Agent-less Collection - Evaluation - Reporting type jobs randomly returns "Unknown" results from windows assets when the Dissolving Agent gathers Audit Policy data. Running the same job, the same configuration, on the same assets - one time returns the expected FAIL/PASS results - and intermittently it returns "unknown" for one or more checks.

No error message as such.

As data was still being collected and processed by the dissolving agent on the agent-less target, the CCS manager was collecting (partial) data too early and therefore the data returned was incomplete and triggered unknown results - this is considered a defect in the product.

Symantec has released Quick Fix 10712 for CCS v 11.1 & 11.5 with SCU 2016-2 and the same code fix will ship with the SCU 2016-3 update too. If you require the Quick Fix for SCU 2016-2 please contact you local technical support representative and refer to this technote.

Or visit our existing SCU repository for the applicable SCU version Release Notes and Executable:

• SCU 2016-2: https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=ccs&pvid=scu&year=&suid=20160909_00
• SCU 2016-3: https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=ccs&pvid=scu&year=&suid=20170127_00