IT Management Suite

Hello,

We would like to install the Altiris Agent using "Scheduled Push to Computers" but we need to use a domain admin account. Is there a way to use different credentials as we do in the "Roll out Agent to Computers" section? 

I have reviewed this document from Broadcom, but it's unclear to me which credential it actually uses.

Thank you.

Good morning Carl Fortin!

Here is discussion about what account can be used for "Symantec Management Agent" push install on Windows computers.
https://community.broadcom.com/symantecenterprise/discussion/failed-to-logon-using-the-admin-account-access-to-the-network-resource-was-denied-getting-this-error-what-rights-do-we-use-while-using-an-account-as-seen-an-article-which-says-use-an-account-with-the-proper-rights-in-that-domain#bm93dd140b-2448-45ac-b9d6-5be7d496ccaf

For scheduled push install, you can open "Default Settings" and specify there required credentials.
Specify local administrative account which is available on each targeted windows computer, or use separate administrative domain account instead of current "NS App Identity" domain account.

Best regards,
IP.

Hello,

We would like to install the Altiris Agent using "Scheduled Push to Computers" but we need to use a domain admin account. Is there a way to use different credentials as we do in the "Roll out Agent to Computers" section? 

I have reviewed this document from Broadcom, but it's unclear to me which credential it actually uses.

Thank you.

Thank you so much! It's working perfectly on the server with the latest version. However, we've encountered an issue with our other server, which is running an older version; strangely, it doesn't seem to make any attempt to push the agent.

Good morning Carl Fortin!

Here is discussion about what account can be used for "Symantec Management Agent" push install on Windows computers.
https://community.broadcom.com/symantecenterprise/discussion/failed-to-logon-using-the-admin-account-access-to-the-network-resource-was-denied-getting-this-error-what-rights-do-we-use-while-using-an-account-as-seen-an-article-which-says-use-an-account-with-the-proper-rights-in-that-domain#bm93dd140b-2448-45ac-b9d6-5be7d496ccaf

For scheduled push install, you can open "Default Settings" and specify there required credentials.
Specify local administrative account which is available on each targeted windows computer, or use separate administrative domain account instead of current "NS App Identity" domain account.

Best regards,
IP.

Hello,

We would like to install the Altiris Agent using "Scheduled Push to Computers" but we need to use a domain admin account. Is there a way to use different credentials as we do in the "Roll out Agent to Computers" section? 

I have reviewed this document from Broadcom, but it's unclear to me which credential it actually uses.

Thank you.

Make sure that you specified correct schedule.
Also you can find this schedule in "Task Scheduler" on ITMS server and try to run it manually and then check Altiris Log Viewer to see if push install started, etc.

Thank you so much! It's working perfectly on the server with the latest version. However, we've encountered an issue with our other server, which is running an older version; strangely, it doesn't seem to make any attempt to push the agent.

Good morning Carl Fortin!

Here is discussion about what account can be used for "Symantec Management Agent" push install on Windows computers.
https://community.broadcom.com/symantecenterprise/discussion/failed-to-logon-using-the-admin-account-access-to-the-network-resource-was-denied-getting-this-error-what-rights-do-we-use-while-using-an-account-as-seen-an-article-which-says-use-an-account-with-the-proper-rights-in-that-domain#bm93dd140b-2448-45ac-b9d6-5be7d496ccaf

For scheduled push install, you can open "Default Settings" and specify there required credentials.
Specify local administrative account which is available on each targeted windows computer, or use separate administrative domain account instead of current "NS App Identity" domain account.

Best regards,
IP.

Hello,

We would like to install the Altiris Agent using "Scheduled Push to Computers" but we need to use a domain admin account. Is there a way to use different credentials as we do in the "Roll out Agent to Computers" section? 

I have reviewed this document from Broadcom, but it's unclear to me which credential it actually uses.

Thank you.

Make sure that you specified correct schedule.
Also you can find this schedule in "Task Scheduler" on ITMS server and try to run it manually and then check Altiris Log Viewer to see if push install started, etc.

Thank you so much! It's working perfectly on the server with the latest version. However, we've encountered an issue with our other server, which is running an older version; strangely, it doesn't seem to make any attempt to push the agent.

Good morning Carl Fortin!

Here is discussion about what account can be used for "Symantec Management Agent" push install on Windows computers.
https://community.broadcom.com/symantecenterprise/discussion/failed-to-logon-using-the-admin-account-access-to-the-network-resource-was-denied-getting-this-error-what-rights-do-we-use-while-using-an-account-as-seen-an-article-which-says-use-an-account-with-the-proper-rights-in-that-domain#bm93dd140b-2448-45ac-b9d6-5be7d496ccaf

For scheduled push install, you can open "Default Settings" and specify there required credentials.
Specify local administrative account which is available on each targeted windows computer, or use separate administrative domain account instead of current "NS App Identity" domain account.

Best regards,
IP.

Hello,

We would like to install the Altiris Agent using "Scheduled Push to Computers" but we need to use a domain admin account. Is there a way to use different credentials as we do in the "Roll out Agent to Computers" section? 

I have reviewed this document from Broadcom, but it's unclear to me which credential it actually uses.

Thank you.

One last question for you, if you don't mind.
I'm importing computers from AD and creating new resources by matching the computer name. The problem is that Altiris tries to communicate using the short name instead of the FQDN. What dataclass do I need to fill to make sure Altiris is using the FQDN?

Thanks!

Make sure that you specified correct schedule.
Also you can find this schedule in "Task Scheduler" on ITMS server and try to run it manually and then check Altiris Log Viewer to see if push install started, etc.

Thank you so much! It's working perfectly on the server with the latest version. However, we've encountered an issue with our other server, which is running an older version; strangely, it doesn't seem to make any attempt to push the agent.

Good morning Carl Fortin!

Here is discussion about what account can be used for "Symantec Management Agent" push install on Windows computers.
https://community.broadcom.com/symantecenterprise/discussion/failed-to-logon-using-the-admin-account-access-to-the-network-resource-was-denied-getting-this-error-what-rights-do-we-use-while-using-an-account-as-seen-an-article-which-says-use-an-account-with-the-proper-rights-in-that-domain#bm93dd140b-2448-45ac-b9d6-5be7d496ccaf

For scheduled push install, you can open "Default Settings" and specify there required credentials.
Specify local administrative account which is available on each targeted windows computer, or use separate administrative domain account instead of current "NS App Identity" domain account.

Best regards,
IP.

Hello,

We would like to install the Altiris Agent using "Scheduled Push to Computers" but we need to use a domain admin account. Is there a way to use different credentials as we do in the "Roll out Agent to Computers" section? 

I have reviewed this document from Broadcom, but it's unclear to me which credential it actually uses.

Thank you.

Hi Carl Fortin!

Required field is "Domain" in "AeX AC Identification" data class.

I hope that you do not change any values in "AeX AC Identification" sql table directly from SQL Management studio and use a "Data Connector" to modify existing data or populate new data in this sql table.

First need to create a data connector "CSV" data source rule
Example

Create "Resource Import Export Rule" to export all required computers without Agent installed

Now create another "Resource Import Export Rule" data connector rule to import same computers without Agent installed but with manually modified columns to change them for "AeX AC Identification" sql table

Best regards,
IP.

One last question for you, if you don't mind.
I'm importing computers from AD and creating new resources by matching the computer name. The problem is that Altiris tries to communicate using the short name instead of the FQDN. What dataclass do I need to fill to make sure Altiris is using the FQDN?

Thanks!

Make sure that you specified correct schedule.
Also you can find this schedule in "Task Scheduler" on ITMS server and try to run it manually and then check Altiris Log Viewer to see if push install started, etc.

Thank you so much! It's working perfectly on the server with the latest version. However, we've encountered an issue with our other server, which is running an older version; strangely, it doesn't seem to make any attempt to push the agent.

Good morning Carl Fortin!

