Symptoms

Scan results will show a limited number of missing patches, generally Microsoft Visual C++ or Studio Shell.  Additionally, the scan results will not show Patches Installed or Service Packs Missing

Results will show similar to this:

The expected results:

Cause

You are running in an unlicensed limited mode and  you are very limited in the actions you are allowed to perform.

Resolution

Activate Shavlik Protect with a valid license, you can do this online or manually.

Affected Product(s)

Shavlik Protect 9.X

Symptoms

• Patch files fail to download
• Patch definitions fail to update
• Threat definitions files fail to download
• Activation or License Refresh fails
• Home page RSS feed fails to load
• Product check for update fails

Purpose

This article provides a list of required web addresses for the Protect application.

Cause

This issue occurs if one or more web addresses required by the Protect console server are blocked.

Resolution

To resolve this issue, ensure that these Web addresses required by Protect are accessible and allowed through firewalls, proxies, or web filters:

• http://a1540.g.akamai.net
• http://archive.apache.org
• http://ardownload.adobe.com
• http://cdburnerxp.se
• http://download3.vmware.com
• http://h20000.www2.hp.com
• ftp://mozilla.stu.edu.tw
• http://java.com
• http://mail.bolioshot.com
• http://airdownload.adobe.com
• http://audacity.googlecode.com
• http://messenger.yahoo.com
• http://download.cdburnerxp.se
• ftp://ftp.adobe.com
• ftp://ftp.winzip.com
• ftp://ftp.attglobal.net
• http://appldnld.apple.com.edgesuite.net
• http://desktop.google.com
• http://download.nullsoft.com
• http://picasa.google.com
• ftp://ftp.mozilla.org
• http://cgl.microsoft.com
• http://attnetclient.com
• http://ftp.hp.com
• http://ftp.opera.com
• ftp://releases.mozilla.org
• http://content.rim.com.edgesuite.net
• http://download.cdn.mozilla.net
• http://cache.pack.google.com
• http://qtinstall.info.apple.com
• http://cdn04.foxitsoftware.com
• http://download.documentfoundation.org
• http://download.jp.microsoft.com
• http://download.imgburn.com
• http://get3.opera.com
• http://www.mozilla.com
• http://code.msdn.microsoft.com
• http://download.macromedia.com
• http://download.tuxfamily.org
• http://download.citrix.com.edgesuite.net
• http://ftp.adobe.com
• http://hfnetchk4.shavlik.com
• http://www.uvnc.com
• http://download.newaol.com
• http://files2.zimbra.com
• http://download.adobe.com
• http://iweb.dl.sourceforge.net
• http://download.skype.com
• http://downloadarchive.documentfoundation.org
• http://downloads.sourceforge.net
• http://get.adobe.com
• http://ftp.mozilla.org
• http://superb-dca2.dl.sourceforge.net
• http://superb-dca3.dl.sourceforge.net
• http://superb-sea2.dl.sourceforge.net
• http://support.microsoft.com
• http://hivelocity.dl.sourceforge.net
• http://swdownloads.blackberry.com
• http://ftp.ussg.iu.edu
• http://ftp.osuosl.org
• http://localhostnt4w
• http://upgrade.skype.com
• http://filezilla-project.org
• http://hotfixv4.microsoft.com
• http://notepad-plus-plus.org
• http://voxel.dl.sourceforge.net
• http://fpdownload.macromedia.com
• http://mirrors.syringanetworks.net
• http://microsoft.com
• http://realvnc.com
• http://static.slysoft.com
• http://support1.uvnc.com
• http://www.videolan.org
• http://www.zimbra.com
• http://mozy.com
• http://pidgin.im
• http://software-dl.real.com
• http://tomcat.apache.org
• http://support.citrix.com
• http://go.microsoft.com
• http://tortoisesvn.net
• http://www.aim.com
• http://www.apple.com
• http://www.citrix.com
• http://www.coreftp.com
• http://javadl.sun.com
• http://localhost
• http://mozilla.stu.edu.tw
• http://www.7-zip.org
• http://office.microsoft.com
• http://mirror.sdunix.com
• http://www.download.windowsupdate.com
• http://www.gtlib.gatech.edu
• http://www.getpaint.net
• http://silverlight.dlservice.microsoft.com
• http://support.apple.com
• http://www.foxitsoftware.com
• http://sourceforge.net
• https://support.citrix.com
• http://www.goo.bar.baz
• http://www.adobe.com
• http://surfnet.dl.sourceforge.net
• http://www.realvnc.com
• http://www.google.com
• http://www.landesk.com
• http://www.imgburn.com
• http://xh.yimg.com
• https://secure.mozy.com
• http://www.seamonkey-project.org
• http://wiresharkdownloads.riverbed.com
• http://www.java.com
• http://www.libreoffice.org
• http://www.winamp.com
• https://ftp.mozilla.org
• https://hfnetchk4.shavlik.com
• http://www.microsoft.com
• http://www.skype.com
• https://www.blackberry.com
• http://www.vmware.com
• https://addons.mozilla.org
• ftp://ftp.hp.com
• http://appldnld.apple.com
• http://audacity.sourceforge.net
• http://dl.google.com
• http://download.microsoft.com
• http://download.windowsupdate.com
• http://download.winzip.com
• http://download-akm.skype.com
• http://forum.shavlik.com
• http://heanet.dl.sourceforge.net
• http://openoffice.cs.utah.edu
• http://opera.com
• http://supportdownload.apple.com
• http://wl.dlservice.microsoft.com
• http://www.apache.org
• http://www.dotpdn.com
• http://www.gimp.org
• http://www.macromedia.com
• http://www.mozilla.org
• http://www.mozy.com
• http://www.rarlab.com
• http://www.real.com
• http://www.shavlik.com
• http://www.slysoft.com
• http://www.uvnc.eu
• http://www.winzip.com
• http://www.wireshark.org
• http://xml.shavlik.com
• http://updates.sunbelt-software.com
• http://hfnetchk4.shavlik.com
• https://na8.salesforce.com/ftp.mozilla.org
• http://license.shavlik.com
• http://autoupdate.shavlik.com
• http://www.sunbelt-software.com
• http://protect7.shavlik.com
• http://files2.zimbra.com
• http://download.tuxfamily.org
• http://audacity.googlecode.com

