After applying a Windows Security Baseline to the Domain Controllers, or after enabling the Attack Surface Reduction Rule, "Block credential stealing from the Windows local security authority subsystem", GUID: 9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2, Change Auditor no longer audits AD events and in agents 7.0.4 and later, the agent will fail to start. This will also impact agents installed on member servers resulting in the agent failing to start.
An error similar to the following is logged in the ChangeAuditor.AgentLog.nptlog:
[WARN][CServerControlHandler::TriggerHooking(154)] LDAP control hooking failed: 0x00000022
Or
[WARN][TrogdorLib::Common::CTrogdorService::StartImpl(187)] Error initializing sub-system SonicWALL Auditor (71).
[ERROR][itad2hook::DuplexHolderImpl::InitializeIPC(230)] Error starting pipe client. Unable to open pipe
é necessário estar conectado e ter um contrato de manutenção atual para visualizar os artigos de conhecimento premium.
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center