Here is discussion about what account can be used for "Symantec Management Agent" push install on Windows computers.
https://community.broadcom.com/symantecenterprise/discussion/failed-to-logon-using-the-admin-account-access-to-the-network-resource-was-denied-getting-this-error-what-rights-do-we-use-while-using-an-account-as-seen-an-article-which-says-use-an-account-with-the-proper-rights-in-that-domain#bm93dd140b-2448-45ac-b9d6-5be7d496ccaf

For scheduled push install, you can open "Default Settings" and specify there required credentials.
Specify local administrative account which is available on each targeted windows computer, or use separate administrative domain account instead of current "NS App Identity" domain account.

Best regards,
IP.

Hello,

We would like to install the Altiris Agent using "Scheduled Push to Computers" but we need to use a domain admin account. Is there a way to use different credentials as we do in the "Roll out Agent to Computers" section? 

I have reviewed this document from Broadcom, but it's unclear to me which credential it actually uses.

Thank you.

I just want to clarify something about the column mappings for the export rule. What are the column names in your csv file? I do not have ResourceGuid or ResourceType in my csv. I only have the hostname, domain and some other information.

My csv looks like this:
AD Computer Name;OS;AD Domain
PC-01;Windows 10 Enterprise;Mydomain;

Hi Carl Fortin!

Required field is "Domain" in "AeX AC Identification" data class.

I hope that you do not change any values in "AeX AC Identification" sql table directly from SQL Management studio and use a "Data Connector" to modify existing data or populate new data in this sql table.

First need to create a data connector "CSV" data source rule
Example

Create "Resource Import Export Rule" to export all required computers without Agent installed

Now create another "Resource Import Export Rule" data connector rule to import same computers without Agent installed but with manually modified columns to change them for "AeX AC Identification" sql table

Best regards,
IP.

One last question for you, if you don't mind.
I'm importing computers from AD and creating new resources by matching the computer name. The problem is that Altiris tries to communicate using the short name instead of the FQDN. What dataclass do I need to fill to make sure Altiris is using the FQDN?

Thanks!

Make sure that you specified correct schedule.
Also you can find this schedule in "Task Scheduler" on ITMS server and try to run it manually and then check Altiris Log Viewer to see if push install started, etc.

Thank you so much! It's working perfectly on the server with the latest version. However, we've encountered an issue with our other server, which is running an older version; strangely, it doesn't seem to make any attempt to push the agent.

Good morning Carl Fortin!

Here is discussion about what account can be used for "Symantec Management Agent" push install on Windows computers.
https://community.broadcom.com/symantecenterprise/discussion/failed-to-logon-using-the-admin-account-access-to-the-network-resource-was-denied-getting-this-error-what-rights-do-we-use-while-using-an-account-as-seen-an-article-which-says-use-an-account-with-the-proper-rights-in-that-domain#bm93dd140b-2448-45ac-b9d6-5be7d496ccaf

For scheduled push install, you can open "Default Settings" and specify there required credentials.
Specify local administrative account which is available on each targeted windows computer, or use separate administrative domain account instead of current "NS App Identity" domain account.

Best regards,
IP.

Hello,

We would like to install the Altiris Agent using "Scheduled Push to Computers" but we need to use a domain admin account. Is there a way to use different credentials as we do in the "Roll out Agent to Computers" section? 

I have reviewed this document from Broadcom, but it's unclear to me which credential it actually uses.

Thank you.

Previously I described example of data connector usage, when user imported all required computers from AD using AD Import rule

therefore all my AD imported computers have own GUID and other information in "AeX AC Identification" sql table

For your case when you do not use AD Import rule to import computers and just use a csv file for first time computers import, you can try to use this "CSV" data source 

Create a "Resource Import Export Rule" data connector rule and specify there these fields (including Domain field with custom value)

Best regards,
IP.

Original Message:
Sent: Sep 15, 2023 08:36 AM
From: Carl Fortin
Subject: Scheduled Push to Computers with different credentials?

I just want to clarify something about the column mappings for the export rule. What are the column names in your csv file? I do not have ResourceGuid or ResourceType in my csv. I only have the hostname, domain and some other information.

My csv looks like this:
AD Computer Name;OS;AD Domain
PC-01;Windows 10 Enterprise;Mydomain;

Original Message:
Sent: Sep 15, 2023 02:38 AM
From: Igor Perevozchikov
Subject: Scheduled Push to Computers with different credentials?

Hi Carl Fortin!

Required field is "Domain" in "AeX AC Identification" data class.

I hope that you do not change any values in "AeX AC Identification" sql table directly from SQL Management studio and use a "Data Connector" to modify existing data or populate new data in this sql table.

First need to create a data connector "CSV" data source rule
Example

Create "Resource Import Export Rule" to export all required computers without Agent installed

Now create another "Resource Import Export Rule" data connector rule to import same computers without Agent installed but with manually modified columns to change them for "AeX AC Identification" sql table

Best regards,
IP.

Original Message:
Sent: Sep 14, 2023 03:03 PM
From: Carl Fortin
Subject: Scheduled Push to Computers with different credentials?

One last question for you, if you don't mind.
I'm importing computers from AD and creating new resources by matching the computer name. The problem is that Altiris tries to communicate using the short name instead of the FQDN. What dataclass do I need to fill to make sure Altiris is using the FQDN?

Thanks!

Original Message:
Sent: Sep 13, 2023 10:24 PM
From: Igor Perevozchikov
Subject: Scheduled Push to Computers with different credentials?

Make sure that you specified correct schedule.
Also you can find this schedule in "Task Scheduler" on ITMS server and try to run it manually and then check Altiris Log Viewer to see if push install started, etc.

Original Message:
Sent: Sep 13, 2023 02:33 PM
From: Carl Fortin
Subject: Scheduled Push to Computers with different credentials?

Thank you so much! It's working perfectly on the server with the latest version. However, we've encountered an issue with our other server, which is running an older version; strangely, it doesn't seem to make any attempt to push the agent.

Original Message:
Sent: Sep 13, 2023 03:18 AM
From: Igor Perevozchikov
Subject: Scheduled Push to Computers with different credentials?

Good morning Carl Fortin!

Here is discussion about what account can be used for "Symantec Management Agent" push install on Windows computers.
https://community.broadcom.com/symantecenterprise/discussion/failed-to-logon-using-the-admin-account-access-to-the-network-resource-was-denied-getting-this-error-what-rights-do-we-use-while-using-an-account-as-seen-an-article-which-says-use-an-account-with-the-proper-rights-in-that-domain#bm93dd140b-2448-45ac-b9d6-5be7d496ccaf

For scheduled push install, you can open "Default Settings" and specify there required credentials.
Specify local administrative account which is available on each targeted windows computer, or use separate administrative domain account instead of current "NS App Identity" domain account.

Best regards,
IP.

Original Message:
Sent: Sep 12, 2023 02:37 PM
From: Carl Fortin
Subject: Scheduled Push to Computers with different credentials?

Hello,

We would like to install the Altiris Agent using "Scheduled Push to Computers" but we need to use a domain admin account. Is there a way to use different credentials as we do in the "Roll out Agent to Computers" section? 

I have reviewed this document from Broadcom, but it's unclear to me which credential it actually uses.

Thank you.

Previously I described example of data connector usage, when user imported all required computers from AD using AD Import rule

therefore all my AD imported computers have own GUID and other information in "AeX AC Identification" sql table

For your case when you do not use AD Import rule to import computers and just use a csv file for first time computers import, you can try to use this "CSV" data source 

Create a "Resource Import Export Rule" data connector rule and specify there these fields (including Domain field with custom value)

Best regards,
IP.

I just want to clarify something about the column mappings for the export rule. What are the column names in your csv file? I do not have ResourceGuid or ResourceType in my csv. I only have the hostname, domain and some other information.

My csv looks like this:
AD Computer Name;OS;AD Domain
PC-01;Windows 10 Enterprise;Mydomain;

Hi Carl Fortin!

Required field is "Domain" in "AeX AC Identification" data class.

I hope that you do not change any values in "AeX AC Identification" sql table directly from SQL Management studio and use a "Data Connector" to modify existing data or populate new data in this sql table.

First need to create a data connector "CSV" data source rule
Example

Create "Resource Import Export Rule" to export all required computers without Agent installed

Now create another "Resource Import Export Rule" data connector rule to import same computers without Agent installed but with manually modified columns to change them for "AeX AC Identification" sql table

Best regards,
IP.

