Cloud-enabled Management policy is not applied to a client computer

book

Article ID: 158835

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

If you use the offline installation package to install Symantec Management Agent on a client computer which is inside the corporate network, the Cloud-enabled Management (CEM) policy is not applied to that client computer.

Also, the CEM policy is not applied with an offline package.

Unable to get the client certificate response XML associated with the specified request (Request: , Exception: Altiris.NS.Exceptions.NSComException (0x00000005): The caller is unauthorized to request a new client certificate.
at Altiris.Web.NS.Agent.GetClientCertificateBase.GetClientCertificateXml())

Cause

This problem is related to agent registration when an agent is installed using a CEM package but can connect to the Notification Server (NS) server directly. In this case it tries to access GetClientCertificat.aspx on Default web site, this page can be accessed only with a temporary certificate available from the CEM package. The agent has this certificate but since the default web site is configured to "Ignore" certificates, the certificate is not accepted by the server and agent validation fails.

Resolution

Change the IIS configuration for the Symantec Agent site, on the NS from, from "Ignore" to "Accept" certificates on the SSL Settings page.

As this issue is caused by IIS configuration settings, program changes are not planned to address the behavior.

 

 

Applies To

 

 

 

ITMS 7.5 and later Hotfixes
(the problem can appear on any version of ITMS 7.5)