Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 26 subscribers
  • Views 18270 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

dcom error and connecting to WMI Namespace

Fotit

Hi,

I have an Cyberoam CR50iNG - 10.6.3 MR-4 with  ctas windows 2.1.2.5 on two DCs

In event log of the DCs, there are dcom erros with ID=10009 every seconde or minute.

In view log of ctas, thers is for example:

........................................................................

...................................................................................................

DEBUG    [0x73c] 27/10/2016 13:07:39 : SSO_server_handle_wrkstpoll_req: Request Type: Workstation-Poll

DEBUG    [0x73c] 27/10/2016 13:07:39 : SSOclient_filter_CR_subnet: Entering filter function

DEBUG    [0x73c] 27/10/2016 13:07:39 : SSOclient_filter_CR_subnet: authnet not specified, send reqiest to CR

MSG    [0x73c] 27/10/2016 13:07:39 : SSO_server_handle_wrkstpoll_req: Workstation IP: 169.254.251.253

DEBUG    [0x73c] 27/10/2016 13:07:39 : userdb_process_known_userinfo: select query: SELECT * FROM UserInfo WHERE wrkst_ip=='169.254.251.253';

DEBUG    [0x73c] 27/10/2016 13:07:39 : SSO_server_handle_wrkstpoll_req: no matched userinfo found

DEBUG    [0x73c] 27/10/2016 13:07:39 : threadpool_run: Submitting Function 0x454f10

DEBUG    [0x73c] 27/10/2016 13:07:39 : threadpool_run: adding function at tail

DEBUG    [0x73c] 27/10/2016 13:07:39 : list_add_tail: first element added

DEBUG    [0x73c] 27/10/2016 13:07:39 : threadpool_run: get free thread: ThreadID: 0x748

DEBUG    [0x73c] 27/10/2016 13:07:39 : SSO_server_handle_wrkstpoll_req: callback submitted

DEBUG    [0x748] 27/10/2016 13:07:39 : threadpool_threadproc: New Function added

DEBUG    [0x748] 27/10/2016 13:07:39 : list_remove_head: last element removed

DEBUG    [0x748] 27/10/2016 13:07:39 : threadpool_get_threadproc: Function 0x454f10

DEBUG    [0x748] 27/10/2016 13:07:39 : threadpool_threadproc: Executing Function 0x454f10

DEBUG    [0x748] 27/10/2016 13:07:39 : wrkstpoll_workerthread_wmi: connecting to WMI Namespace '\\169.254.251.253\root\cimv2'

MSG    [0x748] 27/10/2016 13:07:39 : wrkstpoll_workerthread_wmi: username:Domain\administrator

ERROR    [0x754] 27/10/2016 13:07:41 : wrkstpoll_workerthread_wmi: couldnt connected to WMI Namespace '\\169.254.18.146\root\cimv2': 0x800706ba

DEBUG    [0x754] 27/10/2016 13:07:42 : wrkstpoll_workerthread_wmi: connecting to WMI Namespace '\\169.254.18.146\root\cimv2'

MSG    [0x754] 27/10/2016 13:07:42 : wrkstpoll_workerthread_wmi: username:Domain\administrator

ERROR    [0x750] 27/10/2016 13:07:47 : wrkstpoll_workerthread_wmi: couldnt connected to WMI Namespace '\\169.254.189.113\root\cimv2': 0x800706ba

ERROR    [0x750] 27/10/2016 13:07:47 : wrkstpoll_workerthread_wmi: WMI Namespace Connect Retry Exceeded for '\\169.254.189.113\root\cimv2'

MSG    [0x750] 27/10/2016 13:07:47 : wrkstpoll_handle_logoff_req: Request received from CR

DEBUG    [0x750] 27/10/2016 13:07:47 : threadpool_finishnotify: Thread ID: 0x750

DEBUG    [0x750] 27/10/2016 13:07:47 : threadpool_finishnotify: Reset Event

ERROR    [0x748] 27/10/2016 13:08:00 : wrkstpoll_workerthread_wmi: couldnt connected to WMI Namespace '\\169.254.251.253\root\cimv2': 0x800706ba

DEBUG    [0x748] 27/10/2016 13:08:01 : wrkstpoll_workerthread_wmi: connecting to WMI Namespace '\\169.254.251.253\root\cimv2'

MSG    [0x748] 27/10/2016 13:08:01 : wrkstpoll_workerthread_wmi: username:Domain\administrator

ERROR    [0x754] 27/10/2016 13:08:03 : wrkstpoll_workerthread_wmi: couldnt connected to WMI Namespace '\\169.254.18.146\root\cimv2': 0x800706ba

ERROR    [0x754] 27/10/2016 13:08:03 : wrkstpoll_workerthread_wmi: WMI Namespace Connect Retry Exceeded for '\\169.254.18.146\root\cimv2'

MSG    [0x754] 27/10/2016 13:08:03 : wrkstpoll_handle_logoff_req: Request received from CR

DEBUG    [0x754] 27/10/2016 13:08:03 : threadpool_finishnotify: Thread ID: 0x754

DEBUG    [0x754] 27/10/2016 13:08:03 : threadpool_finishnotify: Reset Event

MSG    [0x734] 27/10/2016 13:08:06 : SSO_client_update_heartbeat: cr_node:192.168.0.254 is_active:0

MSG    [0x734] 27/10/2016 13:08:06 : SSO_client_update_heartbeat: cr_node:192.168.1.254 is_active:1

DEBUG    [0x744] 27/10/2016 13:08:07 : dca_eventlog: received event log notification

DEBUG    [0x744] 27/10/2016 13:08:07 : dca_eventlog: got security event: ID: 4672 <-> Type: 8

DEBUG    [0x744] 27/10/2016 13:08:07 : dca_eventlog: got security event: ID: 4624 <-> Type: 8

DEBUG    [0x744] 27/10/2016 13:08:07 : dca_eventlog: got security event: ID: 4634 <-> Type: 8

DEBUG    [0x744] 27/10/2016 13:08:07 : dca_eventlog: got security event: ID: 4769 <-> Type: 8

DEBUG    [0x744] 27/10/2016 13:08:07 : dca_eventlog: waiting for event log notification

ERROR    [0x748] 27/10/2016 13:08:22 : wrkstpoll_workerthread_wmi: couldnt connected to WMI Namespace '\\169.254.251.253\root\cimv2': 0x800706ba

DEBUG    [0x748] 27/10/2016 13:08:23 : wrkstpoll_workerthread_wmi: connecting to WMI Namespace '\\169.254.251.253\root\cimv2'

MSG    [0x748] 27/10/2016 13:08:23 : wrkstpoll_workerthread_wmi: username:Domain\administrator

....................................etc

I don't know why connect to wmi ( IP Apipa)????????

There are also @IP of network lan, but these adresses don't exist really on the network

How to resolve this please.

 



This thread was automatically locked due to age.
Parents Reply Children
No Data