also, it’s worth restarting the SCCM Console.

  • Enable “Use Configuration Manager generated certificates for HTTP site systems.
  • Make sure – SMS Issuing certificate is not BLOCKED
  • Restart the SCCM console and check the SCCM console nodes
FIX - administration Service
FIX – administration Service


15 thoughts on “FIX SCCM Administration Service Issues”

  1. I am missing the administration service completely upon updating to 1906. Any thoughts or logs that may help? (the webpage for it gives back 404 even in the administration.log).

    1. Have you followed steps which I mentioned in the blog ? SMS provider log might help as well?
      It’s all about enabling that properties and allowing the self signed cert … restart the console

  2. Thanks Anoop!
    Your instructions worked for me directly on the site server.
    However, when I try the SCCM console on a remote computer, I get the error again.
    I am wondering if this is by design or is there more configuration to get at the 4 SCCM security nodes on a remote computer?
    Thanks again sir.

  3. Thanks for the fast response. On Component Status -> SMS_REST_PROVIDER it says “Administration service process failed to bind or unbind SSL certificate. ”

    The SMS_REST_PROVIDER.log on the server says “Failed to add binding ‘https’ with port 443. Error 0x8007000d”

        1. On the SMS Provider:

          Add-WindowsFeature -Name Web-Server, Web-Mgmt-Console

          Then either bind a custom cert trough IIS console or enable ‘Use Configuration Manager-generated certificates for HTTP site systems’

  4. Hi Anoop Sir,

    In my SCCM 1910 environment, I noticed that the SMS Issuing certificate is missing in the Certificates tab in SCCM console.
    Is there any way to import into the server again.


  5. Hi Anoop Sir,
    I have installed sccm 1910, follow above guide but get following error in smsadminui.log
    at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)

Leave a Comment

Your email address will not be published. Required fields are marked *