Showing results for 
Show  only  | Search instead for 
Did you mean: 


"Machine Policy refresh failed" error on application request


Error: "Machine Policy refresh failed" error on application request and following log can be confirmed in RunPolicy.log
<![LOG[Error running policy for schedule on computer_name Error: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))]LOG]!



The ESD Service account needs to be a local admin on the client machine where the machine policy refresh is being performed. The machine policy refresh is not strictly necessary. It just speeds up the deployment process. By default, the SCCM client will perform a machine policy refresh on its own every 60 minutes. We use something very similar to the following powershell script to perform the refresh. If the following works when run under the context of the ESD service account, then App portal should work as well.
Invoke-WmiMethod -Namespace root\CCM -Class SMS_Client -Name TriggerSchedule -ComputerName <MachineName> -Credential <domain>\<esdServiceAcount> -ArgumentList "{00000000-0000-0000-0000-000000000021}"
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎Nov 11, 2020 12:19 PM
Updated by: