Quantcast
Channel: File Services and Storage Forum
Viewing all articles
Browse latest Browse all 1766

Access Denied to Computer Account Accessing \\servername\pipe\srvsvc

$
0
0

I have a file server running MS Windows Storage Server 2008r2. In reviewing the log files I found that the computer account was being denied access, to what I was unsure. In the investigation to this I found a posting about how to track down the actual process that actually trigger the authentication request. Using process monitor I was able to determine that the access denied is coming searchindexer.exe when trying to access "\\FQDN\PIPE\srvsvc". Stopping the windows search stops event log entries, but leaves the fileserver in a semi-functional state because users can no longer use windows search on their redirected "My Documents Folder". I'm not sure if this is a configuration problem with Windows Search or a local GPO.

Any advice would be appreciated.

This is the recurring event viewer entry:

An account failed to log on.

Subject:
	Security ID:		NULL SID
	Account Name:		-
	Account Domain:		-
	Logon ID:		0x0

Logon Type:			3

Account For Which Logon Failed:
	Security ID:		NULL SID
	Account Name:		BRUT$
	Account Domain:		AGSMAD

Failure Information:
	Failure Reason:		An Error occured during Logon.
	Status:			0xc000006d
	Sub Status:		0x0

Process Information:
	Caller Process ID:	0x0
	Caller Process Name:	-

Network Information:
	Workstation Name:	BRUT
	Source Network Address:	138.23.197.71
	Source Port:		51900

Detailed Authentication Information:
	Logon Process:		
	Authentication Package:	NTLM
	Transited Services:	-
	Package Name (NTLM only):	-
	Key Length:		0

Here is a screenshot of the Process Monitor.


Viewing all articles
Browse latest Browse all 1766

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>