Endpoint Protection Policy is not Applied

This post explains what to do when Endpoint Protection policy not applied

Symptom

• The policy was applied to a specific collection and all members of the collection were failing to apply the policy

Monitoring / Endpoint Protection Status / System Center 2012 R2 Endpoint Protection Status / Operational State

12 clients are failing to apply the custom policy.

Clicking on the “Antimalware policy application failed” brings us to the list of machine. On the bottom, clicking on the “Antimalware Policy” tab shows the error :

0x80004005 – Failed to generate Antimalware policy file

Let’s look at the EndpointProtectionAgent.log on one of the affected client.

• Failed to generate AM policy XML with error code 0x80004005
• State 2 and ErrorCode -2147467259 and ErrorMsg Failed to generate Antimalware policy file

You can see that my policy “Endpoint Protection CTX 4.5, 6.0 & 6.5” is failing.

Error 4005 would make me think about “Access Denied” error but it doesn’t make any sense. The SCCM client is healthy everything is working fine and my Endpoint Definition are getting updated by SCCM.

Resolution

I simply renamed my policy to : Endpoint Protection CTX 4.5, 6.0, 6.5 (I removed the “&” from the policy name)

After a machine policy all error were gone. I’ve done a machine policy retrieval on all my affected client and 5 minutes after, they were all OK.

TL;DR : Do not use special character in Endpoint Policy Name.

Technet is not stating any limitation : http://technet.microsoft.com/en-us/library/hh508785.aspx

The SCCM console is not blocking you if you want to create a policy name “Test &?%$%$”.

My recommendation is to avoid using special character in policy name.