The customer started noticing that client machines are not able to connect via CEM mode.
The agent UI shows the following messages:
The agent logs showed messages like these ones:
Entry 1:
Failed to send basic inventory, COM error: An operation was attempted on something that is not a socket (0x80072736)
-----------------------------------------------------------------------------------------------------
Date: 10/21/2021 10:03:17 AM, Tick Count: 92620921 (1.01:43:40.9210000), Size: 345 B
Process: AeXNSAgent.exe (3256), Thread ID: 4752, Module: AeXNSAgent.exe
Priority: 1, Source: ConfigServer
----
Entry 2:
Configure Server Mode: Failed to receive server version from 'smp03.domain.com'
-----------------------------------------------------------------------------------------------------
Date: 10/21/2021 10:01:26 AM, Tick Count: 92509156 (1.01:41:49.1560000), Size: 314 B
Process: AeXNSAgent.exe (3256), Thread ID: 4752, Module: AeXNSAgent.exe
Priority: 1, Source: ConfigServer
The Internet Gateway logs showed that client machines were actually reaching out to the gateway but the gateway couldn't reach out to the SMP server:
Entry 1:
Exception during receive from [ip:73.212.106.199:50092, id:d1439a7d-754d-4ee6-8127-a2389b9d0dcd, type: Client, disposed: False] and sending to []: System.Exception: Unable connect to smp03.domain.com:4726 for [ip:73.212.106.199:50092, id:d1439a7d-754d-4ee6-8127-a2389b9d0dcd, type: Client, disposed: False]
at InternetGateway.ForwardSocket.Connect(Socket socket, String host, Int32 port, ForwardSocket owner)
at InternetGateway.ForwardSocket.Connect(String host, Int32 port, Task`1 forward)
at InternetGateway.ServerSocket.Create(String host, Int32 port, ForwardSocket client, ServerDetails server)
at InternetGateway.GatewaySslSocket.CreateForwardSocket(ForwardSocket s2)
at InternetGateway.SslSocket.SafeRead(IAsyncResult res)
-----------------------------------------------------------------------------------------------------
Date: 10/21/2021 12:29:33 PM, Tick Count: 0 (00:00:00), Size: 322 B
Process: InternetGatewayManager (2868), Thread ID: 6, Module: InternetGatewayManager.exe
Entry 2:
Web exception occurred during Server certificate request - The remote name could not be resolved: 'smp03.domain.com'.
-----------------------------------------------------------------------------------------------------
Date: 10/21/2021 12:29:33 PM, Tick Count: 0 (00:00:00), Size: 364 B
Process: InternetGatewayManager (2868), Thread ID: 6, Module: InternetGatewayManager.exe
The internet gateway logs showed that the gateway was trying to reach a page like this one:
https://smp03.domain.com:4726/Altiris/NS/Agent/GetServerCertificate.aspx?CRL=False&Version=8.5.5713.0&Guid=8b6cadcd-2a66-4809-835f-e52971a3fa34
However, the remote name could not be resolved when we tried to access this page from a browser on the gateway server.
ITMS 8.5, 8.6
Network issue. The customer found out another team removed their server names from the HOSTS file on the gateway server, so that’s why communication stopped going to their SMP server.
Make sure you can reach the SMP server from the Gateway server.
Some people may need to validate that their Hosts file (under C:\Windows\System32\drivers\etc) has the proper SMP server references in case that is needed or that the proper entries in their firewall can let the communication thru from the gateway server to the SMP server.
Note:
If you prefer, you can use this PowerShell command to determine if it is a firewall issue:
It will not work if entries in HOSTS file are missing:
Command |
Result |
Reason |
Test-NetConnection-ComputerName<nsname>-Port4726
|
TcpTestSucceeded:False
|
C:\Windows\System32\drivers\etc\hosts file missing SMP/Site server to IP Address info |
However, if you do the same test with the IP address reference added to the HOSTS file, see if it works:
Command |
Result |
Reason |
Test-NetConnection-ComputerName<ipaddress> -Port4726
|
TcpTestSucceeded:True
|
No firewall issues |
If it doesn't work when the IP Address is specified on the HOSTS file, then it is most likely a firewall issue.