One last question for you, if you don't mind.
I'm importing computers from AD and creating new resources by matching the computer name. The problem is that Altiris tries to communicate using the short name instead of the FQDN. What dataclass do I need to fill to make sure Altiris is using the FQDN?

Thanks!

Make sure that you specified correct schedule.
Also you can find this schedule in "Task Scheduler" on ITMS server and try to run it manually and then check Altiris Log Viewer to see if push install started, etc.

Thank you so much! It's working perfectly on the server with the latest version. However, we've encountered an issue with our other server, which is running an older version; strangely, it doesn't seem to make any attempt to push the agent.

Good morning Carl Fortin!

Here is discussion about what account can be used for "Symantec Management Agent" push install on Windows computers.
https://community.broadcom.com/symantecenterprise/discussion/failed-to-logon-using-the-admin-account-access-to-the-network-resource-was-denied-getting-this-error-what-rights-do-we-use-while-using-an-account-as-seen-an-article-which-says-use-an-account-with-the-proper-rights-in-that-domain#bm93dd140b-2448-45ac-b9d6-5be7d496ccaf

For scheduled push install, you can open "Default Settings" and specify there required credentials.
Specify local administrative account which is available on each targeted windows computer, or use separate administrative domain account instead of current "NS App Identity" domain account.

Best regards,
IP.

Hello,

We would like to install the Altiris Agent using "Scheduled Push to Computers" but we need to use a domain admin account. Is there a way to use different credentials as we do in the "Roll out Agent to Computers" section? 

I have reviewed this document from Broadcom, but it's unclear to me which credential it actually uses.

Thank you.

I was finally able to install the agent by setting AgentPushPreferFqdn to 1 in the core settings and mapping FQDN in AeX AC Identification in the import data.However, I'm still having problems with Altiris creating another resource.

Previously I described example of data connector usage, when user imported all required computers from AD using AD Import rule

therefore all my AD imported computers have own GUID and other information in "AeX AC Identification" sql table

For your case when you do not use AD Import rule to import computers and just use a csv file for first time computers import, you can try to use this "CSV" data source 

Create a "Resource Import Export Rule" data connector rule and specify there these fields (including Domain field with custom value)

Best regards,
IP.

I just want to clarify something about the column mappings for the export rule. What are the column names in your csv file? I do not have ResourceGuid or ResourceType in my csv. I only have the hostname, domain and some other information.

My csv looks like this:
AD Computer Name;OS;AD Domain
PC-01;Windows 10 Enterprise;Mydomain;

Hi Carl Fortin!

Required field is "Domain" in "AeX AC Identification" data class.

I hope that you do not change any values in "AeX AC Identification" sql table directly from SQL Management studio and use a "Data Connector" to modify existing data or populate new data in this sql table.

First need to create a data connector "CSV" data source rule
Example

Create "Resource Import Export Rule" to export all required computers without Agent installed

Now create another "Resource Import Export Rule" data connector rule to import same computers without Agent installed but with manually modified columns to change them for "AeX AC Identification" sql table

Best regards,
IP.

One last question for you, if you don't mind.
I'm importing computers from AD and creating new resources by matching the computer name. The problem is that Altiris tries to communicate using the short name instead of the FQDN. What dataclass do I need to fill to make sure Altiris is using the FQDN?

Thanks!

Make sure that you specified correct schedule.
Also you can find this schedule in "Task Scheduler" on ITMS server and try to run it manually and then check Altiris Log Viewer to see if push install started, etc.

Thank you so much! It's working perfectly on the server with the latest version. However, we've encountered an issue with our other server, which is running an older version; strangely, it doesn't seem to make any attempt to push the agent.

Good morning Carl Fortin!

Here is discussion about what account can be used for "Symantec Management Agent" push install on Windows computers.
https://community.broadcom.com/symantecenterprise/discussion/failed-to-logon-using-the-admin-account-access-to-the-network-resource-was-denied-getting-this-error-what-rights-do-we-use-while-using-an-account-as-seen-an-article-which-says-use-an-account-with-the-proper-rights-in-that-domain#bm93dd140b-2448-45ac-b9d6-5be7d496ccaf

For scheduled push install, you can open "Default Settings" and specify there required credentials.
Specify local administrative account which is available on each targeted windows computer, or use separate administrative domain account instead of current "NS App Identity" domain account.

