CCS Check issue - no data is collected causing the check to fail
search cancel

CCS Check issue - no data is collected causing the check to fail

book

Article ID: 269577

calendar_today

Updated On:

Products

Control Compliance Suite Standards Server Control Compliance Suite

Issue/Introduction

We are having problems with a specific check from our standard. On two different servers where the Registry config for the following check is exactly the same, CCS produces two different results.

Could be any check that is checking for data from Windows Registry

For one server the check passes while on the second server, the check fails.

Environment

Release : CCS Infra Release 12.6.1

Cause

In the log files we found error related to WMI and Access Denied errors.

Access denied(Error=-2147024891) and Error 80041002 - occurs if the WMI files are corrupted, or the repository is not consistent
The MS utility WBEMTEST is launched using the CCS data collection user, and connects successfully.
Although the connection is successful, it looks like the execute method to get registry key value is failing.

We need to check the DCOM permissions given to CCS user on the target machine.
The permissions have to be given either to the CCS user account or the AD group in which this user is a member.

Resolution

After verifying WMI through the KB - Troubleshoot RPC, WMI, Access Denied or Network Path Not Found errors in Control Compliance Suite(CCS)

Follow the below steps to resolve this issue.

  1. To ensure that the account has remote access to DCOM, do the following:
  2. From the Run command, execute DCOMCNFG.
  3. Expand Component Services > Computers and right-click My Computer to open Properties.
  4. Under the COM Security tab, click Edit Limits under Launch and Activation Permissions.
  5. Add the CCS user account, select the permissions Remote Launch and Remote Activation, and then click OK.
  6. To check if the CCS user is able to execute remote methods on the target computer, check the following settings -
    Under Computer Management, expand Services and Applications and right-click WMI Control to open Properties.
    Click Root and then click Security.
    Add the CCS user account and click Advanced.
    Ensure that you select the Execute methods, Enabled Account, and Remote Enabled options for this namespace and sub-namespaces.

After following the above steps re-run the CER/Data Collection job, it will now return the data.

Powered by Wolken Software