Windows Credentials Authentication failed

Gaetano De Mitr
ServiceNow Employee
ServiceNow Employee

‎03-28-2018 03:34 AM

Hi,

I'm configuring my Windows Credentials to discovery but give me an error "Authentication failed".

This is my ECC queue record:

 

This XML file does not appear to have any style information associated with it. The document tree is shown below.
<results error="CommandPipeline: Adding target to blacklist. No valid credential found for type [Windows]" probe_time="3203" result_code="42">
<result error="CommandPipeline: Adding target to blacklist. No valid credential found for type [Windows]" name="">
<debug_info>
{"debug_info":[{"192.168.1.196":{"credentials_attempted":[{"credential_type":"Windows","credential_success":false}],"adding_key_to_target_blacklist":true,"connection_parameters":{"credential_types":["Windows"],"target":"192.168.1.196"}}}]}
</debug_info>
</result>
<parameters>
<parameter name="agent" value="mid.server.midserver_prod1"/>
<parameter name="response_to" value=""/>
<parameter name="from_sys_id" value=""/>
<parameter name="source" value="192.168.1.196"/>
<parameter name="priority" value="0"/>
<parameter name="agent_correlator" value=""/>
<parameter name="skip_sensor" value="true"/>
<parameter name="processed" value=""/>
<parameter name="error_string" value=""/>
<parameter name="sys_id" value="d7a01532db09df4005235cd4dc9619fc"/>
<parameter name="sequence" value="1626c225cfe0000001"/>
<parameter name="from_host" value=""/>
<parameter name="sys_created_on" value="2018-03-28 10:23:34"/>
<parameter name="name" value=""/>
<parameter name="topic" value="CommandPipeline"/>
<parameter name="state" value="ready"/>
<parameter name="queue" value="output"/>
<parameter name="ecc_queue" value="d7a01532db09df4005235cd4dc9619fc"/>
</parameters>
</results>

I'm using my Administrator credentials host, but not working.

Moreover powershell 2.0> is enabled and 135 port listening.

What is the problem?

 

Edit (Discovery Log):

Information Active, couldn't classify: No WMI connection, now finished WMIRunner Windows Classify 192.168.1.196
Warning User credentials cannot be used for local connections WMIRunner Windows Classify 192.168.1.196
Warning Failure(s) with available Windows credentials from the instance. WMIRunner Windows Classify 192.168.1.196

Labels:
0 Helpfuls
  • 8,187 Views
12 REPLIES 12

John Shores1
ServiceNow Employee
ServiceNow Employee

‎03-28-2018 06:28 PM

Gaetano, 

In addition to what james.hammond said, you'll need to make sure the firewall allows the range of high ports needed for the specific version of Windows you're trying to discover. RPC sets up the session on TCP 135, but only to negotiate a high port between 49152 & 65535. Good luck!

 

Gaetano De Mitr
ServiceNow Employee
ServiceNow Employee
In response to John Shores1

‎03-29-2018 12:31 AM

the firewall is disabled...

 

0 Helpfuls

Alexey7
Mega Sage
In response to John Shores1

‎08-01-2019 09:47 AM

This is exactly where my problem was: open up additional ports 49152 & 65535.

Thank you John!

0 Helpfuls

Narayan2
Mega Expert

‎03-28-2018 09:53 PM

Hi Gaetano,

 

Could you please check if the midserver is installed on the target host(i.e mid server and host are same)? if yes this could cause the issue. when we try to do the wmi test for local host where mid server is installed it fails with the same error.

Also did you verify WMI connection? what is the result there?

 

Regards,

Narayan

0 Helpfuls

James Hammond
Giga Guru

‎03-29-2018 01:10 AM

Hi Gaetano,

 

Have you tried checking the Credentials record itself to verify it is active and available to All MID Servers? 

0 Helpfuls