If you require the IP addresses to create exceptions you can find the IP addresses used for XML.shavlik.com here. To obtain the IP for vendor sites you can ping the site for the current IP address or contact the vendor to obtain this information.

Affected Product(s)

Shavlik Protect, All versions

vCenter Protect 8.x

Shavlik Rebrands

Symptoms

When running a patch scan with Protect, the target machine fails to scan, and you recieve the error:

Error 101: Unable to determine OS Language

Within the hf.log you see logging similar to this:

2013-11-19T21:20:38.3196511Z 1c2c E FastFile.cpp:98 GFF - Init failed
2013-11-19T21:20:38.3196511Z 1c2c V FileInfo.cpp:330 GetVersionData failed for \\192.168.x.x\C$\WINDOWS\system32\NTDLL.DLL
Invalid dos header
5001
2013-11-19T21:20:38.3196511Z 1c2c V FileInfo.cpp:218 Using FB
2013-11-19T21:21:16.1962083Z 1c2c V Machine.cpp:942 Unable to determine language
2013-11-19T21:21:16.1962083Z 1c2c V MachineSelector.cpp:668 Prereq - FAIL - Unable to determine System Language

2013-11-19T21:21:16.1962083Z 1c2c V Registry.cpp:224 ERROR: CloseOpenKey() - RegCloseKey returned error 1727 for key Handle 0x00000000004CC7E1.
2013-11-19T21:21:16.1962083Z 1c2c I MachineSelector.cpp:712 CHFScanThreadClass - DID NOT pass Prereqs

2013-11-19T21:21:16.1962083Z 1c2c V DBOutput.cpp:53 Start output of one machine (DB)
2013-11-19T21:21:16.1962083Z 1c2c I DBOutput.cpp:71 Reason [101]

Cause

Protect's scan process uses the target system's NTDLL.DLL file to determine the operating system's language setting. If this file is inaccessible or corrupt, the prerequisite validation fails and the scan is aborted.

Resolution

1) Verify that you are using an Administrator account to run the scan, and that the account has at least read rights to the ntdll.dll file on the target system.

The path to the file is C:\Windows\System32\ntdll.dll

2) Analysis of an affected DC revealed that the Network account was given explicit denial and the Administrator’s permission was drastically reduced. The cause of the permission change is undetermined, but the DC was involved in a system state restore as part of a disaster recovery process, it could have changed prior to, or during this event. Restore the permission to the original state as inherited from the C:\Windows\System32\ folder.

