Cloud-enabled Management policy is not applied to a client computer
search cancel

Cloud-enabled Management policy is not applied to a client computer

book

Article ID: 158835

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

If you use the offline installation package to install Symantec Management Agent on a client computer which is inside the corporate network, the Cloud-enabled Management (CEM) policy is not applied to that client computer.

Also, the CEM policy is not applied with an offline package.

Unable to get the client certificate response XML associated with the specified request (Request: , Exception: Altiris.NS.Exceptions.NSComException (0x00000005): The caller is unauthorized to request a new client certificate.
at Altiris.Web.NS.Agent.GetClientCertificateBase.GetClientCertificateXml())

Environment

ITMS 8.x

Cause

This problem is related to agent registration when an agent is installed using a CEM package but can connect to the Notification Server (NS) server directly. In this case it tries to access GetClientCertificate.aspx on Default web site, this page can be accessed only with a temporary certificate available from the CEM package. The agent has this certificate but since the default web site is configured to "Ignore" certificates, the certificate is not accepted by the server and the agent validation fails.

Resolution

Change the IIS configuration for the Symantec Agent site, on the NS from "Ignore" to "Accept" certificates on the SSL Settings page.

As this issue is caused by IIS configuration settings, program changes are not planned to address the behavior.