Service account (Application Identity) lockouts when endpoint runs out of disk space.
Article ID: 172140
Updated On:
Products
IT Management Suite
Issue/Introduction
The Symantec Management Agent requires enough free disk space available to download policies and save credentials.
Environment
ITMS 8.x
Cause
If the disk is full there is no way that storage can be modified without a "dirty mark" file modification which requires a few bytes. Seems that more general solutions with some disk reservation for emergency cases is needed.
Resolution
Workaround is to use a local ACC account and to free up some disk space by doing the following:
- Add an user and password to "The Agent Connectivity Credentials that are defined on the 'Global Agent Settings' page are selected" for your active communication profile (found under Settings>Agents/Plug-ins>Symantec Management Agent Communication Profiles)
- Add a non-domain user to "Global Agent Setting" under "Authentication tab>Agent Connectivity Credential":
- Set the flag "Create the Agent Connectivity Credential on Site Servers" and "Re-enable the created local account if it has been locked out" in "Global Site Server Settings>Security Settings" (under Settings>Notification Server>Site Server Settings>Task Service):
- Update the Agents configuration on all affected computers
lease refer to KB article How the 'Re-enable the created local account if it has been locked out' setting works
Additional Information
Feedback
Yes
No
Powered by
