-
Title
EMC file/folder security changes produce 'Ownership changed' events on Celerra or VNX devices -
Description
When the security is changed on a file/folder located on EMC-based storage the following may occur:1) The change records a warning similar to the following in the ChangeAuditor.dll.nptlog:
"Permission Change, access denied getting security descriptor for \\cifsserver01.domain.com\CHECK$\root_vdm_1\FS1\Folder1\New Folder"
2) ChangeAuditor produces an event for the change but it is reported incorrectly as 'File/Folder Ownership changed'.
-
Cause
The computer accounts where the Agents are running do not have access to Check$ share on the data mover. This causes an access denied error when attempting to query the file/folder for ACL information. -
Resolution
Add the Active Directory computer accounts where the ChangeAuditor Agents processing EMC events are running to the "EMC Virus Checking" permission on the data mover.
This can be done a variety of ways but the easiest method for future changes to configuration would be to perform the following steps:1) Create an Active Directory based group and add the required computer account(s) to it.
2) Add the Active Directory group to the "EMC Virus Checking" permission via the "Celerra Managment" MMC Snap-in.Additional information on how to modify the EMC permission mentioned above can be found in the EMC Event Enabler documention.
-
Defect ID
TF00293363 -
Additional Information
DefectID:TF00293363 has been logged to include this information in future release of the ChangeAuditor for EMC User Guide.