Customer had a lot of workstations with an assessment scan code of -2147467259 when the Windows System Assessment Scan (WSAS) was set to only run once (no repeating schedule) and with the option checked to "Execute scan immediately on clients when this policy is first received or when this policy is modified".

Customer's assumption was that with these settings the WSAS will run everytime the PMImport is updated, but that's not what we are seeing.  We're seeing no executions.

The Run Once functionality did not perform as we thought it would, resulting in the Policy going inactive on endpoints.

Set the schedule of the WSAS to target all clients, and set a definite Run time, probably weekly at the longest.  This will keep the Policy active on the endpoints.