When attempting to save any changes made to Software Update Policies the operation fails with a generic “Error saving changes.” Box at the top of the policy dialogue.
The error is written into the SMP logs similar to the following:
source="Altiris.PatchManagementCore.Web.Policies.SoftwareUpdateTask.btlOKCancel_ApplyClicked"
<![CDATA[Error saving advert set policy: (POLICY NAME).
( Exception Details: Altiris.NS.Exceptions.AeXException: Unable to lookup the SID associated with the specified account ---> System.ArgumentException: String cannot be of zero length.
Parameter name: name
at System.Security.Principal.NTAccount..ctor(String name)
at Altiris.NS.Security.SecurityTrusteeProvider.LookupSidFromName(String scope, String name)
--- End of inner exception stack trace ---
at Altiris.NS.Security.SecurityTrusteeProvider.LookupSidFromName(String scope, String name)
at Altiris.NS.UI.Controls.UserSettings.UserNameToSID(String user)
at Altiris.NS.UI.Controls.UserSettings.SaveSettings(String user, String id, Object settings)
at Altiris.PatchManagementCore.Web.Policies.SoftwareUpdateTask.btlOKCancel_ApplyClicked(Object sender, EventArgs e) )
( Exception logged from:
at Altiris.Diagnostics.Logging.EventLog.ReportException(Int32 severity, String strMessage, String category, Exception exception)
at Altiris.Diagnostics.Logging.EventLog.ReportException(String strMessage, String category, Exception exception)
at Altiris.NS.Logging.EventLog.ReportException(String strMessage, Exception exception)
at Altiris.PatchManagementCore.Web.Policies.SoftwareUpdateTask.btlOKCancel_ApplyClicked(Object sender, EventArgs e)
at Altiris.WebControls.ButtonState.RaiseClick()
at Altiris.WebControls.ButtonListControl.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at ASP.policies_softwareupdatetask_aspx.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
at System.Web.HttpApplication.ApplicationStepManager.ResumeSteps(Exception error)
at System.Web.HttpApplication.System.Web.IHttpAsyncHandler.BeginProcessRequest(HttpContext context, AsyncCallback cb, Object extraData)
at System.Web.HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr)
at System.Web.HttpRuntime.ProcessRequestNoDemand(HttpWorkerRequest wr)
at System.Web.Hosting.ISAPIRuntime.ProcessRequest(IntPtr ecb, Int32 iWRType)
)
( Extra Details: Type=Altiris.NS.Exceptions.AeXException Src=Altiris.NS
Inner Extra Details: Type=System.ArgumentException Src=mscorlib )]]></event>
The expected authentication is not occurring which results in the HTTP user context being blank or without a value that can be resolved to a SID. The root of the problem was that the page was set to allow “anonymous” access which was preventing the forced authentication from occurring.
Explanation: Patch Management edit pages, such as “SoftwareUpdateTask.aspx” verify the console user by calling for the user’s “HTTP context”. If no value is returned, or a value with no “domain\user” format then the associated SID will not be able to be resolved, which results in the error.
To test and see what is being returned when the edit page is loaded then do the following:
Applies To
Patch Management Solution 7.1 SP2 MP1
Symantec Management Platform 7.1 SP2 MP1