Error The specified host resource has been blacklisted

book

Article ID: 157217

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

Seen in the Management Platform Server logs: 'The specified host resource has been blacklisted'

Attempt to save messaging resource with GUID <GUID code here> has been blocked by the Host Resource Blacklist.

Entry 1:
NSE dispatch failed for: id=241818333, from: <MachineGuid>, to: 'Basic Inventory Capture Item' (1592b913-72f3-4c36-91d2-d4eda21d2f96)
Failed to process NSE.
 
Entry 2:
Attempt to save messaging resource fc192927-b95b-494e-b80b-05234ea250b4 has been blocked by the Host Resource Blacklist.
Exception of type 'Altiris.NS.TaskManagement.TaskStoppedException' was thrown.
   [Altiris.NS.TaskManagement.TaskStoppedException @ ]


As well, under the Agent logs and Agent UI you may see messages about:

Unexpected response from URL "GetClientPolicies.aspx": The specified resource does not exist: <machineGUID>
 
 
 
 



Cause

The GUID that is assigned to the agent has been added to the AgentBlacklist table and is being blocked to prevent corrupted data from entering the database.

Resolution

Clear the Agent Blacklist table by following these steps

Run the following query against the database to get a list of all agents being blacklisted

SELECT vi.name, ab.guid FROM agentblacklist ab
JOIN vitem vi on vi.guid = ab.guid

 Do one of the following:

Option 1) Remove just the computer(s) you are interested in:

DELETE FROM agentblacklist
WHERE guid ='<GUID>'  -Replace <GUID> with the guid assigned to the computer from the list above

Option 2) Empty the table completely:

TRUNCATE TABLE agentblacklist

Note:

There is no functionality loss doing the truncate agentblacklist table; however, if the customer wants, please take a backup of Symantec_CMDB before making any change.
You will need to wait for a day after truncating the agentblacklist table to get the errors to disappear.




In some cases this is only a temporary solution as there is a deeper issue causing the agent to be added to the agentblacklist table in the first place. If this deeper issue is not addressed the agent will eventually be added to the table again and resume being blocked.

The most common reasons for an agent to be added is that there are multiple resources reporting with the same GUID a condition known as Shared GUID. This condition is most commonly caused by systems being cloned with the Symantec Management Agent (SMA) already installed. When cloning systems either remove the SMA prior to cloning, or use a program like Microsoft's SysPrep to remove the SMA's GUID from the image.

 

Related documents:

How to prepare a workstation for imaging that includes the SMA

Preventing Shared GUIDs
For more information about how GUIDs may come to be shared and how to prevent this from occurring see:
How to Prevent Shared GUIDs
  

Detecting Shared GUIDs
For a report and an SQL query to see which computers appear to be sharing GUIDs and which will be removed using the process below, see:
Detecting computer with Shared GUIDs