|
|
|
Symptom:
Configuring any connector to access a Windows event source and read its logs involves creating a low-privileged user account and assigning it the needed permissions. When the event source is a Windows Server 2003 SP1 host, one of the steps is to set the local security policy, Impersonate a client after authentication. When this user right is set locally, no problem occurs. However, if this setting is applied as a domain policy to all servers, the global application has the affect of removing the existing local assignments for other users, namely Administrators and SERVICE.
A Microsoft support article states that "... problems occur when a Group Policy setting that defines the Impersonate a client after authentication user right is linked to the domain. This user right should be linked only to a site or to an organizational unit (OU)."
Solution:
See the Microsoft Knowledge Base article ID 930220 for the recommendation to restore full unsecured TPC/IP connectivity by disabling the IPSec services and restarting the computer and the steps to add back the Administrators and SERVICE groups as a Group Policy setting. Try the following link:
http://support.microsoft.com/kb/930220
Microsoft also recommends the following methods to resolve problems caused by applying the setting Impersonate a client after authentication as a group policy:
See the Microsoft Knowledge Base article ID: 911801 for the steps to implement both recommended resolutions. Try the following link:
http://support.microsoft.com/kb/911801
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |