Just so you and others are aware that having green ticks in meraki and no errors on the DC doesnt necessarily mean its working. Are users being picked up in event logs area and are group policy based rules hitting those users correctly as per whatever setup you have? Doesnt appear to be universally fixed in my environment with all green etc, still have broken MX boxes not pulling user data and applying group policies as they should. ... View more

I stand corrected, on 18.104 still appear to get DCOM hardening errors on some servers so doesn't appear to rectify the issue. Which makes sense as the notes on the firmware speak about using newer DCOM protocol version but nothing about upping the protocol security level. ... View more

Further testing with firmware version 18.104 to me suggests it does rectify the DCOM aspect of this, but the WMI query that the server passes can easily break and then break the entire AD integration facility. The below i believe is the reason for it. they are using the IWbemServices::ExecQuery method In their code which if the data set is too large or the DC doesn't provide the information in a specific time means it just breaks the whole query. They need to be using the IEnumWbemClassObject::Next method. The below is an example of an error i've seen that shows the memory max being hit, i also receive others but they relate to errorcode 0x80041032, which then when looking at the article further below from microsoft explains the potential error and how to fix it. Which would require the Meraki coders to amend their code to use the "Next method". Id = {00000000-0000-0000-0000-000000000000}; ClientMachine = ; User = nnn\Ouradmin; ClientProcessId = 2836; Component = Unknown; Operation = Start IWbemServices::ExecQuery - root\cimv2 : SELECT EventCode,InsertionStrings,RecordNumber FROM Win32_NTLogEvent WHERE Logfile = 'Security' AND EventType=4 AND (EventCode=540 OR EventCode=672 OR EventCode=4624 OR EventCode=4768) AND RecordNumber > 4100256909; ResultCode = 0x80041032; PossibleCause = Throttling Idle/stack Tasks in hitting Max Memory quota https://learn.microsoft.com/en-us/troubleshoot/windows-client/system-management-components/wmi-activity-event-5858-logged-with-resultcode-0x80041032   I think there are other issues as well as the above, as i cant get any Domain Controllers on server 2022 to pull user information at all despite them showing green on firmware 18.104. This could also be the above issue but im unable to tell for sure there isnt another issue influencing it. ... View more

18.104 I was told fixes it. It doesn't. It appears to rectify the DCOM errors in event viewer on the DC’s but doesn't pull any user information so is essentially as broken as ever, I continue to chase but at 9 months on the fact its not fixed tells me the developers don't consider it the HUGE problem that it is. ... View more

I had a beta firmware uploaded onto one of our sites to test from the developers. Unfortunately no help so far, info had been passed back to the developers to continue to work on. ... View more

This continues to be an issue, we cant upgrade our domain controllers to server 2022 because the regfix that microsoft recommends doesnt work on server 2022. We are also now starting to get sporadic issues with the firewalls not picking up the correct user information as well as high CPU usage on our DC's. Meraki support don't seem to have any idea when the developers are actually going to fix this, and ive had a ticket in about it for 6 months. astoundingly poor considering if it doesn't work then our entire capability to safeguard staff and students doesn't work as we rely on applying policies based on staff/student group memberships and then applying to devices based on who is logged in.   What's even worse is that this area of policy application even when working doesn't actually show in the client list of devices, only in event logs, which is frankly the dumbest design decision I have ever seen for what is generally a really well designed dashboard. I need to be able to see what policy is applied to a device from the client list not trawl through event logs to see. ... View more