VNX

alx123 · ‎11-21-2022

I am tried to open eventviewer -> connect to another computer and enter ip of the nas server to view audit events but I get access denied from a computer that is not logged in domain, if i do the same from a machine in domain it works.

1. How can i authenticated to view audit logs in event viewer remotely?

2. What users/permissions can view remote audit logs opening remote event viewer Security tab? How are this permissions configured? because looks like anyone in the domain can open them and the remote registry to NAS server

3. How to autenticate remotely? net use \\ip\\ipc$ or any othe mechanism?

4. I need to query events from system user/task how to authenticate to be able to connect remotely and list events?

DELL-Josh Cr · ‎11-22-2022

At this point the best option is to call phone support.

Thanks,

DELL-Josh Cr
Social Media and Communities Professional
Dell Technologies | Enterprise Support Services
#IWork4Dell

Did I answer your query? Please click on ‘Accept as Solution’. ‘Kudo’ the posts you like!

View solution in original post

DELL-Josh Cr · ‎11-22-2022

Hi,

Thanks for your question. It should block access from non trusted domains. https://dell.to/3i4SHsH

Let us know if there is anything else we can help you with.

Thanks,

DELL-Josh Cr
Social Media and Communities Professional
Dell Technologies | Enterprise Support Services
#IWork4Dell

Did I answer your query? Please click on ‘Accept as Solution’. ‘Kudo’ the posts you like!

alx123 · ‎11-22-2022

1. I can auth and access cifs folder from a machine that is not in domain or trusted domain but i cant read remote logs from event viewer.

2. What is the hidden parameter change needed for this mentioned in the article?

what is the hidden

alx123 · ‎11-22-2022

Per example this command to get remote logs from NAS is working in any computer that is joined domain and has authenticated nas server using net use, but if i run from a machine that is not in domain is not working and gives this error. Any solution for this?

PS > Get-EventLog -ComputerName 10.58.20.66 -LogName Security
Get-EventLog : Cannot open log Security on machine 10.58.20.66. Windows has not provided an error code.
At line:1 char:1
+ Get-EventLog -ComputerName 10.58.20.66 -LogName Security
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-EventLog], InvalidOperationException
+ FullyQualifiedErrorId : System.InvalidOperationException,Microsoft.PowerShell.Commands.GetEventLogCommand

PS> net use
New connections will be remembered.

Status Local Remote Network

-------------------------------------------------------------------------------
OK \\10.58.20.66\ipc$ Microsoft Windows Network
The command completed successfully.

DELL-Josh Cr · ‎11-22-2022

VNX/VNX2:
First set the parameter with .server_config:
.server_config server_2 -v "param NTsec logonOptions=0x2d"

Then update the param files for all of the active datamovers(Standby datamovers do not need to be set):
vi /nas/server/slot_2/param

Then add the following line to the param file:
param NTsec logonOptions=0x2d

Run build config to ensure the changes persist upon reboot:
/nas/sbin/build_config /nas/server/slot_2 /nas/dos/slot_2

VNXe/Unity:
Get root shell first, then run the .server_config command to change the parameter on the fiy:
/nas/bin/.server_config ALL -v "param NTsec logonOptions=0x2d"

Update the param files for SVDM_A and SVDM_B:
vi /nas/server/slot_2/param
vi /nas/server/slot_3/param

add the following line:
param NTsec logonOptions=0x2d

Run build config to ensure the changes persist upon reboot:
/nas/sbin/build_config /nas/server/slot_2 /nas/dos/slot_2
/nas/sbin/build_config /nas/server/slot_3 /nas/dos/slot_3

Thanks,

DELL-Josh Cr
Social Media and Communities Professional
Dell Technologies | Enterprise Support Services
#IWork4Dell

Did I answer your query? Please click on ‘Accept as Solution’. ‘Kudo’ the posts you like!

alx123 · ‎11-22-2022

I enabled ssh and ssh into the storage but cant run the commands your posted:

15:11:19 service@VIRT2242XPWCV1 spa:~/user# /nas/bin/.server_config ALL -v "param NTsec logonOptions=0x2d"
-rbash: /nas/bin/.server_config: restricted: cannot specify `/' in command names
15:12:12 service@VIRT2242XPWCV1 spa:~/user# cd /
-rbash: cd: restricted

DELL-Josh Cr · ‎11-22-2022

At this point the best option is to call phone support.

Thanks,

DELL-Josh Cr
Social Media and Communities Professional
Dell Technologies | Enterprise Support Services
#IWork4Dell

Did I answer your query? Please click on ‘Accept as Solution’. ‘Kudo’ the posts you like!

alx123 · ‎11-22-2022

I am testing this in UnityVSA is there something different there?

DELL-Josh Cr · ‎11-22-2022

Possibly, VNX is different enough that fixes for one don't always work on Unity.

Thanks,

DELL-Josh Cr
Social Media and Communities Professional
Dell Technologies | Enterprise Support Services
#IWork4Dell

Did I answer your query? Please click on ‘Accept as Solution’. ‘Kudo’ the posts you like!

alx123 · ‎11-24-2022

how can we proceed with this? I guess we cant open support for UnityVSA free/community edition

VNX

VNX: Event Viewer connect to another computer (NAS server) -> Access denied