-
Titel
Active Directory cartridge rule Windows Server 2012/2012 R2 monitored communication protocol keeps triggering an alarm -
Beschreibung
The rule triggers an alarm, to notify about a potential issue of svchost.exe process using excessive CPU on Windows2012/2012R2 domain controller, when it detects that an Active Directory agent is configured to monitor 2012/2012R2 DC using WinRM communication protocol.
It keeps triggering the alarm even after applying one of the workarounds recommended in Troubleshooting section of Release Notes.
-
Ursache
Known Enhancement referenced by Tracking ID AD-812 -
Lösung
Enhancement Request AD-812 has been submitted to Development to improve logic in Rule condition and will be evaluated for a future version of the cartridge.
Please check the release notes of latest version of Active Directory cartridge to find out which enhancements have been included in this release.
Workaround:
Please refer to Microsoft article KB811835 as a possible workaround and after applying it disable the rule.