3) Open a command prompt on the target system, and try re-registering the dll using the following commands:

cd C:\Windows\System32

regsvr32 ntdll.dll

4) The operating system may be corrupted. You can try the following additional steps to possibly resolve this issue:

-Reboot the target system, and see if the issue still persists.

-Run the Microsoft System File Checker tool (sfc.exe). This Microsoft article is helpful: http://support.microsoft.com/kb/929833/en-us#manually

-If you have a restore point, you could attempt a system restore. More information about using system restore can be found in the Microsoft article, here: http://windows.microsoft.com/en-US/windows7/products/features/system-restore

Affected Product(s)

Shavlik Protect 9.x

Purpose

The purpose of this document is to troubleshoot an issue that comes up when someone selects a machine after going to View > Machines.

Symptoms

The console will hang and become unresponsive before it needs to be shut down and restarted. This will happen once a machine is selected from the Machine View. There will be no errors in any logs because the console will not reach a point where it crashes to log the error.

Cause

There can be multiple causes for the issue:

1) Database Resources were exceeded because SQL Express can only handle 1 virtual Socket and 4 cores. To resolve this issue, follow this article:Configuring Virtual CPUs To Optimize Performance With SQL Server Express And Shavlik Protect

2) The download patch directory is over 20GB in size and needs to be cleaned up. To resolve this issue, follow the steps below.

Resolution

1) Open up the Shavlik console that is attached to the Agent.

2) Go to Manage > ITScripts.

3)  Highlight the 'Console Clean Up' script under the 'Maintenance' Category and then select 'Approve'. NOTE: This script deletes patches and deployment files that are older than the specified ages (default 180 days) since they were created or downloaded.

4) Once the ITscript has been approved. Close out of the 'Manage ITScripts' window and navigate to Tools > Run Console ITScripts.

5) This will bring up the Run ITScripts window. Select the 'Console Clean Up' script from the drop-down box (default if it is the only one approved) and click Continue.

NOTE: There are two different parameters with this ITScript.

• deploymentAge (removes files from the DataFiles\Installs directory that are older than the number of days specified)
• patchAge (removes files from the Patches directory (as specified in Tools > Downloads > Patch Download directory that are older than the number of days specified)    

          If you want to change the 180 day parameters for either the deploymentAge or the patchAge:

               1) Select the parameter.

               2) Click the 'Edit' button.

               3) Select the value to remove files from the specified directory that are older than the number of days. (This is for the number of days that the file has been sitting in the specified directory NOT how old the patch is.)

6) Confirm the target machine affected and then select when you want the script to run and then click on Run.

7) Once the run has completed, verify that patches have been cleaned up based on the parameters specified above within the Patches directory (Default: C:\Windows\ProPatches\Patches or as specified in Tools > Downloads > Patch Download directory)

8) Go to View > Machines and then select a machine and the issue should now be resolved.

Additional Information

This may happen because the Protect console is trying to assess what patches within the Patches directory have been applied to the machines and if the folder is at a large capacity, the console will hang due.

This may also happen when anything is selected within the View menu.  

Affected Product(s)

Shavlik Protect 9.x

Symptoms

A patch deployment fails with the following error after machines were moved to a different domain :

The specified network name is no longer available: Error 64

Cause

Credentials entered in Manage Credentials contained the previous domain name in the User name field

Example: OldDomain\username

Resolution

Changed the User name field under Manage Credentials  to reflect the new domain membership of the target machines

Example:
Original User name field,  OldDomain\Username changed to NewDomain\Username 

Affected Product(s)

Shavlik Protect 9.x

I have MS13-A06 in my patch template, but Shavlik Protect is not finding it as missing. Qualys is showing it as missing and after manually installing the patch Shavlik Protect is not showing as installed either. version is 9.1.0 Build: 4511.

Symptoms

Patches fail to install and the Deployment Tracker never updates past 'Executed 0 of X'.

Cause

There may be an issue with the Windows Event Log service, the CL5.exe is dependent on this window service or it will not function properly

Resolution

To resolve this specific error\scenario you will need to get the Windows Event Log service working correctly.  Often, restarting the service or the computer will correct the issue

Affected Products

Shavlik Protect: All Versions

Symptoms

Some administrators may see multiple versions of the same Patch detected as missing despite them all not needed for installation.

An example of this is shown in the following screenshot:

Cause

This behavior is caused by Protect having been altered from its default configuration to not use replacement patches/supersedence in its patch scans.

Resolution

To resolve this, only a simple configuration change needs to be made to enable supersedence in Protect.

