Unable to install the Symantec Management Agent x64 bit on a Red Hat 8 Enterprise Workstation. The customer has tried the Symantec Management interface as well as manually installing it.
Keep getting the following error when trying to push:
// Failed to connect (SSH) - Exception from HRESULT: 0x8000EE06
// Computer 192.168.20.86(192.168.20.86) might be switched off.
// You may also need to check the credentials supplied, the firewall rules on the computer and its SSH or telnet configuration.
The customer has confirmed that SSH works (testing with Putty) and that he can log into the Red Hat 8 Enterprise Workstation using SSH and the credentials he is using are valid. He is using the root credentials.
The usual ports are open (based on our KB 184952 "Ports and Protocols for Symantec IT Management Suite (ITMS) 8.5 and 8.6"):
TCP ports open: 22, 80, 53, 443,1024, 52028, 1433, 389, 137, 3476
UDP ports open: 22, 53, 137, 138, 389, 445, 1024, 1433, 138, 3476, 1434, 52028, 52029, 65536
This is the error the customer gets when trying to install the Symantec Management Agent (they are taking the text directly from the Linux machine they are attempting to install this to):
[root@sc1-lab-groton Downloads]# ./aex-bootstrap-linux
Verifying archive integrity... All good.
Uncompressing Symantec Management Agent Installer 8.6.3126
INFO: Trying to extract embedded install XML from bootstrap file.
INFO: Connection established with 'https://SCUpdate.seacorp.com:443/'.
INFO: Getting Package: https://mainserver.domain.com:443/Altiris/NS/NSCap/Bin/Unix/Agent/Linux/x64 into temp dir: /opt/altiris/notification/nsagent/.tmp_inst
INFO: Successfully verified package signatures.
INFO: Success getting Package.
INFO: Installing package...
Fri Jul 15 10:26:29 EDT 2022
Performing installation of Symantec Management Agent for UNIX, Linux and Mac 8.6.3126
Installing Symantec Management Agent for UNIX, Linux and Mac 8.6 on the system.
DEBUG: agent-upgrade:780, Native package: aex-nsclt.rpm
DEBUG: agent-upgrade:486, install_cmd=while [ -f /tmp/aex-pkgmanager.lock ]; do pid=`cat /tmp/aex-pkgmanager.lock`; kill -0 $pid >/dev/null 2>&1; if [ $? -ne 0 ]; then break; fi; sleep 2; done; echo $$ > /tmp/aex-pkgmanager.lock; a=0; while [ $a -ne 10 ]; do a=`expr $a + 1`; rpm -U --ignorearch --force --nodeps --badreloc --relocate /opt/altiris/notification/nsagent=/opt/altiris/notification/nsagent aex-nsclt.rpm; install_res="$?"; if [ $? -eq 0 ]; then break; fi; sleep 20; done; rm -f /tmp/aex-pkgmanager.lock >/dev/null 2>&1; rmdir /tmp/nsclt >/dev/null 2>&1
package aex-nsclt-8.6-3126.x86_64 does not verify: no digest
ERROR: At least one input parameter for event sending is invalid: Action: 'Remote Install Finished', Client ID: ''.
ERROR: Failed to install package. Agent install failed.
Must provide either install XML in current working directory,
or run correct bootstrap file with embedded install XML,
or specify NS/URL parameter.
ITMS 8.5, 8.6
Known issue. If FIPS is enabled, the installation process has been blocked.
This issue has been reported to our Broadcom Development team. A fix has been added to our next major ITMS release (currently 8.7 version)
In order to validate if FIPS is enabled, please get output of following command:
If FIPS is turned on, the output should looks like this:
[root@sc1-lab-machine ~]# sysctl crypto.fips_enabled
crypto.fips_enabled = 1
As a workaround until the fix is available is to: