Answered by:
Lightweight Gateway Service not starting

Question
-
On 1 out of 3 DCs, when installing the lightweight gateway, the service continually restarts (does it ever finish starting?) this is logged in the errors.log:
2016-06-01 10:42:16.6261 6168 19 d2c5f7d0-168d-44da-83c9-3d20f79ce814 Debug [GatewayTelemetryManager] Initializing
2016-06-01 10:42:16.6885 6168 19 d2c5f7d0-168d-44da-83c9-3d20f79ce814 Debug [GatewayTelemetryManager] Initialized
2016-06-01 10:42:16.6885 6168 19 00000000-0000-0000-0000-000000000000 Debug [GatewayModuleManager] Initialized
2016-06-01 10:42:16.6885 6168 19 00000000-0000-0000-0000-000000000000 Debug [GatewayModuleManager] Starting
2016-06-01 10:42:16.7041 6168 19 e86427bf-8853-47f4-b526-fc783fae6065 Debug [PerformanceCounterManager] Starting
2016-06-01 10:42:17.3437 6168 5 00000000-0000-0000-0000-000000000000 Error [IDataCollectorSet] System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))Has anyone experienced similar? Or pointers in to find out which actions are being denied?
Wednesday, June 1, 2016 10:48 AM
Answers
-
Hi Jonathan,
The ATA Creates some performance counters and data collector on the DC.
It is possible that there are some problem in that area.
Can you confirm that you can access the perfmon successfully and see the "Microsoft ATA Gateway" data collector set under "User Defined" ?
If so - can you check access to the BLG file itself (by default under C:\Program Files\Microsoft Advanced Threat Analytics\Gateway\Logs\DataCollectorSets)
Thanks,
Microsoft ATA Team
- Edited by ophirpMicrosoft employee Wednesday, June 1, 2016 1:26 PM typo
- Marked as answer by Jonathan Christie Wednesday, June 1, 2016 2:40 PM
Wednesday, June 1, 2016 1:25 PM
All replies
-
Hi Jonathan,
did you checked the logon with your Domain-User that is used to connect to your AD? you can simply try this with ldp.exe & simplebind. The most "Access is denied" messages are regarding wrong credentials.
Regards
Wednesday, June 1, 2016 11:43 AM -
Hi Jonathan,
The ATA Creates some performance counters and data collector on the DC.
It is possible that there are some problem in that area.
Can you confirm that you can access the perfmon successfully and see the "Microsoft ATA Gateway" data collector set under "User Defined" ?
If so - can you check access to the BLG file itself (by default under C:\Program Files\Microsoft Advanced Threat Analytics\Gateway\Logs\DataCollectorSets)
Thanks,
Microsoft ATA Team
- Edited by ophirpMicrosoft employee Wednesday, June 1, 2016 1:26 PM typo
- Marked as answer by Jonathan Christie Wednesday, June 1, 2016 2:40 PM
Wednesday, June 1, 2016 1:25 PM -
Hi
The same credentials were used on 2 other DCs (same gateway package) and that worked ok. During the install the credentials are also validated so I don't think that's the issue.
Wednesday, June 1, 2016 2:29 PM -
Some fiddling in the performance monitor appears to have done the trick.
There was no DataCollectorSets folder, but after checking the performance monitor and then starting and stopping the set, the service has now started successfully and the .blg file created.
When I browsed via windows explorer to the DataCollectorSets folder it did prompt me that I didn't have permissions (as admin) and hit continue etc (UAC).
All seems good so far and the gateway hasn't flagged up any communication errors so far (and triggers an appropriate alert to nslookup).
Job done! :)
Wednesday, June 1, 2016 2:38 PM