Server monitoring - active directory connection - error

Reply
L0 Member

Server monitoring - active directory connection - error

I have 2 domain controllers: one is a 2003 server 32 bit, the other is an exchange server 2003 64 bit.

I've updated my PA 500 from 5.0.7 to 6.0.9

Now I'm experiencing an authentication issue on the 2003 server 32 bit.

On user identification, user mapping I'm getting this error:

I've checked documentation, especially this guide:

https://live.paloaltonetworks.com/docs/DOC-4332

Checking for the error, I've found out:

https://live.paloaltonetworks.com/docs/DOC-5404

I'm in case 3:

Also, if the error "NT_STATUS_NET_WRITE_FAULT" appears in the log entries, this indicates a that special character is used in the password of the service account. This password needs to be reset.

So I've changed the password.

Once again, no problems with exchange 64 bit but "Access denied" with the 2003 domain controller.

I've also found out:

http://community.zenoss.org/docs/DOC-2520

In my server logs there is also the same uuid:

uuid 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57

So something strange is up here.

Does anybody know how to solve this issue?

L0 Member

Re: Server monitoring - active directory connection - error

Note also that via cli, this command:

less mp-log useridd.log

is giving me this error:

pan_user_id_win_log_query(pan_user_id_win.c:1326): log query for dominio failed: [librpc/rpc/dcerpc_util.c:1290

:dcerpc_pipe_auth_recv()] Failed to bind to uuid 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57 - NT_STATUS_NET_WRITE_FAULT

Highlighted
L2 Linker

Re: Server monitoring - active directory connection - error

Hi Wlitdeparment,

We had a similar issue with the same error message seeing in the useridd.log.

It turns out to be the setting of the user mapping was not correct. Please check your WMI authentication setting in user mapping, make sure the username and password is set correctly.'

Cheers,

Mel

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!