conf_ad_server.exe - probe gui execution


Article ID: 130503


Updated On:


DX Infrastructure Management NIMSOFT PROBES


ad_server GUI only opens in raw configure mode. conf_ad_server.exe is being blocked by Anti_virus.


- Anti_virus software


- UIM 8.5x or higher
- ad_server 1.70 or higher


This is something we've seen previously with some of our customers using the ad_server/ad_response probe. Some anti-virus software detects a possible trojan for the configuration GUI (in this case the conf_ad_server.exe). This is normally a 'false positive' detected by the AV software. This file is most likely not infected but please do let us know if your Security team can actually prove a specific vulnerability and as always we will address it.

We recommend that you create an exclusion for conf_ad_server.exe and/or contact your Anti_virus provider to discuss the fact that this is monitoring software that is accessing your Active Directory server.

Additional Information

ad_server Help doc:

"The Active Directory Server Monitoring (ad_server) probe is used to monitor the health and performance of the Active Directory Server. For example, the response time of the AD server. It is a local probe which monitors the AD server of the host system only. The probe is delivered with a default configuration and a set of profiles to monitor the Active Directory Server." So it is configured to access AD and hence may be being picked up by the AV."