KNOWN ISSUE: Error "Unable to attach to specified device" appears when attempting a pcAnywhere connection

Article:TECH47700  |  Created: 2009-12-14  |  Updated: 2010-10-25  |  Article URL http://www.symantec.com/docs/TECH47700
NOTE: If you are experiencing this particular known issue, we recommend that you Subscribe to receive email notification each time this article is updated. Subscribers will be the first to learn about any releases, status changes, workarounds or decisions made.
Article Type
Technical Solution

Product(s)

Issue



The error "Unable to attach to specified device" appears when attempting a pcAnywhere connection to a computer running the pcAnywhere Solution host.

On the host computer, the Symantec pcAnywhere Host Service (awhost32.exe) is running.  The pcAnywhere system tray icon appears in the Waiting state, unless the policy option for "Hide host tray icon" option is enabled in the host configuration policy.

It;s possible the command "netstat -an" does not show TCP 0.0.0.0:5631, which indicates that the host service is not listening on the expected TCP port 5631. This can be verified by viewing the registry value HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\pcAnywhere\CurrentVersion\System\TCPIPDataPort, such that the value is not 0x15ff (5631).

The client policy XML file C:\Program Files\Altiris Agent\Client Policies\<servername>.xml may indicate empty values within the pcAnywhere settings element, including the HostDataPort value.  The default entry should be appear as <HostDataPort>5631</HostDataPort>, but instead it appears as shown here:

- <pcASettings>
   - <Host>
      - <General>
        <UserApproval>0</UserApproval>
        <EnableEncryption>0</EnableEncryption>
        <AcceptCallerString />
        <TimeOut />
        <HostDataPort />
     </General>

 

The same pcASettings element in the client policy XML file may also be missing information about callers, such that there are no <cif> elements present.  pcAnywhere uses one or more Caller Information File (CIF) to define who can authenticate.  Here is an example of what should be present:

 

     - <cif filename="WINNT.[Local Machine]+Administrators.cif" user="[Local Machine]\Administrators" isgroup="1" authtype="NT" usertype="StandardUser">
     - <![CDATA
          7VFscxxrJQingrJHJ3PTM7GmJe51No86P9Ats4uWlIu6tnkulS8hRfo06A4DQQlpIkR4Qduzeg6boY3rwCVkKhoZfRYp8gVBnAypAT...
     ]]>
     </cif>
</Security>

 


Environment



Symantec pcAnywhere Solution 12.5 SP1


Cause



The client policy file C:\Program Files\Altiris Agent\Client Policies\<servername>.xml may have multiple pcAnywhere settings elements.  The Symantec Management Platform allows cloning of policies, and even allows multiple policies with the same name.  As a rule, each pcAnywhere host computer must be a target of just one pcAnywhere Settings policy, regardless of whether the policy targets a computer list or a filter.  It is up to the Symantec Management Platform administrators to enforce this rule.

The creation of clones of the pcAnywhere Settings policy without ensuring that the targets are mutually exclusive can lead to this issue, such that the host computers are targets for multiple settings policies. 

Another cause for multiple policies applied to a host computer is creation of two policies; one before installing pcAnywhere Solution Service Pack 1 (SP1) and one after.  During the installation of SP1, existing clones of pcAnywhere policies are removed or "hidden" from view in the Symantec Management Console.  They still exist in the database, and it is possible that the "hidden" policies are turned On and still have targets assigned.  The "hidden" policies may contain an empty <HostDataPort /> element and other missing data.

The pcAnywhere Solution plug-in implements the first settings it finds in the client policy XML file.  If the "hidden" policy settings appear first, then the intended settings below it are ignored.  The result is that the pcAnywhere host is not listening on the correct port 5631 or with the desired settings, and is therefore not available for remote control connections.


Solution



This issue is resolved in Service Pack 2 of pcAnywhere: https://kb.altiris.com/article.asp?article=50630&p=1

If you are unable to update at this time, please see the information below:

If the cause is that multiple policies in the Symantec Management Console target the same host computers, then the solution is to remove the affected host computers as the target of all but one pcAnywhere Settings policy.  Targets for pcAnywhere Settings policies must be mutually exclusive.

If multiple <pcASettings> elements are present in the client policy XML files, but you cannot see both policies in the Symantec Management Console, then it is likely that the extra policies were "hidden" from the Symantec Management Console during the upgrade to pcAnywhere Solution SP1.  In this case, it is necessary to implement the resolution provided in Knowledge Base article KNOWN ISSUE: SP1 installation overwrites customizations to default policies and removes cloned policies.  Note that the article was written for servers running the English language, so the default policy Name values shown in the SQL commands may require translation to other languages.  For example, 'pcAnywhere Settings - Windows' is specific to English, so the SQL statement shown in that article will not produce the desired effects if the Symantec Management Platform server is configured for another language.

Symantec will change the behavior with pcAnywhere Solution Service Pack 2 (SP2).  The installation of SP2 will preserve existing policy clones rather than remove them from view.  In addition, when a policy is cloned with SP2, the targets will be automatically removed so that the new clone will not have any targets by default.  These changes should prevent the behavior that was present after installation of SP1.  It will still be the responsibility of the Symantec Management Platform administrators to ensure that each computer running the pcAnywhere Solution plug-in is a target for only one Settings policy.

Please contact Symantec Technical Support for further assistance.


Supplemental Materials

ValueETK 1890273
DescriptionLogged in Etrack (Symantec) database

Legacy ID



50644


Article URL http://www.symantec.com/docs/TECH47700


Terms of use for this information are found in Legal Notices