Best regards,
IP.

Hello,

We would like to install the Altiris Agent using "Scheduled Push to Computers" but we need to use a domain admin account. Is there a way to use different credentials as we do in the "Roll out Agent to Computers" section? 

I have reviewed this document from Broadcom, but it's unclear to me which credential it actually uses.

Thank you.

Here are KB articles about how it generates GUID for resource and when it will merge resources:

https://knowledge.broadcom.com/external/article?articleId=178416
https://knowledge.broadcom.com/external/article/180774/about-merging-process-altiris-agent-reso.html

Seems like manually modifying FQDN, domain name doesn't match to what NS discovers for appropriate computers when trying to resolve them by hostname in network, etc.

Better to open a support ticket to investigate all NS logs, all steps that are done and find correct way to avoid duplicate resources creation in database.

Best regards,
IP.

I was finally able to install the agent by setting AgentPushPreferFqdn to 1 in the core settings and mapping FQDN in AeX AC Identification in the import data.However, I'm still having problems with Altiris creating another resource.

Previously I described example of data connector usage, when user imported all required computers from AD using AD Import rule

therefore all my AD imported computers have own GUID and other information in "AeX AC Identification" sql table

For your case when you do not use AD Import rule to import computers and just use a csv file for first time computers import, you can try to use this "CSV" data source 

Create a "Resource Import Export Rule" data connector rule and specify there these fields (including Domain field with custom value)

Best regards,
IP.

I just want to clarify something about the column mappings for the export rule. What are the column names in your csv file? I do not have ResourceGuid or ResourceType in my csv. I only have the hostname, domain and some other information.

My csv looks like this:
AD Computer Name;OS;AD Domain
PC-01;Windows 10 Enterprise;Mydomain;

Hi Carl Fortin!

Required field is "Domain" in "AeX AC Identification" data class.

I hope that you do not change any values in "AeX AC Identification" sql table directly from SQL Management studio and use a "Data Connector" to modify existing data or populate new data in this sql table.

First need to create a data connector "CSV" data source rule
Example

Create "Resource Import Export Rule" to export all required computers without Agent installed

Now create another "Resource Import Export Rule" data connector rule to import same computers without Agent installed but with manually modified columns to change them for "AeX AC Identification" sql table

Best regards,
IP.

One last question for you, if you don't mind.
I'm importing computers from AD and creating new resources by matching the computer name. The problem is that Altiris tries to communicate using the short name instead of the FQDN. What dataclass do I need to fill to make sure Altiris is using the FQDN?

Thanks!

Make sure that you specified correct schedule.
Also you can find this schedule in "Task Scheduler" on ITMS server and try to run it manually and then check Altiris Log Viewer to see if push install started, etc.

Thank you so much! It's working perfectly on the server with the latest version. However, we've encountered an issue with our other server, which is running an older version; strangely, it doesn't seem to make any attempt to push the agent.

Good morning Carl Fortin!

Here is discussion about what account can be used for "Symantec Management Agent" push install on Windows computers.
https://community.broadcom.com/symantecenterprise/discussion/failed-to-logon-using-the-admin-account-access-to-the-network-resource-was-denied-getting-this-error-what-rights-do-we-use-while-using-an-account-as-seen-an-article-which-says-use-an-account-with-the-proper-rights-in-that-domain#bm93dd140b-2448-45ac-b9d6-5be7d496ccaf

For scheduled push install, you can open "Default Settings" and specify there required credentials.
Specify local administrative account which is available on each targeted windows computer, or use separate administrative domain account instead of current "NS App Identity" domain account.

Best regards,
IP.

Hello,

We would like to install the Altiris Agent using "Scheduled Push to Computers" but we need to use a domain admin account. Is there a way to use different credentials as we do in the "Roll out Agent to Computers" section? 

I have reviewed this document from Broadcom, but it's unclear to me which credential it actually uses.

Thank you.