Skip to content

Commit 4a6b080

Browse files
author
Simonx Xu
committed
Update error-0x5-access-denied-rename-computer-dc.md
1 parent fb88725 commit 4a6b080

1 file changed

Lines changed: 3 additions & 3 deletions

File tree

support/windows-server/active-directory/error-0x5-access-denied-rename-computer-dc.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ mm/dd/yyyy hh:mm:ss:ms NetpGetLsaPrimaryDomain: status: 0x0
2727
mm/dd/yyyy hh:mm:ss:ms NetpManageMachineAccountWithSid: status of NetUserSetInfo on '\\ADATUMDC01' for 'TESTNAME97$': 0x5 Access Denied
2828
```
2929

30-
`NetUserSetInfo` targets the DC's Security Accounts Manager Server (SAM) server component, which uses the SAM Remote Procedure Call (RPC) function interface based on TCP port 445. Here is the complete TCP connection network traffic during the NetSetup failure event, which indicates the failure at a SAM connection:
30+
`NetUserSetInfo` targets the DC's Security Accounts Manager Server (SAM) server component, which uses the SAM Remote Procedure Call (RPC) function interface based on TCP port 445. Here's the complete TCP connection network traffic during the NetSetup failure event, which indicates the failure at a SAM connection:
3131

3232
```output
3333
14930 hh:mm:ss hh:mm:ss yyyy/mm/dd 71.2725304 (0) ADATUMDC01 10.101.56.150 TCP TCP: [Bad CheckSum]Flags=...A..S., SrcPort=Microsoft-DS(445), DstPort=59729, PayloadLen=0, Seq=347025249, Ack=2963325843, Win=8192 (Negotiated scale factor 0x8) = 8192
@@ -37,13 +37,13 @@ mm/dd/yyyy hh:mm:ss:ms NetpManageMachineAccountWithSid: status of NetUserSetInfo
3737
...
3838
```
3939

40-
In addition, you see the following event in the DC SAM server Event Trace Log (ETL):
40+
In addition, you see the following event in the DC's SAM server Event Trace Log (ETL):
4141

4242
```output
4343
[0] 0268.12C0:: yyyy/mm/dd- hh:mm:ss [SAMSRV] security_c3857 SampCheckRpcRemoteCallerAccess() - Remote SAM Access is denied in case1 for the client SID:<SID> from network address: <IP Address>
4444
```
4545

46-
## Security policy prevent malicious SAM enumeration
46+
## Security policy prevents malicious SAM enumeration
4747

4848
Remote SAM access control was introduced in Windows Server 2016 and Windows 10, version 1607 and later versions as a new security policy to prevent malicious SAM enumeration. Here's the information of the policy:
4949

0 commit comments

Comments
 (0)