Hi All, Using the Eventlog Script Monitor produces the following Error: " Unexpected error occurred. Some or all identity references could not be translated."
No Idea whats reason causes that issues, anyone an idea?
reagrds Bert
Hi All, Using the Eventlog Script Monitor produces the following Error: " Unexpected error occurred. Some or all identity references could not be translated."
No Idea whats reason causes that issues, anyone an idea?
reagrds Bert
I have created a local vbs script and executed it on the remote Server itself with the following parameters : -area System -type Error -timespan 5 and it worked as it should. So I am a bit lost why this error occur within Orion.
The remote server is member of domain and Orion is a win2k3 single server. The eventlog does not show any security issues so I guess authentication works.
Are there some specific settings needed on the Orion Server (cscript.exe or wscript.exe . . .)?
regards Bert
Have you tried running it on the server where APM is installed or just locally on the remote server? APM executes VBScripts locally on the APM server.
If not try running it on the APM server passing in the -Computer SERVERNAME param as well as the others ( -area System -type Error -timespan 5 )
No I did not running it on the ORION Server itself cause then I have to change the script in terms of security and authentication. Usualy Orion takes care of the authentication (credential) part. Running the script witthout changes causes a permission error.
regards Bert
I have change the script and added/changed the following connection setting:
Set oSvc = objSWbemLocator.ConnectServer(strComputer, _
"root\cimv2", _
strUser, _
strPassword, _
"MS_409", _
"ntlmdomain:" + strDomain)
Now I can run the script locally on the Orion server. How does Orion handle Security / Connection to remote server NOT in the same WindowsDomain?
(ORION = Single Server and Remote Server member in a WINDOMAIN )
I would like to use the credentials I set in APM and not add them into the code.
regards Bert
I am not sure if I exactly understood what you talking about. I have not seen a service called APM where I could assign specific credentials to. The only point where I can assign credentials (as far as I know) is within the webgui. Here I can configure a remote DOMAIN\Username / Password which I assign to the script. If I use this it does not work for me. So I tested the script with the mentioned changes running it locally (loged in as Administrator) and it worked. So I am wondering why the same credentials I added manually didn`t worked within the Orion APM.
So I tested the following. I have a local User Administrator, a remote Local\Administrator set this user credential for my script within APM and got the same error mentioned in my subject. I also checked WMI Security (wmimgmt.msc) on the remote system, all fine
regards Bert
btw:How can I set Local Users on a Domain Controller?
Unfortunately, DCs do not allow local accounts, so it won't work in this case. One alternative is to install the Orion Windows Event Forwarder on your DC: It will convert your events into Syslog, and you can create your alerts in the Syslog alert engine instead.
Unfortunately, I do not only check for winevents so if I am going to check FSO for example it will not work. Its a principal question and not restricted to winevents. Also the primary question "what causes this error and how can I solve this issue" is still open. Under specific circumstances (as I tried to explain) the scriptengine does not work for me.
Since the APM service runs under a specific account (system?) and Orion hand over security information given by the user (credentials) I have no idea how I can fix this, that Orion APM handle succesfull authentication. Maybe you have a simple example setup how Orion on a single server can execute scripts against a Domain Member or DC. Maybe there are some change needed (WMI Security, GPO, etc.)
I guess all the windows admins out there will be happy to get those information ,-)
regards Bert
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.