Altiris agent service will not start. Access denied errors in agent.log
search cancel

Altiris agent service will not start. Access denied errors in agent.log

book

Article ID: 152793

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

Security in a domain or Notification server has changed, now the "Altiris Agent Service" on the Workstation will not start.  In the agent.log you will see errors similar to the following:

 

 <event date='Sep 29 09:26:49' severity='1' hostName='<CLIENTmachine>' source='ComService' module='aexnsagent.exe' process='aexnsagent.exe' pid='1180' thread='1212' tickCount='110984' >

  <![CDATA[Unexpected error in ServiceMain: Failed to register class objects: The class is configured to run as a security id different from the caller (-2147467243)]]>

</event>

<event date='Sep 29 09:26:49' severity='1' hostName='<CLIENTmachine>' source='AeXAgentActivate' module='AeXAgentActivate.exe' process='AeXAgentActivate.exe' pid='1128' thread='1132' tickCount='111000' >

  <![CDATA[Error activating agent session 0: Access is denied. (-2147024891)]]>

</event>

Unexpected error in ServiceMain: Failed to register class objects: The class is configured to run as a security id different from the caller (-2147467243)

Error activating agent session 0: Access is denied. (-2147024891)

Environment

NS 7.x, 8.x with one or more domains.

Cause

Security in one of the domains or the notification server changed. Now Workstations are not able to start the Altiris Agent Services.

Resolution

  • On the workstation throwing these errors, run the following command:
    "C:\Program Files\Altiris\Altiris Agent\AeXAgentUtil.exe" /registerclient

    This should register the .dll's needed for the agent to start.  You can also push this command out using Deployment Server or Login Script. It may also be possible to get Task Server to run this command if the Task Client is started, but as a precaution to you, this has not been tested by support and may not work.

  • If the previous step above doesn’t work and still getting ( Error activating agent session 0: Access is denied. (-2147024891)) in the agent.log,  proceed the following:
    Go to   START > RUN, type services.msc
    find Remote Procedure Call (RPC) in the properties on the (Log on) tab,
    Log on as: tick the radio button “Local System account” APPLY
    you will be notified that the changes will not take effect till the service is restarted, as a result of not having the authority to restart the service or the tasks of the service are disabled simply restart the operating system.

    OR

    Open regedit, locate HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AeXNSClient\Security
    Delete "Security" binary value subkey.
    Restart the computer.

 

Powered by Wolken Software