May 19, 2023 at 9:48 pm
I have an SQLSERVER Always on Environment.
In AD it's logging: The directory service detected an LDAP modify request for the folling object that normally would have been blocked for the following security reasons. The client included an nTSecurityDescriptor attribute in the add request but did not have explicit permissions to write one or more parts of the new security descriptor, based on the default merge security descriptor.
The request was allowed to proceed because the directory is currently configured in audit-only mode for this security check.
ObjectDN: ComputerGL
Object class: computer
user ftsad\clustername$
Client IP: clusterIP
Microsoft will be turning this security check on. I know I can explicitly grant additional access but is there a better way in achieving this?
May 20, 2023 at 10:10 pm
Thanks for posting your issue and hopefully someone will answer soon.
This is an automated bump to increase visibility of your question.
August 30, 2023 at 1:49 pm
Hello Shelley Allen,
Did you get any update on this? we experience the same.
August 30, 2023 at 1:53 pm
I didn’t
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply