HLK 24H2 Filesystem tests do not pass Configure system step

Hi

I have working setup for AV minifilter HLK testing on win2016server_controller/win10client
I created new setup on win2022server_controller/win11_24H2_client

Selecting AV Feature lists 22 tests, 20 of them passed.
2 failed tests are "Installable File System Filter Test" and "Antivirus Installable File System Filter Test"

Both failing in phase "Configure system" and also in "Restore System", no test actually done.

I compared HLKSvc logs of win10 working well with this 24H2.
Naive approach of grepping for Failure, Error etc just showed that very same partial/intermediate failures are present in both systems.

Difference is at some point in the log where

win10

4008 9816 2025:1:28 8:26:0:202 Total: 1 Pass : 2 Fail : 0 NotRun : 0 Warning : 0 NotApplicable : 0

win11

4020 7456 2025:1:29 7:42:26:452 Total: 1 Pass : 0 Fail : 2 NotRun : 0 Warning : 0 NotApplicable : 0

As the other intermediate errors are present in both files I tend to blame it on the new set of test settings present in win11 and missing on win10.

4020 7624 2025:1:29 6:38:22:826 CJob::FillParameters : Loading Parameter "LogDriverVerifierEvents" = "TRUE"    
4020 7624 2025:1:29 6:38:22:826 CJob::FillParameters : Loading Parameter "LogDriverVerifierEventsAsFailure" = "FALSE"

These are novelty in the logs.I would gladly disable them completely and not rely on interpretation of LogDriverVerifierEventsAsFailure & LogDriverVerifierEvents.

Are you please experiencing similar problems with recent HLK and 24H2?

I dont see actual problem reported in the logs which would not be present on win10, for example:

4008 8848 2025:1:28 8:25:47:123 Warn: FnExit: CheckHB: It is local computer name or there are 0 computers registered   File=sdktools\dtm\wttbuild\coresys\client\hb\hb.cpp, Line=599    
4008 8848 2025:1:28 8:25:47:123 Error: 0x57, The parameter is incorrect.   FnExit: AddComputer: bad param   File=sdktools\dtm\wttbuild\coresys\client\hb\hb.cpp Line=650    
4008 8848 2025:1:28 8:25:47:123 Error: 0x57, The parameter is incorrect.   Failed in CHeartBeat::AddComputer ()   File=sdktools\dtm\wttbuild\coresys\client\hb\hb.cpp Line=703    

4008 9816 2025:1:28 8:26:0:342 Error: 0x8201aaac, Error 0x8201aaac   CExecutionTask::InnerLogFileCopy()::(null)::CAUSE:Copying File "C:\HLK\JobsWorkingDir\Tasks\WTTJobRun1FD02674-51DD-EF11-96D1-005056A1653C\ifscfg.exe.wtl.trace" Fails     File=sdktools\dtm\wttbuild\coresys\client\executiontask\executiontask.cpp Line=2067    
4008 9816 2025:1:28 8:26:0:342 Error: 0x80070002, The system cannot find the file specified.   FindFileAndCopy()::(null)::CAUSE:Cannot Find Pattern "C:\HLK\JobsWorkingDir\Tasks\WTTJobRun1FD02674-51DD-EF11-96D1-005056A1653C\ifscfg.exe.wtl.trace"    File=sdktools\dtm\wttbuild\coresys\client\eautil\eautil.cpp Line=715    
4008 9816 2025:1:28 8:26:0:342 Error: 0x82015856, Error 0x82015856   CKeyEvaluator::ExpandString()::(null)::CAUSE:CKeyEvaluator::ExpandString : Parameter [Admin_Pwd] not Found...will Keep it as it is    File=sdktools\dtm\wttbuild\coresys\client\keyevaluator\keyevaluator.cpp Line=324    
4008 8848 2025:1:28 8:26:0:342 CJob::ExecuteCategory : Woken up From Sleep..."Configure system" Task Must have Completed

... and alike, all copied from the log of win10 successfully testing system.

Thanks for reading and hints

Juraj

followup with details of failure reported

<TaskResult MachineName="146CA22C-DB1D-4F69-BFB9-4D47A537E8EC" TaskResultGUID="9B2E18EE-B99D-499B-B766-AF75B1470790" ResultGUID="A4D99B61-3F2C-4DC5-9918-6CE00AA76A0C" TaskGUID="ED328695-9C25-4024-8232-03FA26C6678B" Total="667" Pass="0" Fail="0" NotRun="0" Warned="0" NotApplicable="0" StartTime="1/29/2025 8:35:31:714" EndTime="" Status="NotComplete" ProcessExitCode="0" LogParseExitCode="0" IsLogsCopied="0" TaskResultId="2125" LogLocation=""/>
<ErrorMessage MessageType="TaskErrorMessage" GUID="9B2E18EE-B99D-499B-B766-AF75B1470790" HResult="-2113819213" MachineName="146CA22C-DB1D-4F69-BFB9-4D47A537E8EC" ID="2125"><ERROR Cause="Task &quot;Configure system&quot; is Marked Failed From the LogFile" Failure="" File="sdktools\dtm\wttbuild\coresys\client\executiontask\executiontask.cpp" Function="CExecutionTask::Cleanup" Hresult="0x8201aeac" Line="1672" Machine="WIN11-SIGNING">
  <ERROR Cause="Copying File &quot;C:\HLK\JobsWorkingDir\Tasks\WTTJobRunFDB078FC-1BDE-EF11-A1A2-005056B71651\ifscfg.exe.wtl.trace&quot; Fails " Failure="" File="sdktools\dtm\wttbuild\coresys\client\executiontask\executiontask.cpp" Function="CExecutionTask::InnerLogFileCopy" Hresult="0x8201aaac" Line="2067" Machine="WIN11-SIGNING">
    <ERROR Cause="Cannot Find Pattern &quot;C:\HLK\JobsWorkingDir\Tasks\WTTJobRunFDB078FC-1BDE-EF11-A1A2-005056B71651\ifscfg.exe.wtl.trace&quot;" Failure="" File="sdktools\dtm\wttbuild\coresys\client\eautil\eautil.cpp" Function="FindFileAndCopy" Hresult="0x80070002" Line="715" Machine="WIN11-SIGNING">
      <ERROR Cause="Task is Marked Failed as it had non-zero Fail Counts in the LogFile" Failure="" File="sdktools\dtm\wttbuild\coresys\client\taskresults\taskresults.cpp" Function="CTaskResults::ParseTaskGuidXML" Hresult="0x8201aeac" Line="434" Machine="WIN11-SIGNING">
        <ERROR Cause="CKeyEvaluator::ExpandString : Parameter [Admin_Pwd] not Found...will Keep it as it is" Failure="" File="sdktools\dtm\wttbuild\coresys\client\keyevaluator\keyevaluator.cpp" Function="CKeyEvaluator::ExpandString" Hresult="0x82015856" Line="324" Machine="WIN11-SIGNING"></ERROR>
      </ERROR>
    </ERROR>
  </ERROR>
</ERROR></ErrorMessage>
<TaskResult MachineName="146CA22C-DB1D-4F69-BFB9-4D47A537E8EC" TaskResultGUID="9B2E18EE-B99D-499B-B766-AF75B1470790" ResultGUID="A4D99B61-3F2C-4DC5-9918-6CE00AA76A0C" TaskGUID="ED328695-9C25-4024-8232-03FA26C6678B" Total="1" Pass="0" Fail="2" NotRun="0" Warned="0" NotApplicable="0" StartTime="1/29/2025 8:35:31:714" EndTime="1/29/2025 8:35:33:299" Status="Failed" ProcessExitCode="-2113818964" LogParseExitCode="-2113818964" IsLogsCopied="1" TaskResultId="2125" LogLocation="\\HLKCtrlWin11.ik.local\HLKLogs\1-29-2025\A4D99B61-3F2C-4DC5-9918-6CE00AA76A0C\146CA22C-DB1D-4F69-BFB9-4D47A537E8EC\9B2E18EE-B99D-499B-B766-AF75B1470790\"/>

