Symantec Privileged Access Management

 View Only
  • 1.  Windows Remote Password Reset

    Posted Mar 19, 2020 11:50 PM
    CA PAM v3.2.6
    Windows 2012 R2

    Anybody knows the reason why i cannot reset password of Windows local account using another account from PAM using Windows Remote connector? These are the logs captured from PAM during the process:
    WARNING: Updating credential for account sysadmin on server 10.49.5.29 by OTHER account with net rpc didn't succeed.
    Reason: [Failed to set password for 'sysadmin' with error: Failed to connect to IPC$ share on 10.49.5.29.
    session setup failed: NT_STATUS_ACCESS_DENIED
    ]. Use rwin to do this operation again.​


    ------------------------------
    Regards,
    Jorghy
    ------------------------------


  • 2.  RE: Windows Remote Password Reset

    Broadcom Employee
    Posted Mar 20, 2020 08:17 AM

    Hi Jorghy,

    The IPC$ share is the default share you connect to when you type \\hostname.  It seems you can't connect to the IPC$ share.  On this system side I found the following online for your review.

    https://talk-about-it.ca/cant-connect-admin-ipc-shares-computer/

    Was it working before?  Can you ping it?  Any changes to network or firewall rules?  Thank you.



    ------------------------------
    Best regards,

    Scott Owens
    Sr Support Engineer

    ------------------------------
    And, as always Perhaps there are others in the communities who have experience in doing this and we invite them to comment here also.

    Another option may be to reach out to our partner HCL Technologies to see in what way they can assist further. The Enterprise Studio team of HCL can be reached at enterprisestudio@hcl.com. https://www.hcltech.com/enterprise-studio
    ------------------------------
    ------------------------------



  • 3.  RE: Windows Remote Password Reset

    Posted Mar 22, 2020 10:16 PM
    I've done these, but still not working:
    1. Disabling firewall and UAC
    2. Editing "LocalAccountTokenFilterPolicy" registry
    What else could i try to find out why i cannot reset the password?


  • 4.  RE: Windows Remote Password Reset

    Broadcom Employee
    Posted Mar 23, 2020 11:53 PM
    Jorghy

    Try to verify that the ports between CA PAM and the Windows Target device are not being blocked. You should use the Configurations>Tools>port scan to validate that both ports 135 and 445 are open between these two machines … if you see " 135  TCP        filtered MSRPC "  then a network firewall is blocking it. If you see  "135    TCP        open MSRPC" then you should be ok

    If this is not firewall you should check the windows event viewer to verify if there is another reason.

    Joe 




  • 5.  RE: Windows Remote Password Reset

    Posted Mar 24, 2020 12:08 AM
    Port 3389, 135, and 445 are open


  • 6.  RE: Windows Remote Password Reset

    Broadcom Employee
    Posted Mar 24, 2020 11:36 AM
    Are you still getting the same error messages that you started with or has it changed?


  • 7.  RE: Windows Remote Password Reset

    Posted Mar 29, 2020 11:45 PM
    Yes


  • 8.  RE: Windows Remote Password Reset
    Best Answer

    Broadcom Employee
    Posted Mar 30, 2020 08:59 AM
    Jorghy

    So there are 2 methods we attempt to use for windows remote. Since both methods are failing and it appears that you do have the network open and the UAC registry setting updated I would assume assume you would need a bit more detailed review of the errors... You should open a support ticket to go over this in more detail.

    Joe