So I had gotten an update from Meraki with the case I've had open that there was a permanent fix as part of the current stable release candidate firmware, ver. 18.105. I updated one of my smaller networks to it last night, which is running an MX64, and to my surprise, there are no longer spammy event logs in the Meraki dashboard for that network's "Security Appliance" section as there have been. Additionally, none of the DCs that I have configured in the "Active Directory" tab for that network are showing a "WMI error message", but shockingly are showing "Success". Finally, I'm not seeing spammy logs on any of those DCs detailing the DistributedCOM source, nor the associated "The server-side authentication level policy does not allow the user <User> <SID> from address <address> to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application." I have yet to test this to confirm that it is actually the fix, but if anyone else has time to weigh in if they get a chance to test it, I think many people would be most appreciative. Meraki may have nipped this in the nick of time.
... View more