Manual scans work, scheduled scans fail: Scheduler Credential

Version 5

    Purpose

     

    This document will explain why and how to fix scheduled scans that fail to run, but manual scans do work.

     

    Symptoms

     

    Scanning a machine runs immediately but when scheduling the tasks are failing to run.

     

    Causes

     

    1) When scheduling a scan, Protect requires a "Scheduler Credential". This credential is set under Manage > Scheduled Console Tasks.

     

    2) The credential being used does not have Local System Admin rights and permissions. It must be a local Administrator, and it must be allowed to run scans under User Role Assignment.

     

     

    Resolution

     

    1) Look in Manage > Scheduled Console Tasks and determine which account is the scheduled jobs are being scheduled as

    2) Log into the Protect server with those credentials.

    3) Go to Manage > Credentials and recreate the credentials be set in the Machine Group (click option to share).

    4) Log into Protect with the account you normally log in with.

    5) Open the Machine Group and set the new credentials.

    6) Scan without scheduling to make sure it works.

    7) Schedule a scan for 5 minutes into the future to test.

     

    Example: If the credential is domain\user1, then domain\user1 needs to log in to the Protect server, open the console, create the credentials, and assign them.

     

    It is best practice to use the currently logged on users credential as the scheduler credential, as it should always have the needed permissions to run.

     

    Additional Information

     

    This document also pertains to scheduling the staging process.

    This credential is used to place the scheduled task on Windows Task Scheduler and not used to login to the target machine.

    Scheduled tasks are created and will be viewable in Windows Task Scheduler.

     

    Affected Products

     

    Ivanti Patch for Windows Server 9.3