• State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 32 subscribers
  • Views 2882 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Unexpected error occurred. Some or all identity references could not be translated.

BeSch

Hi All, Using the Eventlog Script Monitor produces the following Error: " Unexpected error occurred. Some or all identity references could not be translated."


No Idea whats reason causes that issues, anyone an idea?


reagrds Bert

  • 0

    Have you tried using an Administrator account for your Credential? This looks like it may be a permission issue. Does this happen when you try to look for events of different types in different areas?

  • 0 in reply to mdiotte

    Yes, I am using admin account for this script otherwise I get an authentification error. I tested System >> Error , Security >> Failure but allways the same error message.


     regards Berthold

  • 0 in reply to BeSch

    I have created a local vbs script and executed it on the remote Server itself with the following parameters : -area System -type Error -timespan 5 and it worked as it should. So I am a bit lost why this error occur within Orion.


    The remote server is member of domain and Orion is a win2k3 single server. The eventlog does not show any security issues so I guess authentication works.


    Are there some specific settings needed on the Orion Server (cscript.exe or wscript.exe . . .)?


    regards Bert

  • 0 in reply to BeSch

    Have you tried running it on the server where APM is installed or just locally on the remote server? APM executes VBScripts locally on the APM server. 


    If not try running it on the APM server passing in the -Computer SERVERNAME param as well as the others (  -area System -type Error -timespan 5 )


     


  • 0 in reply to mdiotte

    No I did not running it on the ORION Server itself cause then I have to change the script in terms of security and authentication. Usualy Orion takes care of the authentication (credential) part. Running the script witthout changes causes a permission error.


     


    regards Bert

  • 0 in reply to BeSch

    I have change the script and added/changed the following connection setting:


    Set oSvc = objSWbemLocator.ConnectServer(strComputer, _
        "root\cimv2", _
         strUser, _
         strPassword, _
         "MS_409", _
         "ntlmdomain:" + strDomain)


    Now I can run the script locally on the Orion server. How does Orion handle Security / Connection to remote server NOT in the same WindowsDomain?


    (ORION = Single Server  and Remote Server member in a WINDOMAIN )


    I would like to use the credentials I set in APM and not add them into the code.


    regards Bert

  • 0 in reply to BeSch

    As APM only allows you to use one credential which is used to execute the script you could create local user accounts on both the Orion server and the remote server with the same username and password and use that credential.


  • 0 in reply to mdiotte

    I am not sure if I exactly understood what you talking about. I have not seen a service called APM where I could assign specific credentials to. The only point where I can assign credentials (as far as I know) is within the webgui. Here I can configure a remote DOMAIN\Username / Password which I assign to the script. If I use this it does not work for me. So I tested the script with the mentioned changes running it locally (loged in as Administrator) and it worked. So I am wondering why the same credentials I added manually didn`t worked within the Orion APM.


    So I tested the following. I have a local User Administrator, a remote Local\Administrator set this user credential for my script within APM and got the same error mentioned in my subject. I also checked WMI Security (wmimgmt.msc) on the remote system, all fine


    regards Bert 


     


    btw:How can I set Local Users on a Domain Controller?

  • FormerMember
    0 FormerMember in reply to BeSch

     Unfortunately, DCs do not allow local accounts, so it won't work in this case.  One alternative is to install the Orion Windows Event Forwarder on your DC:  It will convert your events into Syslog, and you can create your alerts in the Syslog alert engine instead.

  • 0 in reply to FormerMember

    Unfortunately, I do not only check for winevents so if I am going to check FSO for example it will not work. Its a principal question and not restricted to winevents. Also the primary question "what causes this error and how can I solve this issue" is still open. Under specific circumstances (as I tried to explain) the scriptengine does not work for me.


    Since the APM service runs under a specific account (system?) and Orion hand over security information given by the user (credentials) I have no idea how I can fix this, that Orion APM handle succesfull authentication. Maybe you have a simple example setup how Orion on a single server can execute scripts against a Domain Member or DC. Maybe there are some change needed (WMI Security, GPO, etc.)


    I guess all the windows admins out there will be happy to get those information ,-)


     regards Bert

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.