KNOWN ISSUE: Symantec Management Agent's service (AexNSAgent.exe): NSEs with 0kb in size is causing high CPU utilization.
|Article:TECH179450|||||Created: 2012-01-20|||||Updated: 2012-06-06|||||Article URL http://www.symantec.com/docs/TECH179450|
|NOTE: If you are experiencing this particular known issue, we recommend that you Subscribe to receive email notification each time this article is updated. Subscribers will be the first to learn about any releases, status changes, workarounds or decisions made.|
Customer reported that he noticed high CPU events caused by the AexNSAgent.exe process (Altiris Agent Service).
Symantec Management Platform 7.0x, 7.1, 7.1 SP1, 7.1 SP2.
Known Issue. We found a 0kb length file in the \Altiris\Altiris Agent\Queue\<NSName> directory. If this file is deleted (or moved) the CPU drops to normal levels. If this file is put back the CPU spikes again. It is caused by the fact that agent is not able to send such event, but not deleting the file as well.
This issue has been reported to Symantec Development team. The fix is part already in the SMP 7.1 SP2 Release.
There is a pointfix that can be provided under request by Support.
If you have SMP 7.1 SP1 installed, please request the file Pointfix_eTrack2655213.zip
Steps to rollout the pointfix:
1) Run Install.cmd to install the Client Package all NS-es in the hierarchy. Make sure that you run the install script from administrator elevated cmd.exe.
The original file will be backed up in the same folder where the 'Install.cmd' is located. NB! This step RESTARTS NS AND WEB SERVICES.
After installing the pointfix, you may want to consider the following:
1) Managed clients existing prior to the application of the pointfix will not automatically re-register/update the ‘Symantec Management Client’ (SMA) to v7.1.13851.6865. This will require a job/task to be created and/or re-roll out of the ‘Symantec Management Agent’ (SMA) to any managed clients prior to the pointfix.
2) Any future clients to be managed after the pointfix has been installed and have the SMA rolled out to them, will have the 7.1.13851.6865 version and be unaffected by the above incident.
Article URL http://www.symantec.com/docs/TECH179450