Pushing the Symantec Management Agent to discovered windows computer individually selecting computers through "Rollout Agent to Computers" completes successfully, however the Scheduled Push to computers does not work.
SMP logs (a.log) report "Unable to push agent to newly discovered machines. The key 'NS.ClientCredentials' does not exist."
The file NS.ClientCredentials.kms is missing from \programdata\symantec\smp\kms.
In this case the issue is a missing KMS key.
There are two possible ways to get those missing KMS keys recreated:
A) From the command line prompt, run AeXConfig.exe /configure "<drive>:\Program Files\Altiris\Notification Server\Config\CoreSolution.config". It may take a while to finish but usually after 10min approx. the KMS keys should start appearing on the default location.
B) Use the Migration Tool to import this key from another server. In one particular case the Migration tool (NSUpgradeWizard.exe under the "...\Program Files\Altiris\Upgrade" folder) was used on the parent NS and exported its KMS keys. Then it was imported to the Child NS using the Migration tool as well. Restart the Altiris Services. These are the steps:
Symantec Management Platform 7.1 Service Pack 2