Unable to do automated push an agent to some new computers in the environment. 

Getting "Failed to open the Service Console Manager on ..."  We can do a push to the same machines manually through the top "Install Agent". 

Failed to push the Symantec Management Agent to: '<host>.example' 

Failed to open the Service Console Manager on <host>. Return value=0, Error:800706ba
   [System.Runtime.InteropServices.COMException @ Altiris.NS]
   at Altiris.NS.Utilities.RemoteServiceMgr.OpenSCManager(String sMachineName, Boolean bFirstTime)
   at Altiris.NS.Utilities.RemoteServiceMgr.QueryServiceStatus(String sMachineName, String sServiceName)
   at Altiris.NS.Utilities.ClientPushMgr.DoPush(PushAgentToComputersData data, DiscoveredMachineInfo dmi, String connectionName)
   at Altiris.NS.Utilities.ClientPushMgr.DiscoveryAndPush(PushAgentToComputersData data, AgentPushDataWindowsRow row, ParallelLoopState state)

COM Exception errcode: 0x6BA

-----------------------------------------------------------------------------------------------------
Process: AeXSvc (1320), Thread ID: 98, Module: Altiris.NS.dll
Priority: 1, Source: Altiris.NS.Utilities.ClientPushMgr.DiscoveryAndPush

Failed to open the Service Console Manager on <host>. Return value=0, Error:800706ab
COM Exception errcode: 0x6AB

Another error may be seen: Failed to push Symantec Management Agent. Error:1722

ITMS 8.0, 8.1, 8.5

This can be caused by a difference in input processing between a manual and a scheduled run. In both cases, machines are discovered identically.

- during a manual push, remote OpenSCManager is called with client FQDN (for particular case it is <host>.example.com)
- during scheduled call with machine name (for particular case it is <host>)

Some scenarios need to enforce the use of FQDN for PUSH connection.

A new customSetting has been created (starting with 8.0 HF6 and later) to enforce the connection string to resolve the real machine:

key="AgentPushPreferFqdn".
Default value = 0

The core setting is used to force FQDN instead of netbios for access.  Just set it to be "1" (AgentPushPreferFqdn) in the CoreSettings.config  (under c:\programdata\symantec\smp\settings) on your SMP.

Note:
Please understand that we rely on having the RPC server is available and properly configured in your environment. In some situations you may need to troubleshoot this "The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)" with your network team.

Even after enabling the mentioned coresetting above, the agent push may still fail the same way.

In the NS logs you may see this warning:

(<host>.example.com) Intermediate discovery failures: WMI, NetAPI, Registry
(NetAPI) Failed to retrieve name/domain: API error with HRESULT: 0x00000035
(WMI) Failed to retrieve name/domain: The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
(Registry) Failed to retrieve name/domain: The network path was not found.
-----------------------------------------------------------------------------------------------------
Date: 4/9/2019 10:42:36 AM, Tick Count: 37212234 (10:20:12.2340000), Size: 577 B
Process: AeXSvc (5068), Thread ID: 69, Module: Altiris.NS.dll
Priority: 2, Source: DiscoverMachines.All

In order to validate that you have a network/configuration issue, you could try for example to connect to 'Services' (using Connect to another computer ... option under the Services Console) from your SMP server to one of the affected machine. If you get "Error 1722: The RPC server is unavailable" on the same machines that we are failing to push, then you need to troubleshoot the RPC service on those client machines.

Some suggestions around this issue are the following:

Make sure that the following services are running on the Target Machines:

• Remote Procedure Call (RPC)
• Computer Browser
• Server
• Remote Registry
• Windows Management Instrumentation
• Netlogon
• Remote Desktop Services
• Windows Remote Management (WS-Management)

Also make sure that the Ports are open on the Firewall between SMP and the Workstation for SMB communications (ports 445, 138).  To verify this, connect to the C$ on the Workstation from the SMP.  If this fails to connect to the workstation there will be issues pushing the agent.  Repeat the process from the workstation and connect to the NSCap share. Both directions should be successful.