VNX

Last reply by 12-01-2022 Solved
Start a Discussion
2 Bronze
2 Bronze
758

VNX: Event Viewer connect to another computer (NAS server) -> Access denied

I am tried to open eventviewer -> connect to another computer and enter ip of the nas server to view audit events but I get access denied from a computer that is not logged in domain, if i do the same from a machine in domain it works.

1. How can i authenticated to view audit logs in event viewer remotely?

2. What users/permissions can view remote audit logs opening remote event viewer Security tab? How are this permissions configured? because looks like anyone in the domain can open them and the remote registry to NAS server

3. How to autenticate remotely? net use \\ip\\ipc$ or any othe mechanism?

4. I need to query events from system user/task how to authenticate to be able to connect remotely and  list events?

Solution (1)

Accepted Solutions
626

At this point the best option is to call phone support. 


Thanks,

DELL-Josh Cr
Social Media and Communities Professional
Dell Technologies | Enterprise Support Services
#IWork4Dell

Did I answer your query? Please click on ‘Accept as Solution’. ‘Kudo’ the posts you like!

View solution in original post

Replies (12)
623

Hi,

Thanks for your question. It should block access from non trusted domains. https://dell.to/3i4SHsH

Let us know if there is anything else we can help you with.


Thanks,

DELL-Josh Cr
Social Media and Communities Professional
Dell Technologies | Enterprise Support Services
#IWork4Dell

Did I answer your query? Please click on ‘Accept as Solution’. ‘Kudo’ the posts you like!

622

1. I can auth and access cifs folder from a machine that is not in domain or trusted domain but i cant read remote logs from event viewer.

2. What is the hidden parameter change needed for this mentioned in the article?

what is the hidden

622

Per example this command to get remote logs from NAS is working in any computer that is joined domain and has authenticated nas server using net use, but if i run from a machine that is not in domain is not working and gives this error. Any solution for this?

PS > Get-EventLog -ComputerName 10.58.20.66 -LogName Security
Get-EventLog : Cannot open log Security on machine 10.58.20.66. Windows has not provided an error code.
At line:1 char:1
+ Get-EventLog -ComputerName 10.58.20.66 -LogName Security
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-EventLog], InvalidOperationException
+ FullyQualifiedErrorId : System.InvalidOperationException,Microsoft.PowerShell.Commands.GetEventLogCommand

PS> net use
New connections will be remembered.


Status Local Remote Network

-------------------------------------------------------------------------------
OK \\10.58.20.66\ipc$ Microsoft Windows Network
The command completed successfully.

622

VNX/VNX2:
First set the parameter with .server_config:
.server_config server_2 -v "param NTsec logonOptions=0x2d"

Then update the param files for all of the active datamovers(Standby datamovers do not need to be set):
vi /nas/server/slot_2/param

Then add the following line to the param file:
param NTsec logonOptions=0x2d

Run build config to ensure the changes persist upon reboot:
/nas/sbin/build_config /nas/server/slot_2 /nas/dos/slot_2

VNXe/Unity:
Get root shell first, then run the .server_config command to change the parameter on the fiy:
/nas/bin/.server_config ALL -v "param NTsec logonOptions=0x2d"

Update the param files for SVDM_A and SVDM_B:
vi /nas/server/slot_2/param
vi /nas/server/slot_3/param

add the following line:
param NTsec logonOptions=0x2d

Run build config to ensure the changes persist upon reboot:
/nas/sbin/build_config /nas/server/slot_2 /nas/dos/slot_2
/nas/sbin/build_config /nas/server/slot_3 /nas/dos/slot_3


Thanks,

DELL-Josh Cr
Social Media and Communities Professional
Dell Technologies | Enterprise Support Services
#IWork4Dell

Did I answer your query? Please click on ‘Accept as Solution’. ‘Kudo’ the posts you like!

620

I enabled ssh and ssh into the storage but cant run the commands your posted:

15:11:19 service@VIRT2242XPWCV1 spa:~/user# /nas/bin/.server_config ALL -v "param NTsec logonOptions=0x2d"
-rbash: /nas/bin/.server_config: restricted: cannot specify `/' in command names
15:12:12 service@VIRT2242XPWCV1 spa:~/user# cd /
-rbash: cd: restricted

 

627

At this point the best option is to call phone support. 


Thanks,

DELL-Josh Cr
Social Media and Communities Professional
Dell Technologies | Enterprise Support Services
#IWork4Dell

Did I answer your query? Please click on ‘Accept as Solution’. ‘Kudo’ the posts you like!

618

I am testing this in UnityVSA is there something different there?

616

Possibly, VNX is different enough that fixes for one don't always work on Unity. 


Thanks,

DELL-Josh Cr
Social Media and Communities Professional
Dell Technologies | Enterprise Support Services
#IWork4Dell

Did I answer your query? Please click on ‘Accept as Solution’. ‘Kudo’ the posts you like!

569

how can we proceed with this? I guess we cant open support for UnityVSA free/community edition

Latest Solutions
Top Contributor