Submit a ticketCall us

Systems Monitoring for Dummies
Our new eBook will teach you the fundamentals and help you create monitors and alerts that are effective, meaningful, and actionable. Monitoring is more than a checkbox on your to-do list. This free eBook will give you practical advice to help you succeed in all aspects of monitoring – discovery, alerting, remediation, and troubleshooting. Don’t miss out on this indispensable resource for newbies, experienced IT pros, and everyone in between. Register Now.

Home > Success Center > Patch Manager > Patch Manager 2.1.5 Administrator Guide > Installing Patch Manager > Failed to Send Partitioned task to management server after server hardening

Failed to Send Partitioned task to management server after server hardening

Updated

Overview

Failed to Send Partitioned task to management server

Environment

  • PM 1.5 +

 

Cause 

Customer has disabled schannel to harden the security on the server.

 

The registry settings are known to cause this and need to be set back to defualt

 

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server" -RegType DWORD -RegName "Enabled" -RegValue "4294967295"

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server" -RegType DWORD -RegName "DisabledByDefault" -RegValue "0"

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" -RegType DWORD -RegName "Enabled" -RegValue "4294967295"

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" -RegType DWORD -RegName "DisabledByDefault" -RegValue "0"

 

Resolution

  1. Set the following back to default

 

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server" -RegType DWORD -RegName "Enabled" -RegValue "4294967295"

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server" -RegType DWORD -RegName "DisabledByDefault" -RegValue "0"

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" -RegType DWORD -RegName "Enabled" -RegValue "4294967295"

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" -RegType DWORD -RegName "DisabledByDefault" -RegValue "0"

*note those are the hardened settings. It is entirely possible these keys do not exist on a default. Check it against a known working widows server.

 

 

 

 

 

Last modified

Tags

This page has no custom tags.

Classifications

Internal Use Only