Some users may have issues creating a community account. For more information, please click here.

Error "Machine Policy refresh failed"

Error "Machine Policy refresh failed"

Summary

"Machine Policy refresh failed" error on application request

Symptoms

Error: "Machine Policy refresh failed" error on application request and following log can be confirmed in RunPolicy.log
--
<![LOG[Error running policy for schedule on computer_name Error: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))]LOG]!
--
 

 

Resolution

The ESD Service account needs to be a local admin on the client machine where the machine policy refresh is being performed. The machine policy refresh is not strictly necessary. It just speeds up the deployment process. By default, the SCCM client will perform a machine policy refresh on its own every 60 minutes. We use something very similar to the following powershell script to perform the refresh. If the following works when run under the context of the ESD service account, then App portal should work as well.
 
Invoke-WmiMethod -Namespace root\CCM -Class SMS_Client -Name TriggerSchedule -ComputerName <MachineName> -Credential <domain>\<esdServiceAcount> -ArgumentList "{00000000-0000-0000-0000-000000000021}"
Labels (1)
Was this article helpful? Yes No
No ratings
Version history
Revision #:
2 of 2
Last update:
‎Nov 11, 2020 12:19 PM
Updated by:
 
Contributors