1 Reply Latest reply on May 24, 2017 2:57 PM by Rick.Smith1

    Possible conflict McAfee and LDMS2016!

    Frank Wils ITSMMVPGroup

      All,

       

      Be aware of the following: A recent McAfee update placed some Intermediate certificates in the Trusted Root Certificate Authorities Store.

      This can result in random failures in LDMS2016.3 tasks like vulnerability scanning, Maptopreferredserver actions etc. This true whether the new LDMS2016 security model has been enabled or not.

       

      This can be recognized by looking through the IIS logs and look for 403 16 errors. Especially IIS8 is particularly strict in certificate store validation.

      Use the following Powershell script to recognize the certificates that cause the misbehavior:

       

      Get-ChildItem cert:\LocalMachine\Root – recurse | Where-Object {$_.Issuer –ne $_.Subject}

       

      Note the results and go via MMC - Add SnapIns - Certificates - ComputerAccount to your Certificate stores and move the 'faulty' certificates to Intermediate Certification Authorities.

       

      More info from McAfee:

      https://kc.mcafee.com/corporate/index?page=content&id=KB87705

       

      Of course this misbehavior isn't affecting only LDMS, but might also influence behavior on other IIS servers.

       

      Frank