Jump to content


Photo

Error for monitoring plan : invalid connection type value


  • Please log in to reply
4 replies to this topic

#1 pokix

pokix

    Newbie

  • Members
  • Pip
  • 9 posts

Posted 23 May 2018 - 12:30 PM

Hello dear netwrix users,

 

I have an issue with a File server monitoring plan. Whenever I try to launch it, I have this error message : A logon request contains an invalid connection type value.

 

The service account that we are using is defined on another DC server. It is not an Domain admin, and the traffic compression is disabled.

 

I configured all the access policies as described in the Windows File Server section, including the firewall :a logon request contains an invalid connection type valueffsdfhttps://helpcenter.n...ows_Shares.html

 

What I am missing here. Is there a right to grant locally for this user, somewhere on the file server ?

 

Thanks in advance for your help.

 

Kind regards



#2 pokix

pokix

    Newbie

  • Members
  • Pip
  • 9 posts

Posted 23 May 2018 - 02:56 PM

Well I finally figured out the issue. The user configured by default for the monitoring plan does not include the DOMAIN\ prefix in its connection attempt.

 

You have to manually configure the user with the prefix



#3 pokix

pokix

    Newbie

  • Members
  • Pip
  • 9 posts

Posted 23 May 2018 - 03:10 PM

Anyway while I'm here, do you guys know why the Netwrix account must have the read permission on the targeted file server's folders ?

 

I thought that Netwrix was based on event logs only



#4 Jadentek

Jadentek

    Member

  • Members
  • PipPip
  • 11 posts
  • Gender:Male
  • Location:US

Posted 30 May 2018 - 12:47 PM

If you are running 9.0.xxxx or newer NA now use snapshots to look for changes so the DCA needs read access under the share and NTFS permissions

 

On the target server

    The Manage auditing and security log and Backup files and directories policies must be defined for this account on a file server
    The Read share permission on the audited shared folders
    The Read NTFS permission on all objects of the audited folders

    A member of the local Administrators group
    For auditing Domain-Named DFS NameSpace, the account must be a member of the Builtin Server Operators group in the domain controllers on the domain where the file server belongs to
https://helpcenter.n...ng_Account.html

 

 

 

The snapshots are then used to search the security log for the noted changes.



#5 pokix

pokix

    Newbie

  • Members
  • Pip
  • 9 posts

Posted 05 June 2018 - 12:45 PM

Hello,

 

Thank you for your answer. Do you also know if it is really mandatory to have an user member of the local administrator ? Can we use a user with extended rights instead ? And if yes, which rights are really required ?






0 user(s) are reading this topic

0 members, guests, anonymous users