yet one more followup:

failing machine sends at bottom Status=Failed

4020 4768 2025:1:29 8:35:33:273 FindFileAndCopy : Searching Pattern C:\HLK\JobsWorkingDir\Tasks\WTTJobRunFDB078FC-1BDE-EF11-A1A2-005056B71651\ifscfg.exe.wtl.trace    
4020 4768 2025:1:29 8:35:33:273 FindFileAndCopy : returns 8201aaac    
4020 4768 2025:1:29 8:35:33:273 Error: 0x8201aaac, Error 0x8201aaac   (Error ( status = 43692 ) in call: FindFileAndCopy( lpszFileName, lpszDestinationDir, 0, &dwFilesCopied, filecopyinfoDic) )   File=sdktools\dtm\wttbuild\coresys\client\executiontask\executiontask.cpp Line=2065    
4020 4768 2025:1:29 8:35:33:273 FindFileAndCopy : SrcDrive C: SrcDir \HLK\JobsWorkingDir\Tasks\WTTJobRunFDB078FC-1BDE-EF11-A1A2-005056B71651\ SrcFileName setupsystem SrcExt .wtl    
4020 4768 2025:1:29 8:35:33:273 FindFileAndCopy : DestDrive  DestDir \\HLKCtrlWin11.ik.local\HLKLogs\1-29-2025\A4D99B61-3F2C-4DC5-9918-6CE00AA76A0C\146CA22C-DB1D-4F69-BFB9-4D47A537E8EC\9B2E18EE-B99D-499B-B766-AF75B1470790\ DestFileName  DestExt     
4020 4768 2025:1:29 8:35:33:273 FindFileAndCopy : Searching Pattern C:\HLK\JobsWorkingDir\Tasks\WTTJobRunFDB078FC-1BDE-EF11-A1A2-005056B71651\setupsystem.wtl    
4020 4768 2025:1:29 8:35:33:275 FindFileAndCopy : Copying File From C:\HLK\JobsWorkingDir\Tasks\WTTJobRunFDB078FC-1BDE-EF11-A1A2-005056B71651\setupsystem.wtl to \\HLKCtrlWin11.ik.local\HLKLogs\1-29-2025\A4D99B61-3F2C-4DC5-9918-6CE00AA76A0C\146CA22C-DB1D-4F69-BFB9-4D47A537E8EC\9B2E18EE-B99D-499B-B766-AF75B1470790\setupsystem.wtl    
4020 4768 2025:1:29 8:35:33:299 Warn: (Warning ( BOOL is FALSE ) ErrorCode 6 from Call CloseHandle(ProcessInfo.hProcess))   File=sdktools\dtm\wttbuild\coresys\client\executiontask\executiontask.cpp, Line=2428    
4020 4768 2025:1:29 8:35:33:299 Warn: (Warning ( BOOL is FALSE ) ErrorCode 6 from Call CloseHandle(ProcessInfo.hThread))   File=sdktools\dtm\wttbuild\coresys\client\executiontask\executiontask.cpp, Line=2429    
4020 4768 2025:1:29 8:35:33:299 RemoveAccessToSession0ForUser : Process Running in a WindowStation that is not visible to the User. Hence Not Setting Console Access    
4020 4768 2025:1:29 8:35:33:299 RemoveAccessToSession0ForUser : returns 0    
4020 4768 2025:1:29 8:35:33:299 CTask::UpdateStatus : Sending Status Update Msg "<TaskStatusUpdate TaskGUID="9B2E18EE-B99D-499B-B766-AF75B1470790"  Status="Failed" />" to Peers