To do this:

- Open up Shavlik Protect.

- Go to Tools > Options > Scans.

- Check the box next to Use Replacement patches to enable supersedence in Protect and eliminate unnecessary missing patches.

- Rescan and you should see the desired patch scan results.

Affected Product(s)

Shavlik Protect 9.x

Symptoms

You receive a popup error when attempting to upgrade Shavlik Protect.

Error 2: The system cannot find the file specified.

Cause

This error is caused when the Protect installation in unable to locate the necessary data files within the data file directory of Shavlik Protect.  Customers who run Protect in an internet disconnected network have encountered this issue when the .CAB files were missing from the DataFiles folder. 

The log snippet below indicates the upgrade is attempting to extract the Protect.manifest.xml from the Protect.manifest.cab file, but the .CAB is missing from the DataFiles folder.

CabExtracter.cpp:69 Extracting Protect.manifest.xml to C:\Users\admin\AppData\Local\Temp\9620bc4e13834427baea0160a8385aa5

CabExtracter.cpp:53 Extracted C:\Users\admin\AppData\Local\Temp\9620bc4e13834427baea0160a8385aa5 from C:\Users\admin\AppData\Local\Temp\8fb7863b36e14909bc2bc0a72e439cf1

PatchInstaller.cpp:486 class STWin32::CWin32Exception at File.cpp:43: Error 2: The system cannot find the file specified.

Resolution

The resolution is to ensure that all necessary data files are extracted to theC:\ProgramData\LANDesk\Shavlik Protect\Console\DataFiles folder. Links for all needed data files for the corresponding product version and instructions for manually downloading these files can be found in this link:

How To: Manually updating patch data files for Shavlik Protect

The alternative workaround would be to install the previous version of Protect, download the full install of Shavlik Protect and point it to the previous database. Since this install includes the data files the error should not be encountered.

Additional Information

Although this error shows up in a dialog box with "Protect 7.5 Patch" this has nothing to do with a partial installation/a previous version.

Affected Product(s)

Shavlik Protect 9.x

Has anybody created a report that would list all the EOL products and what machines they are installed on, and if so would you be willing to share your query with me?  I am both time- and SQL- challenged.  Thanks so much!

Purpose

How to schedule the automatic synchronization of Patch Definitions, Patch install files, and Threat engines and definitions to a Distribution Server

Steps for Completion

Highlight the target Distribution Server in the Distribution Server pane.  In the drop down box above the pane select what kind of files that need to be synced  and click  "Add scheduled sync:" A dialog box with scheduling information should appear.  After selecting Save, the scheduled sync should appear in the scheduler automatic synchronization pane with the type of files being synchronized.   If you select "All engines, definitions, and patch downloads", there will be a separate entry created in the middle "Scheduled automatic synchronization" pane for each relevant component.

If you want to force a synchronization  select one or more scheduled synchronization entries in the Scheduled automatic synchronization pane and click Run now

       Note: To synchronize all data, all three synchronization tasks must be selcted. This will immediately copy all appropriate files from the console to the specified distribution server(s).

The scheduled Synchronization process runs in the background of Protect. You may check the status by viewing the event history atView > Event History.

Affected Product(s)

Shavlik Protect 9.X

I have a disconnected system that was rebuilt by a different administrator.   I reinstalled Shavlik Protect and am now trying to start the patching process again.  I am getting failing signature check errors on the patches.   I researched and have found I need MSRC-002.   I followed the link on previous articles to download, but am getting Page Not Found from Microsoft.

Anywhere else I can get it?

Purpose

The purpose of this document is to outline the process for installing an agent using passphrase authentication. Enabling this will require users installing an agent to specify a matching passphrase during the manual agent installation process.

Symptoms

Passphrase authentication is best used when individuals without administrative credentials will be manually installing agents. For example, in large organizations it may not be feasible for one administrator to manually install agents on hundreds of different machines. Specifying a passphrase allows individuals to install agents on their own machines without the need for console credentials.

Resolution

1. To enable the passphrase you must navigate to Tools>Options within the Console.

2. Within the 'Options' window navigate to the 'Agent' tab and check the box to 'Enable passphrase in manual Agent installations' and enter a passphrase that will be used for manual agent installations. The passphrase can be any number of words or characters and is case-sensitive.

3. Once the passphrase has been set. You may launch the STPlatformUpdater.exe on the agent machine. Upon launch the agent installer will ask how you would like to register the agent. Please select the option 'I have a direct connection to the Console'.

