locked
Lightweight Gateway Service not starting RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    On 1 out of 3 DCs, when installing the lightweight gateway, the service continually restarts (does it ever finish starting?) this is logged in the errors.log:

    2016-06-01 10:42:16.6261 6168 19  d2c5f7d0-168d-44da-83c9-3d20f79ce814 Debug [GatewayTelemetryManager] Initializing
    2016-06-01 10:42:16.6885 6168 19  d2c5f7d0-168d-44da-83c9-3d20f79ce814 Debug [GatewayTelemetryManager] Initialized
    2016-06-01 10:42:16.6885 6168 19  00000000-0000-0000-0000-000000000000 Debug [GatewayModuleManager] Initialized
    2016-06-01 10:42:16.6885 6168 19  00000000-0000-0000-0000-000000000000 Debug [GatewayModuleManager] Starting
    2016-06-01 10:42:16.7041 6168 19  e86427bf-8853-47f4-b526-fc783fae6065 Debug [PerformanceCounterManager] Starting
    2016-06-01 10:42:17.3437 6168 5   00000000-0000-0000-0000-000000000000 Error [IDataCollectorSet] System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

    Has anyone experienced similar? Or pointers in to find out which actions are being denied?

    Wednesday, June 1, 2016 10:48 AM

Answers

  • Question
    Sign in to vote
    1
    Sign in to vote

    Hi Jonathan,

    The ATA Creates some performance counters and data collector on the DC.

    It is possible that there are some problem in that area.

    Can you confirm that you can access the perfmon successfully and see the "Microsoft ATA Gateway" data collector set under "User Defined" ?

    If so - can you check access to the BLG file itself (by default under C:\Program Files\Microsoft Advanced Threat Analytics\Gateway\Logs\DataCollectorSets)

    Thanks,

      Microsoft ATA Team


    Wednesday, June 1, 2016 1:25 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Jonathan,

    did you checked the logon with your Domain-User that is used to connect to your AD? you can simply try this with ldp.exe & simplebind. The most "Access is denied" messages are regarding wrong credentials.

    Regards

    Wednesday, June 1, 2016 11:43 AM
  • Question
    Sign in to vote
    1
    Sign in to vote

    Hi Jonathan,

    The ATA Creates some performance counters and data collector on the DC.

    It is possible that there are some problem in that area.

    Can you confirm that you can access the perfmon successfully and see the "Microsoft ATA Gateway" data collector set under "User Defined" ?

    If so - can you check access to the BLG file itself (by default under C:\Program Files\Microsoft Advanced Threat Analytics\Gateway\Logs\DataCollectorSets)

    Thanks,

      Microsoft ATA Team


    Wednesday, June 1, 2016 1:25 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi

    The same credentials were used on 2 other DCs (same gateway package) and that worked ok. During the install the credentials are also validated so I don't think that's the issue.

    Wednesday, June 1, 2016 2:29 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Some fiddling in the performance monitor appears to have done the trick.

    There was no DataCollectorSets folder, but after checking the performance monitor and then starting and stopping the set, the service has now started successfully and the .blg file created.

    When I browsed via windows explorer to the DataCollectorSets folder it did prompt me that I didn't have permissions (as admin) and hit continue etc (UAC).

    All seems good so far and the gateway hasn't flagged up any communication errors so far (and triggers an appropriate alert to nslookup).

    Job done! :)

    Wednesday, June 1, 2016 2:38 PM