Hi,
I´m using an active RMA agent to monitor another server and some tests always works and the other tests never works.
Tests that works: "Drive Free Space", "Memory" using WMI, Ping, and all SNMP tests.
Tests that don´t work: "CPU Usage" and "Service".
CPU Usage fails with "RMA: 301 - Cannot connect to remote Registry. Code #5", and the service tests fails with "RMA: 301 - Access is denied".
In the target server's security log I can see that the RMA agent is trying to connect with two accounts, one is the targets local administrator which works, and the other is the service account that the RMA is running with. The last one fails because it is a domain account, and the target server is on another subnet and is a stand alone not in any domain at all.
But I have created an entry in the Connection Manager for this ipadress to use the local administrator account. I would assume that this would be the only account that the RMA should use for this IP, but that´s not the case here.
Can this be a bug in Hostmon/RMA perhaps? I notice that the tests that don´t work have one thing in common and that is the feature to set an account directly in the test. But these are unchecked.
Both servers are Win2012R2 and UAC, firewalls are all turned off.
Thanks in advance
//Andreas..
Active RMA connect with two accounts.. bug?
Not HostMonitor bug. Windows bug. Sometimes it uses current user account instead of explicitly specified account.
Drive Free Space, Memory, WMI tests use different Windows API that always works correctly.
SNMP Get does not use Windows API (many versions of Windows SNMP API have bugs as well so we do not use it).
Ping does not use any authentication.
That's why these tests works fine.
>The last one fails because it is a domain account, and the target server is on another subnet and is a stand alone not in any domain at all.
Can you install another agent there?
Regards
Alex
Drive Free Space, Memory, WMI tests use different Windows API that always works correctly.
SNMP Get does not use Windows API (many versions of Windows SNMP API have bugs as well so we do not use it).
Ping does not use any authentication.
That's why these tests works fine.
>The last one fails because it is a domain account, and the target server is on another subnet and is a stand alone not in any domain at all.
Can you install another agent there?
Regards
Alex
I would like to read more about this bug. Du you have a link or other documentation on this so I can understand this better? Is this w2012 only or is this bug also in w2008? What does MS say about this?Not HostMonitor bug. Windows bug. Sometimes it uses current user account instead of explicitly specified account.
Yes I can, but I´d prefer not to since they are not free.Can you install another agent there?
Regards,
//Andreas..[/quote]
>I would like to read more about this bug. Du you have a link or other >documentation on this so I can understand this better? Is this w2012 only >or is this bug also in w2008? What does MS say about this?
Unfortunately Microsoft did not say anything about this bug. It exists since Windows 2000 (at least).
We spent a lot of time trying to find the reason and solution but we have no idea why some functions from Windows API may ignore specified parameters while other function works fine (the same application, same account, same system).
Regards
Alex
Unfortunately Microsoft did not say anything about this bug. It exists since Windows 2000 (at least).
We spent a lot of time trying to find the reason and solution but we have no idea why some functions from Windows API may ignore specified parameters while other function works fine (the same application, same account, same system).
Regards
Alex
I did some small tests but I couldn´t recreate the problem. It worked for me, with my simple client. But I assume that things would be different if my program was run as a service and I did not test that.
The problem probably lies in the Windows Networking caching backbone and when the RMA is running as a service there are other things to consider. Client Impersonation perhaps?
With this specific command(WNetAddConnection2) I assume you´re using it to connect to the target server with UNC path(which the CPU Usage and Service tests use) and probably to the IPC$ share?
Do you use WNetCancelConnection2 between tests on the exact UNC path? To me this function would release the mapping and also the cached credentials. If it don´t I guess that´s the bug.
Perhaps there is a way to control the credential caching mechanism in Windows that might work?
Perhaps something here: http://msdn.microsoft.com/en-us/library ... _functions
//Andreas..
The problem probably lies in the Windows Networking caching backbone and when the RMA is running as a service there are other things to consider. Client Impersonation perhaps?
With this specific command(WNetAddConnection2) I assume you´re using it to connect to the target server with UNC path(which the CPU Usage and Service tests use) and probably to the IPC$ share?
Do you use WNetCancelConnection2 between tests on the exact UNC path? To me this function would release the mapping and also the cached credentials. If it don´t I guess that´s the bug.
Perhaps there is a way to control the credential caching mechanism in Windows that might work?
Perhaps something here: http://msdn.microsoft.com/en-us/library ... _functions
//Andreas..
This API for local login procedures...Perhaps something here: http://msdn.microsoft.com/en-us/library ... _functions
UNC test uses exact UNC path but sometimes its affected by this problem as well...With this specific command(WNetAddConnection2) I assume you´re using it to connect to the target server with UNC path(which the CPU Usage and Service tests use) and probably to the IPC$ share?
Do you use WNetCancelConnection2 between tests on the exact UNC path? To me this function would release the mapping and also the cached credentials. If it don´t I guess that´s the bug.
Regards
Alex
Yes, but I thought it´s the same cache(local cache on the RMA server) that is the problem? But I might be completely wrong here. I know that there are differences with the credential caching in Win2012(when comparing to previous Win-versions) since I have that problem with other systems. Win2012 seems to keep credentials much longer and sometimes until reboot. But there might be other APIs for that that I´m not aware of.This API for local login procedures...
Is there a way to report this bug properly to MS somehow? Companies registered as MS developers should have better way in to do this.
//Andreas..