Failed to open the local machine group policy


System Center 2012 Endpoint Protection (SCEP) is build-in ConfigMgr 2012 to manage anti-malware and antivirus on devices. Most of times the product is doing well, and no issues are seen. Last time however there was a policy issue: "Failed to open the local machine group policy". Because of this no SCEP policy was active on the clients. Here's what to do in this situation.

In the ConfigMgr logs folder, there's a filed named: EndpointProtectionAgent.log
In this logfile the error message is displayed to search for.
-Failed to apply the policy C:\Windows\CCM\EPAMPolicy.xml with error (0x80004005)
-Failed to open the local machine group policy (SCEP)
Also in Event Viewer there will be error messages which send you to the right direction.
To fix the error there are a few steps needed:
-Browse to the Windows\System32\GroupPolicy\Machine folder on the client and delete the file: Registry.pol
-Then restart the "SMS Agent Host" service to enforce ConfigMgr download all policies again. Sometimes this is not enough and re-installation of the ConfigMgr client is needed.
After that policies must be applied again well.

Post a Comment