How to Use SCCM ConfigMgr Tool Policy Spy exe. Policy Spy is System Center 2012 Configuration Manager Client Troubleshooting Tool.
Policy Spy can be used to troubleshoot the policy system of the SCCM/ConfigMgr Client. Have you ever played with PolicySpy.exe? If not, start using it.
In this post, I‘m exploring the Policy Spy tool in more detail and how it can be used more effectively. The documentation provided with this toolkit is excellent (ToolkitHelp); however, I’ve seen many of us never look into that documentation.
This is a continuation of my post about Client Spy.
- Download Updated SCCM ConfigMgr Toolkit For Server Client-side Troubleshooting Configuration Manager
- Issue with Photos App and BlockNonAdminUserInstall Policy
- Windows Update Assistant Tool
| Index |
|---|
| How to Use SCCM ConfigMgr Tool Policy Spy exe |
| Actual Tab |
| Requested Tab |
| Default Tab |
| Events Tabs |
| Client Info Pane |
| Details Pane |
How to Use SCCM ConfigMgr Tool Policy Spy exe
Before we get into the details, I want to remind you that Policy Spy must be run as an administrator.
Open Remote : If you want to run Policy Spy on a remote computer.
All the following features will be disabled when viewing the exported policy file.
Request Machine Assignments: Select this option to trigger the machine policy. The default machine policy polling interval is 60 minutes. This is useful when troubleshooting and when you want a machine to ask for policy from management immediately. Monitor PolicyAgent.log to get more details about the policy request and reply from the Management Point.
Evaluate Machine Policy: If you want to trigger the machine policy evaluation on a target computer, you can use this option. Once you have triggered the policy evaluation, you can look at the log file called PolicyEvaluator.log for further troubleshooting. It will help you understand whether the policy is being evaluated successfully.
Request User Assignments: This option triggers the User policy for the currently logged-on users. The Default user policy polling interval is 60 minutes, which is useful when troubleshooting. Monitor PolicyAgent.log to get more details about the policy request and reply from the Management Point.
Evaluate User Policy: If you want to trigger the user policy evaluation on a target computer, you can use this option. Once you have triggered the policy evaluation, you can look at the log file called PolicyEvaluator.log for further troubleshooting. It will help you understand whether the policy is being evaluated successfully.
Reset Policy: This option will remove all non-default policies and reset the site’s policy cookies. It then triggers a request for machine policy assignments.
Export Policy: Use this option to export the policy details for further troubleshooting or analysis. It exports the target computer system’s policy to an XML-format export file. This file can be viewed on any computer by selecting Open File on the Tools menu and opening the export file.
We are going to cover the following topics in detail.
| Policy Spy tool |
|---|
| Actual Tab |
| Requested Tab |
| Default Tab |
| Events Tab |
| Client Info Pane |
| Details Pane |
Actual Tab
Have a look at the screenshots below. This tab will provide you with client agent policy details configured at the site level, such as machine policy interval, software inventory, hardware inventory, etc. Results are displayed in tree format with a root node for the Machine namespace and each user-specific namespace.
Expand the machine namespace will show you the classes (CCM_ClientActions), and you can expand the classes to see {00000000-0000-0000-0000-000000000001}- Class for hardware Inventory, {00000000-0000-0000-0000-000000000002} – Class for Software Inventory and {00000000-0000-0000-0000-000000000003} – Class for Discovery Inventory.
Requested Tab
This tab displays the policy assignments retrieved from the client’s assigned site. The results are displayed in tree format, with a root node for the Machine namespace and each user-specific namespace. All the following details are taken from the ToolkitHelp document.
Results are displayed in tree format with a root node for the Machine namespace and each user-specific namespace. Expanding a namespace node shows the Configuration and Settings nodes.
- Configuration node – displays a list of configuration classes derived from CCM_Policy_Config, including policy objects, assignments, and others.
- Settings node – Expanding the Settings node displays all active settings generated by policies. Settings are displayed under the Configuration node.
Note: Multiple instances can exist with the same names because these settings have not been merged into a resultant final set. Policy Spy displays instances under this node using the RealKey properties instead of their true policy keys to easily correlate to the resultant set shown on the Actual tab.
Default Tab
The default tab displays the same information as the Requested tab and the contents of the DefaultMachine and DefaultUser namespaces.
Events Tabs
The events tab displays policy agent events as they happen. The view creates a WMI event subscription for all events derived from CCM_PolicyAgent_Event.
The view shows a maximum of 200 events and removes the oldest events from the top of the list, as required. If the last item in the list is selected, the list automatically scrolls down as new events are added. Otherwise, the view maintains its current position, and you must scroll down or press the End key to view new events. This view is always empty when viewing an exported policy.
Client Info Pane
The Client Info Pane details the client name, GUID, Client Version, Assigned Site Code, and assigned MP, including the Resident MP. From this pane, we can understand whether the client communicates with the proper MP, is under global roaming, etc.
Details Pane
The details pane displays the policy body of the current selection of the MOF that displays.
If the client has not downloaded the body, Policy Spy displays a hyperlink so you can download the policy body directly from the client’s management point. Clicking the link causes Policy Spy to send an HTTP query to the management point.
If the policy body download succeeds, the hyperlink is replaced with the contents of the reply. Otherwise, the display is updated, indicating that the request failed.
We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp.
Author
Anoop C Nair has been Microsoft MVP from 2015 onwards for 10 consecutive years! He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is also a Blogger, Speaker, and leader of the Local User Group Community. His main focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc..
Great explanation!