This post explains what to do when Endpoint Protection policy not applied
- The policy was applied to a specific collection and all members of the collection were failing to apply the policy
Monitoring / Endpoint Protection Status / System Center 2012 R2 Endpoint Protection Status / Operational State
12 clients are failing to apply the custom policy.
Clicking on the “Antimalware policy application failed” brings us to the list of machine. On the bottom, clicking on the “Antimalware Policy” tab shows the error :
0x80004005 – Failed to generate Antimalware policy file
Let’s look at the EndpointProtectionAgent.log on one of the affected client.
- Failed to generate AM policy XML with error code 0x80004005
- State 2 and ErrorCode -2147467259 and ErrorMsg Failed to generate Antimalware policy file
You can see that my policy “Endpoint Protection CTX 4.5, 6.0 & 6.5” is failing.
Error 4005 would make me think about “Access Denied” error but it doesn’t make any sense. The SCCM client is healthy everything is working fine and my Endpoint Definition are getting updated by SCCM.
I simply renamed my policy to : Endpoint Protection CTX 4.5, 6.0, 6.5 (I removed the “&” from the policy name)
After a machine policy all error were gone. I’ve done a machine policy retrieval on all my affected client and 5 minutes after, they were all OK.
TL;DR : Do not use special character in Endpoint Policy Name.
Technet is not stating any limitation : http://technet.microsoft.com/en-us/library/hh508785.aspx
The SCCM console is not blocking you if you want to create a policy name “Test &?%$%$”.
My recommendation is to avoid using special character in policy name.
Founder of System Center Dudes. Based in Montreal, Canada, Senior Microsoft SCCM Consultant, 5 times Enterprise Mobility MVP. Working in the industry since 1999. His specialization is designing, deploying and configuring SCCM, mass deployment of Windows operating systems, Office 365 and Intunes deployments.