Altiris Registration Failed. Error: Access is denied (0x80070005)
search cancel

Altiris Registration Failed. Error: Access is denied (0x80070005)

book

Article ID: 225034

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

Error on some Agents shows 'Agent Registration failed' while actually they were registered with the NS and Site server properly.

Sending basic inventory and receiving update configuration is also working fine as far as you can tell. 

Verified that the affected client machine is not on multiple Targeted Agent Settings policies:

  • Check the client machine in the SMP Console to see if it was targeted by 2 different Targeted Agent Settings policies. 
  • In event viewer, see if you have the following warning:

    The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID

    {C2F03A33-21F5-47FA-B4BB-156362A2F239}

     and APPID

    {316CDED5-E4AE-4B15-9113-7055D84DCC97}

    to the user EXAMPLE\AltirisAdmin SID (S-1-5-21-1957994488-2139871995-725345543-1261163) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.

Environment

ITMS 8.x

Resolution

Make sure computer is targeted only by one Targeted Agent Settings Policy (under Settings\All Settings\Agents/Plug-ins\Symantec Management Agent\Settings\Targeted Agent Settings)
If applicable, remove it from the target of the second policy.

Based on warnings in event viewer:

1. Open Regedit
2. Go to HKEY_Classes_Root\CLSID\{C2F03A33-21F5-47FA-B4BB-156362A2F239} 
3. Right-click on it then select permissions  
4. Click Advance and change the owner to Administrators group. Also click the box that will appear below the owner line. ("Replace owner ...")
5. Apply full control 
6. Go to HKEY_LocalMachine\Software\Classes\AppID\{316CDED5-E4AE-4B15-9113-7055D84DCC97} 
7. Right click on it then select permission 
8. Click Advance and change the owner to Administrators group
9. Click the box that will appear below the owner line 
10. Click Apply and grant full control to the Administrators group
11. Go to Administrative tools 
12. Open component services 
13. Click Computer, click my computer, then click DCOM 
14. Look for the corresponding service that appears on the error viewer [Immersive Shell]
15. Right click on it then click properties 
16. Click security tab then click Add User. Add Local Service then apply 
17. Tick the Activate local box 

Reboot the Computer

Powered by Wolken Software