SnapCenter Plug-in for Windowsのインストールまたはアップグレードが、CVE-2021-26414が原因でDCOMエラーで失敗します
環境
- SnapCenter Server
- SnapCenter Plug-in for Windows
- CVE-2011-26414
- Microsoft KB 5004442
問題
- SnapCenter Plug-in for Windowsのアップグレードが失敗し、ホストイベントログに次のエラーメッセージ(イベントID 10036)が記録されます
Microsoft-Windows-DistributedCOM
10036
The server-side authentication level policy does not allow the user snapcenter\user SID <SID> from address <IP> to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application.
- SnapCenterは、でこれを権限問題としてフラグ付けします
SnapManagerWeb.log
Plug-in modification validations failed. Error: The host <hostname> is not accessible with the specified credentials. You must ensure that the following conditions are met: The credential has administrator privileges for the plug-in host. Elevated privileges are required for local user accounts. The required ports are open between SnapCenter Server and the plug-in host if the firewall is enabled. For more information on ports, see SnapCenter Installation and Setup Guide.