Manual scans work, scheduled scans fail: Scheduler Credential

Version 3

    Purpose

     

    This document will explain possible causes of scheduled scans failing to run.

     

    Symptoms

     

    Scheduled jobs are failing to run. When running a scan immediately by "Run now" it is working. Only scheduled jobs are impacted.

     

    Cause

     

    When scheduling a scan, Protect requires a "Scheduler Credential". This credential is under Manage > Scheduled Console Tasks.

    The scan uses the credentials associated to Scheduler Credential, not your currently logged on user or default credential.

     

     

    This credential will be used to start the scan. As such, it must be a local Administrator, and it must be allowed to run scans under User Role Assignment.

    This credential needs to be set while logged in as the user specified.

     

    Resolution

     

    1) Look in Manage > Scheduled Console Tasks and determine which account is the scheduled jobs are being scheduled as

    2) Log into the Protect server with those credentials.

    3) Go to Manage > Credentials and recreate the credentials be set in the Machine Group (click option to share).

    4) Log into Protect with the account you normally log in with.

    5) Open the Machine Group and set the new credentials.

    6) Scan without scheduling to make sure it works.

    7) Schedule a scan for 10 minutes into the future to test.

     

    Example: If the credential is domain\user1, then domain\user1 needs to log in to the Protect server, open the console, create the credentials, and assign them.

     

    Additional Information

     

    The reason for this is the credentials set in Manage > Scheduled Console Tasks are used to decrypt the credentials used to scan the machines. So all them need to be created using that account.

     

    Possible entry in the logs:

    2016-07-27T09:58:19.5043404Z 02a4 W NetworkLogon.cpp:117 Failed to check administrative access to 'xx.xxx.xx.xx', attempt 1, error: 5.

     

    You can check the Scheduled Scan entries in View > Event History for additional errors as well. Make sure to set the "Limit results to previous (days)" section to the proper amount of days.

     

    Affected Product(s)

     

    Shavlik Protect 9.2

    Ivanti Patch for Windows Server 9.3