Troubleshooting Agent Management Jobs

If agent managements are not completing successfully, additional configuration may be required.

If the Ivanti Endpoint Security server or an applicable network endpoint has lost its trust relationship with the domain, Agent Management Jobs will fail with an error of access denied.
To verify if this issue is causing Agent Management Job failure, ensure that the Ivanti Endpoint Security server can connect to the applicable endpoints C$, and that the applicable endpoints can connect to the server's C$. To verify these connections, type the following command from the applicable endpoint or server prompt: \\EndpointIPAddress\C$.

If the following system output results from the command, your endpoint or server has lost its trust relationship with the domain: The trust relationship between this workstation and the primary domain failed.
To resolve this issue, remove the applicable server or endpoint from the domain, and then add it back. This process forces the domain to refresh the endpoint password. The endpoint password prompts users for resetting at scheduled intervals according to its security settings.
To disable password changes, see below.

Resolving Endpoint UAC Issues

On endpoints running Windows, UAC security features are set to highly restrictive levels by default. These settings must be configured properly to ensure Agent Management Job success.
When a Windows endpoint is in this default UAC configuration, Agent Management Jobs fail with an access denied error.

Use one of two methods to resolve this issue:

Disabling Password Changes

Do disable password changes, create a registry key for the applicable endpoint. Perform this task from the applicable endpoint.

  1. Select Start > Run.
    The Run dialog opens.
  2. Type regedit in the Open field.
  3. Click OK.
    The Registry Editor opens.
  4. Expand the directory tree structure to My Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters.
  5. Right-click DisablePasswordChange.
  6. Select Modify.
    The Edit DWORD Value dialog opens.
  1. In the Value data field, type 1.
  2. Click OK.
    The key value is updated. User profile passwords can no longer be edited on the applicable endpoint.