Meraki

Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

About BM403

Re: Event 10036, DistributedCOM

by in Security & SD-WAN
‎Jul 2 2022 8:49 PM
‎Jul 2 2022 8:49 PM
Meraki has not released an update to resolve this. The only solution for me was to disable the authentication level of RPC_C_AUTHN_LEVEL_PKT_INTEGRITY or higher for activation.   This method will only work until March 14, 2023. Then Microsoft will enforce it with no way to disable it.   You can find the article here; KB5004442—Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)  ... View more

Re: Event 10036, DistributedCOM

by in Security & SD-WAN
‎Jan 29 2022 12:03 PM
‎Jan 29 2022 12:03 PM
I would have to agree. I’ve tried numerous work arounds to try and get the error to stop and turning off AD authentication is not the answer. This has been going on for months now and other than clogging up my event logs on my DCs I still haven’t noticed any negative impact.  ... View more

Re: Event 10036, DistributedCOM

by in Security & SD-WAN
‎Oct 13 2021 7:37 AM
‎Oct 13 2021 7:37 AM
Thanks for this link, ALibraian. I will continue to monitor that post and see if anyone comes up with a solution. I've tried a number of fixes for this and have come up empty.  ... View more

Re: Event 10036, DistributedCOM

by in Security & SD-WAN
‎Oct 13 2021 7:35 AM
‎Oct 13 2021 7:35 AM
I get those WMI errors on my MX every so often. I believe this is on MS to resolve and hopefully address the issue soon. No impact to my AD authentication because of the error, it's just really annoying seeing it fill up my event log.  ... View more

Event 10036, DistributedCOM

by in Security & SD-WAN
‎Sep 20 2021 2:46 PM
‎Sep 20 2021 2:46 PM
Hello,   Have an error that just started occurring last Tuesday, September 14th after updating my domain controllers. I'm getting the following error;    The server-side authentication level policy does not allow the user domain\user SID (X-X-X-XX-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXX-XXXXX) from address 10.0.100.254 to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application.   The IP address (10.0.100.254) is my MX IP Address. This error I believe has to do with Active Directory Authentication I have set up under Security & SD-WAN > Active Directory. I'm getting the same error for all 3 sites each pointing to the IP address of the MX device. The error occurs roughly every 2 hours in my event log on my domain controllers.   In my test network, I disabled Active Directory Authentication on that MX and the errors stopped. I have googled my heart out for Event 10036, DistributedCOM, and can't find anything related to the above error. I did find one someone on Reddit who experienced the same issue but it was on a Palo Alto firewall.    Does anyone else have this happen since last week's patch Tuesday? I'm not even sure how I would go about raising the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application.   Everything works fine and users can still login into the client VPN using their AD credentials. But, this error is really strange and is filling up my event logs.    When I run a dcdiag everything passes, but the error shows up under SystemLog.    Could this be a possible bug?    ... View more
Labels:
© 2024 Cisco Systems, Inc.