This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Error "Machine Policy refresh failed"

Summary

"Machine Policy refresh failed" error on application request

Symptoms

Error: "Machine Policy refresh failed" error on application request and following log can be confirmed in RunPolicy.log
--
<![LOG[Error running policy for schedule on computer_name Error: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))]LOG]!
--
 

 

Resolution

The ESD Service account needs to be a local admin on the client machine where the machine policy refresh is being performed. The machine policy refresh is not strictly necessary. It just speeds up the deployment process. By default, the SCCM client will perform a machine policy refresh on its own every 60 minutes. We use something very similar to the following powershell script to perform the refresh. If the following works when run under the context of the ESD service account, then App portal should work as well.
 
Invoke-WmiMethod -Namespace root\CCM -Class SMS_Client -Name TriggerSchedule -ComputerName <MachineName> -Credential <domain>\<esdServiceAcount> -ArgumentList "{00000000-0000-0000-0000-000000000021}"

on ‎Nov 07, 2018 06:49 PM - edited on ‎Nov 11, 2020 12:19 PM by

Labels:
Was this article helpful? Yes No
No ratings
0 Kudos
Version history
Last update:
‎Nov 11, 2020 12:19 PM
Updated by: