Error: The specified host resource has been blacklisted OR The specified host has been blocked
search cancel

Error: The specified host resource has been blacklisted OR The specified host has been blocked

book

Article ID: 157217

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

Seen in the Management Platform Server logs: 'The specified host resource has been blacklisted'

Attempt to save messaging resource with GUID <GUID code here> has been blocked by the Host Resource Blacklist.

Entry 1:
NSE dispatch failed for: id=241818333, from: <MachineGuid>, to: 'Basic Inventory Capture Item' (1592b913-72f3-4c36-91d2-d4eda21d2f96)
Failed to process NSE.
 
Entry 2:
Attempt to save messaging resource fc192927-b95b-494e-b80b-05234ea250b4 has been blocked by the Host Resource Blacklist.
Exception of type 'Altiris.NS.TaskManagement.TaskStoppedException' was thrown.
   [Altiris.NS.TaskManagement.TaskStoppedException @ ]

If the system is a gateway, you may see this message:

Failed getting certificateResponse from server: <error number="8000FFFF"><![CDATA[Unable to get the client certificate associated with the specified request (Exception: Unable to process CreateResource request: The specified host resource has been blocked: 5f8d57bf-b694-4b35-9d02-b23fb8c975d3 automatically)]]></

As well, under the Agent logs and Agent UI you may see messages about:

Unexpected response from URL "GetClientPolicies.aspx": The specified resource does not exist: <machineGUID>

Cause

The GUID that is assigned to the agent has been added to the AgentBlacklist table and is being blocked to prevent corrupted data from entering the database.

Resolution

Clear the Agent Blacklist table by following these steps:

Run the following query against the database to get a list of all agents being blacklisted

SELECT vi.name, ab.guid FROM agentblacklist ab
JOIN vitem vi on vi.guid = ab.guid

 Do one of the following:

Option 1) Remove just the computer(s) you are interested in:

DELETE FROM agentblacklist
WHERE guid ='<GUID>'  -Replace <GUID> with the guid assigned to the computer from the list above

Option 2) Empty the table completely:

TRUNCATE TABLE agentblacklist

Note: 

There is no functionality loss with truncating the agentblacklist table; however if the customer wants, please take a backup of Symantec_CMDB before making any change.
You may need to wait for a day after truncating the agentblacklist table to get the errors to disappear.

In some cases this is only a temporary solution as there is a deeper issue causing the agent to be added to the agentblacklist table in the first place. If this deeper issue is not addressed the agent will eventually be added to the table again and resume being blocked.

The most common reasons for an agent to be added is that there are multiple resources reporting with the same GUID a condition known as Shared GUID. This condition is most commonly caused by systems being cloned with the Symantec Management Agent (SMA) already installed. When cloning systems either remove the SMA prior to cloning, or use a program like Microsoft's SysPrep to remove the SMA's GUID from the image.

 

Additional Information

Detecting Shared GUIDs
For a report and an SQL query to see which computers appear to be sharing GUIDs and which will be removed using the process below, see: Detecting computer with Shared GUIDs
 

Powered by Wolken Software