The most common list of culprits can hint you on Change Auditor Agent service and connectivity issues:
1.Suggest whether the agent and the coordinator services are running as a local system.
Check Quest service Logon Tab.
2.Agent ports are listening if you query the coordinator server from the agent machine and the other way around since it is a TCP bi-directional relation.
Confirm RPC service is running.
3.Apart from the agent port the SCP and SDK ports aren't blocked.
4.Whether the deployment method is used from within the coordinator client software console or the manual agent .MSI installer? Set domain credentials under deployment section on the client software.
5.Whether the licensing is in the good shape?
6.Make sure the agent is in the same forest and network has no obstacles DNS nslookup and ping.
7. In addition to that, make sure no cloud AV is blocking the agent service.
Please review the kb article:
https://support.quest.com/es-es/change-auditor/kb/234488/change-auditor-antivirus-exclusions
..LSASS gpedit.msc
(force to a particular coordinator option in case you have more than 1).
8. In case of a foreign forest agent, port 88 Kerberos is required to be listening.
9. Installation name matches
10.Make sure the service DA account that you use to install the foreign forest agent has a membership under the Change Auditor Agents security group on your forest root AD.
11.Try to go to the Programs and Features and completely uninstall the CA agent.
Then download the MSI from the below link and try to call it out from elevated CLI in quotations.
This is the latest agent version 7.x and it is backwards compatible to your old 7.2 coordinator.
https://support.quest.com/change-auditor/7.x/download-new-releases
12.Take into consideration the MSFT surface attack reduction rule as the culprit.
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center