4. Within the next screen of the installation, please input your Console name, port and select the 'Shared Passphrase' authentication type and select the 'Get Policy List' button and choose the agent policy you wish to assign. Then select 'Register'

5. Registration should be successful and your agent should now be active on the machine.

Additional Information

Methods to install a Shavlik Protect Agent

Affected Product(s)

Shavlik Protect 9.x

Purpose

This document explains the difference between Shavlik Protect Server and Workstation License types and their usage.

Explanation

Shavlik splits the seats between Workstation and Server class operating systems. Server Operating System seats can be used for Machines running both  Windows Server operating systems and Workstation operating systems.  Workstation Operating System seats can only be used for machines running a Workstation OS.  Examples of Windows Server Operating systems Windows Server 2003, Windows Server 2008, and Windows Server 2012.  Examples of Windows Workstation Operating Systems are Windows 7 and Windows 8.X

Affected Product(s)

Shavlik Protect 9.X

We would like to have a report similar to the Executive Summary report however we only want to report on patches and not service packs. We have patch groups and patch scan templates that contain the patches we need and we run the scan against them, but we still see all the missing service packs on all of our scan results and reports. I don't see any option to exclude them. Any suggestions?

Purpose

Many of the common Shavlik Protect scan errors can be corrected by changes to configuration or environment. This article lists the most common scan error messages and provides some guidance on correcting the issue.

Cause

Scan errors can occur:

• If one or more of the Shavlik Protect Scanning Prerequisites have not been met 
• If one or more configuration issues are present in Shavlik Protect 
• Due to one or more environmental issues

Resolution

Affected Product(s)

Shavlik Protect, All Versions

Purpose

This document explains the causes of the "Maximum number of machines allowed by license exceeded" error and how issues related to the error can be resolved

Symptoms

The following errors occur during a deployment attempt when Shavlik Protect detects that a deployment license seat is not available for a target server:

You may see the following messages:

• You've exceeded the number of deployment seats (XXX) permitted by your license.
• Your license does not support deployment of this patch.  Deployment licenses exceeded
• Maximum number of machines allowed by license exceeded. Contact your sales representative to extend your license. Error Code 297

Cause

• The number of machines receiving deployments in the last 45 days has exceeded the number of license seats purchased.  Please refer to the documentHow to: Managing License seat usage with Shavlik Protect
• There are instances when license exceeded errors occur and the Licensed Capabilities underHelp > About Shavlik Protect still show that seats are available. The usual cause of this scenario is that a deployment to a Server Operating System machine is being attempted when the Server License count has been exceeded and only workstation licenses are available. In very rare instances, the license count in the Shavlik Protect database is incorrect and intervention from Shavlik support is required.

Resolution

• If additional licenses need to be purchased, contact sales at 1-800-690-6911 option 2
• If a machine has been retired or renamed within 45 days of the last patch deployment, contact support support at 1-800-690-6911 Option 3 to discuss options.
• If server licenses are available and the license exceeded message is still being received, contact support at 1-800-690-6911 Option 3 to troubleshoot.

Affected Product(s)

Protect 9.X

Purpose

In some environments, there may be multiple administrators tasked with overseeing patch management. When using multiple administrators with Protect- understanding how this works and the best practices for such a configuration can help this process run more smoothly. This document explains how Protect handles multiple administrators and shares some best practices for using Protect with multiple admins.

Description

How Shavlik Protect Manages Multiple Administrators

Shavlik Protect contains a number of built-in checks to guard against simultaneous and conflicting commands from different administrators. For example:

• The program will not allow duplicate group names or template names
• The program will not allow simultaneous updates to any groups, templates, distribution servers, or agent policies by different administrators. If this situation should occur the second administrator will receive a warning message similar to the following:

• Only one console will be authorized to use the Database Maintenance tool. If an administrator at another console wants to perform maintenance on the database, that administrator must take ownership of that task before the program will allow the administrator to continue.
  • Note: The 'Take Ownership' button is only displayed if you have two or more consoles that share one database. If your organization uses multiple Shavlik Protect consoles that share the same database, only one console will be authorized to use the Database Maintenance tool. If an administrator at another console wants to perform maintenance on the database, that administrator must take ownership of the task before the program will allow the administrator to continue. Any existing maintenance tasks will be allowed to complete before ownership is transferred to another administrator.

