HTTP status 403: The client does not have sufficient access rights (0x8FA10193)
search cancel

HTTP status 403: The client does not have sufficient access rights (0x8FA10193)

book

Article ID: 173651

calendar_today

Updated On:

Products

IT Management Suite Client Management Suite

Issue/Introduction

After upgrading to Symantec Management Platform (SMP) 8.5, the following messages were noticed:

Operation 'Direct: Head' failed.
Protocol: HTTPS
Host: SMP01.example.com:4726
Path: /Altiris/ClientTaskServer/PostStatus.aspx
Connection Id: 9050.12640
Communication profile Id: {9F58E6E0-77BD-4997-8562-1490583DAB3E}
Throttling: 0 0 0
Error type: HTTP error
Error code: HTTP status 403: The client does not have sufficient access rights (0x8FA10193)
Error note: Empty response content received

Operation 'Direct: Head' failed.
Protocol: HTTPS
Host: SMP01.example.com:4726
Path: /Altiris/ClientTaskServer/PostStatus.aspx
Connection Id: 9050.12640
Communication profile Id: {9F58E6E0-77BD-4997-8562-1490583DAB3E}
Throttling: 0 0 0
Error type: HTTP error
Error code: HTTP status 403: The client does not have sufficient access rights (0x8FA10193)
Error note: Empty response content received
Server HTTPS connection info:
   Server certificate:
      Serial number: ## ## ## ## b3 5b d3 69 f3 b3 d2 14 66 a7 dc ce 23 ## ## ##
      Thumbprint: ## ## ## 4c 5e 2e 85 ef 10 06 15 ## ## ## ## 99 ca 6f ## ##
   Cryptographic protocol: TLS 1.0
   Cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256
   Cipher algorithm: AES
   Cipher key length: 256
   Hash algorithm: SHA1
   Hash length: 160
   Key exchange algorithm: ECDH_P256
   Key length: 256

--------------------------------------------------------------------------------------------------
Date: 2/12/2019 12:38:01 PM, Tick Count: 71747296 (19:55:47.2960000), Size: 1.11 KB
Process: AeXNSAgent.exe (12640), Thread ID: 6300, Module: AeXNetComms.dll
Priority: 1, Source: NetworkOperation

Environment

ITMS 8.5, 8.6

Cause

The Task Service was removed from the affected server but the structure was left behind with incomplete references. In this case, it was the SMP itself showing the error.

The error can also be caused by deny rule in IIS "IP Address and Domain Restrictions" for specific IP or IPs.

 

Resolution

Try the following options:

Option 1:

If this message started to appear after you did an upgrade on the SMP Server from one version to another, reboot the SMP server. It should get resolved automatically.

Option 2:

  1. Check if the following virtual directory exists:
         IIS Manager>Default Web Site>Altiris>ClientTaskServer
    OR
         IIS Manager>Symantec Agent>Altiris>ClientTaskServer
  2. Check if you can browse to it and it opens:
         <install drive>\Program Files\Altiris\Altiris Agent\Client Task Server\ServerWeb
  3. If the folder above exists but it is empty, re-install the Task Services on the SMP (or whatever site server that is showing the error):
         SMP Console>Settings>Notification Server>Site Server Settings, find the SMP on the Site Servers list, and go to Services>Install/Remove services.
  4. Check if there are " IP Address and Domain Restrictions" rules. If there are, remove them. A Reset of IIS is not needed.

 

Example of Deny rule for host 192.168.2.108

 

Deny rule itself, the one that has to be removed.

 

 

 

 

 

 

 

Powered by Wolken Software