All computers rolled out with a particular image fail to run a script task when the script task is assigned a local admin account (./Offline is the user name for example).
The computer the image was taken from runs these tasks without issue. In case of a recently imaged machine, it fails.
Entries and Error on the Agent logs are: Task started. Instance: [b77eda6a-61f9-42a8-a4d5-b9d40d07c332], Type: [ts]. ----------------------------------------------------------------------------------------------------- Date: 8/22/2017 1:15:11 PM, Tick Count: 341578884 (3.22:52:58.8840000), Host Name: <Hostname>, Size: 315 B Process: AeXNSAgent.exe (3816), Thread ID: 3460, Module: client task agent.dll Priority: 4, Source: Client Task Agent DecryptBase64String failed to decrypt data, error: Bad Data (0x80090005) ----------------------------------------------------------------------------------------------------- Date: 8/22/2017 1:15:11 PM, Tick Count: 341578884 (3.22:52:58.8840000), Host Name: <Hostname>, Size: 305 B Process: AeXNSAgent.exe (3816), Thread ID: 4032, Module: BaseTaskHandlers.dll Priority: 1, Source: CryptHelper Failed to run task as specific user, the credentials are invalid, error: Bad Data (0x80090005) ----------------------------------------------------------------------------------------------------- Date: 8/22/2017 1:15:11 PM, Tick Count: 341578899 (3.22:52:58.8990000), Host Name: <Hostname>, Size: 334 B Process: AeXNSAgent.exe (3816), Thread ID: 4032, Module: BaseTaskHandlers.dll Priority: 1, Source: CScriptTaskHandler Task finished. Instance: [b77eda6a-61f9-42a8-a4d5-b9d40d07c332], Result code: [4294967295], Succeeded: [FALSE], Type: [ts], In Progress: [FALSE], Interrupted: [FALSE]. ----------------------------------------------------------------------------------------------------- Date: 8/22/2017 1:15:11 PM, Tick Count: 341578899 (3.22:52:58.8990000), Host Name: <Hostname>, Size: 407 B Process: AeXNSAgent.exe (3816), Thread ID: 3460, Module: client task agent.dll Priority: 4, Source: Client Task Agent
ITMS 8.x
Under Manage>Computers, those machines appear with the grayed out icon as "untracked". Those machines were not assigned to a Targeted Agent Settings policy. By no having a targeted agent settings policy, the agent does not receive any policies containing the agent settings, which include KMS keys, so it cannot decrypt.
Add those machines to a Targeted Agent Settings policy (under Settings>Agents/Plug-ins>Symantec Management Agent>Settings>Targeted Agent Settings) and request a Configuration from the affected machine(s).