Installation of the NS Agent for ULM (and likely windows clients, as well) fails even when SSL/HTTPS is not configured on the NS/SMP server. This applies to installations done from the NS console and by manually running an installation package or command. In this case, it was found that an SSL certificate was not bound to port 443 in IIS settings.
The following error messages were found on the client system:
Output of a manual install running aex-bootstrap-macosx:
======================================================================================
Tue May 12 11:09:33 MDT 2015
Performing installation of Symantec Management Agent for UNIX, Linux and Mac 7.6.1423
======================================================================================
Installing Symantec Management Agent for UNIX, Linux and Mac 7.6 on the system.
Starting system package installer.
Please see '/opt/altiris/notification/nsagent/aex-nsclt-install.log' for details.
ERROR: Failed to install package. Agent install failed.
ERROR: At least one input parameter for event sending is invalid: Action: 'Remote Install Finished', Client ID: ''.
Final entries in the /opt/altiris/notification/nsagent/aex-nsclt-install.log:
Generating IPC access keys.
Failed to load certificate from settings.
ERROR: Agent configuration failed.
Error: Agent configuration cannot be completed.
-E installer: Package name is Symantec Management Agent
-E installer: Installing at base path /
-E installer: The install failed (The Installer encountered an error that caused the installation to fail. Contact the software manufacturer for assistance.)
To resolve this issue and enable installation of the NS Agent for ULM clients, bind a certificate to port 443 in IIS settings. This is required for agent connectivity and verification even if the NS server is not configured to use SSL/HTTPS. It is acceptable to use the default server certificate, if needed.
If needed, 'Add' the entry for HTTPS Port 443 bindings, then apply a certificate.
Following is a screen shot showing the steps to bind a certificate to port 443 in IIS.