while more relaxed machine just says Status="" and then it continues successfuly

4008 5024 2025:1:29 8:42:19:853 FindFileAndCopy : Searching Pattern C:\HLK\JobsWorkingDir\Tasks\WTTJobRun93E0A4E6-1CDE-EF11-96D1-005056A1653C\ifscfg.exe.wtl.trace    
4008 5024 2025:1:29 8:42:19:853 FindFileAndCopy : returns 8201aaac    
4008 5024 2025:1:29 8:42:19:853 Error: 0x8201aaac, Error 0x8201aaac   (Error ( status = 43692 ) in call: FindFileAndCopy( lpszFileName, lpszDestinationDir, 0, &dwFilesCopied, filecopyinfoDic) )   File=sdktools\dtm\wttbuild\coresys\client\executiontask\executiontask.cpp Line=2065    
4008 5024 2025:1:29 8:42:19:853 FindFileAndCopy : SrcDrive C: SrcDir \HLK\JobsWorkingDir\Tasks\WTTJobRun93E0A4E6-1CDE-EF11-96D1-005056A1653C\ SrcFileName setupsystem SrcExt .wtl    
4008 5024 2025:1:29 8:42:19:853 FindFileAndCopy : DestDrive  DestDir \\HLKController.ik.local\HLKLogs\1-29-2025\222CE0EF-1F48-431B-82B0-CEDFBC5FFCAF\D860AD71-16AA-4CC5-A6C8-9FEEC94650CB\9DEE4ED5-6403-4E57-9EBB-DE45DF77E122\ DestFileName  DestExt     
4008 5024 2025:1:29 8:42:19:853 FindFileAndCopy : Searching Pattern C:\HLK\JobsWorkingDir\Tasks\WTTJobRun93E0A4E6-1CDE-EF11-96D1-005056A1653C\setupsystem.wtl    
4008 5024 2025:1:29 8:42:19:869 FindFileAndCopy : Copying File From C:\HLK\JobsWorkingDir\Tasks\WTTJobRun93E0A4E6-1CDE-EF11-96D1-005056A1653C\setupsystem.wtl to \\HLKController.ik.local\HLKLogs\1-29-2025\222CE0EF-1F48-431B-82B0-CEDFBC5FFCAF\D860AD71-16AA-4CC5-A6C8-9FEEC94650CB\9DEE4ED5-6403-4E57-9EBB-DE45DF77E122\setupsystem.wtl    
4008 5024 2025:1:29 8:42:19:900 Warn: (Warning ( BOOL is FALSE ) ErrorCode 6 from Call CloseHandle(ProcessInfo.hProcess))   File=sdktools\dtm\wttbuild\coresys\client\executiontask\executiontask.cpp, Line=2428    
4008 5024 2025:1:29 8:42:19:900 Warn: (Warning ( BOOL is FALSE ) ErrorCode 6 from Call CloseHandle(ProcessInfo.hThread))   File=sdktools\dtm\wttbuild\coresys\client\executiontask\executiontask.cpp, Line=2429    
4008 5024 2025:1:29 8:42:19:900 RemoveAccessToSession0ForUser : Process Running in a WindowStation that is not visible to the User. Hence Not Setting Console Access    
4008 5024 2025:1:29 8:42:19:900 RemoveAccessToSession0ForUser : returns 0    
4008 5024 2025:1:29 8:42:19:900 CExecutionTask::FillLogCounters : Marking Task "Configure system" as Passed     
4008 5024 2025:1:29 8:42:19:900 CTask::UpdateStatus : Sending Status Update Msg "<TaskStatusUpdate TaskGUID="9DEE4ED5-6403-4E57-9EBB-DE45DF77E122"  Status="" />" to Peers

SOLVED:

from actual test cfg log I finally found out that test user creation failed and that was not visible in HLKSvc.log