Return
-
Title
AD agent fails to collect data and agent DEBUG log shows error Code 0xC0000022 related to SMB -
Description
AD agent stops collecting data in spite of all pre-reqs are in place. DEBUG-2 mode AD agentl log shows Access denied error alongwith DCOM error Message not found for errorCode: 0xC0000022 -
Cause
SMB servers that have to be accessed by clients that do not support GSS authentication must have SmbServerNameHardeningLevel set to 0 (the default).
AD / EXC cartridges adopt a third party jar j-interop.jar to run WMI queries and it only supports NTLM /NTLMV2 authentication currently. Hence it blocks the SMB connection.
-
Resolution
Starting with version 5.6.6 of Active Directory and Exchange cartridges, below requirement has been added to the Release Notes as one of the Pre-requisites:
- On target (target/monitored) Domain Controller, launch Registry editor (use RunAdAdministrator option if applicable)
- Navigate to registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
- Change SmbServerNameHardeningLevel value to 0
- Reboot the Domain Controller
- Restart corresponding AD agent in Folight console
-
Defect ID
EXC-673