After applying a Windows Security Baseline to the Domain Controllers, or after enabling the Attack Surface Reduction Rule, "Block credential stealing from the Windows local security authority subsystem", GUID: 9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2, Change Auditor no longer audits AD events and in agents 7.0.4 and later, the agent will fail to start. This will also impact agents installed on member servers resulting in the agent failing to start.
An error similar to the following is logged in the ChangeAuditor.AgentLog.nptlog:
[WARN][CServerControlHandler::TriggerHooking(154)] LDAP control hooking failed: 0x00000022
Or
[WARN][TrogdorLib::Common::CTrogdorService::StartImpl(187)] Error initializing sub-system SonicWALL Auditor (71).
[ERROR][itad2hook::DuplexHolderImpl::InitializeIPC(230)] Error starting pipe client. Unable to open pipe
Tiene que estar conectado y contar con un contrato de mantenimiento vigente para ver los artículos de conocimiento premium.
© ALL RIGHTS RESERVED. Feedback Términos de uso Privacidad Cookie Preference Center