This post is a list of common agent push deployment errors… and some possible remediation options.
Most common errors while pushing an agent:
Error | Error Code(s) | Remediation Steps |
The MOM Server could not execute WMI Query “Select * from Win32_Environment where Operation: Agent Install |
80004005 |
1. Check the PATH environment variable. If the PATH statement is very long, due to lots of installed third party software – this can fail. Reduce the path by converting any long filename destinations to 8.3, and remove any path statements that are not necessary. Or apply hotfix: http://support.microsoft.com/?id=969572 2. The cause could be corrupted Performance Counters on the target Agent. To rebuild all Performance counters including extensible and third party counters in Windows Server 2003, type the following commands at a command prompt. Press ENTER after each command. How to manually rebuild Performance Counter Library values 3. Manual agent install. |
The MOM Server could not execute WMI Query “Select * from Win32_OperatingSystem” on The MOM Server could not execute WMI Query “(null)” on |
8004100A 800706BA |
1. Ensure agent push account has local admin rights
2. Firewall is blocking NetBIOS access. If Windows 2008 firewall is enabled, ensure “Remote Administration (RPC)” rule is enabled/allowed. We need port 135 (RPC) and the DCOM port range opened for console push through a firewall. 3. Inspect WMI service, health, and rebuild repository if necessary 4. Firewall is blocking ICMP (Live OneCare) 5. DNS incorrect |
The MOM Server failed to open service control manager on computer “servername.domain.com”. Access is Denied |
80070005
80041002 |
1. Verify SCOM agent push account is in Local Administrators group on target computer. 2. On Domain controllers will have to work with AD team to install agent manually if agent push account is not a domain admin. 3. Disable McAfee antivirus during push |
The MOM Server failed to open service control manager on computer “servername.domain.com”. |
800706BA | 1. Firewall blocking NetBIOS ports
2. DNS resolution issue. Make sure the agent can ping the MS by NetBIOS and FQDN. Make sure the MS can ping the agent by NetBIOS and FQDN 3. Firewall blocking ICMP 4. RPC services stopped. |
The MOM Server failed to acquire lock to remote computer servername.domain.com. This means there is already an agent management operation proceeding on this computer, please retry the Push Agent operation after some time. |
80072971 |
This problem occurs if the LockFileTime.txt file is located in the following folder on the remote computer: |
The MOM Server detected that the following services on computer “(null);NetLogon” are not running. These services are required for push agent installation. To complete this operation, either start the required services on the computer or install the MOM agent manually by using MOMAgent.msi located on the product CD. |
C000296E |
1. Netlogon service is not running. It must be set to auto/started |
The MOM Server detected that the following services on computer |
C000296E | 1. WMI services not running or WMI corrupt |
The MOM Server detected that the Windows Installer service (MSIServer) is disabled on computer “servername.domain.com”. This service is required for push agent installation. To complete this operation on the computer, either set the MSIServer startup type to “Manual” or “Automatic”, or install the MOM agent manually by using MOMAgent.msi located on the product CD. |
C0002976 |
1. Windows Installer service is not running or set to disabled – set this to manual or auto and start it. |
The Agent Management Operation Agent Install failed for remote computer servername.domain.com. |
80070643 |
1. Enable the automatic Updates service…. Install the agent – then disable the auto-updates service if desired. |
Call was canceled by the message filter | 80010002 | Install latest SP and retry. One server that failed did not have Service pack installed |
The MOM Server could not find directory \\I.P.\C$\WINDOWS\. Agent will not be installed on computer “name”. Please verify the required share exists. | 80070006 |
1. Manual agent install Possible locking on registry? http://www.sysadmintales.com/category/operations-manager/ Try manual install. Verified share does not exist. |
The network path was not found. | 80070035 | 1. Manual agent install |
The Agent Management Operation Agent Install failed for remote computer “name”. There is not enough space on the disk. | 80070070 | 1. Free space on install disk |
The MOM Server failed to perform specified operation on computer “name”. The semaphore timeout period has expired. | 80070079 |
NSlookup failed on server. Possible DNS resolution issue. Try adding dnsname to dnssuffix search list. |
The MOM Server could not start the MOMAgentInstaller service on computer “name” in the time. | 8007041D
80070102 |
NSlookup failed on server. Possible DNS resolution issue. Verify domain is in suffix search list on management servers. Sometimes – the Windows Firewall service – even if disabled – will have a stuck rule. Run: (netsh advfirewall firewall delete rule name=”MOM Agent Installer Service”) |
The Agent Management Operation Agent Install failed for remote computer “name” | 80070643 | 1. Ensure automatic updates service is started 2. Rebuild WMI repository 3. DNS resolution issue |
The Agent Management Operation Agent Install failed for remote computer “name”. Another installation is already in progress. | 80070652 |
Verify not in pending management. If yes, remove and then attempt installation again. |
The MOM Server detected that computer “name” has an unsupported operating system or service pack version | 80072977 | Install latest SP and verify you are installing to Windows system. |
Not discovered | Agent machine is not a member of domain | |
Ping fails | 1. Server is down 2. Server is blocked by firewall 3. DNS resolving to wrong IP. |
|
