Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

windows assessment scan failing

Created: 25 Jul 2013 | 8 comments

Anyone else seeing this issue. The assessment scan is scheduled to run every 4 hours and when looking at the client all seems well but the server report doesn't show success. I've got about 50 workstations in the environment, mostly Dell 990's and 9010's but a few Dell laptops as well that just don't seem to update successfully. Obviously if the assessment scan info doesn't get to the NS no patching will occur. I've re-imaged the affected boxes and the scan runs perfectly for a couple of days then they all stop reporting at the same time. I have found that changing the BIOS processor setting from ALL (4) cores to single core will restore functionality. Symantec support have poked around the notification server without success. Any help would be greatly appreciated.

Dan

Operating Systems:

Comments 8 CommentsJump to latest comment

jasonj86tx's picture

Dan  , are these 64 bit machines with the 64 bit client or 64 bit machines with the 32 bit client?

dhobbs's picture

Jason

64 bit windows 7 OS and 32 bit MS office as a base. Based on folder location it would appear the app metering and inventory agents are 32 bit. DanAgents.PNG

HighTower's picture

Have you tried doing a full import of PMImport data again?

Roman Vassiljev's picture

Hi Dan,

The assessment scan is scheduled to run every 4 hours and when looking at the client all seems well but the server report doesn't show success.

Could you please clarify what server report are you checking and why do you think it is not correct.

Is my understanding correct that  Windows System Assessment scan has completed successfully on affected clients but compliance reports do not show any information about affected machines? Are there errors in agent logs?

Is this issue reproducible only for reporting results of assessment scan or it is also reproducible for other information reported from Client to NS(i.e. basic inventory)?

Thanks,
Roman

dhobbs's picture

HighTower, yes full imports were tried in both production and QA environments.

 

Roman, the Windows System Assessment Scan Summary report indicates last inventory received as being days/weeks ago. There are no errors in the client agent logs. All other communication between client and server seems to be OK.

 

we are currently investigating checkpoint endpoint protection client as a potential source of interruption to communication.

Roman Vassiljev's picture

Hi Dan,

‘Windows System Assessment Scan Summary’ report shows last time when scan results were reported. Please note that in case if checkbox 'Send Inventory Results Only If Changed' is enabled in your Windows System Assessment scan policy(Settings > Software > Patch Management), then scan result will be reported to NS only in case if it differs from previous run.

You may temporary disable this checkbox for verifying that everything is working - when this checkbox is unchecked, scan results will be sent to NS after every run of assessment scan.

Regards,
Roman

Joshua Rasmussen's picture

In addition; please review the troubleshooting steps outlined on KM: HOWTO60750, for it details how to troubleshoot failing Patch Inventories.

Step 3 on this KM article may be the resoluton you are looking for if the Client's Serverside Hash is corrupt.

Hope this helps,

Joshua

dhobbs's picture

Roman

'Send Inventory Results Only If Changed' is not enabled on the production or QA servers. I've enabled the setting on the QA server and I'll change it back tomorrow to see if some clients have a stuck configuration.

Joshua, tx for the how to article. I'll run through it but I still think the issue is client side. Client BIOS change from quad core to single processor results in successful assessment scan as does uninstall of the CheckPoint Media Encryption utility. I can't explain the BIOS change but the Checkpoint client is part of a security package that includes full disk encryption, media encryption VPN and Compliance components, and I think a firewall component.