Best Practices When Using Multiple Administrators

Recommendations

• You should upgrade your hardware platform by increasing the number of processors and the amount of installed memory on the console machine. This will increase performance in those instances when two or more administrators are logged on at the same time and performing tasks.
  • Minimum suggested hardware requirements for two administrators: 2 processor cores and 4 GB RAM
  • For a high performance system, use 16 processor cores and 32 GB RAM
  • For each additional administrator, add 1 processor core and 1 GB RAM
• When two administrators log on to the same console they must use different accounts. The same account can be used only when logging on to different consoles.
• If you edit a group that is typically used by another administrator you should notify that person about the change.
• Each administrator should create their own credentials and assign them to machines.
• Each administrator should define default credentials that are the same as their logon credentials. This will eliminate problems that may occur if the administrator forgets to assign machine credentials.

Potential Issues When Using Multiple Administrators

Usage Issues

You must take a few common sense precautions when using multiple administrators.  Even though Shavlik Protect contains a number of built-in safety checks, it cannot guard against all possibilities. The program may act in unpredictable ways if the following occur:

•   If two administrators try to scan the same machine group or ESXi Hypervisor at the same time.

The machines will be scanned twice, causing potential performance issues. In addition, there may be administrative rights errors due to the multiple connections.

•   If two or more administrators try to deploy patches or bulletins to the same machine at the same time.

The most likely result is that one deployment task will succeed and the other will fail. But because the deployment that succeeds will likely perform a restart of the target machines, the machines may be in an unknown state when the other deployment fails.

Credential Issue

When you create credentials and assign them to machines, those credentials belong to your administrator account. If a different administrator (Administrator B) logs on and uses Shavlik Protect, they will not have access to the machine credentials you provided. The second administrator must provide their own machine credentials.One of the ways this can be confusing is if Administrator B fails to provide their own machine credentials and tries to schedule a patch deployment from a scan that was performed by Administrator A. The deployment can be successfully scheduled if default credentials are available, but the actual patch deployment will likely fail because the patch deployment requires machine credentials -- credentials that were provided by Administrator A but that are not available to Administrator B.Recommendations:

• Each administrator should create their own credentials and assign them to machines
• Each administrator should define default credentials that are the same as their logon credentials. This will eliminate some of the problems that may occur if the administrator forgets to assign machine credentials.

Virtual Inventory Consideration

Unlike machine groups (which can be viewed by all administrators), vCenter Servers and ESXi Hypervisors can only be viewed by the administrator that added them to Shavlik Protect. If two different administrators want to manage the same vCenter Server or ESXi Hypervisors, both administrators must add the item to the Virtual Inventory list.

Additional Information

How Credentials work in Protect

Affected Products

Shavlik Protect 9.x

Resolution

You have the ability to 'throttle' down the deployment speed through the use of the 'Copy Speed' setting in the Patch Deployment Template.

At full speed (6), the patch copy process is performed similar to a network copy, limited only by the network bandwidth. At lower speeds, a certain number of packets are pushed, then a delay is introduced, then more packets are pushed, then another delay. The more you throttle back the copy speed, the fewer packets get pushed, and the longer the delay in between each push.

Each increment is about 20 milliseconds of delay, it goes from 1 to 6 so the max would be a 1/10 second delay

Additional Information

More information on Deployment Template can be found in the help files.

Affected Product(s)

Shavlik Protect 9.x

Symptoms

Recurring Scheduled Tasks are failing after password for the user specified in  "User to run as" was changed in Active Directory.

The "User to run as" field is found in Job Properties under Manage>Scheduled Tasks

The Scheduled Tasks log tab shows a status 1326 when the task was last attempted.

The ST.Activation.managed.SYSTEM@NT AUTHORITY log shows the following error:

"Failed to check access to 'xxx.x.x.x', error: 1326".

System error code 1326 signifies "Logon failure: The user name or password is incorrect."    This error code may also display as "ERROR_LOGON_FAILURE" or as the value 0x52E.

Cause

In the Properties of a Recurring Scheduled Task, the value in the "User to run as" field and its accompanying password are static and cannot be changed. When the permissions on the target are changed, the recurring task is unusable to scan and deploy the changed target.

Resolution

New recurring tasks must be created for target machines that are affected by jobs that use outdated credentials.

Additional Information

When a password is changed for a user in Active Directory, the change also must be made under the credential for that user under Manage>Credentials.  The user name in the "User to run as" field  is obtained from the credential information in the Machine Group used to initially schedule the task.

Affected Product(s)

Protect 9.X