When running the CMDB task "Inventory Clean Up", it may not change computers to be unmanaged, based on the computer's specified Status for the task. This is verified by checking the database, such as the vAssetResource view, to see that computers in question are still set to IsManaged = 1 (managed).
Computers are in a working blacklist, or, are in a corrupted blacklist (defect, Core Etrack 2150266).
It is not expected that tasks (such as CMDB's Inventory Clean Up) or policies will process a computer that is part of a blacklist. The solution is to resolve the reason why the computer was blacklisted and then remove it from the blacklist. Note: If after applying any of the solutions from this article, if the computers that were on a blacklist are still causing blacklist activity, they will be automatically put back onto a blacklist. This can later result in the task or policy being unable to process them once again. It is important therefore to ensure that what ever is causing the computer to be blacklisted to be permanently resolved before trying to process them with a task or policy.
To check to see if a computer is on a blacklist, four areas must be checked. If the computer appears in any of the four areas, it is blacklisted. Resolve the reason why it is blacklisted and then once it is, check to see if the task or policy then processes the computer successfully.
There are two filters to check in the Console:
a. In the Symantec Management Platform, click on Manage > Filters. b. Click on to expand the folders Filters > Computer Filters. c. Click on the filter Blacklisted Host Computers. Is the computer listed on this filter? d. Click on the filter User Configuration Blacklisted Users and Computers. Is the computer on this filter?
Note: For both filters, ensure that if they are set to use any type of SQL query, that this is removed and Query Mode is set to None. Then save the filter, and click on Update Membership, to be sure that computers are not by accident being added.
In SQL Server Management Studio, run the following SQL script:
USE Symantec_CMDB SELECT ab.Guid, Name 'Computer' FROM AgentBlacklist ab JOIN vItem vi ON ab.Guid = vi.Guid ORDER BY 2
This SQL script will list any computers found in the AgentBlacklist table, which may may not also be the same computers found in the two filters from step 1.
Note: A more robust SQL script to check the AgentBlacklist table based on computer Status types can be found as an attachment in this article.
When a task is ran, check the Altiris Log Viewer. If the computer is blacklisted, errors should appear indicating that NSEs from it are not being processed and also indicating that it is blacklisted. If a computer is here, but is not on either of the blacklist filters, it is necessary to reboot the Task Server to clear this up. If the Notification Server is also the Task Server, this must be rebooted instead. Afterwards, retry the task, and then also recheck the Altiris Log Viewer. The previously blacklisted computer should not still appear as being blacklisted and the task should work with the computer.
For Symantec Management Platform 7.1 only
There is a known defect that causes a corrupted blacklist. (This is resolved in Symantec Management Platform 7.5.) If comparing the two blacklist filters and the AgentBlacklist table show different numbers and computers, this is likely the defect. It is recommended to empty the AgentBlacklist table to resolve this. The following SQL script can accomplish this:
TRUNCATE TABLE AgentBlacklist
In some rare cases, even after removing a computer from a blacklist, a task or policy will still not process it. To correct this, it may then be necessary to delete the computer and have its Agent check back in to recreate its record. Then, it should be able to be processed by tasks and policies.