search cancel

Service account (Application Identity) lockouts when endpoint runs out of disk space.


Article ID: 172140


Updated On:


IT Management Suite


The Symantec Management Agent requires enough disk space available to download policies and save credentials. 


Under investigation. Unfortunately there seems no easy fix because even if the disk is full there is no way a storage can be modified without "dirty mark" file modification which requires a few bytes. Seems that more general solution with some disk reservation for emergency cases is needed.


ITMS 8.1 RU6 and later


Current workaround is to switch to using a local ACC account and free disk space.

  1. Add an user and password to "The Agent Connectivity Credentials that are defined on the 'Global Agent Settings' page are selected" for your active communication profile (under Settings>Agents/Plug-ins>Symantec Management Agent Communication Profiles)
  2. Add not a domain user to "Global Agent Setting" under "Authentication tab>Agent Connectivity Credential".
  3. Set the flag "Create the Agent Connectivity Credential on Site Servers" and "re-enable the created local account if it has been locked out" in "Global Site Server Settings>Security Settings" (under Settings>Notification Server>Site Server Settings>Task Service)
  4. Update the Agents configuration on all affected computers

Also, please refer to INFO5222 "How the 'Re-enable the created local account if it has been locked out' setting works"