Connect with us

Hi, what are you looking for?

AppSense

AppSense Management Console crashes when trying to add Client Access Credentials

Sometimes after restoring an AppSense database and/or rebuilding an AppSense server, you might notice you can’t push agents (Client Communications Agent/CCA, Environment Manager Agent, etc.) to clients and it will give you an error in the Management Console. The Status field will say:

No client access credentials have been specified. Please enter credentials before retrying to to Poll the client.

and under the Client Access Log, you can see more details on the error:

Advertisement. Scroll to continue reading.

Could not use credential: "DOMAIN\UserID", error: Password decryption failed, error: [Unable to access the Master Key on the server, error was Keyset does not exist.]

In a pinch, you can manually install the agents on the client and they will start checking in but you are still going to get these error messages in the Management Console:
2

When you go to “Client Access Credentials”, you will get prompted with the following error message:

DataAccessServices.CryptoManager+MasterKeyAccessException: Unable to access the Master Key on the server, error was Keyset does not exist

Advertisement. Scroll to continue reading.

1

If you hit OK and attempt to enter the missing credentials, the AppSense Management Console will crash on you. As in the entire MMC will crash and disappear. Don’t worry, this is an easy fix.

1. Go to Start > All Programs > AppSense > Management Center > AppSense Management Server Configuration

8

2. The Encryption field will likely be red. Just click it and you will see the Encryption Key Status is “Not Valid”. The Transfer Key may also say “Not Present”:

Advertisement. Scroll to continue reading.

3

3. Go ahead and click the “Regenerate” button. It will warn you asking “Are you sure that you want to replace the current master key hash? A new master key hash will be regenerated”. Go ahead and click OK:

4

4. Now click “Store” for the Transfer Key. It will ask you to enter a new Transfer Key Password. Go ahead and type it in and press OK. One thing to note, if you are load balancing the Management Server and it says the Transfer Key is “Present”, do not click Store and enter a new one. Instead just click Retrieve and type the password when prompted. If you are load balancing and it doesn’t have the Transfer Key present, use Store on the first server and when performing these steps on the second server, use Retrieve:

5

5. Now your Encryption settings should look something like this. Encryption key is “Valid” and Transfer Key is “Present”:

Advertisement. Scroll to continue reading.

6

6. Now open up the Management Console again and you should should be able to add credentials under Client Access Credentials. You might even see the old user name and password in there. You will have to re-enter the password on it though:

9

7. Now go back to your Deployment Group and find your client machine. Click “Poll Now” and it should successfully poll impersonating using the credential you entered.

7

Advertisement. Scroll to continue reading.
3 Comments

3 Comments

  1. Mark

    March 18, 2013 at 12:28 PM

    I’m having this same issue. I followed your instructions and it now shows Valid and Present, however I’m still getting the error. It’s driving me nuts trying to figure this one out.

  2. Jason Samuel

    March 19, 2013 at 4:23 PM

    @Mark
    Mike filled me in on what was going on. Wish I could help you but sounds like something unique in that particular setup. I’d like to know the answer once you figure it out. 🙂

  3. Mark

    March 22, 2013 at 2:20 PM

    Fixed it. It helps when you REALLY DO have Domain Admin rights when installing haha.

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Apache

Today I would like to go over proper URL redirection when using SSL but first I would like to preface this by describing what...

Exchange 2003

A useful Exchange 2003 guide I wrote for a friend’s blog originally but I am posting it here on mine now for your viewing...

Citrix Workspace

You can use FIDO2 hardware security keys plugged into your physical desktop over the Citrix HDX remoting protocol for use with virtualized Windows Desktop...

Cloud Design Architecture

The community-driven paperback book initiated by my friends Bas van Kaam and Christiaan Brinkhoff is available for sale on Amazon. If you haven’t picked...

Advertisement

JasonSamuel.com was launched in 2008 as a platform to give back to the IT community by sharing knowledge and expertise. Over the years, it has become a trusted global resource for the latest insights, how-to guides, and forward-thinking leadership on enterprise mobility, security, virtualization, cloud architecture, automation, and other cutting-edge technologies. Today, it serves as a go-to reference hub for IT professionals, attracting hundreds of thousands of unique visitors from around the world each month. Learn more on the About Me page.
Copyright © 2008-2025 JasonSamuel.com