The “proxy” error was in final removed by removing any proxy settings into Altiris console “Notification Server Settings / Proxy: Do not use”
I don’t get any updated policy update on the site server/package service agent, when changing this proxy settings, but agent's logs stop reporting proxy error.
Of course, the central NS is not any more able to access the Internet… Can be a problem !!
But WHY those site servers are they using this proxy settings to get their package from the notification server himself ? That is amazing !
I can believe in some situations, with the cache option, this can be useful to use a proxy internally to get download package, with a reducing traffic from Datacenter where the NS is, but mainly, Proxy is used to access Internet !
Why not separating the settings ?
Explicit provide a proxy settings for site servers, instead of a global one, same for NS access Internet and Site package services to get access NS packages (using http/https, of course, SMB/UNC do not use the proxy, and happy, this allow most installations are working)
We don’t really need to deactivate http/https, but was an attempt to force UNC, in fact another issue. See next, the process I do not test to deactivate http provided from Support escalation.
Workaround ? Deactivating the use of http, so we can keep the proxy, remove the error but keep package services replica using SMB/UNC only
This is not meaning that agent can't use http/https (important for CEM feature in 8.x), only NS stop publishing http/https codebase for packages.
The support escalation provide the following process to deactivate the http/https ! (as NSconfig not any more with) But I do not test it yet.
- In the Notification Server, browse to C:\ProgramData\Symantec\SMP\Settings
- Make a copy of the 'CoreSettings' file (Highlight the file name > Ctrl C > Ctrl V in the same folder)
- Open Coresettings.config file as an administrator using notepad or notepad ++
- Scroll down to 'GetPackage Info Settings'
- The below three entries should be found there.
<customSetting key="GenerateNSUNCPackageCodebases" type="local" value="1" />
<customSetting key="GenerateNSHTTPPackageCodebases" type="local" value="1" />
<customSetting key="GenerateNSHTTPSPackageCodebases" type="local" value="1" />
- Change the HTTP and HTTPS entries to 0 value. UNC entry value should be left as 1.
- Click save
- Please ensure the changes made get saved in the 'coresettings.config' file.
- Once changes made have been verified in the file, please test and advise if this forces UNC for NS to distribute packages to package servers.
If someone apply this one above, thanks to share the result !