Troubleshooting
Check the issues below for common problems and suggested ways of handling them.
Activities are not Shown in the Business Website
- Verify that all prerequisites were set.
- Check the Activity Monitor logs for errors.
Errors in Accessing the Domain Controllers
If there are errors in accessing the domain controllers, such as RPC server or server not available:
-
Verify that this domain controller is running on Windows 2008 or above.
-
Open the event viewer of the domain controller on which the change was made, with the user configured in the Application configuration.
If the viewer fails to open, verify that the user has the permissions described in the prerequisites section.
- Search for events with IDs 5136-5141.
Verify the connection to the domain controller in which the change was made, and verify that the change audit policy was enabled as written in the prerequisites section.
No Events Found
-
Run the following command on the domain controller:
Auditpol /get /subcategory: “directory service changes”
-
Verify that the settings described in Enabling the Audit Policy section are “Success”.
If these settings are not defined, trigger a GPO update by running the following command:
gpupdate /force
If the settings are still not defined, verify that the GPO is properly configured in, and applied to the domain controller.
Cannot Access Event Log
Event Viewer of the domain controller fails to open
Open the event viewer of the domain controller on which the change was made, with the user configured in the Application configuration.
If the viewer fails to open, verify that the user has the permissions described in Active Directory User Permissions.
Access is Denied(5) Error when trying to access Directory Services.
Navigate to Event Viewer (DC server name) > Applications and services Logs > Directory Services and verify that you have access to it.
If you get an Access is Denied(5) error, contact your Active Directory owner and ask to remove this restriction for the relevant SecurityIQ user. The access to Directory Service should be granted with EventLogReader group association.