Fail to resolve machine | 1. DNS issue | |
The MOM Server failed to perform specified operation on computer “name”. Not enough server storage… | 8007046A | 1. This is typically a memory error caused by the remote OS that the agent is being installed on. |
There are currently no logon servers available to service the logon request. | 8007051F | 1. Possible DNS issue |
This installation package cannot be installed by the Windows Installer service. You must install a Windows service pack that contains a newer version of the Windows Installer service. | 8007064D | 1. Install Windows Installer 3.1 |
The network address is invalid | 800706AB |
Possible DNS name resolution issue. Tried nslookup on server name and did not get response. Verify domain is in suffix search list on management servers. |
The MOM Server failed to perform specified operation on computer servername.domain.com | 80070040 | 1. Ensure agent push account has local admin rights |
The MOM Server detected that the actual NetBIOS name SERVERNAME is not same as the given NetBIOS name provide for remote computer SERVERNAME.domain.com. | 80072979 | 1. Correct DNS/WINS issue. 2. Try pushing to NetBIOS name |
The Operations Manager Server cannot process the install/uninstall request for computer xxxxxxx due to failure of operating system version verification | 80070035 | When Error Code: 80070035 appears with a Console based installation of the OpsMgr Agent and the targeted systems are Windows Server 2008 based systems which have their security hardened by using the Security Configuration Wizard, check to see whether the Server service is running |
Mnagement Operation Agent Install failed for remote computer
Error Code: 80004021
Hi I am getting this error, while installing agent through Ops Manager console, can anyone guide
Most times this means you already have an agent on the machine – and you are upgrading it with an unsupported configuration. Either the existing agent is too old to be upgraded, or the agent is newer than what you are pushing. This is seen sometimes when customers deploy the Azure MMA then later push agents from SCOM.
I’m in a situation where I‘ve to approve ‘Pending Require Update’ on agents in SCOM after having installed KB4601269 on my 2 SCOM 2019 UR2 Management Servers but deployment on agent is failing with the following error:
The Operations Manager Server cannot process the install/uninstall request for computer due to failure of operating system version verification.
Operation: Agent Install
Account : My ADmin Account
Error code: 80070005
Error Description: Access is denied
After some investigations around firewall rules and admin rights on servers, I’ve finally detected that the issue is due to the implementation of Authentication Policies by seeing NTLM authentication failed events in the authentication logs on domain controllers.
In our domain, authentications Policies are set to ‘Enforce policy restrictions’ so that only Kerberos authentications are allowed.
Configuring back my admin account to ‘Only audit Policy restrictions’ in the authentication policies makes the agent upgrade working.
I was thinking that SCOM uses whatever mechanism is available to open an SMB connection to copy the .msi file and then uses RPC to start the installation but it seems that without NTLM V2, (NTLMV1 was disabled from year now), the deployment cannot work.
Do you have ever seen that behavior ? Is there a way to enforce SCOM to use kerberos only ? And if not, how can I detect what/when in the authentication process is forcing NTLM usage ?
I’m a bit afraid to open a case at Microsoft and that why i started to ask you fist. If you think I should open a case, i’ll do for sure.
Many thnks by advance for your answer
Definitely open a case. If this is considered a bug, a case will be the only way to get it fixed in a future version or update rollup.
I have not heard this before, but I don’t have a lot of customers disabling NTLM across the board yet either.
Thank you Kevin for this very fast answer ! Will also open a case.
Hello Tristan,
Have you ever been able to solve this/get an answer?
Hello Kevin,
As always this is very helpful!
Just one more question.
On a few machines (not sure how many, just testing at the moment) we keep getting the error:
The MOM Server failed to execute WMI-query Select * from Win32_OperatingSystem on computer name.domain.com
Operation: Agent Install
Install account: DomainName\User Account
Error Code: 80070005
Error Description: Access is denied.
I have verified that the push account is in the Local Admin group of the machines and there are no firewalls activated (we only use hardware firewalls).
Also there is no McAfee involved, only Windows Defender.
I’ve also tried to do the install with the local system account and the local admin account of the machine but that results in the same error message.
After that I tried my domain admin account and that just fails with the output “The task failed to run”.
Last Tuesday I upgraded our environment to 2019 UR4 and we had the same error with approving the upgrade on 100+ agents, but I was able to “fix” this by using your instruction (https://kevinholman.com/2022/04/22/how-to-upgrade-and-update-scom-agents-using-tasks/) and then decline the pending management of those agents.
Do you have any idea what could cause this or how I can troubleshoot any further?
Just to add: When I do the install with my domain admin account, the installation just keeps hanging in “Installation in Progress” with the description:
The installation of this agent is still in progress. If a computer remains in this state for an extended period of time, reject the computer from this view and retry discovery and agent installation.
The only way for me is to reject this installation leaving me without a client of course.
Hi, I had the same issue, and in my case it was caused by the fact that I had disabled distributed COM on the server where I tried to install the agent.