Seen in the Management Platform Server logs: 'The specified host resource has been blacklisted'
Attempt to save messaging resource with GUID <GUID code here> has been blocked by the Host Resource Blacklist.
If the system is a gateway, you may see this message:
Failed getting certificateResponse from server: <error number="8000FFFF"><![CDATA[Unable to get the client certificate associated with the specified request (Exception: Unable to process CreateResource request: The specified host resource has been blocked: 5f8d57bf-b694-4b35-9d02-b23fb8c975d3 automatically)]]></
As well, under the Agent logs and Agent UI you may see messages about:
The GUID that is assigned to the agent has been added to the AgentBlacklist table and is being blocked to prevent corrupted data from entering the database.
Clear the Agent Blacklist table by following these steps:
Run the following query against the database to get a list of all agents being blacklisted
SELECT vi.name, ab.guid FROM agentblacklist ab
JOIN vitem vi on vi.guid = ab.guid
Do one of the following:
Option 1) Remove just the computer(s) you are interested in:
DELETE FROM agentblacklist
WHERE guid ='<GUID>' -Replace <GUID> with the guid assigned to the computer from the list above
Option 2) Empty the table completely:
TRUNCATE TABLE agentblacklist
Note:
There is no functionality loss with truncating the agentblacklist table; however if the customer wants, please take a backup of Symantec_CMDB before making any change.
You may need to wait for a day after truncating the agentblacklist table to get the errors to disappear.
In some cases this is only a temporary solution as there is a deeper issue causing the agent to be added to the agentblacklist table in the first place. If this deeper issue is not addressed the agent will eventually be added to the table again and resume being blocked.
The most common reasons for an agent to be added is that there are multiple resources reporting with the same GUID a condition known as Shared GUID. This condition is most commonly caused by systems being cloned with the Symantec Management Agent (SMA) already installed. When cloning systems either remove the SMA prior to cloning, or use a program like Microsoft's SysPrep to remove the SMA's GUID from the image.
Detecting Shared GUIDs
For a report and an SQL query to see which computers appear to be sharing GUIDs and which will be removed using the process below, see: Detecting computer with Shared GUIDs