Vscan server user authentication is failing, EMS: vscanBadUserPrivAccess
Applies to
- ONTAP 9
- CIFS
- VSCAN
- McAfee Endpoint Security Storage Protection 2.1.x -2.4.x
Issue
- VSCAN server is still trying to access the
ONTAP_ADMIN$
share by using its computer\machine account to authenticate (instead of the configured Scanner Pool Privileged user)
<node> ERROR Nblade.vscanBadUserPrivAccess: For Vserver "<vserver>", the attempt to connect to the privileged ONTAP_ADMIN$ share by the client "<ip-address>" is rejected because its logged-in user "<domain\computer-machine account$>" is not configured in any of the Vserver active scanner pools
after
- Disable "Network security: Allow Local System to use computer identity for NTLM"
Error (vscanBadUserPrivAccess) frequently seen in the EMS log
- Disable "Microsoft Windows Defender service"
- This issue may be seen by the client machine/user as either Access Denied: File Infected (if mandatory Scan is on) or as Significant Latency for users as load increases (If mandatory scan is off)