This document is intended to assist in the troubleshooting of the Policy Sync (PolicySync.exe) process on the LANDESK Agent. Policy Sync is the primary method used to deploy both Software Distribution tasks and Patch Manager tasks to client machines. PolicySync.exe communicates with the Core server via HTTP (port 80), and is responsible for pulling down policy tasks that are targeted to the client machine. Also, PolicySync.exe is responsible for running recurring policy tasks on the client machines.
Some symptoms of a failed policy sync could include, but are not limited to:
- Tasks in the console are hung with a status of "Client has initiated asynchronous policy execution."
- When refreshing Workspace or Portal Manager new packages and links do not appear.
- Core server can contact clients, but the client never executes the task.
Reading the PolicySync.exe.log
- Successful Policy Sync Log examples
- A successful attempt initiated by a Push Task:
07/13/2015 15:23:48 INFO 3844:1 RollingLog : Run PolicySync.exe -taskid=1
07/13/2015 15:23:48 INFO 3844:1 RollingLog : Request: Request policies
07/13/2015 15:23:49 INFO 3844:1 RollingLog : Request: GetWebResponse ok
07/13/2015 15:23:49 INFO 3844:1 RollingLog : Request: Has 1 targeted policies
07/13/2015 15:23:49 INFO 3844:1 RollingLog : HandleRunNow: has 1 run now policies
07/13/2015 15:23:49 INFO 3844:1 RollingLog : Exit PolicySync.exe with code 0
07/13/2015 15:23:49 INFO 3804:1 RollingLog : Run PolicySync.exe /enforce
07/13/2015 15:23:49 INFO 3804:1 RollingLog : EnforcePolicies: check and run RunNow and Reoccurring policies
07/13/2015 15:24:11 INFO 3804:1 RollingLog : Exit PolicySync.exe with code 0
- A successful attempt for a normally scheduled Policy Sync:
07/13/2015 16:43:15 INFO 2424:1 RollingLog : Run PolicySync.exe
07/13/2015 16:43:15 INFO 2424:4 RollingLog : LoadLocalPolicyInfo: load local machine
07/13/2015 16:43:15 INFO 2424:4 RollingLog : LoadLocalPolicyInfo: load user
07/13/2015 16:43:15 INFO 2424:3 RollingLog : Request: Request policies
07/13/2015 16:43:19 INFO 2424:3 RollingLog : Request: GetWebResponse ok
07/13/2015 16:43:19 INFO 2424:3 RollingLog : Request: Has 2 targeted policies
07/13/2015 16:43:19 INFO 2424:1 RollingLog : RunPolicySync: ProcessRequestedPolicies
07/13/2015 16:43:19 INFO 2424:1 RollingLog : LoadLocalPolicyInfo: load local machine
07/13/2015 16:43:19 INFO 2424:1 RollingLog : LoadLocalPolicyInfo: load user
07/13/2015 16:43:19 INFO 2424:1 RollingLog : HandleRunNow: has 1 run now policies
07/13/2015 16:43:19 INFO 2424:1 RollingLog : Exit PolicySync.exe with code 0
07/13/2015 16:43:20 INFO 2836:1 RollingLog : Run PolicySync.exe /enforce
07/13/2015 16:43:20 INFO 2836:1 RollingLog : EnforcePolicies: check and run RunNow and Reoccurring policies
07/13/2015 16:43:46 INFO 2836:1 RollingLog : Exit PolicySync.exe with code 0
Some common solutions are listed below. You can find the one that fits your scenario and follow the steps to try resolving the issue.
Is the problem on the Client or is it on the Core?
The easiest way to determine this is to try running a Policy Sync on multiple clients and see if you get the same error on each client.
- If only one client is receiving the error it is likely that the problem is localized to that one client machine.
- If the error is present on all clients when running a Policy Sync the problem is likely to be on the core, or in the connection between the clients and core.
Did the policies download correctly?
If you look on the client machine at C:\Programdata\LANDesk\Policies you should see policy XML and STAT files.
If those files are not present, the policy likely did not download correctly. Only the .xml file is downloaded, the .stat file is dynamically created and updated by policysync.exe.
Common errors in the C:\ProgramData\LANDesk\Log\PolicySync.exe.log file:
- "GetWebResponse failed" or a "(503) Server Unavailable" message appear in PolicySync.exe.log
- Check that IIS is running on the core.
- Make sure that the LDAppAPM application pool is running on the Core.
- Attempt to connect to http://localhost:9592/apmservice/policyrequest.asmx using a browser on the client machine.
- Adding port 9592 will force the request through LANDESK's proxyhost.exe application using the client's loopback address. The results of this activity will be written to the proxyhost.log file.
- Restart IIS.
- "WriteNewPolicies.DownloadPolicyFile: exception-The remote server returned and error: (404) Not Found."
- This indicates the Policy XML file that should be located on the core at \Program Files\LANDESK\ManagementSuite\landesk\files\ClientPolicies is not present.
- Restart the associated task.
- Check Console.exe.log to see if there was an error when saving the task.
- Review How to troubleshoot Software Distribution Tasks - Core Side
- Request: Signature Verification Failed
- Update COM+ objects on the core with a correct Domain User account.
- Restart COM+.
- More information about this error can be found here:
Error: "Signature Verification Failed" from PolicySync.exe