User-ID server monitor access denied
30079
Created On 07/14/22 19:06 PM - Last Modified 03/16/23 19:36 PM
Symptom
- Observed "access denied" error in system log (show log system) and useridd log (less mp-log useridd.log).
- Verified the remote connectivity from Windows client to Active Directory (Domain Controller) server.
- To take packet capture on Firewall for the connection to AD server.
DCE/ RPC Request
DCE/RPC Response - Fault :nca_s_fault_access_denied
Environment
- Palo Alto Firewall
- Supported PAN-OS.
- WMI enabled on Integrated User-ID
- Microsoft Windows Server
Cause
The fault: nca_s_fault_access_denied message generated by AD server for the RPC request .
Resolution
Check on AD server for the error message "Fault: nca_s_fault_access_denied" and follow the guidelines suggested in the AD server to resolve the message.
Additional Information
Related links :