Share via

need help to identify the reason for installation error via SCCM package

Puneet Mandyal 1 Reputation point
2022-03-28T19:38:34.523+00:00

Hi Team,

I need help to investigate the issue with batch script installation which I installing on the client machines through SCCM Package.

I tried to execute the script on system using command run as administrator, which executed successfully on the clied machine on the other hand if the script executing via SCCM package it return me this error

Severity Type Site code Date / Time System Component Message ID Description
Error Milestone EDN 3/28/2022 7:20:04 AM EFCTESTCW3 Software Distribution 10006 The program for deployment "EDN202AF" failed ("EDN000E0" - "CloudwatchAgent_start"). A failure exit code of 1 was returned. User context: NT AUTHORITY\SYSTEM Possible cause: Configuration Manager determines status for each program it executes. If Configuration Manager cannot find or correlate any installation status Management Information Format (MIF) files for the program, it uses the program's exit code to determine status. An exit code of 1 is considered a failure. Solution: For more information on the exit code, refer to the documentation for the program you are distributing.

If I ran the script without run as administrator it gives me this error

C:\Windows\ccmcache\2>startcloudwatchAgent-Windows.bat
****** processing amazon-cloudwatch-agent ******
Region: us-west-1
credsConfig: map[]
Failed to write the json file C:\ProgramData\Amazon\AmazonCloudWatchAgent\Configs\ssm_AmazonCloudWatch-windows.tmp: open C:\ProgramData\Amazon\AmazonCloudWatchAgent\Configs\ssm_AmazonCloudWatch-windows.tmp: Access is denied.

Fail to fetch the config!

If I have run the batch script using run as administrator it executed successfully:

Microsoft Windows [Version 10.0.17763.1935]
(c) 2018 Microsoft Corporation. All rights reserved.

C:\Windows\system32>cd C:\Windows\ccmcache\2

C:\Windows\ccmcache\2>startcloudwatchAgent-Windows.bat
****** processing amazon-cloudwatch-agent ******
Region: us-west-1
credsConfig: map[]
Successfully fetched the config and saved in C:\ProgramData\Amazon\AmazonCloudWatchAgent\Configs\ssm_AmazonCloudWatch-windows.tmp
Start configuration validation...
2022/03/28 19:11:59 Reading json config file path: C:\ProgramData\Amazon\AmazonCloudWatchAgent\Configs\ssm_AmazonCloudWatch-windows.tmp ...
Valid Json input schema.
No csm configuration found.
Configuration validation first phase succeeded
Configuration validation second phase succeeded
Configuration validation succeeded
AmazonCloudWatchAgent has been stopped
AmazonCloudWatchAgent has been started

C:\Windows\ccmcache\2>

I have attached the screenshot for package how I have setup in SCCM 187662-capture.jpg

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,726 questions
Microsoft Configuration Manager
0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Simon Ren-MSFT 40,071 Reputation points Microsoft External Staff
    2022-03-31T02:32:19.387+00:00

    Hi,

    Thanks for posting in Microsoft MECM Q&A forum.

    Agree with above replies. This issue may be related to the running context. We can use PsExec.exe to run the package/application under a specified credential to have a try. For more detailed information, please refer to:

    How to Access the Local System Account
    MDT/SCCM 2010 - Running Applications Installations under different credentials
    PsTools

    Hope it helps. Have a nice day!

    Best regards,
    Simon

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    2 people found this answer helpful.
    0 comments
  2. Garth 5,801 Reputation points
    2022-03-30T10:55:20.77+00:00

    This blog show you how to test your batch file as cm deploys it. https://www.recastsoftware.com/resources/how-to-access-the-local-system-account/

    1 person found this answer helpful.
    0 comments
  3. Limitless Technology 39,851 Reputation points
    2022-03-29T14:33:56.633+00:00

    Hi @Puneet Mandyal

    Since the issue is related to the file structure and permission of the Amazon Cloud Watch Agent, it would be recommended that you get in touch with an Amazon Cloud forum where the experts would be better experience to guide you.

    Initially, from the error message "Failed to write the json file" and "Access is denied" you should check the NTFS permissions on the affected file and folder (these may be assigned by the installed software)

    One recommendation would be to chck the configuration of your intallation account used to distribute the packages, ensuring that is included in the right containers for permissions:

    https://learn.microsoft.com/en-us/mem/configmgr/core/plan-design/hierarchy/accounts#package-access-account

    Hope this helps with your query,

    --
    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments
  4. Rahul Jindal [MVP] 10,781 Reputation points MVP
    2022-03-30T06:56:21.99+00:00

    Have you tried running the script in user context but with admin rights?

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.