Agent not registered on Task Server. Authentication failed, response to server challenge denied, check credentials are correct, error: The logon attempt failed (0x8009030C)
book
Article ID: 174252
calendar_today
Updated On:
Products
IT Management Suite
Issue/Introduction
None of the agents are registering to a Task Server. Errors on the agent logs shows messages like these:
Entry 1: Error code: HTTP error occured (0x80042D21) Error note: Authentication failed, response to server challenge denied, check credentials are correct, error: The logon attempt failed (0x8009030C)
Entry 2: Error code: HTTP status 401: The request requires user authentication (0x8FA10191) Error note: Empty response content received
Error:
Operation 'Direct: Head' failed. Protocol: HTTP Host:notification server address Path: /Altiris/TaskManagement/CTAgent/GetClientTaskServers.aspx Connection Id: 781.6792 Communication profile Id: {XXXXX1B3-B8EE-XXXX-89D9-F5B44660XXXX} Throttling: 0 0 0 Error type: HTTP error Error code: HTTP status 401: The request requires user authentication (0x8FA10191)
Error note: Authentication failed, server refused to authenticate with provided credentials
Operation 'Direct: Head' failed. Protocol: HTTPS Host: <servername>.example.net:443 Path: /Altiris/TaskManagement/CTAgent/GetClientTaskServers.aspx Connection Id: 1162.8508 Communication profile Id: {XXXXX26-1D8D-XXXX-8CB2-8235047XXXXX} Throttling: 0 0 0 Error type: HTTP error Error code: HTTP error occured (0x80042D21) Error note: Authentication failed, response to server challenge denied, check credentials are correct, error: The logon attempt failed (0x8009030C) Server HTTPS connection info: Server certificate: Serial number: XX XX XX XX XX f7 29 af 48 b6 84 c5 XX XX XX XX Thumbprint: XX XX XX XX XX 24 8b 60 fc d5 31 1a 24 2e 1b a0 XX XX XX XX Cryptographic protocol: TLS 1.0 Cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Cipher algorithm: AES Cipher key length: 256 Hash algorithm: SHA1 Hash length: 160 Key exchange algorithm: ECDH Key length: 255
Environment
ITMS 8.x
Cause
"Custom Agent Connectivity Credential defined for this profile" was set to use wrong credentials.
Resolution
In Console Check:
Go to Settings> All Settings> Agent Settings> Symantec Management Agent> Symantec Management Agent Communication Profile> Notification server name
Click on edit in front of "Custom Agent Connectivity Credential defined for this profile" and choose default one, or proper username password.
Also, on the same Agent Communication Profile, under "SSL certificates are defined for current profile > Edit, add the proper TLS checkboxes for what is allowed in your environment (if you are not sure, make sure TLS 1.0, TLS 1.1, and TLS 1.2 boxes are checked)