After upgrading to Symantec Management Platform (SMP) 8.5, the following messages were noticed:
Operation 'Direct: Head' failed.
Protocol: HTTPS
Host: SMP01.example.com:4726
Path: /Altiris/ClientTaskServer/PostStatus.aspx
Connection Id: 9050.12640
Communication profile Id: {9F58E6E0-77BD-4997-8562-1490583DAB3E}
Throttling: 0 0 0
Error type: HTTP error
Error code: HTTP status 403: The client does not have sufficient access rights (0x8FA10193)
Error note: Empty response content received
Operation 'Direct: Head' failed.
Protocol: HTTPS
Host: SMP01.
example
.com:4726Path: /Altiris/ClientTaskServer/PostStatus.aspx
Connection Id: 9050.12640
Communication profile Id: {9F58E6E0-77BD-4997-8562-1490583DAB3E}
Throttling: 0 0 0
Error type: HTTP error
Error code: HTTP status 403: The client does not have sufficient access rights (0x8FA10193)
Error note: Empty response content received
Server HTTPS connection info:
Server certificate:
Serial number: ## ## ## ## b3 5b d3 69 f3 b3 d2 14 66 a7 dc ce 23 ## ## ##
Thumbprint: ## ## ## 4c 5e 2e 85 ef 10 06 15 ## ## ## ## 99 ca 6f ## ##
Cryptographic protocol: TLS 1.0
Cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256
Cipher algorithm: AES
Cipher key length: 256
Hash algorithm: SHA1
Hash length: 160
Key exchange algorithm: ECDH_P256
Key length: 256
--------------------------------------------------------------------------------------------------
Date: 2/12/2019 12:38:01 PM, Tick Count: 71747296 (19:55:47.2960000), Size: 1.11 KB
Process: AeXNSAgent.exe (12640), Thread ID: 6300, Module: AeXNetComms.dll
Priority: 1, Source: NetworkOperation
ITMS 8.5, 8.6
The Task Service was removed from the affected server but the structure was left behind with incomplete references. In this case, it was the SMP itself showing the error.
The error can also be caused by deny rule in IIS "IP Address and Domain Restrictions" for specific IP or IPs.
Try the following options:
Option 1:
If this message started to appear after you did an upgrade on the SMP Server from one version to another, reboot the SMP server. It should get resolved automatically.
Option 2:
Example of Deny rule for host 192.168.2.108
Deny rule itself, the one that has to be removed.