Issue:
- When running a repair job, an error stating: "Node's reported device ID is not in the database" in the scheduled task window.
- 406 Errors may appear in the IIS W3SVC log
- Error "The core (servername) received the vulnerability info but was unable to process it!" may appear in the Vulscan log
This is caused by a device ID problem when checking the ID of that agent against the database/core. This can be because of a DB record problem, or it can be caused by a problem in ASP/IIS on the core.
Inventory Related Troubleshooting
- Setup a scheduled task to run an inventory scan on the machines with /F /SYNC to repopulate the data to the core. This can be done by modifying the inventory scanner script found in manage scripts, adding the /f /sync to the script. Replace the variable %server% with the core server name.
Example:
REMEXEC1=%LDMS_CLIENT_DIR%\LDISCN32.EXE /NTT=%server%:5007 /S="%server%" /I=HTTP://%server%/ldlogon/ldappl3.ldz /NOUI /NOCD /F /SYNC
2. After successfully retrieving an inventory scan, re-run the original repair job.
Make sure that the client is pointing to the correct core server.
Check for the core server in the registry:
HKLM\Software\Intel\LANDesk\LDWM\Core Server
Also check the Inventory scanner shortcut.
Can the client resolve the core servers name? Look in the above registry key for the core server name, and then try pinging that name from the client.
IIS Related Troubleshooting
- Is IIS Running? Restart IIS. Sometimes this will cause the process to start working.
- In IIS Manager go to Web Service Extensions and ensure that .NET 2.0 is allowed. Run IIS Reset from a Run prompt.
- Ensure that the IUSR account has the proper rights. If the IUSR account is in the Guest group, ensure that the Guest group is not disabled.
Try to browse to http://coreserver/wsvulnerabilitycore/vulcore.asmx. If the client cannot reach this page:
- Click start, choose Programs, Administrative Tools, and IIS manager
- Expand Application pools
- Right click LDAppVulnerability and choose properties
- Choose the Identity tab
- Select predefined and Local System from the drop down list
- Reset IIS
- Test Vulscan, Inventory, and a Scheduled task
Re-Register ASP.NET
- Run cmd.exe fom the start-->run on the pc.
- Change into the C:\Windows\Microsoft.Net\Framework\v2.0.50727 folde
- Run aspnet_regiis -i (this will reinstall .NET 2.0)
- Run IISRESET.
Review IIS Virtual Directory and File permissions
http://community.landesk.com/support/docs/DOC-2587
In particular the permissions for IncomingData and VulscanResults are important.
Defaults for IncomingData: (R = Read, X = Write)
Defaults for VulscanResults: (R = Read, X = Write)
Restore IIS settings from backup if available.
If the IIS settings were from before the last applied service pack, reapply the last service pack.
COM+ Objects
Ensure that the COM+ objects have the correct identity set.
- Specify credentials for the LANDesk COM+ objects by clicking on Start, going to Administrative Tools, choose Component Services, click the plus sign next to Component Services, click the plus sign next to Computers, click the plus sign next to My Computer, COM+ Applications, right click on LANDesk (you will also perform this task on LANDesk1), click on the Advanced Tab, place the Radial button in “Leave running when idle”, click on the Identity tab, specify a Domain Administrator and password in this user. (This will replace LANDeskComPlus, the new username must be in the domain\username format.)
- Restart the Core Server. (This must be done because of caching done by IIS, for more information see Microsoft KB Article