漏洞
Unable to use Configure ArcGIS Server Account graphical user interface (GUI) tools to specify a domain account as service account when the following group policy is applied, 'Network access: Restrict clients allowed to make remote calls to Security Account Manager (SAM)'.
| 漏洞 ID 编号 | BUG-000137422 |
|---|---|
| 已提交 | February 11, 2021 |
| 上次修改时间 | June 5, 2024 |
| 适用范围 | ArcGIS GIS Server |
| 找到的版本 | 10.8.1 |
| 操作系统 | Windows OS |
| 操作系统版本 | 2016 64 Bit |
| 状态 | Non-Reproducible |
附加信息
“The user who runs the utility must have administrative rights on the machine. The domain account specified in the utility is not be the one making the remote call to the SAM; it is the user running the utility that makes that call."解决办法
There are two workarounds, but they might not be feasible in a Security Technical Implementation Guide (STIG) environment:
- Temporarily promote the domain account to an administrator.
- Disable the group policy:
- Navigate to Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options > Network access: Restrict clients allowed to make remote calls to SAM, or from the registry at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\RestrictRemoteSAM.
重现步骤
漏洞 ID: BUG-000137422
软件:
- ArcGIS GIS Server
当漏洞状态发生变化时获得通知
发现关于本主题的更多内容
搜索相关信息
查找与此主题相关的培训
探索想法并提供反馈
获取来自 ArcGIS 专家的帮助
下载 Esri 支持应用程序